Updated 2019-12-17
Hyperledger Besu Command Line
This reference describes the syntax of the Hyperledger Besu Command Line Interface (CLI) options and subcommands.
Specifying Options
Besu options can be specified:
- On the command line
- As an environment variable
- In a configuration file.
If an option is specified in multiple places, the order of priority is command line, environment variable, configuration file.
Besu Environment Variables
For each command line option, the equivalent environment variable is:
- Upper-case
-is replaced by_- Has a
BESU_prefix
For example, set --miner-coinbase using the BESU_MINER_COINBASE environment variable.
Options
To start a Besu node run:
besu [OPTIONS] [COMMAND]
banned-node-ids
--banned-node-ids=<bannedNodeId>[,<bannedNodeId>...]...
--banned-nodeids=0xc35c3...d615f,0xf42c13...fc456
BESU_BANNED_NODEIDS=0xc35c3...d615f,0xf42c13...fc456
banned-nodeids=["0xc35c3...d615f","0xf42c13...fc456"]
List of node IDs with which this node will not peer. The node ID is the public key of the node. You can specify the banned node IDs with or without the 0x prefix.
Tip
The singular --banned-node-id and plural --banned-node-ids are available and are two
names for the same option.
bootnodes
--bootnodes[=<enode://[email protected]:port>[,<enode://[email protected]:port>...]...]
--bootnodes=enode://[email protected]:30303,enode://[email protected]:30303
BESU_BOOTNODES=enode://[email protected]:30303,enode://[email protected]:30303
bootnodes=["enode://[email protected]:30303","enode://[email protected]:30303"]
List of comma-separated enode URLs for P2P discovery bootstrap.
When connecting to MainNet or public testnets, the default is a predefined list of enode URLs.
In private networks defined using --genesis-file or when using --network=dev,
the default is an empty list of bootnodes.
config-file
--config-file=<FILE>
--config-file=/home/me/me_node/config.toml
BESU_CONFIG_FILE=/home/me/me_node/config.toml
The path to the TOML configuration file.
The default is none.
data-path
--data-path=<PATH>
--data-path=/home/me/me_node
BESU_DATA_PATH=/home/me/me_node
data-path="/home/me/me_node"
The path to the Besu data directory. The default is the directory in which Besu is installed
or /opt/besu/database if using the Besu Docker image.
discovery-enabled
--discovery-enabled=false
BESU_DISCOVERY_ENABLED=false
discovery-enabled=false
Enables or disables P2P peer discovery.
The default is true.
fast-sync-min-peers
--fast-sync-min-peers=<INTEGER>
--fast-sync-min-peers=2
BESU_FAST_SYNC_MIN_PEERS=2
fast-sync-min-peers=2
Minimum number of peers required before starting fast sync. Default is 5.
Note
If synchronizing in FAST mode, most historical world state data is unavailable. Any methods attempting
to access unavailable world state data return null.
genesis-file
Genesis file is used to create a custom network.
Tip
To use a public Ethereum network such as Rinkeby, use the --network option.
The network option defines the genesis file for public networks.
--genesis-file=<FILE>
--genesis-file=/home/me/me_node/customGenesisFile.json
BESU_GENESIS_FILE=/home/me/me_node/customGenesisFile.json
genesis-file="/home/me/me_node/customGenesisFile.json"
The path to the genesis file.
Important
The --genesis-file and --network option can’t be used at the same time.
graphql-http-cors-origins
--graphql-http-cors-origins=<graphQLHttpCorsAllowedOrigins>
--graphql-http-cors-origins="http://medomain.com","https://meotherdomain.com"
BESU_GRAPHQL_HTTP_CORS_ORIGINS="http://medomain.com","https://meotherdomain.com"
graphql-http-cors-origins=["http://medomain.com","https://meotherdomain.com"]
Comma separated origin domain URLs for CORS validation. The default is none.
graphql-http-enabled
--graphql-http-enabled
BESU_GRAPHQL_HTTP_ENABLED=true
graphql-http-enabled=true
Set to true to enable the GraphQL HTTP service. The default is false.
