Skip to content

Instantly share code, notes, and snippets.

@sanderfoobar

sanderfoobar/monero_rpc_i2p.md

Last active January 29, 2023 20:00
Show Gist options
  • Star 6 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save sanderfoobar/2f2f0ce7a2d099f22e55ba9e4fe1bfba to your computer and use it in GitHub Desktop.
Save sanderfoobar/2f2f0ce7a2d099f22e55ba9e4fe1bfba to your computer and use it in GitHub Desktop.
Download ZIP
Host an I2P monerod node
Raw
monero_rpc_i2p.md

Hosting a Monero p2p node on I2P

This document serves as a small tutorial for new and/or existing Monero node operators who wish to support I2P users by allowing their nodes to communicate p2p through I2P.

You should be able to get through this document and host an I2P node in ~20 minutes.

Requirements:

  • Linux system, can be behind a firewall (i.e: home network)
  • Latest monero (CLI) release: link
  • Latest I2P-Zero (v1.12 at time of writing): link

I2P-Zero

I2P-Zero (also refered to as i2pz) is a small footprint I2P router. It has a slimmed down Java runtime embedded and as such has zero dependencies.

This program has a control port on 8051 which you can use to create I2P service(s), which is a simple plaintext protocol. To interact with it, use tunnel-control.sh or, alternatively simply use netcat: echo -e "version" | nc 127.0.0.1 8051.

I2P-Zero comes with A GUI but we will not be using that, since you are most likely installing on a server.

In short, I2P-Zero allows us to:

  1. Host an 'eepsite' (I2P website)
  2. Host any service on the I2P network (for example; forward a local web server at 127.0.0.1:80 to be available via I2P.
  3. Create a local SOCKS proxy, which you can use to tunnel traffic through.

Our goal is to host a fully operational node over I2P, so we'll need to configure both incoming and outbound traffic over I2P:

  • For hosting monerod over I2P, we'll need option 2.
  • For sending traffic into I2P we'll need option 3.

I2P-Zero installation

  1. Unpack and navigate to i2p-zero-linux.vX.XX/router/bin.
  2. Launch the I2P-Zero process; ./launch.sh
  3. ???
  4. w00t!!

verify it is running: netstat -tulpn | grep '8051' (we are grepping for the control port).

I2P-Zero systemd

A systemd startup script is available for /etc/systemd/system/i2pzero.service:

[Unit]
Description=i2pzero

[Service]
Type=simple
ExecStart=/bin/bash /home/i2pz/i2p-zero-linux.v1.10/router/bin/launch.sh
User=i2pz
Group=i2pz

[Install]
WantedBy=multi-user.target

Change paths as you wish, reload systemd: systemctl daemon-reload, then you can do service i2pzero start.

verify it is running: netstat -tulpn | grep '8051'.

Configuring I2P-Zero - creating a server

First thing we need to do is register an I2P service/server:

  • ./tunnel-control.sh server.create 127.0.0.1 48083

The output will give you an I2P b32 address, for example:

suspiciouslyrandomandverylongstring.b32.i2p

This will be the address of your I2P server/service and will be used for incoming connections.

Configuring I2P-Zero - creating a SOCKS tunnel

To allow our node to relay incoming transactions over I2P, we need to make outbound connections over I2P. To send traffic into I2P, we'll need to create a SOCKS tunnel. I2P-Zero can do this for us.

Execute the following to create a SOCKS tunnel:

  • ./tunnel-control.sh socks.create 48085

I2P-Zero will acknowledge the creation of this tunnel with a simple OK.

To monitor the tunnel:

./tunnel-control.sh all.list | python -m json.tool

Launching monerod

Time to launch monerod. The flag we should include is --anonymous-inbound (documentation) so that monerod knows what our 'public' I2P server address & port is.

The format is --anonymous-inbound <address>,127.0.0.1:<M> where M is a free local port and address is your b32.i2p address.

We previously assigned port 48083 to our I2P server. Our flag becomes:

--anonymous-inbound "suspiciouslyrandomandverylongstring.b32.i2p,127.0.0.1:48083"

Another flag you should include is --proxy (documentation). Failure to include this flag will result in your node not being able to relay transactions into the I2P network. You should always include this flag.

--proxy i2p,127.0.0.1:48085

The last flag you should include is --add-peer which specifies an existing I2P seed node (also called mipseed) to connect to. Without this command, you will not be able to relay transactions as you're not connected to any nodes.

--add-peer "dsc7fyzzultm7y6pmx2avu6tze3usc7d27nkbzs5qwuujplxcmzq.b32.i2p"

Monero Daemon systemd

A systemd startup script is available for /etc/systemd/system/monerod.service:

[Unit]
Description=monerod
After=network.target

[Service]
Type=forking
PIDFile=/home/monero/monerod.pid
ExecStart=/home/monero/monero-x86_64-linux-gnu.0.14.1.0/monerod --anonymous-inbound "suspiciouslyrandomandverylongstring.b32.i2p,127.0.0.1:48083" --restricted-rpc --detach --pidfile /home/monero/monerod.pid
User=monero
Group=monero

[Install]
WantedBy=multi-user.target

Change as you see fit.

Conclusion

To wrap up, the above 3 flags (--anonymous-inbound, --proxy, --add-peer) are needed to get an I2P-Zero powered Monero node hosted.

For comprehensibility, I will include the full monerod command that I personally use on my public RPC Monero node that's on a server:

./monerod
  --max-concurrency 4 \
  --rpc-bind-ip YOUR.IP \
  --rpc-bind-port 18089 \
  --restricted-rpc \
  --public-node \
  --anonymous-inbound "suspiciouslyrandomandverylongstring.b32.i2p,127.0.0.1:48083" \
  --proxy i2p,127.0.0.1:48085 \
  --add-peer "dsc7fyzzultm7y6pmx2avu6tze3usc7d27nkbzs5qwuujplxcmzq.b32.i2p" \
  --confirm-external-bind

Further readings:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment