-
Notifications
You must be signed in to change notification settings - Fork 250
Expand file tree
/
Copy pathcchost_config.json
More file actions
860 lines (860 loc) · 38.3 KB
/
cchost_config.json
File metadata and controls
860 lines (860 loc) · 38.3 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
{
"$schema": "http://json-schema.org/draft-07/schema#",
"type": "object",
"title": "CCF node configuration",
"description": "JSON schema for configuration of a single CCF node",
"properties": {
"network": {
"type": "object",
"properties": {
"node_to_node_interface": {
"type": "object",
"properties": {
"bind_address": {
"type": "string",
"description": "Local address the node binds to and listens on"
},
"published_address": {
"type": "string",
"default": "Value of 'bind_address'",
"description": "The published node address advertised to other nodes. This must be different on each node"
}
},
"description": "Addresses (host:port) to listen on for incoming node-to-node connections (e.g. internal consensus messages)",
"required": ["bind_address"],
"additionalProperties": false
},
"rpc_interfaces": {
"type": "object",
"additionalProperties": {
"type": "object",
"properties": {
"bind_address": {
"type": "string",
"description": "Local address the node binds to and listens on"
},
"published_address": {
"type": "string",
"default": "Value of 'bind_address'",
"description": "The published RPC address advertised to clients"
},
"protocol": {
"type": "string",
"default": "tcp",
"description": "The RPC protocol used (udp | tcp)"
},
"app_protocol": {
"type": "string",
"default": "HTTP1",
"description": "The application protocol used by all sessions on this interface"
},
"max_open_sessions_soft": {
"type": "integer",
"default": 1000,
"description": "The maximum number of active client sessions on that interface after which clients will receive an HTTP 503 error"
},
"max_open_sessions_hard": {
"type": "integer",
"default": 1010,
"description": "The maximum number of active client sessions on that interface after which clients sessions will be terminated, before the TLS handshake is complete. Note that its value must be greater than the value of ``max_open_sessions_soft``"
},
"http_configuration": {
"type": "object",
"properties": {
"max_body_size": {
"type": "string",
"default": "1MB",
"description": "Maximum size (size string) of a single HTTP request body. Submitting a request with a payload larger than this value will result in the client session being automatically closed"
},
"max_header_size": {
"type": "string",
"default": "16KB",
"description": "Maximum size (size string) of a single HTTP request header (key or value). Submitting a request with a header larger than this value will result in the client session being automatically closed"
},
"max_headers_count": {
"type": "integer",
"default": 256,
"description": "Maximum number of headers in a single HTTP request. Submitting a request with more headers than this value will result in the session being automatically closed"
},
"max_concurrent_streams_count": {
"type": "integer",
"default": 100,
"minimum": 1,
"description": "HTTP/2 only. Maximum number of concurrent streams allowed per session"
},
"initial_window_size": {
"type": "string",
"default": "64KB",
"description": "HTTP/2 only. Initial size (size string) of flow-control window per stream"
},
"max_frame_size": {
"type": "string",
"default": "16KB",
"description": "HTTP/2 only. Maximum allowed size (size string) of HTTP/2 frames (min: 16KB, max: 16MB)"
}
},
"additionalProperties": false
},
"endorsement": {
"type": "object",
"properties": {
"authority": {
"type": "string",
"enum": ["Node", "Service", "ACME", "Unsecured"],
"default": "Service",
"description": "The type of endorsement for the TLS certificate used in client sessions. If the endorsement is not available, client sessions will be terminated, before the TLS handshake is complete. 'Node' means self-signed, 'Service' means service-endorsed, 'ACME' is deprecated, 'Unsecured' means unencrypted traffic and no endorsement authority"
}
},
"required": ["authority"],
"additionalProperties": false
},
"accepted_endpoints": {
"type": "array",
"items": {
"type": "string"
},
"description": "An array of regular expressions that specify which URL paths are served on the interface. Optional; if not present, all paths are served"
},
"forwarding_timeout_ms": {
"type": "integer",
"default": 3000,
"description": "Timeout for forwarded RPC calls (in milliseconds)"
},
"redirections": {
"type": "object",
"description": "Configure how redirect responses should be produced on this interface. If this is omitted, then forwarding will be used instead",
"properties": {
"to_primary": {
"$ref": "#/$defs/RedirectionResolver",
"description": "Configures how the Location header should be populated, when requests arrive on this interface that must be served by a primary while the receiving node is not a primary"
},
"to_backup": {
"$ref": "#/$defs/RedirectionResolver",
"description": "Configures how the Location header should be populated, when requests arrive on this interface that must be served by a backup while the receiving node is currently a primary"
}
},
"additionalProperties": false
},
"enabled_operator_features": {
"type": "array",
"items": {
"enum": ["SnapshotRead", "LedgerChunkRead", "SnapshotCreate"],
"type": "string"
},
"description": "An array of features which should be enabled on this interface, providing access to endpoints with specific security or performance constraints."