The default GraphQL HTTP service endpoint is http://127.0.0.1:8547/graphql if set to true.
graphql-http-host
--graphql-http-host=<HOST>
# to listen on all interfaces --graphql-http-host=0.0.0.0
# to listen on all interfaces BESU_GRAPHQL_HTTP_HOST=0.0.0.0
graphql-http-host="0.0.0.0"
Host for GraphQL HTTP to listen on. The default is 127.0.0.1.
To allow remote connections, set to 0.0.0.0
graphql-http-port
--graphql-http-port=<PORT>
# to listen on port 6175 --graphql-http-port=6175
# to listen on port 6175 BESU_GRAPHQL_HTTP_PORT=6175
graphql-http-port="6175"
Specifies GraphQL HTTP listening port (TCP). The default is 8547. Ports must be exposed appropriately.
help
-h, --help
Show the help message and exit.
host-whitelist
--host-whitelist=<hostname>[,<hostname>...]... or "*"
--host-whitelist=medomain.com,meotherdomain.com
BESU_HOST_WHITELIST=medomain.com,meotherdomain.com
host-whitelist=["medomain.com", "meotherdomain.com"]
Comma-separated list of hostnames to allow access to the JSON-RPC API.
By default, access from localhost and 127.0.0.1 is accepted.
Tip
To allow all hostnames, use "*". We don’t recommend allowing all hostnames for production code.
identity
--identity=<String>
--identity=MyNode
BESU_IDENTITY=MyNode
identity="MyNode"
Name for the node. If specified, it is the second section of the client ID provided by some Ethereum network explorers. For example, in the client ID besu/MyNode/v1.3.4/linux-x86_64/oracle_openjdk-java-11, the node name is MyNode.
If a name is not specified, the name section is not included in the client ID. For example, besu/v1.3.4/linux-x86_64/oracle_openjdk-java-11.
key-value-storage
--key-value-storage=<keyValueStorageName>
--key-value-storage=rocksdb
BESU_KEY_VALUE_STORAGE=rocksdb
key-value-storage="rocksdb"
Key-value storage to be used. Use this option only if using a storage system provided with a plugin. Default is rocksdb.
logging
-l, --logging=<LEVEL>
--logging=DEBUG
BESU_LOGGING=DEBUG
logging="DEBUG"
Sets the logging verbosity.
Log levels are OFF, FATAL, ERROR, WARN, INFO, DEBUG, TRACE, ALL.
Default is INFO.
max-peers
--max-peers=<INTEGER>
--max-peers=42
BESU_MAX_PEERS=42
max-peers=42
Specifies the maximum P2P connections that can be established. The default is 25.
metrics-category
--metrics-category=<metrics-category>[,metrics-category...]...
--metrics-category=BLOCKCHAIN,PEERS,PROCESS
BESU_METRICS_CATEGORY=BLOCKCHAIN,PEERS,PROCESS
metrics-category=["BLOCKCHAIN","PEERS","PROCESS"]
Comma separated list of categories for which to track metrics. Defaults are
BLOCKCHAIN, ETHEREUM, EXECUTORS, JVM, NETWORK, PEERS, PERMISSIONING, PROCESS, PRUNER, RPC, SYNCHRONIZER, and TRANSACTION_POOL.
Additional categories are KVSTORE_ROCKSDB, KVSTORE_PRIVATE_ROCKSDB, KVSTORE_ROCKSDB_STATS, and KVSTORE_PRIVATE_ROCKSDB_STATS.
Categories that contain PRIVATE track metrics when private transactions are enabled.
metrics-enabled
--metrics-enabled
BESU_METRICS_ENABLED=true
metrics-enabled=true
Set to true to enable the metrics exporter.
The default is false.
--metrics-enabled cannot be specified with --metrics-push-enabled. That is, either Prometheus polling or Prometheus
push gateway support can be enabled but not both at once.
metrics-host
--metrics-host=<HOST>
--metrics-host=127.0.0.1
BESU_METRICS_HOST=127.0.0.1
metrics-host="127.0.0.1"
Specifies the host on which Prometheus accesses Besu metrics.
The metrics server respects the --host-whitelist option.
