You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

509 lines
20 KiB

  1. ---
  2. order: 3
  3. ---
  4. # Configuration
  5. Tendermint Core can be configured via a TOML file in
  6. `$TMHOME/config/config.toml`. Some of these parameters can be overridden by
  7. command-line flags. For most users, the options in the `##### main base configuration options #####` are intended to be modified while config options
  8. further below are intended for advance power users.
  9. ## Options
  10. The default configuration file create by `tendermint init` has all
  11. the parameters set with their default values. It will look something
  12. like the file below, however, double check by inspecting the
  13. `config.toml` created with your version of `tendermint` installed:
  14. ```toml
  15. # This is a TOML config file.
  16. # For more information, see https://github.com/toml-lang/toml
  17. # NOTE: Any path below can be absolute (e.g. "/var/myawesomeapp/data") or
  18. # relative to the home directory (e.g. "data"). The home directory is
  19. # "$HOME/.tendermint" by default, but could be changed via $TMHOME env variable
  20. # or --home cmd flag.
  21. #######################################################################
  22. ### Main Base Config Options ###
  23. #######################################################################
  24. # TCP or UNIX socket address of the ABCI application,
  25. # or the name of an ABCI application compiled in with the Tendermint binary
  26. proxy-app = "tcp://127.0.0.1:26658"
  27. # A custom human readable name for this node
  28. moniker = "anonymous"
  29. # If this node is many blocks behind the tip of the chain, FastSync
  30. # allows them to catchup quickly by downloading blocks in parallel
  31. # and verifying their commits
  32. fast-sync = true
  33. # Mode of Node: full | validator | seed (default: "validator")
  34. # * validator node (default)
  35. # - all reactors
  36. # - with priv_validator_key.json, priv_validator_state.json
  37. # * full node
  38. # - all reactors
  39. # - No priv_validator_key.json, priv_validator_state.json
  40. # * seed node
  41. # - only P2P, PEX Reactor
  42. # - No priv_validator_key.json, priv_validator_state.json
  43. mode = "validator"
  44. # Database backend: goleveldb | cleveldb | boltdb | rocksdb | badgerdb
  45. # * goleveldb (github.com/syndtr/goleveldb - most popular implementation)
  46. # - pure go
  47. # - stable
  48. # * cleveldb (uses levigo wrapper)
  49. # - fast
  50. # - requires gcc
  51. # - use cleveldb build tag (go build -tags cleveldb)
  52. # * boltdb (uses etcd's fork of bolt - github.com/etcd-io/bbolt)
  53. # - EXPERIMENTAL
  54. # - may be faster is some use-cases (random reads - indexer)
  55. # - use boltdb build tag (go build -tags boltdb)
  56. # * rocksdb (uses github.com/tecbot/gorocksdb)
  57. # - EXPERIMENTAL
  58. # - requires gcc
  59. # - use rocksdb build tag (go build -tags rocksdb)
  60. # * badgerdb (uses github.com/dgraph-io/badger)
  61. # - EXPERIMENTAL
  62. # - use badgerdb build tag (go build -tags badgerdb)
  63. db-backend = "goleveldb"
  64. # Database directory
  65. db-dir = "data"
  66. # Output level for logging, including package level options
  67. log-level = "info"
  68. # Output format: 'plain' (colored text) or 'json'
  69. log-format = "plain"
  70. ##### additional base config options #####
  71. # Path to the JSON file containing the initial validator set and other meta data
  72. genesis-file = "config/genesis.json"
  73. # Path to the JSON file containing the private key to use as a validator in the consensus protocol
  74. priv-validator-key-file = "config/priv_validator_key.json"
  75. # Path to the JSON file containing the last sign state of a validator
  76. priv-validator-state-file = "data/priv_validator_state.json"
  77. # TCP or UNIX socket address for Tendermint to listen on for
  78. # connections from an external PrivValidator process
  79. priv-validator-laddr = ""
  80. # Path to the JSON file containing the private key to use for node authentication in the p2p protocol
  81. node-key-file = "config/node_key.json"
  82. # Mechanism to connect to the ABCI application: socket | grpc
  83. abci = "socket"
  84. # If true, query the ABCI app on connecting to a new peer
  85. # so the app can decide if we should keep the connection or not
  86. filter-peers = false
  87. #######################################################################
  88. ### Advanced Configuration Options ###
  89. #######################################################################
  90. #######################################################
  91. ### RPC Server Configuration Options ###
  92. #######################################################
  93. [rpc]
  94. # TCP or UNIX socket address for the RPC server to listen on
  95. laddr = "tcp://127.0.0.1:26657"
  96. # A list of origins a cross-domain request can be executed from
  97. # Default value '[]' disables cors support
  98. # Use '["*"]' to allow any origin
  99. cors-allowed-origins = []
  100. # A list of methods the client is allowed to use with cross-domain requests
  101. cors-allowed-methods = ["HEAD", "GET", "POST", ]
  102. # A list of non simple headers the client is allowed to use with cross-domain requests
  103. cors-allowed-headers = ["Origin", "Accept", "Content-Type", "X-Requested-With", "X-Server-Time", ]
  104. # TCP or UNIX socket address for the gRPC server to listen on
  105. # NOTE: This server only supports /broadcast_tx_commit
  106. grpc-laddr = ""
  107. # Maximum number of simultaneous connections.
  108. # Does not include RPC (HTTP&WebSocket) connections. See max-open-connections
  109. # If you want to accept a larger number than the default, make sure
  110. # you increase your OS limits.
  111. # 0 - unlimited.
  112. # Should be < {ulimit -Sn} - {MaxNumInboundPeers} - {MaxNumOutboundPeers} - {N of wal, db and other open files}
  113. # 1024 - 40 - 10 - 50 = 924 = ~900
  114. grpc-max-open-connections = 900
  115. # Activate unsafe RPC commands like /dial_seeds and /unsafe_flush_mempool
  116. unsafe = false
  117. # Maximum number of simultaneous connections (including WebSocket).
  118. # Does not include gRPC connections. See grpc-max-open-connections
  119. # If you want to accept a larger number than the default, make sure
  120. # you increase your OS limits.
  121. # 0 - unlimited.
  122. # Should be < {ulimit -Sn} - {MaxNumInboundPeers} - {MaxNumOutboundPeers} - {N of wal, db and other open files}
  123. # 1024 - 40 - 10 - 50 = 924 = ~900
  124. max-open-connections = 900
  125. # Maximum number of unique clientIDs that can /subscribe
  126. # If you're using /broadcast_tx_commit, set to the estimated maximum number
  127. # of broadcast_tx_commit calls per block.
  128. max-subscription-clients = 100
  129. # Maximum number of unique queries a given client can /subscribe to
  130. # If you're using GRPC (or Local RPC client) and /broadcast_tx_commit, set to
  131. # the estimated # maximum number of broadcast_tx_commit calls per block.
  132. max-subscriptions-per-client = 5
  133. # How long to wait for a tx to be committed during /broadcast_tx_commit.
  134. # WARNING: Using a value larger than 10s will result in increasing the
  135. # global HTTP write timeout, which applies to all connections and endpoints.
  136. # See https://github.com/tendermint/tendermint/issues/3435
  137. timeout-broadcast-tx-commit = "10s"
  138. # Maximum size of request body, in bytes
  139. max-body-bytes = 1000000
  140. # Maximum size of request header, in bytes
  141. max-header-bytes = 1048576
  142. # The path to a file containing certificate that is used to create the HTTPS server.
  143. # Might be either absolute path or path related to Tendermint's config directory.
  144. # If the certificate is signed by a certificate authority,
  145. # the certFile should be the concatenation of the server's certificate, any intermediates,
  146. # and the CA's certificate.
  147. # NOTE: both tls-cert-file and tls-key-file must be present for Tendermint to create HTTPS server.
  148. # Otherwise, HTTP server is run.
  149. tls-cert-file = ""
  150. # The path to a file containing matching private key that is used to create the HTTPS server.
  151. # Might be either absolute path or path related to Tendermint's config directory.
  152. # NOTE: both tls-cert-file and tls-key-file must be present for Tendermint to create HTTPS server.
  153. # Otherwise, HTTP server is run.
  154. tls-key-file = ""
  155. # pprof listen address (https://golang.org/pkg/net/http/pprof)
  156. pprof-laddr = ""
  157. #######################################################
  158. ### P2P Configuration Options ###
  159. #######################################################
  160. [p2p]
  161. # Address to listen for incoming connections
  162. laddr = "tcp://0.0.0.0:26656"
  163. # Address to advertise to peers for them to dial
  164. # If empty, will use the same port as the laddr,
  165. # and will introspect on the listener or use UPnP
  166. # to figure out the address.
