Pages:
Author

Topic: Bitcoin full node question (accessible to everyone) (Read 403 times)

legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
Aside from general linux/server security, check ToS of your VPS provider. Few provider such as Hetzner explicitly forbid cryptocurrency node.
Isn't that limitation for mining only? A VPS shares resources with other clients, and thus anything that continuously consumes 100% isn't allowed.
I've also used a VPS that didn't allow Bitcoin Core at all (it just got killed after a few seconds), but renaming the executable and limiting the load (say to 0.2) was enough to keep it running.
legendary
Activity: 2268
Merit: 18711
Can I also use the public node myself
Certainly. Any wallet which is not itself a full node (such as Bitcoin Core or other full node software such as Bitcoin Knots) will connect to public nodes (usually via an intermediary server) to collect the data it needs to display your transaction history and balance and be able to broadcast transactions. The node(s) or server(s) which you connect to in order to gather this information are able to see that you are querying this information, and are therefore able to link all the addresses in your wallet together and link all of them to your IP address and other information you might leak, such as the wallet software or device identifiers.

or should i rather use a private node for my private wallet?
If you want to protect your privacy from the issue I have just described above, then you must run your own node and either use it as your wallet or point any other wallet software you might use (such as Electrum) exclusively at your own node (via an Electrum server which you also run).
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
What would be the risks for running a public node, are there any risks at all?
Unless it's illegal to use bitcoin in your country, I'd say close to zero. If you route everything through Tor (and therefore obscuring your activity to your Internet provider as well) even less risk. I honestly can't think of one risk in that case.

Can I also use the public node myself,
or should i rather use a private node for my private wallet?
There's no such thing as a "private node". You're either a node of the network or you aren't. What you meant is that you can use your locally accessible wallet software which will connect to your public node in a private manner, and yes you can do it. You can install a Bitcoin client (such as Bitcoin Core) which will download you the blockchain, and you can setup an electrum server, which will connect with your Bitcoin node and your Electrum lightweight wallet software, to serve you your balance privately.
newbie
Activity: 6
Merit: 16
Thank you for your helpful replies.

I only ask myself these questions regarding public nodes.

What would be the risks for running a public node, are there any risks at all?

Can I also use the public node myself,
or should i rather use a private node for my private wallet?


I wish you all a Merry Christmas
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
yes, but through a VPS, the node runs on a server that is not under my control.
It's almost an unnecessary risk that you can avoid if you let it run at home.
As long as you're not keeping a heavily funded wallet on the server (and use a decent VPS provider), I wouldn't worry about this. If they ever break it, just start over.
newbie
Activity: 6
Merit: 16
3)
I actually thought only the full node can see the IP address of the wallets that are connected.
But you can see the IP address of the full node as a wallet?
Almost all wallets rarely use Bitcoin full node to connect directly to the blockchain, rather it uses an SPV server(Electrum Server). And yes, an Electrum server and its clients can see the IP addresses of each other.

What can hackers do with this ip address, for example, if vpn and tor are set up correctly?
Theoretically it would not cause any danger.


If someone can crack Tor, they would see my home network's IP address.
If you're concerned about Tor's security, you should consider using a VPS instead of running this at home.

yes, but through a VPS, the node runs on a server that is not under my control.
It's almost an unnecessary risk that you can avoid if you let it run at home.


legendary
Activity: 2268
Merit: 18711
If someone can crack Tor, they would see my home network's IP address.
I would suggest that if you are up against a global adversary who has the resources and ability to set up and run enough Tor nodes so as to link your entry guard to your exit node and deanonymize your traffic, then said adversary is unlikely to have much bother against a $5 a month VPN.

Additionally, if you set it up incorrectly so that your traffic is routed through Tor to your VPN provider (rather than connecting to your VPN first before entering the Tor network), then you lose all the benefits that Tor brings you. If you set it up correctly then, as I said above, it adds very little to your set up but adds additional risk if your VPN provider is malicious or collecting data (which many of them do).
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
If someone can crack Tor, they would see my home network's IP address.
If you're concerned about Tor's security, you should consider using a VPS instead of running this at home.

I read somewhere that running a full node takes a lot of bandwidth 100GB+
My full (clearnet) node uploaded 3357885531577 bytes in 129 days. That's 26 GB per day on average (it doesn't even get close to the 500 GB/day limit I set). I wouldn't want this on my home internet connection, I'd worry my ISP would start complaining.
newbie
Activity: 6
Merit: 16
I will also run Tor, even if I use a VPN, just want to be sure that my real IP is not visible.
A better option would probably be just to use Tor on its own and forget the VPN. It adds very little in your case, could result in decreased privacy depending on your VPN provider, and will likely just add unnecessary complexity to what you are trying to achieve.

