DNS/Resolve Peer Addresses

+2 votes

I want to be able to have:

Admin Node: lives in cold storage until except for initial setup of the chain, and when needing to generate new accesses to the chain.

Intermediary Node: only node approved to connect to admin node with read rights, synch's Admin Node transactions to push to peers.

Peers: I want all peers to be able to look for and connect to each other on there own without manually entering IP's.

I would also like to restrict write access to wallets that have a certain digital token. Can I do this at the native level or should I do it in my backend application? (Ruby/Rails).
asked May 5, 2016 by mreichardt

1 Answer

0 votes

No problem with the admin node (or admin key) being in cold storage - just export it using dumpprivkey, then kill the node/server on which it was generated. You can then sign admin transactions offline, building them using the extended raw transaction interface:


You wouldn't need an intermediary node for this - instead just pass a raw unsigned transaction to the device with the admin key, call signrawtransaction (or the equivalent), and then pass it back.

As for peer discovery, you need some way of bootstrapping the process of peers finding each other. They're not going to be able to just find each other on the open Internet because there are billions of possible IP addresses. Perhaps you can use DNS for this purpose - there's no problem substituting the IP address in a node address for its domain name equivalent.

Restricting write access is easy - just use the send permission.

answered May 6, 2016 by MultiChain