d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
master
proxmox/rpc-translator-138/WALLET_ALLOWLIST_CONFIG.md
defiQUG cb47cce074 Complete markdown files cleanup and organization 
- Organized 252 files across project
- Root directory: 187 → 2 files (98.9% reduction)
- Moved configuration guides to docs/04-configuration/
- Moved troubleshooting guides to docs/09-troubleshooting/
- Moved quick start guides to docs/01-getting-started/
- Moved reports to reports/ directory
- Archived temporary files
- Generated comprehensive reports and documentation
- Created maintenance scripts and guides

All files organized according to established standards.
2026-01-06 01:46:25 -08:00

2.9 KiB
Raw Permalink Blame History

Wallet Allowlist Configuration

Overview

The RPC Translator supports wallet allowlisting to restrict which addresses can send transactions. This can be configured via environment variables or Vault.

Configuration Methods

Method 1: Environment Variable (Static)

Edit .env file on each translator VMID:

# SSH to translator VMID
ssh -i ~/.ssh/proxmox_translator root@192.168.11.240
cd /opt/rpc-translator-138
nano .env

# Add or update:
WALLET_ALLOWLIST=0x1234567890123456789012345678901234567890,0xabcdefabcdefabcdefabcdefabcdefabcdefabcd

# Restart service
systemctl restart rpc-translator-138.service

Method 2: Vault (Dynamic)

Store allowlist in Vault for centralized management:

  1. Store in Vault:

    vault kv put secret/chain138/translator \
  wallet_allowlist="0x1234...,0xabcd..."

  2. Translator automatically loads from Vault (if configured)

Format

  • Comma-separated: Multiple addresses separated by commas
  • No spaces: 0xaddr1,0xaddr2 (not 0xaddr1, 0xaddr2)
  • Lowercase recommended: Addresses are case-insensitive but lowercase is recommended

Examples

Single Address

WALLET_ALLOWLIST=0x1234567890123456789012345678901234567890

Multiple Addresses

WALLET_ALLOWLIST=0x1234567890123456789012345678901234567890,0xabcdefabcdefabcdefabcdefabcdefabcdefabcd,0x9876543210987654321098765432109876543210

Empty (Allow All)

WALLET_ALLOWLIST=

Warning: Empty allowlist allows all addresses. Use with caution in production.

Verification

After configuring, verify the allowlist is loaded:

# Check translator logs
ssh -i ~/.ssh/proxmox_translator root@192.168.11.240 "journalctl -u rpc-translator-138.service -n 50 | grep -i allowlist"

# Test transaction from allowed address
# Test transaction from non-allowed address (should be rejected)

Security Considerations

  1. Production: Always configure allowlist in production
  2. Multiple Addresses: Use multiple addresses for redundancy
  3. Rotation: Update allowlist when keys are rotated
  4. Vault: Use Vault for centralized management in multi-instance deployments

Updating Allowlist

For Environment Variable Method

  1. Update .env file on each VMID
  2. Restart service: systemctl restart rpc-translator-138.service
  3. Verify: Check logs for allowlist loading

For Vault Method

  1. Update Vault secret
  2. Service will reload on next transaction (or restart service)

Current Configuration

Check current allowlist configuration:

# SSH to translator VMID
ssh -i ~/.ssh/proxmox_translator root@192.168.11.240
cd /opt/rpc-translator-138
grep WALLET_ALLOWLIST .env

Next Steps

  1. Generate or identify wallet addresses for signing
  2. Configure allowlist in .env files or Vault
  3. Restart translator services
  4. Test transactions from allowed addresses
  5. Verify transactions from non-allowed addresses are rejected
Reference in New Issue View Git Blame Copy Permalink