The default is 127.0.0.1.
metrics-port
--metrics-port=<PORT>
--metrics-port=6174
BESU_METRICS_PORT=6174
metrics-port="6174"
Specifies the port (TCP) on which Prometheus accesses Besu metrics.
The default is 9545. Ports must be exposed appropriately.
metrics-push-enabled
--metrics-push-enabled[=<true|false>]
--metrics-push-enabled
BESU_METRICS_PUSH_ENABLED=true
metrics-push-enabled="true"
Set to true to start the push gateway integration.
--metrics-push-enabled cannot be specified with --metrics-enabled. That is, either Prometheus polling or Prometheus
push gateway support can be enabled but not both at once.
metrics-push-host
--metrics-push-host=<HOST>
--metrics-push-host=127.0.0.1
BESU_METRICS_PUSH_HOST=127.0.0.1
metrics-push-host="127.0.0.1"
Host of the Prometheus Push Gateway.
The default is 127.0.0.1.
The metrics server respects the --host-whitelist option.
Note
When pushing metrics, ensure --metrics-push-host is set to the machine on which the push gateway is.
Generally, this will be a different machine to the machine on which Besu is running.
metrics-push-interval
--metrics-push-interval=<INTEGER>
--metrics-push-interval=30
BESU_METRICS_PUSH_INTERVAL=30
metrics-push-interval=30
Interval in seconds to push metrics when in push mode. The default is 15.
metrics-push-port
--metrics-push-port=<PORT>
--metrics-push-port=6174
BESU_METRICS_PUSH_PORT=6174
metrics-push-port="6174"
Port (TCP) of the Prometheus Push Gateway.
The default is 9001. Ports must be exposed appropriately.
metrics-push-prometheus-job
--metrics-prometheus-job=<metricsPrometheusJob>
--metrics-prometheus-job="my-custom-job"
BESU_METRICS_PROMETHEUS_JOB="my-custom-job"
metrics-prometheus-job="my-custom-job"
Job name when in push mode. The default is besu-client.
miner-coinbase
--miner-coinbase=<Ethereum account address>
--miner-coinbase=fe3b557e8fb62b89f4916b721be55ceb828dbd73
BESU_MINER_COINBASE=fe3b557e8fb62b89f4916b721be55ceb828dbd73
--miner-coinbase="0xfe3b557e8fb62b89f4916b721be55ceb828dbd73"
Account to which mining rewards are paid.
You must specify a valid coinbase when you enable mining using the --miner-enabled
option or the miner_start JSON RPC-API method.
miner-enabled
--miner-enabled
BESU_MINER_ENABLED=true
miner-enabled=true
Enables mining when the node is started.
Default is false.
miner-extra-data
--miner-extra-data=<Extra data>
--miner-extra-data=0x444F4E27542050414E4943202120484F444C2C20484F444C2C20484F444C2021
BESU_MINER_EXTRA_DATA=0x444F4E27542050414E4943202120484F444C2C20484F444C2C20484F444C2021
miner-extra-data="0x444F4E27542050414E4943202120484F444C2C20484F444C2C20484F444C2021"
A hex string representing the 32 bytes to be included in the extra data field of a mined block. The default is 0x.
miner-stratum-enabled
--miner-stratum-enabled
BESU_MINER_STRATUM_ENABLED=true
miner-stratum-enabled=true
Enables a node to perform stratum mining.
Default is false.
miner-stratum-host
--miner-stratum-host=<HOST>
--miner-stratum-host=192.168.1.132
BESU_MINER_STRATUM_HOST=192.168.1.132
miner-stratum-host="192.168.1.132"
Host of the stratum mining service.
Default is 0.0.0.0.
miner-stratum-port
--miner-stratum-port=<PORT>
--miner-stratum-port=8010
BESU_MINER_STRATUM_PORT=8010
miner-stratum-port="8010"
Port of the stratum mining service.
Default is 8008. Ports must be exposed appropriately.
min-gas-price
--min-gas-price=<minTransactionGasPrice>
--min-gas-price=1337
BESU_MIN_GAS_PRICE=1337
min-gas-price=1337
The minimum price that a transaction offers for it to be included in a mined block. To retrieve the minimum price in a running node, use eth_gasPrice.