}
},
"required": ["bind_address"]
},
"description": "Interfaces to listen on for incoming client TLS connections, as a dictionary from unique interface name to RPC interface information"
}
},
"description": "This section includes configuration for the interfaces a node listens on (for both client and node-to-node communications)",
"required": ["node_to_node_interface", "rpc_interfaces"],
"additionalProperties": false
},
"command": {
"type": "object",
"properties": {
"type": {
"type": "string",
"enum": ["Start", "Join", "Recover"],
"description": "Type of CCF node"
},
"service_certificate_file": {
"type": "string",
"default": "service_cert.pem",
"description": "For ``Start`` and ``Recover`` nodes, path to which service certificate will be written to on startup. For ``Join`` nodes, path to the certificate of the existing service to join"
}
},
"allOf": [
{
"if": {
"properties": {
"type": {
"const": "Start"
}
}
},
"then": {
"properties": {
"start": {
"type": "object",
"properties": {
"constitution_files": {
"type": "array",
"items": {
"type": "string"
},
"description": "List of constitution files. These typically include actions.js, validate.js, resolve.js and apply.js"
},
"initial_service_certificate_validity_days": {
"type": "integer",
"default": 1,
"description": "Initial validity period (days) for service certificate",
"minimum": 1
},
"service_subject_name": {
"type": "string",
"default": "CN=CCF Service",
"description": "Subject name to include in service certificate. Can only be set once on service start."
},
"cose_signatures": {
"type": "object",
"properties": {
"issuer": {
"type": "string",
"description": "Issuer, set in CWT_Claims of COSE ledger signatures. Can only be set once on service start."
},
"subject": {
"type": "string",
"description": "Subject, set in CWT_Claims of COSE ledger signatures. Can only be set once on service start."
}
}
},
"members": {
"type": "array",
"items": {
"type": "object",
"properties": {
"certificate_file": {
"type": "string",
"description": "Path to member x509 identity certificate (PEM)"
},
"encryption_public_key_file": {
"type": ["string", "null"],
"description": "Path to member encryption public key (PEM)"
},
"data_json_file": {
"type": ["string", "null"],
"description": "Path to member data file (JSON)"
},
"recovery_role": {
"type": "string",
"enum": ["NonParticipant", "Participant", "Owner"],
"description": "Whether the member acts as a recovery participant and gets assigned a share that can contribute towards a recovery threshold or as an owner and gets assigned a full recovery key"
}
},
"required": ["certificate_file"],
"additionalProperties": false
},
"description": "List of initial consortium members files, including identity certificates, public encryption keys and member data files"
},
"service_configuration": {
"type": "object",
"properties": {
"recovery_threshold": {
"type": "integer",
"description": "Number of recovery members required to recover the service. Note that if the recovery threshold is set to 0, it is automatically set to the number of recovery members specified in 'members'",
"minimum": 0
},
"maximum_node_certificate_validity_days": {
"type": "integer",
"default": 365,
"description": "The maximum number of days allowed for node certificate validity period",
"minimum": 1
},
"maximum_service_certificate_validity_days": {
"type": "integer",
"default": 365,
"description": "The maximum number of days allowed for service certificate validity period",
"minimum": 1
},
"recent_cose_proposals_window_size": {
"type": "integer",
"default": 100,
"description": "Size of the window of COSE proposals recently received by the service, kept for the purpose of replay protection",
"minimum": 1
}
},
"required": ["recovery_threshold"],
"additionalProperties": false
}
},
"required": ["constitution_files", "members"],
"additionalProperties": false
}
},
"required": ["start"]
}
},
{
"if": {
"properties": {
"type": {
"const": "Join"
}
}
},
"then": {
"properties": {
"join": {
"type": "object",
"properties": {
"target_rpc_address": {
"type": "string",
"description": "Address (host:port) of a node of the existing service to join"
},
"retry_timeout": {
"type": "string",
"default": "1000ms",
"description": "Interval (time string) at which the node sends join requests to the existing service. This should be less than the value of 'consensus.election_timeout' set on the primary node of the existing service to join"
},
"follow_redirect": {
"type": "boolean",
"default": true,
"description": "Whether to follow redirects to the primary node of the existing service to join"
},
"fetch_recent_snapshot": {
"type": "boolean",
"default": true,
"description": "Whether to ask the target for a snapshot before joining. The node will ask the target what their latest snapshot is, and will fetch it via RPC before launching. Should generally only be turned off for specific test cases"
},
"fetch_snapshot_max_attempts": {
"type": "integer",
"default": 3,
"description": "Maximum number of attempts to fetch a recent snapshot from the target node",
"minimum": 1
},
"fetch_snapshot_retry_interval": {
"type": "string",
"default": "1000ms",
"description": "Interval (time string) between retries to fetch a recent snapshot from the target node"
},
"fetch_snapshot_max_size": {
"type": "string",
"default": "10GB",
"description": "Maximum size of snapshot this node is willing to fetch"
},
"host_data_transparent_statement_path": {
"type": ["string", "null"],
"default": null,
"description": "Path to a SCITT Transparent Statement over the attested host_data of the node"
}
},
"required": ["target_rpc_address"],
"additionalProperties": false
}
},
"required": ["join"]
}
},
{
"if": {
"properties": {
"type": {
"const": "Recover"
}
}
},
"then": {
"properties": {
"recover": {
"type": "object",
"properties": {
"initial_service_certificate_validity_days": {
"type": "integer",
"default": 1,
"description": "Initial validity period (days) for service certificate",
"minimum": 1
},
"previous_service_identity_file": {
"type": "string",
"description": "Path to the previous service certificate (PEM) file"
}
},
"required": ["previous_service_identity_file"],
"additionalProperties": false
}
}
}
}
],
"description": "This section includes configuration of how the node should start (either start, join or recover) and associated information",
"required": ["type"]
},
"node_certificate": {
"type": "object",
"properties": {
"subject_name": {
"type": "string",
"default": "CN=CCF Node",
"description": "Subject name to include in node certificate"
},
"subject_alt_names": {
"type": "array",
"items": {
"type": "string"
},
"description": "List of ``iPAddress:`` or ``dNSName:`` strings to include as Subject Alternative Names (SAN) in node certificates. If none are set, the node certificate will automatically include the value of the main RPC interface 'published_address'"
},
"curve_id": {
"type": "string",
"enum": ["Secp384R1", "Secp256R1"],
"default": "Secp384R1",
"description": "Elliptic curve to use for node identity key"
},
"initial_validity_days": {
"type": "integer",
"default": 1,
"description": "Initial validity period (days) for node certificate",
"minimum": 1
}
},
"description": "This section includes configuration for the node x509 identity certificate",
"additionalProperties": false
},
"node_data_json_file": {
"type": ["string", "null"],
"description": "Path to file (JSON) containing initial node data. It is intended to store correlation IDs describing the node's deployment, such as a VM name or Pod identifier"
},
"attestation": {
"type": "object",
"properties": {
"snp_security_policy_file": {
"type": ["string", "null"],
"description": "Path to file containing the security policy (SEV-SNP only), can contain environment variables, such as $UVM_SECURITY_CONTEXT_DIR"
},
"snp_uvm_endorsements_file": {
"type": ["string", "null"],
"description": "Path to file containing UVM endorsements as a base64-encoded COSE Sign1 (SEV-SNP only). Can contain environment variables, such as $UVM_SECURITY_CONTEXT_DIR"
},
"snp_endorsements_file": {
"type": ["string", "null"],
"description": "Path to file containing AMD VCEK hardware endorsements (a PEM certificate chain), base-64 encoded. Can contain environment variables, such as $UVM_SECURITY_CONTEXT_DIR. Will be used in preference to snp_endorsements_servers if the tcbm in this file matches that of the attestation"
},
"snp_endorsements_servers": {
"type": "array",
"items": {
"type": "object",
"properties": {
"type": {
"type": "string",
"enum": ["Azure", "AMD", "THIM"],
"default": "Azure",
"description": "Type of server used to retrieve attestation report endorsement certificates (SEV-SNP only)"
},
"url": {
"type": "string",
"description": "Server URLs used to retrieve attestation report endorsement certificates, e.g. \"kdsintf.amd.com\" (AMD), \"global.acccache.azure.net\" (Azure) or \"169.254.169.254\" (THIM)"
},
"max_retries_count": {
"type": "integer",
"default": 3,
"description": "Maximum number of retries to fetch endorsements from the server"
}
},
"required": ["url"],
"additionalProperties": false
},
"description": "List of servers used to retrieve attestation report endorsement certificates (SEV-SNP only). The first server in the list is always used and other servers are only specified as fallback. If set, attestation endorsements from ``--snp-security-context-dir-var`` are ignored, but uvm endorsements from that directory are still used."