Provided you run everything over Tor, then it is highly unlikely that an end user would be able to see your real IP address. This would be limited to your Tor entry guard, but they of course would not be able to see what your traffic is.


I don't find that a VPN adds very little.

If someone can crack Tor, they would see my home network's IP address.

With a VPN he would only see the IP address of the VPN provider.

It's like a double layer of security and protection for my privacy



Running a node doesn't require a significant amount of bandwidth. It does require some, but not significant. Furthermore, you can hide your IP with Tor or i2p, if that's a concern.

I read somewhere that running a full node takes a lot of bandwidth 100GB+

if it really doesn't consume much then i would even use a hotspot router with a sim card instead of my private network Cheesy

[moderator's note: consecutive posts merged]
legendary
Activity: 2268
Merit: 18711
I will also run Tor, even if I use a VPN, just want to be sure that my real IP is not visible.
A better option would probably be just to use Tor on its own and forget the VPN. It adds very little in your case, could result in decreased privacy depending on your VPN provider, and will likely just add unnecessary complexity to what you are trying to achieve.

Provided you run everything over Tor, then it is highly unlikely that an end user would be able to see your real IP address. This would be limited to your Tor entry guard, but they of course would not be able to see what your traffic is.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
This only makes sense if your wallet functionality is disabled (by passing wallet=0 in your command line or config file) because you really don't want to give everyone access to your wallet files.

So it's really just about making your RPC server accessible to everyone.

There's one big problem with doing that though: Assuming you make it passwordless somehow, your node (and the nodes of everyone else who does this) will be more susceptible to DDoS attacks. They can also remotely shutdown your node software.
legendary
Activity: 1932
Merit: 1273
1)
Where do these people find my Electrum server that I run over tor?
Regardless clearnet or Tor connection, the peer discovery mechanism still applies.

2)
Can I run the Full Node and Electrum servers over Tor?
Or only possible with one of the two?
You can run either or both Bitcoin full node and Electrum server over Tor.

3)
I actually thought only the full node can see the IP address of the wallets that are connected.
But you can see the IP address of the full node as a wallet?
Almost all wallets rarely use Bitcoin full node to connect directly to the blockchain, rather it uses an SPV server(Electrum Server). And yes, an Electrum server and its clients can see the IP addresses of each other.

4)
How could someone find out my IP address if I use VPN and Tor ?
Any VPN provider are knowing its user IP. So it is a possibility that anyone who can intervene with the provider you are using, might see the IP address in behind.

As for Tor, if you have done it correctly, there is no way anyone could know the real IP address behind a service.

Do note, if you use Tor over VPN, it could be good or it also can be bad. See https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN.
newbie
Activity: 6
Merit: 16
Thank you for the helpful reply, really great forum here Cheesy

I planned to run 2 full nodes.

I run the first one without tor and connect it to my home network, but the whole thing is done with ESP, so a private node just for me and my hardware wallet.

I would like to run the second one publicly because I also want to give something back to bitcoin and because I believe in it.
I would also like to be one of many who do their part.

I run the second full node on a computer with which nothing else is done.
The whole thing then runs via VPN

I will check daily githubs from:
"BitcoinCore
Electrum
Tor
VPN provider"
And updates are then carried out immediately.

I create the public server with ElectrumX
I will also run Tor, even if I use a VPN, just want to be sure that my real IP is not visible.


Now to my questions

1)
Where do these people find my Electrum server that I run over tor?

still here?
even if it runs through Tor?
https://1209k.com/bitcoin-eye/ele.php

2)
Can I run the Full Node and Electrum servers over Tor?
Or only possible with one of the two?

3)
I actually thought only the full node can see the IP address of the wallets that are connected.
But you can see the IP address of the full node as a wallet?

4)
How could someone find out my IP address if I use VPN and Tor ?

5)
How can hackers gain access to the node if I don't download anything with the PC anyway, or open pdfs or click on any links?
the only thing i do is keep the systems up to date.

"I don't use an antivirus program either,
I think that only makes system errors for the node"


6)
I just want to set up a public node so that the network and the decentralization of bitcoin increases.

The first focus is on the security of my system.
I want to prevent as much as possible that anyone gains access to my node or my network and manipulates things.

The second focus, which is just as important, is mine privacy and the privacy of the people who use my node.
Nobody from outside should be able to see my data and the data of my users.

Do you have any other tips to get the best possible security and privacy?
hero member
Activity: 504
Merit: 625
Pizza Maker 2023 | Bitcoinbeer.events
Running a node doesn't require a significant amount of bandwidth. It does require some, but not significant. Furthermore, you can hide your IP with Tor or i2p, if that's a concern.

