System Implementation with D-QBFT
Author: AmpereChain Team Published: Dec 08, 2023 Updated: Dec 08, 2023
Building a Robust Public Network with D-QBFT Technology
A public network provides a configurable environment for testing, utilizing the D-QBFT (proof of authority) consensus protocol.
The D-QBFT network, as demonstrated in this tutorial, employs the block header validator selection method to manage validators. For a tutorial on how to implement the contract validator selection method, follow the steps in the example smart contract repository.
INFO: The steps within this tutorial lead to the creation of an isolated Ethereum private network. However, it's important to note that this network may not be fully protected or secure. We strongly recommend running the public network behind a properly configured firewall.
This tutorial is designed to configure a public network using D-QBFT, primarily for educational and enterprise purposes. D-QBFT necessitates the presence of four validators to achieve Byzantine fault tolerance.
Prerequisites
Steps
On the right-hand side of this page, you'll find a list of steps to create a public network using D-QBFT with four nodes, each of which serves as a validator.
1. Create Directories: To begin, it's essential to create a data directory for each node, as well as directories for your private network and all four nodes.
2. Create a configuration file
The configuration file defines the QBFT genesis file and the number of node key pairs to generate.
The configuration file consists of two nested JSON nodes. The first node is the "genesis" property, which defines the QBFT genesis file. It's worth noting that the "extraData" string is generated automatically by Besu in the resulting genesis file. The second node is the "blockchain" property, which sets the number of key pairs to be generated.
Copy the following configuration file definition to a file called qbftConfigFile.json
and save it in the QBFT-Network
directory:
NOTE
We recommend specifying the latest milestone when creating the genesis file for a private network. This ensures you are using the most up-to-date protocol and have access to the most recent opcodes.
DANGER
Do not use the accounts in alloc
in the genesis file on Mainnet or any public network except for testing. The private keys display, which means the accounts are not secure.
3. Generate node keys and a genesis file
In the QBFT-Network
directory, generate the node key and genesis file:
Besu creates the following in the networkFiles
directory:
genesis.json
- The genesis file including theextraData
property specifying the four nodes are validators.A directory for each node named using the node address and containing the public and private key for each node.
4. Copy the genesis file to the QBFT-Network directory
Copy the genesis.json
file to the QBFT-Network
directory.
5. Copy the node private keys to the node directories
For each node, copy the key files to the data
directory for that node
6. Start the first node as the bootnode
In the Node-1
directory, start Node-1:
MacOS
Windows
The command line:
Specifies the data directory for Node-1 using the
--data-path
option.Enables the JSON-RPC API using the
--rpc-http-enabled
option.Enables the ETH, NET, and QBFT APIs using the
--rpc-http-api
option.Enables all-host access to the HTTP JSON-RPC API using the
--host-allowlist
option.Enables all-domain access to the node through the HTTP JSON-RPC API using the
--rpc-http-cors-origins
option.
When the node starts, the enode URL displays. Copy the enode URL to specify Node-1 as the bootnode in the following steps.
7. Start Node-2
Start another terminal, change to the Node-2
directory and start Node-2 specifying the Node-1 enode URL copied when starting Node-1 as the bootnode:
MacOS
Windows
The command line specifies:
The data directory for Node-2 using the
--data-path
option.A different port to Node-1 for P2P discovery using the
--p2p-port
option.A different port to Node-1 for HTTP JSON-RPC using the
--rpc-http-port
option.The enode URL of Node-1 using the
--bootnodes
option.Other options as for Node-1.
8. Start Node-3
Start another terminal, change to the Node-3
directory and start Node-3 specifying the Node-1 enode URL copied when starting Node-1 as the bootnode:
MacOS
Windows
The command line specifies:
The data directory for Node-3 using the
--data-path
option.A different port to Node-1 and Node-2 for P2P discovery using the
--p2p-port
option.A different port to Node-1 and Node-2 for HTTP JSON-RPC using the
--rpc-http-port
option.The bootnode as for Node-2.
Other options as for Node-1.
9. Start Node-4
Start another terminal, change to the Node-4
directory and start Node-4 specifying the Node-1 enode URL copied when starting Node-1 as the bootnode:
MacOS
Windows
The command line specifies:
The data directory for Node-4 using the
--data-path
option.A different port to Node-1, Node-2, and Node-3 for P2P discovery using the
--p2p-port
option.A different port to Node-1, Node-2, and Node-3 for HTTP JSON-RPC using the
--rpc-http-port
option.The bootnode as for Node-2.
Other options as for Node-1.
10. Confirm the private network is working
Start another terminal, use curl to call the JSON-RPC API qbft_getvalidatorsbyblocknumber
method and confirm the network has four validators:
The result displays the four validators:
Look at the logs to confirm Besu is producing blocks:
INFO: If the key files were not copied to the correct directory in step 5, the network will not start producing blocks.
The logs for each node should indicate the public key was loaded from the data/key
directory:
If the keys were not copied to the correct directory, Besu creates a key when starting up:
If a new key was created, the validator key specified in the configuration does not match the created key and the node cannot participate in creating blocks.
Next steps
Use the D-QBFT API to remove or add validators, or import accounts to MetaMask and send transactions as described in the Quickstart tutorial.
NOTE: To add or remove nodes as validators you need the node address. The directory created for each node has the node address as the name.
Besu doesn't support private key management.
You can switch from the block header validator selection method configured here, to the contract validator selection method by updating the genesis file and configuring a transition.
Stop the nodes
When finished using the private network, stop all nodes using ++ctrl+c++ in each terminal window.
TIP: To restart the D-QBFT network in the future, start from step 6.
*[Byzantine fault tolerant]: Ability to function correctly and reach consensus despite nodes failing or propagating incorrect information to peers
Last updated