}
},
"description": "This section includes configuration for the attestation for AMD SEV-SNP platform.",
"additionalProperties": false
},
"service_data_json_file": {
"type": ["string", "null"],
"description": "Path to file (JSON) containing initial service data. It is used when the node starts in 'Start' or 'Recover' mode and is intended to store arbitrary information about the service"
},
"ledger": {
"type": "object",
"properties": {
"directory": {
"type": "string",
"default": "ledger",
"description": "Path to main ledger directory"
},
"read_only_directories": {
"type": "array",
"items": {
"type": "string"
},
"description": "Paths to read-only ledger directories. Note that only '.committed' files will be read from these directories"
},
"chunk_size": {
"type": "string",
"default": "5MB",
"description": "Minimum size (size string) of the current ledger file after which a new ledger file (chunk) is created"
}
},
"description": "This section includes configuration for the ledger directories and files",
"additionalProperties": false
},
"snapshots": {
"type": "object",
"properties": {
"directory": {
"type": "string",
"default": "snapshots",
"description": "Path to snapshots directory"
},
"tx_count": {
"type": "integer",
"default": 10000,
"description": "Number of transactions after which a snapshot is automatically generated",
"minimum": 1
},
"min_tx_count": {
"type": "integer",
"default": 2,
"description": "Minimum number of transactions that must have elapsed since the last snapshot before a time-based snapshot can be triggered. Has no effect if time_interval is not set. If lower than 2 while time_interval is enabled, snapshots will be triggered indefinitely."
},
"time_interval": {
"type": "string",
"default": "0s",
"description": "Time interval after which a snapshot should be triggered, provided more than min_tx_count transactions have elapsed since the last snapshot. Set this to 0s to disable time-based snapshotting."
},
"read_only_directory": {
"type": ["string", "null"],
"description": "Path to read-only snapshots directory. Deprecated: this option is deprecated and will be removed in a future release. Use join.fetch_recent_snapshot and snapshots.backup_fetch to have joining and/or backup nodes automatically fetch snapshots from the primary node instead."
},
"backup_fetch": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"default": false,
"description": "If true, backup nodes will automatically fetch snapshots from the primary when snapshot evidence is detected"
},
"max_attempts": {
"type": "integer",
"default": 3,
"description": "Maximum number of fetch attempts before giving up",
"minimum": 1
},
"retry_interval": {
"type": "string",
"default": "1000ms",
"description": "Delay between retry attempts"
},
"target_rpc_interface": {
"type": "string",
"default": "primary_rpc_interface",
"description": "Name of the RPC interface on the primary node to use for downloading snapshots. Must have the SnapshotRead feature enabled."
},
"max_size": {
"type": "string",
"default": "200MB",
"description": "Maximum size of snapshot this node is willing to fetch"
}
},
"description": "Configuration for automatic snapshot fetching by backup nodes",
"additionalProperties": false
}
},
"description": "This section includes configuration for the snapshot directories and files",
"additionalProperties": false
},
"files_cleanup": {
"type": "object",
"properties": {
"max_snapshots": {
"type": ["integer", "null"],
"default": null,
"description": "Maximum number of committed snapshot files to retain. When the number of committed snapshots exceeds this value, the oldest snapshots are deleted. Must be at least 1 if set. If null or unset, no automated snapshot garbage collection is performed.",
"minimum": 1
},
"max_committed_ledger_chunks": {
"type": ["integer", "null"],
"default": null,
"description": "Maximum number of committed ledger chunk files to retain in the main ledger directory. When the number of committed chunks exceeds this value, the oldest chunks are deleted, but only after verifying that an identical copy (by SHA-256 digest) exists in at least one read-only ledger directory. Chunks whose entries extend to or beyond the sequence number of the newest committed snapshot are never deleted, ensuring a complete ledger history from that snapshot for disaster recovery. Requires at least one ledger.read_only_directories entry; the node will refuse to start otherwise. If null or unset, no automated ledger chunk garbage collection is performed."