Default is 1000.
nat-method
--nat-method=UPNP
nat-method="UPNP"
Specify the method for handling NAT environments. Options are: UPNP and NONE.
The default is NONE, which disables NAT functionality.
Tip
UPnP support is often disabled by default in networking firmware. If disabled by default, explicitly enable UPnP support.
Notes
- Option
UPNPmight introduce delays during node startup, especially on networks where no UPnP gateway device can be found. --nat-methodcannot be used with the Besu Docker image.
network
--network=<NETWORK>
--network=rinkeby
BESU_NETWORK=rinkeby
network="rinkeby"
Predefined network configuration.
The default is mainnet.
Possible values are:
| Network | Chain | Type | Description |
|---|---|---|---|
mainnet |
ETH | Production | Main network |
ropsten |
ETH | Test | PoW network similar to current main Ethereum network |
rinkeby |
ETH | Test | PoA network using Clique |
goerli |
ETH | Test | PoA network using Clique |
dev |
ETH | Development | PoW network with a very low difficulty to enable local CPU mining |
classic |
ETC | Production | Main network |
mordor |
ETC | Test | PoW network |
kotti |
ETC | Test | PoA network using Clique |
Tip
Values are case insensitive, so either mainnet or MAINNET works.
Important
The --network and --genesis-file options cannot be used at the same time.
network-id
--network-id=<INTEGER>
--network-id=8675309
BESU_NETWORK_ID=8675309
network-id="8675309"
This option can be used to override the default network ID. The default value is the network chain ID defined in the genesis file.
node-private-key-file
--node-private-key-file=<FILE>
--node-private-key-file=/home/me/me_node/myPrivateKey
BESU_NODE_PRIVATE_KEY_FILE=/home/me/me_node/myPrivateKey
node-private-key-file="/home/me/me_node/myPrivateKey"
<FILE> is the path of the private key file of the node.
The default is the key file in the data directory.
If no key file exists, a key file containing the generated private key is created;
otherwise, the existing key file specifies the node private key.
Attention
The private key is not encrypted.
p2p-enabled
--p2p-enabled=<true|false>
--p2p-enabled=false
BESU_P2P_ENABLED=false
p2p-enabled=false
Enables or disables all p2p communication. The default is true.
p2p-host
--p2p-host=<HOST>
# to listen on all interfaces --p2p-host=0.0.0.0
# to listen on all interfaces BESU_P2P_HOST=0.0.0.0
p2p-host="0.0.0.0"
Specifies the host on which P2P listens. The default is 127.0.0.1.
p2p-interface
--p2p-interface=<HOST>
--p2p-interface=192.168.1.132
BESU_P2P_INTERFACE=192.168.1.132
p2p-interface="192.168.1.132"
Specifies the network interface on which the node listens for P2P communication. Use the option to specify the required network interface when the device that Besu is running on has multiple network interfaces. The default is 0.0.0.0 (all interfaces).
p2p-port
--p2p-port=<PORT>
# to listen on port 1789 --p2p-port=1789
# to listen on port 1789 BESU_P2P_PORT=1789
p2p-port="1789"
Specifies the P2P listening ports (UDP and TCP). The default is 30303. Ports must be exposed appropriately.
permissions-accounts-config-file
--permissions-accounts-config-file=<FILE>
--permissions-accounts-config-file=/home/me/me_configFiles/myPermissionsFile
BESU_PERMISSIONS_ACCOUNTS_CONFIG_FILE=/home/me/me_configFiles/myPermissionsFile
permissions-accounts-config-file="/home/me/me_configFiles/myPermissionsFile"
Path to the accounts permissions configuration file.
Default is the permissions_config.toml file in the data directory.