  167. external-address = ""
  168. # Comma separated list of seed nodes to connect to
  169. seeds = ""
  170. # Comma separated list of nodes to keep persistent connections to
  171. persistent-peers = ""
  172. # UPNP port forwarding
  173. upnp = false
  174. # Path to address book
  175. addr-book-file = "config/addrbook.json"
  176. # Set true for strict address routability rules
  177. # Set false for private or local networks
  178. addr-book-strict = true
  179. # Maximum number of inbound peers
  180. max-num-inbound-peers = 40
  181. # Maximum number of outbound peers to connect to, excluding persistent peers
  182. max-num-outbound-peers = 10
  183. # Maximum number of connections (inbound and outbound).
  184. max-connections = 64
  185. # Rate limits the number of incoming connection attempts per IP address.
  186. max-incoming-connection-attempts = 100
  187. # List of node IDs, to which a connection will be (re)established ignoring any existing limits
  188. unconditional-peer-ids = ""
  189. # Maximum pause when redialing a persistent peer (if zero, exponential backoff is used)
  190. persistent-peers-max-dial-period = "0s"
  191. # Time to wait before flushing messages out on the connection
  192. flush-throttle-timeout = "100ms"
  193. # Maximum size of a message packet payload, in bytes
  194. max-packet-msg-payload-size = 1024
  195. # Rate at which packets can be sent, in bytes/second
  196. send-rate = 5120000
  197. # Rate at which packets can be received, in bytes/second
  198. recv-rate = 5120000
  199. # Set true to enable the peer-exchange reactor
  200. pex = true
  201. # Comma separated list of peer IDs to keep private (will not be gossiped to other peers)
  202. private-peer-ids = ""
  203. # Toggle to disable guard against peers connecting from the same ip.
  204. allow-duplicate-ip = false
  205. # Peer connection configuration.
  206. handshake-timeout = "20s"
  207. dial-timeout = "3s"
  208. #######################################################
  209. ### Mempool Configuration Option ###
  210. #######################################################
  211. [mempool]
  212. recheck = true
  213. broadcast = true
  214. wal-dir = ""
  215. # Maximum number of transactions in the mempool
  216. size = 5000
  217. # Limit the total size of all txs in the mempool.
  218. # This only accounts for raw transactions (e.g. given 1MB transactions and
  219. # max-txs-bytes=5MB, mempool will only accept 5 transactions).
  220. max-txs-bytes = 1073741824
  221. # Size of the cache (used to filter transactions we saw earlier) in transactions
  222. cache-size = 10000
  223. # Do not remove invalid transactions from the cache (default: false)
  224. # Set to true if it's not possible for any invalid transaction to become valid
  225. # again in the future.
  226. keep-invalid-txs-in-cache = false
  227. # Maximum size of a single transaction.
  228. # NOTE: the max size of a tx transmitted over the network is {max-tx-bytes}.
  229. max-tx-bytes = 1048576
  230. # Maximum size of a batch of transactions to send to a peer
  231. # Including space needed by encoding (one varint per transaction).
  232. # XXX: Unused due to https://github.com/tendermint/tendermint/issues/5796
  233. max-batch-bytes = 0
  234. #######################################################
  235. ### State Sync Configuration Options ###
  236. #######################################################
  237. [statesync]
  238. # State sync rapidly bootstraps a new node by discovering, fetching, and restoring a state machine
  239. # snapshot from peers instead of fetching and replaying historical blocks. Requires some peers in
  240. # the network to take and serve state machine snapshots. State sync is not attempted if the node
  241. # has any local state (LastBlockHeight > 0). The node will have a truncated block history,
  242. # starting from the height of the snapshot.
  243. enable = false
  244. # RPC servers (comma-separated) for light client verification of the synced state machine and
  245. # retrieval of state data for node bootstrapping. Also needs a trusted height and corresponding
  246. # header hash obtained from a trusted source, and a period during which validators can be trusted.
  247. #
  248. # For Cosmos SDK-based chains, trust-period should usually be about 2/3 of the unbonding time (~2
  249. # weeks) during which they can be financially punished (slashed) for misbehavior.
