d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
master
proxmox/rpc-translator-138/WALLET_ALLOWLIST_CONFIG.md
defiQUG cb47cce074 Complete markdown files cleanup and organization 
- Organized 252 files across project
- Root directory: 187 → 2 files (98.9% reduction)
- Moved configuration guides to docs/04-configuration/
- Moved troubleshooting guides to docs/09-troubleshooting/
- Moved quick start guides to docs/01-getting-started/
- Moved reports to reports/ directory
- Archived temporary files
- Generated comprehensive reports and documentation
- Created maintenance scripts and guides

All files organized according to established standards.
2026-01-06 01:46:25 -08:00

112 lines
2.9 KiB
Markdown
Raw Permalink Blame History

# Wallet Allowlist Configuration
## Overview
The RPC Translator supports wallet allowlisting to restrict which addresses can send transactions. This can be configured via environment variables or Vault.
## Configuration Methods
### Method 1: Environment Variable (Static)
Edit `.env` file on each translator VMID:
```bash
# SSH to translator VMID
ssh -i ~/.ssh/proxmox_translator root@192.168.11.240
cd /opt/rpc-translator-138
nano .env
# Add or update:
WALLET_ALLOWLIST=0x1234567890123456789012345678901234567890,0xabcdefabcdefabcdefabcdefabcdefabcdefabcd
# Restart service
systemctl restart rpc-translator-138.service
```
### Method 2: Vault (Dynamic)
Store allowlist in Vault for centralized management:
1. **Store in Vault**:
```bash
vault kv put secret/chain138/translator \
wallet_allowlist="0x1234...,0xabcd..."
```
2. **Translator automatically loads from Vault** (if configured)
## Format
- **Comma-separated**: Multiple addresses separated by commas
- **No spaces**: `0xaddr1,0xaddr2` (not `0xaddr1, 0xaddr2`)
- **Lowercase recommended**: Addresses are case-insensitive but lowercase is recommended
## Examples
### Single Address
```
WALLET_ALLOWLIST=0x1234567890123456789012345678901234567890
```
### Multiple Addresses
```
WALLET_ALLOWLIST=0x1234567890123456789012345678901234567890,0xabcdefabcdefabcdefabcdefabcdefabcdefabcd,0x9876543210987654321098765432109876543210
```
### Empty (Allow All)
```
WALLET_ALLOWLIST=
```
**Warning**: Empty allowlist allows all addresses. Use with caution in production.
## Verification
After configuring, verify the allowlist is loaded:
```bash
# Check translator logs
ssh -i ~/.ssh/proxmox_translator root@192.168.11.240 "journalctl -u rpc-translator-138.service -n 50 | grep -i allowlist"
# Test transaction from allowed address
# Test transaction from non-allowed address (should be rejected)
```
## Security Considerations
1. **Production**: Always configure allowlist in production
2. **Multiple Addresses**: Use multiple addresses for redundancy
3. **Rotation**: Update allowlist when keys are rotated
4. **Vault**: Use Vault for centralized management in multi-instance deployments
## Updating Allowlist
### For Environment Variable Method
1. Update `.env` file on each VMID
2. Restart service: `systemctl restart rpc-translator-138.service`
3. Verify: Check logs for allowlist loading
### For Vault Method
1. Update Vault secret
2. Service will reload on next transaction (or restart service)
## Current Configuration
Check current allowlist configuration:
```bash
# SSH to translator VMID
ssh -i ~/.ssh/proxmox_translator root@192.168.11.240
cd /opt/rpc-translator-138
grep WALLET_ALLOWLIST .env
```
## Next Steps
1. Generate or identify wallet addresses for signing
2. Configure allowlist in `.env` files or Vault
3. Restart translator services
4. Test transactions from allowed addresses
5. Verify transactions from non-allowed addresses are rejected
Reference in New Issue View Git Blame Copy Permalink