Tip
--permissions-accounts-config-file and --permissions-nodes-config-file
can use the same file.
permissions-accounts-config-file-enabled
--permissions-accounts-config-file-enabled[=<true|false>]
--permissions-accounts-config-file-enabled
BESU_PERMISSIONS_ACCOUNTS_CONFIG_FILE_ENABLED=true
permissions-accounts-config-file-enabled=true
Set to enable file-based account level permissions. Default is false.
permissions-accounts-contract-address
--permissions-accounts-contract-address=<ContractAddress>
--permissions-accounts-contract-address=xyz
BESU_PERMISSIONS_ACCOUNTS_CONTRACT_ADDRESS=xyz
permissions-accounts-contract-address=xyz
Specifies the contract address for onchain account permissioning.
permissions-accounts-contract-enabled
--permissions-accounts-contract-enabled[=<true|false>]
--permissions-accounts-contract-enabled
BESU_PERMISSIONS_ACCOUNTS_CONTRACT_ENABLED=true
permissions-accounts-contract-enabled=true
Enables contract-based onchain account permissioning. Default is false.
permissions-nodes-config-file
--permissions-nodes-config-file=<FILE>
--permissions-nodes-config-file=/home/me/me_configFiles/myPermissionsFile
BESU_PERMISSIONS_NODES_CONFIG_FILE=/home/me/me_configFiles/myPermissionsFile
permissions-nodes-config-file="/home/me/me_configFiles/myPermissionsFile"
Path to the nodes permissions configuration file.
Default is the permissions_config.toml file in the data directory.
Tip
--permissions-nodes-config-file and --permissions-accounts-config-file
can use the same file.
permissions-nodes-config-file-enabled
--permissions-nodes-config-file-enabled[=<true|false>]
--permissions-nodes-config-file-enabled
BESU_PERMISSIONS_NODES_CONFIG_FILE_ENABLED=true
permissions-nodes-config-file-enabled=true
Set to enable file-based node level permissions. Default is false.
permissions-nodes-contract-address
--permissions-nodes-contract-address=<ContractAddress>
--permissions-nodes-contract-address=xyz
BESU_PERMISSIONS_NODES_CONTRACT_ADDRESS=xyz
permissions-nodes-contract-address=xyz
Specifies the contract address for onchain node permissioning.
permissions-nodes-contract-enabled
--permissions-nodes-contract-enabled[=<true|false>]
--permissions-nodes-contract-enabled
BESU_PERMISSIONS_NODES_CONTRACT_ENABLED=true
permissions-nodes-contract-enabled=true
Enables contract-based onchain node permissioning. Default is false.
privacy-enabled
--privacy-enabled[=<true|false>]
--privacy-enabled=false
BESU_PRIVACY_ENABLED=false
privacy-enabled=false
Set to enable private transactions. The default is false.
Important
Using private transactions with pruning is not supported.
privacy-marker-transaction-signing-key-file
--privacy-marker-transaction-signing-key-file=<FILE>
--privacy-marker-transaction-signing-key-file=/home/me/me_node/myPrivateKey
PANTHEON_PRIVACY_MARKER_TRANSACTION_SIGNING_KEY_FILE=/home/me/me_node/myPrivateKey
privacy-marker-transaction-signing-key-file="/home/me/me_node/myPrivateKey"
<FILE> is the name of the private key file used to sign Privacy Marker Transactions. If this option isn’t specified, each transaction is signed with a different randomly generated key.
If using account permissioning and privacy, a private key file must be specified and the signing key included in the accounts whitelist.
privacy-precompiled-address
--privacy-precompiled-address=<privacyPrecompiledAddress>
Address to which the privacy pre-compiled contract is mapped. The default is 126.
privacy-public-key-file
--privacy-public-key-file=<privacyPublicKeyFile>
--privacy-public-key-file=Orion/nodeKey.pub
BESU_PRIVACY_PUBLIC_KEY_FILE=Orion/nodeKey.pub
privacy-public-key-file="Orion/nodeKey.pub"
Path to the public key of the Orion node.
privacy-url
--privacy-url=<privacyUrl>
--privacy-url=http://127.0.0.1:8888
BESU_PRIVACY_URL=http://127.0.0.1:8888
privacy-url="http://127.0.0.1:8888"
URL on which the Orion node is running.
pruning-enabled
--pruning-enabled
--pruning-enabled=true
BESU_PRUNING_ENABLED=true
pruning-enabled=true
Enables pruning to reduce storage required for the world state.