  250. rpc-servers = ""
  251. trust-height = 0
  252. trust-hash = ""
  253. trust-period = "168h0m0s"
  254. # Time to spend discovering snapshots before initiating a restore.
  255. discovery-time = "15s"
  256. # Temporary directory for state sync snapshot chunks, defaults to the OS tempdir (typically /tmp).
  257. # Will create a new, randomly named directory within, and remove it when done.
  258. temp-dir = ""
  259. #######################################################
  260. ### Fast Sync Configuration Connections ###
  261. #######################################################
  262. [fastsync]
  263. # Fast Sync version to use:
  264. # 1) "v0" (default) - the legacy fast sync implementation
  265. # 2) "v2" - complete redesign of v0, optimized for testability & readability
  266. version = "v0"
  267. #######################################################
  268. ### Consensus Configuration Options ###
  269. #######################################################
  270. [consensus]
  271. wal-file = "data/cs.wal/wal"
  272. # How long we wait for a proposal block before prevoting nil
  273. timeout-propose = "3s"
  274. # How much timeout-propose increases with each round
  275. timeout-propose-delta = "500ms"
  276. # How long we wait after receiving +2/3 prevotes for “anything” (ie. not a single block or nil)
  277. timeout-prevote = "1s"
  278. # How much the timeout-prevote increases with each round
  279. timeout-prevote-delta = "500ms"
  280. # How long we wait after receiving +2/3 precommits for “anything” (ie. not a single block or nil)
  281. timeout-precommit = "1s"
  282. # How much the timeout-precommit increases with each round
  283. timeout-precommit-delta = "500ms"
  284. # How long we wait after committing a block, before starting on the new
  285. # height (this gives us a chance to receive some more precommits, even
  286. # though we already have +2/3).
  287. timeout-commit = "1s"
  288. # How many blocks to look back to check existence of the node's consensus votes before joining consensus
  289. # When non-zero, the node will panic upon restart
  290. # if the same consensus key was used to sign {double-sign-check-height} last blocks.
  291. # So, validators should stop the state machine, wait for some blocks, and then restart the state machine to avoid panic.
  292. double-sign-check-height = 0
  293. # Make progress as soon as we have all the precommits (as if TimeoutCommit = 0)
  294. skip-timeout-commit = false
  295. # EmptyBlocks mode and possible interval between empty blocks
  296. create-empty-blocks = true
  297. create-empty-blocks-interval = "0s"
  298. # Reactor sleep duration parameters
  299. peer-gossip-sleep-duration = "100ms"
  300. peer-query-maj23-sleep-duration = "2s"
  301. #######################################################
  302. ### Transaction Indexer Configuration Options ###
  303. #######################################################
  304. [tx-index]
  305. # What indexer to use for transactions
  306. #
  307. # The application will set which txs to index. In some cases a node operator will be able
  308. # to decide which txs to index based on configuration set in the application.
  309. #
  310. # Options:
  311. # 1) "null"
  312. # 2) "kv" (default) - the simplest possible indexer, backed by key-value storage (defaults to levelDB; see DBBackend).
  313. # - When "kv" is chosen "tx.height" and "tx.hash" will always be indexed.
  314. indexer = "kv"
  315. #######################################################
  316. ### Instrumentation Configuration Options ###
  317. #######################################################
  318. [instrumentation]
  319. # When true, Prometheus metrics are served under /metrics on
  320. # PrometheusListenAddr.
  321. # Check out the documentation for the list of available metrics.
  322. prometheus = false
  323. # Address to listen for Prometheus collector(s) connections
  324. prometheus-listen-addr = ":26660"
  325. # Maximum number of simultaneous connections.
  326. # If you want to accept a larger number than the default, make sure
  327. # you increase your OS limits.
  328. # 0 - unlimited.
  329. max-open-connections = 3
  330. # Instrumentation namespace
  331. namespace = "tendermint"
  332. ```
  333. ## Empty blocks VS no empty blocks
  334. ### create-empty-blocks = true
  335. If `create-empty-blocks` is set to `true` in your config, blocks will be
  336. created ~ every second (with default consensus parameters). You can regulate
  337. the delay between blocks by changing the `timeout-commit`. E.g. `timeout-commit = "10s"` should result in ~ 10 second blocks.
  338. ### create-empty-blocks = false
  339. In this setting, blocks are created when transactions received.
  340. Note after the block H, Tendermint creates something we call a "proof block"
  341. (only if the application hash changed) H+1. The reason for this is to support
  342. proofs. If you have a transaction in block H that changes the state to X, the
  343. new application hash will only be included in block H+1. If after your
  344. transaction is committed, you want to get a light-client proof for the new state
  345. (X), you need the new block to be committed in order to do that because the new
  346. block has the new application hash for the state X. That's why we make a new
  347. (empty) block if the application hash changes. Otherwise, you won't be able to
  348. make a proof for the new state.
  349. Plus, if you set `create-empty-blocks-interval` to something other than the
  350. default (`0`), Tendermint will be creating empty blocks even in the absence of
  351. transactions every `create-empty-blocks-interval`. For instance, with
  352. `create-empty-blocks = false` and `create-empty-blocks-interval = "30s"`,
  353. Tendermint will only create blocks if there are transactions, or after waiting
  354. 30 seconds without receiving any transactions.
  355. ## Consensus timeouts explained
  356. There's a variety of information about timeouts in [Running in
  357. production](../tendermint-core/running-in-production.md)
  358. You can also find more detailed technical explanation in the spec: [The latest
  359. gossip on BFT consensus](https://arxiv.org/abs/1807.04938).
  360. ```toml
  361. [consensus]
  362. ...
  363. timeout-propose = "3s"
  364. timeout-propose-delta = "500ms"
  365. timeout-prevote = "1s"
  366. timeout-prevote-delta = "500ms"
  367. timeout-precommit = "1s"
  368. timeout-precommit-delta = "500ms"
  369. timeout-commit = "1s"
  370. ```
  371. Note that in a successful round, the only timeout that we absolutely wait no
  372. matter what is `timeout-commit`.
  373. Here's a brief summary of the timeouts:
  374. - `timeout-propose` = how long we wait for a proposal block before prevoting
  375. nil
  376. - `timeout-propose-delta` = how much timeout-propose increases with each round
  377. - `timeout-prevote` = how long we wait after receiving +2/3 prevotes for
  378. anything (ie. not a single block or nil)
  379. - `timeout-prevote-delta` = how much the timeout-prevote increases with each
  380. round
  381. - `timeout-precommit` = how long we wait after receiving +2/3 precommits for
  382. anything (ie. not a single block or nil)
  383. - `timeout-precommit-delta` = how much the timeout-precommit increases with
  384. each round
  385. - `timeout-commit` = how long we wait after committing a block, before starting
  386. on the new height (this gives us a chance to receive some more precommits,
  387. even though we already have +2/3)
  388. ## P2P settings
  389. This section will cover settings within the p2p section of the `config.toml`.
  390. - `external-address` = is the address that will be advertised for other nodes to use. We recommend setting this field with your public IP and p2p port.
  391. - > We recommend setting an external address. When used in a private network, Tendermint Core currently doesn't advertise the node's public address. There is active and ongoing work to improve the P2P system, but this is a helpful workaround for now.
  392. - `seeds` = is a list of comma separated seed nodes that you will connect upon a start and ask for peers. A seed node is a node that does not participate in consensus but only helps propagate peers to nodes in the networks
  393. - `persistent-peers` = is a list of comma separated peers that you will always want to be connected to. If you're already connected to the maximum number of peers, persistent peers will not be added.
  394. - `max-num-inbound-peers` = is the maximum number of peers you will accept inbound connections from at one time (where they dial your address and initiate the connection).
  395. - `max-num-outbound-peers` = is the maximum number of peers you will initiate outbound connects to at one time (where you dial their address and initiate the connection).
  396. - `unconditional-peer-ids` = is similar to `persistent-peers` except that these peers will be connected to even if you are already connected to the maximum number of peers. This can be a validator node ID on your sentry node.
  397. - `pex` = turns the peer exchange reactor on or off. Validator node will want the `pex` turned off so it would not begin gossiping to unknown peers on the network. PeX can also be turned off for statically configured networks with fixed network connectivity. For full nodes on open, dynamic networks, it should be turned on.
  398. - `private-peer-ids` = is a comma-separated list of node ids that will _not_ be exposed to other peers (i.e., you will not tell other peers about the ids in this list). This can be filled with a validator's node id.