},
"interval": {
"type": "string",
"default": "30s",
"description": "Time interval at which to scan and delete old committed files (snapshots and ledger chunks) that exceed the configured retention limits. This periodic cleanup executes regardless of the node's status (primary or backup)."
}
},
"description": "This section includes configuration for periodic cleanup of old files (snapshots, ledger chunks)",
"additionalProperties": false
},
"logging": {
"type": "object",
"properties": {
"host_level": {
"type": "string",
"enum": ["Trace", "Debug", "Info", "Fail", "Fatal"],
"default": "Info",
"description": "Logging level for the untrusted host. DEPRECATED, use the --log-level CLI switch instead."
},
"format": {
"type": "string",
"enum": ["Text", "Json"],
"default": "Text",
"description": "If 'json', node logs will be formatted as JSON"
}
},
"description": "This section includes configuration for the logging of the node process",
"additionalProperties": false
},
"consensus": {
"type": "object",
"properties": {
"message_timeout": {
"type": "string",
"default": "100ms",
"description": "Maximum interval (time string) at which the primary node sends messages to backup nodes to maintain its primary-ship. This should be set to a significantly lower value than 'election_timeout'"
},
"election_timeout": {
"type": "string",
"default": "5000ms",
"description": "Maximum timeout (time string) after which backup nodes that have not received any message from the primary node (or voted for a candidate) will trigger a new election. This timeout is also used by candidates to restart unsuccessful elections. This should be set to a significantly greater value than 'message_timeout' plus the expected network delay"
},
"max_uncommitted_tx_count": {
"type": "integer",
"default": 10000,
"description": "Maximum number of uncommitted transactions allowed before the primary refuses new transactions. Unlimited if set to 0."
}
},
"description": "This section includes configuration for the consensus protocol (note: should be the same for all other nodes in the service)",
"additionalProperties": false
},
"ledger_signatures": {
"type": "object",
"properties": {
"tx_count": {
"type": "integer",
"default": 5000,
"description": "Number of transactions after which a signature transaction is automatically generated",
"minimum": 1
},
"delay": {
"type": "string",
"default": "1000ms",
"description": "Maximum duration after which a signature transaction is automatically generated"
},
"mode": {
"type": "string",
"enum": ["Dual", "COSE"],
"default": "Dual",
"description": "Ledger signature mode. Dual emits both regular and COSE signatures. COSE emits only COSE signatures."
}
},
"description": "This section includes configuration for the ledger signatures emitted by this node (note: should be the same for all other nodes in the service). Transaction commit latency in a CCF network is primarily a function of signature frequency. A network emitting signatures more frequently will be able to commit transactions faster, but will spend a larger proportion of its execution resources creating and verifying signatures. Setting signature frequency is a trade-off between transaction latency and throughput",
"additionalProperties": false
},
"jwt": {
"type": "object",
"properties": {
"key_refresh_interval": {
"type": "string",
"default": "30min",
"description": "Interval at which JWT keys for issuers registered with auto-refresh are automatically refreshed"
}
},
"description": "This section includes configuration for JWT issuers automatic refresh",
"additionalProperties": false
},
"output_files": {
"type": "object",
"properties": {
"node_certificate_file": {
"type": "string",
"default": "nodecert.pem",
"description": "Path to self-signed node certificate output by node on startup"
},
"pid_file": {
"type": "string",
"default": "node.pid",
"description": "Path to file in which process identifier (PID) will be written to on startup"
},
"node_to_node_address_file": {
"type": "string",
"description": "Path to file in which node address (hostname and port) will be written to on startup. This option is particularly useful when binding to port 0 and getting auto-assigned a port by the OS. No file is created if this entry is not specified"
},
"rpc_addresses_file": {
"type": "string",
"description": "Path to file in which all RPC addresses (hostnames and ports) will be written to on startup. This option is particularly useful when binding to port 0 and getting auto-assigned a port by the OS. No file is created if this entry is not specified"
}
},
"description": "This section includes configuration for additional files output by the node",
"additionalProperties": false
},
"tick_interval": {
"type": "string",
"default": "10ms",
"description": "Interval at which the enclave time will be updated by the host (modify with care!)"
},
"slow_io_logging_threshold": {
"type": "string",
"default": "10000us",
"description": "Maximum duration of I/O operations (ledger and snapshots) after which slow operations will be logged to node log"
},
"node_client_interface": {
"type": ["string", "null"],
"description": "Address to bind to for node-to-node client connections. If unspecified, this is automatically assigned by the OS. This option is particularly useful for testing purposes (e.g. establishing network partitions between nodes)"
},
"client_connection_timeout": {
"type": "string",
"default": "2000ms",
"description": "Maximum duration after which unestablished client connections will be marked as timed out and either re-established or discarded"
},
"idle_connection_timeout": {
"type": ["string", "null"],
"default": "60s",
"description": "Timeout for idle connections. Null is a valid option, and means idle connections are retained indefinitely"
},
"worker_threads": {
"type": "integer",
"default": 0,
"description": "Number of additional threads processing incoming client requests",
"minimum": 0
},
"memory": {
"type": "object",
"properties": {
"circuit_size": {
"type": "string",
"default": "16MB",
"description": "Size (size string) of the internal host-enclave ringbuffers (must be a power of 2)"
},
"max_msg_size": {
"type": "string",
"default": "64MB",
"description": "Maximum size (size string) for a message sent over the ringbuffer. Messages may be split into multiple fragments, but this limits the total size of the sum of those fragments"
},
"max_fragment_size": {
"type": "string",
"default": "256KB",
"description": "Maximum size (size string) of individual ringbuffer message fragments. Messages larger than this will be split into multiple fragments"
}
},
"description": "This section includes configuration for the host-enclave ring-buffer memory (modify with care!)",
"additionalProperties": false
},
"ignore_first_sigterm": {
"type": "boolean",
"default": false,
"description": "Ignore the first SIGTERM received by the process, but set \"stop_notice\" in /node/state"
},
"node_to_node_message_limit": {
"type": "integer",
"description": "Cap at which node-to-node message channels will be closed, and a new channel will be created. Can be used to limit use of single cryptographic key",
"minimum": 0
},
"historical_cache_soft_limit": {
"type": "string",
"default": "512MB",
"description": "Historical queries cache soft limit (as size string)"
},
"sealing_recovery": {
"type": "object",
"description": "Optional. Controls the behaviour of sealing-based recovery. If set, enables sealing of ledger secrets using platform derived key capabilities (e.g. AMD SEV-SNP derived keys). This allows a future recovering node to unilaterally recover its ledger secrets on restart without needing to reconstruct them from recovery shares.",
"properties": {
"location": {
"type": "object",
"properties": {
"name": {
"type": "string"
},
"address": {
"type": "string"
}
},
"required": ["name", "address"],
"additionalProperties": false
},
"recovery_decision_protocol": {
"type": "object",
"properties": {
"expected_locations": {
"type": "array",
"description": "List of locations that the recovery_decision_protocol expects to be part of the previous network.",
"items": {
"type": "object",
"properties": {
"name": {
"type": "string"
},
"address": {
"type": "string"
}
},
"required": ["name", "address"],
"additionalProperties": false
}
},
"message_retry_timeout": {
"type": "string",
"default": "100ms"
},
"failover_timeout": {
"type": "string",
"default": "2000ms",
"description": "Timeout duration before failover forcibly advances the recovery_decision_protocol, allowing recovery to proceed even in the presence of unresponsive nodes. Set to 0 to disable failover."
}
},
"required": ["expected_locations"],
"additionalProperties": false
}
},
"required": ["location"],
"additionalProperties": false
}
},
"required": ["network", "command"],
"additionalProperties": false,
"$defs": {
"RedirectionResolver": {
"type": "object",
"properties": {
"kind": {
"enum": ["NodeByRole", "StaticAddress"]
},
"target": {}
},
"required": ["kind"],
"allOf": [
{
"if": {
"properties": {
"kind": {
"const": "NodeByRole"
}
}
},
"then": {
"properties": {
"target": {
"type": "object",
"properties": {
"role": {
"enum": ["primary", "backup"],
"default": "primary"
}
},
"additionalProperties": false
}
}
}
},
{
"if": {
"properties": {
"kind": {
"const": "StaticAddress"
}
}
},
"then": {
"properties": {
"target": {
"type": "object",
"properties": {
"address": {
"type": "string"
}
},
"required": ["address"],
"additionalProperties": false
}
},
"required": ["target"]
}
}
],
"additionalProperties": false
}
}
}