Update docs and default rpc endpoint

helius-labs · Jul 25, 2024 · e4eacd2 · e4eacd2
1 parent b82d806
commit e4eacd2
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 4 deletions.
diff --git a/README.md b/README.md
@@ -1,4 +1,4 @@
-# Validator Firewall
+ # Validator Firewall
 
 Low level blocking for validator nodes. This project is a work in progress and interfaces may change.
 
@@ -63,7 +63,11 @@ cargo build
 #If -p is not specified, we only act on 8009, 8010 
 RUST_LOG=info cargo xtask run --release -- --iface <iface> --static-overrides <path_to_static_overrides.yaml> -p 8004 -p 8005 -p 8006
 ```
+## Leader Schedule Aware Blocking
 
+By default, the firewall will attempt to determine the identity of the validator by looking at "getIdentity" from the given
+RPC endpoint (default: http://localhost:8099).  If an external RPC endpoint is specified, the identity of the validator
+being protected *MUST* be provided, or the firewall will not be able to determine if the validator is the leader or not.
 
 ## Production
 This should be run under a user with the CAP_NET_ADMIN capability. This is required to load the eBPF program and to set the XDP program on the interface.

diff --git a/install_service.sh b/install_service.sh
@@ -11,6 +11,11 @@ if ! command_exists cargo; then
     exit 1
 fi
 
+//install rust nightly and bpf linker
+echo "Installing Rust nightly and BPF linker..."
+rustup toolchain install nightly --component rust-src
+cargo install bpf-linker
+
 # Build the eBPF binary
 echo "Running 'cargo xtask build-ebpf --release'..."
 if ! cargo xtask build-ebpf --release; then

diff --git a/validator-firewall/src/main.rs b/validator-firewall/src/main.rs
@@ -35,7 +35,7 @@ struct HVFConfig {
     iface: String,
     #[clap(short, long)]
     static_overrides: Option<PathBuf>,
-    #[clap(short, long, default_value = "https://api.mainnet-beta.solana.com")]
+    #[clap(short, long, default_value = "http://localhost:8899")]
     rpc_endpoint: String,
     #[arg(short, long, value_name = "PORT", value_parser = clap::value_parser!(u16), num_args = 0..)]
     protected_ports: Vec<u16>,
@@ -135,7 +135,7 @@ async fn main() -> Result<(), anyhow::Error> {
     let gossip_exit = exit.clone();
 
     let ip_svc_handle = if let Some(url) = config.external_ip_service_url {
-        // Use external IP service
+        info!("Using external IP service: {}", url);
         let ip_service = ExternalAllowListClient::new(url);
         let state_updater = AllowListStateUpdater::new(
             gossip_exit,
@@ -150,7 +150,7 @@ async fn main() -> Result<(), anyhow::Error> {
 
         state_updater_handle
     } else {
-        // Poll gossip directly
+        info!("Sourcing allowlist from gossip");
         let s_updater = AllowListStateUpdater::new(
             gossip_exit,
             Arc::new(AllowListService::new(GossipAllowListClient::new(