In terms of hiding your IP address, you can indeed use tools like Tor or i2p to conceal your node's IP address and make it more difficult to identify and connect to. This can help to improve the security and privacy of your node, but it can also make it more difficult for other users to find and connect to your node. Ultimately, whether or not to use tools like Tor or i2p will depend on your specific goals and priorities. Or am I wrong?
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
To make your node public, you need to open the relevant port on your firewall and configure your node software to allow incoming connections.
Actually, this isn't required. Outgoing connections, alone, are enough to make your node public. Also, you don't have to mess with firewalls (if speed isn't a concern). You can download and upload blocks via Tor, and listen to incoming connections with no firewall configuration.

However, there are also some potential downsides to running a public node. For example, it can require a significant amount of bandwidth and storage space to run a node, and you may need to upgrade your hardware to handle the additional load. It can also expose your node to potential security risks, since it will be accessible to anyone on the internet.
Running a node doesn't require a significant amount of bandwidth. It does require some, but not significant. Furthermore, you can hide your IP with Tor or i2p, if that's a concern.
hero member
Activity: 504
Merit: 625
Pizza Maker 2023 | Bitcoinbeer.events
Hello dear community,
I have a question.

Is it possible to make my Bitcoin Full Node usable for everyone?

As an an example:
Anyone can connect their wallet to my node.

Is something like that possible?, or is the full node only valid for oneself?

If it were possible, how do people find my full node?
Where is my full node listed or where can I list it myself for others?

what are the pros and cons of making my full node accessible to everyone?


Thank you Smiley

Yes, it is possible to make your Bitcoin full node accessible to others. This is called "running a public node". In this setup, anyone can connect their wallet to your node to send and receive transactions.

To make your node public, you need to open the relevant port on your firewall and configure your node software to allow incoming connections. The exact steps for doing this will vary depending on your operating system and the specific software you are using to run your node.

Once your node is configured to accept incoming connections, others can find your node by looking up its IP address. This can be done using a website that maintains a list of public nodes, such as https://bitnodes.earn.com/. Alternatively, you can advertise your node's IP address on forums or social media, or by sharing it with friends and contacts.

There are several benefits to running a public node. For example, it can help to increase the decentralization of the Bitcoin network by providing additional network nodes that can be used by other users. It can also help to improve the security and reliability of the network, since more nodes means more redundancy and fewer single points of failure.

However, there are also some potential downsides to running a public node. For example, it can require a significant amount of bandwidth and storage space to run a node, and you may need to upgrade your hardware to handle the additional load. It can also expose your node to potential security risks, since it will be accessible to anyone on the internet.

Overall, whether or not running a public node is a good idea for you will depend on your specific circumstances and goals. If you have the resources and are willing to accept the risks, it can be a great way to contribute to the Bitcoin network and help to ensure its continued decentralization and security.
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
If you really want to make it public you should have a decent working knowledge of routing and networking in general. Along with a good understanding of how the node and electrum and everything else integrates. If it's just for friends and family it's one thing if other people are going to be using it it's another.

Also, keep in mind you have to keep up with security updates and everything else.

Not particularly difficult, but there is a bit of time & effort needed to start and keep it going.

-Dave
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
But how exactly do these people find my public Electrum server?

Short answer: Peer discovery feature[1].

Does it automatically appear somewhere?

Assuming you don't disable peer discovery feature, your server address should appear on crawler[2] and relayed by other Electrum server. And Electrum team regularly update list of default Electrum server on Electrum application, so your server address could be added if meet some condition[3].



[1] https://electrumx.readthedocs.io/en/latest/peer_discovery.html
[2] https://1209k.com/bitcoin-eye/ele.php
[3] https://github.com/spesmilo/electrum/pull/7958#issuecomment-1231581840
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
If you want a server other people can use, you would need to run something like ElectrumX or Electrs, but these require much more resources.

Keep in mind that Electrs is also for "friends and family" only, even its git page tells that if it's exposed to the wild it opens the door to attacks, recommending Blockstream's fork for public use:

Note that this implementation of Electrum server is optimized for personal/small-scale (family/friends) usage. It's a bad idea to run it publicly as it'd expose you to DoS and maybe also other attacks. If you want to run a public server you may be interested in the Blockstream fork of electrs which is better optimized for public usage at the cost of consuming significantly more resources.
legendary
Activity: 2268
Merit: 18711
I was going to use Electrum and create a server with "electrum personal server"
and I would then connect the server to my node, which only connects to other nodes via tor.
That is perfectly fine set up for your own personal use. You cannot use this server to allow other people to connect to, however. The clue is in the name - Electrum Personal Server. The way this server software works is that you have to tell it in advance the addresses or extended public keys you want it to watch, and it performs a full blockchain rescan for these addresses/xpubs. Other people cannot use this with their wallets because the server hasn't scanned the blockchain in advance for their addresses. The upside to this is it is very lightweight and does not need much in the way of resources.

If you want a server other people can use, you would need to run something like ElectrumX or Electrs, but these require much more resources.
Pages:
Jump to: