d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
2a6d3cfc7f765252f92066b511c898e957ebc546
proxmox/docs/00-meta/UNBLOCK_MAINNET_RPC_403.md
defiQUG bea1903ac9
Some checks failed
Deploy to Phoenix / deploy (push) Has been cancelled
Details
Sync all local changes: docs, config, scripts, submodule refs, verification evidence 
Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-21 15:46:06 -08:00

45 lines
2.3 KiB
Markdown
Raw Blame History

# Unblock Mainnet RPC 403 (Private Key Restriction)
**Issue:** `ETHEREUM_MAINNET_RPC` returns **403** with body: *"private key only is enabled in Project ID settings"*. Forge/cast cannot send transactions with your deployer key.
**Cause:** Some RPC providers (e.g. Infura, Alchemy) can restrict a project so that **only their SDK/wallet can use the API key**; raw `eth_sendTransaction` or private-key signing from scripts is rejected.
---
## One-step fix
Set `ETHEREUM_MAINNET_RPC` in `smom-dbis-138/.env` (and root `.env` if used) to a Mainnet URL that **allows raw private key** (or `eth_sendTransaction` from your IP). Then re-run the deploy.
### Option A — Same provider, disable restriction
- **Infura:** Dashboard → Project → Settings → ensure **"Restrict to SDK / wallet only"** (or similar) is **off** for the project used in the URL.
- **Alchemy:** Dashboard → App → Settings → check **API key restrictions**; allow the methods your scripts need (e.g. full access or no "private key only" restriction).
Then keep using the same URL, e.g.
`ETHEREUM_MAINNET_RPC=https://mainnet.infura.io/v3/YOUR_PROJECT_ID`
### Option B — Use a different RPC (no key restriction)
Examples (no API key or key without private-key restriction):
- `ETHEREUM_MAINNET_RPC=https://eth.llamarpc.com`
- `ETHEREUM_MAINNET_RPC=https://rpc.ankr.com/eth`
- `ETHEREUM_MAINNET_RPC=https://ethereum.publicnode.com` **(in use:** set in smom-dbis-138/.env and used for Trustless Mainnet deploy)
- Or any other public/mainnet RPC that accepts `eth_sendTransaction` or signing with your key.
**Security:** Prefer a project-specific URL (Option A) over a shared public RPC when possible.
---
## After unblocking
1. **Trustless Mainnet deploy:**
`cd smom-dbis-138 && source .env && forge script script/bridge/trustless/DeployTrustlessBridge.s.sol:DeployTrustlessBridge --rpc-url "$ETHEREUM_MAINNET_RPC" --broadcast --via-ir`
2. **Trustless liquidity (phase6-provide-liquidity.sh):**
Ensure `LIQUIDITY_POOL`, `RESERVE_SYSTEM`, `ETHEREUM_MAINNET_RPC`, `LIQUIDITY_AMOUNT`, `RESERVE_AMOUNT` are set, then run the script.
---
**Refs:** [OPTIONAL_DEPLOYMENTS_START_HERE](../07-ccip/OPTIONAL_DEPLOYMENTS_START_HERE.md) §2C | [COMPLETION_STATUS_20260215](../archive/00-meta-pruned/COMPLETION_STATUS_20260215.md)
Reference in New Issue View Git Blame Copy Permalink