Important
Using pruning with private transactions is not supported.
remote-connections-limit-enabled
--remote-connections-limit-enabled[=<true|false>]
--remote-connections-limit-enabled=false
BESU_REMOTE_CONNECTIONS_LIMIT_ENABLED=false
remote-connections-limit-enabled=false
Specify to limit the percentage of remote P2P connections initiated by peers. Default is true.
Tip
In private networks with a level of trust between peers, disabling the remote connection limits may increase the speed at which nodes can join the network.
Important
To prevent eclipse attacks, ensure the remote connections limit is enabled when connecting to
any public network and especially when using --sync-mode and --fast-sync-min-peers.
remote-connections-max-percentage
--remote-connections-max-percentage=<DOUBLE>
--remote-connections-max-percentage=25
BESU_REMOTE_CONNECTIONS_MAX_PERCENTAGE=25
remote-connections-max-percentage=25
Percentage of remote P2P connections that can be established with the node. Must be between 0 and 100 inclusive. Default is 60.
required-block
--required-block, --required-blocks[=BLOCK=HASH[,BLOCK=HASH...]...]
--required-block=6485846=0x43f0cd1e5b1f9c4d5cda26c240b59ee4f1b510d0a185aa8fd476d091b0097a80
BESU_REQUIRED_BLOCK=6485846=0x43f0cd1e5b1f9c4d5cda26c240b59ee4f1b510d0a185aa8fd476d091b0097a80
required-block="6485846=0x43f0cd1e5b1f9c4d5cda26c240b59ee4f1b510d0a185aa8fd476d091b0097a80"
Requires a peer with the specified block number to have the specified hash when connecting, or that peer is rejected.
revert-reason-enabled
--revert-reason-enabled[=<true|false>]
--revert-reason-enabled=true
REVERT_REASON_ENABLED=true
revert-reason-enabled=true
Enables including the revert reason in the transaction
receipt. Default is false.
Caution
Enabling revert reason may use a significant amount of memory. We do not recommend enabling revert reason when connected to public Ethereum networks.
rpc-http-api
--rpc-http-api=<api name>[,<api name>...]...
--rpc-http-api=ETH,NET,WEB3
BESU_RPC_HTTP_API=ETH,NET,WEB3
rpc-http-api=["ETH","NET","WEB3"]
Comma-separated APIs to enable on the HTTP JSON-RPC channel.
When you use this option, the --rpc-http-enabled option must also be specified.
The available API options are: ADMIN, ETH, NET, WEB3, CLIQUE, IBFT, PERM, DEBUG, MINER, EEA, PRIV, and TXPOOL.
The default is: ETH, NET, WEB3.
Tip
The singular --rpc-http-api and plural --rpc-http-apis are available and are two
names for the same option.
rpc-http-authentication-credentials-file
--rpc-http-authentication-credentials-file=<FILE>
--rpc-http-authentication-credentials-file=/home/me/me_node/auth.toml
BESU_RPC_HTTP_AUTHENTICATION_CREDENTIALS_FILE=/home/me/me_node/auth.toml
rpc-http-authentication-credentials-file="/home/me/me_node/auth.toml"
Credentials file for JSON-RPC API authentication.
rpc-http-authentication-enabled
--rpc-http-authentication-enabled
--rpc-http-authentication-enabled
BESU_RPC_HTTP_AUTHENTICATION_ENABLED=true
rpc-http-authentication-enabled=true
Set to true to require authentication for the HTTP JSON-RPC service.
rpc-http-authentication-jwt-public-key-file
--rpc-http-authentication-jwt-public-key-file=<FILE>
--rpc-http-authentication-jwt-public-key-file=publicKey.pem
BESU_RPC_HTTP_AUTHENTICATION-JWT-PUBLIC-KEY-FILE="publicKey.pem"
rpc-http-authentication-jwt-public-key-file="publicKey.pem"
JWT public key file for JSON-RPC HTTP authentication when authenticating with an external JWT token.
rpc-http-cors-origins
--rpc-http-cors-origins=<url>[,<url>...]... or all or "*"
# You can whitelist one or more domains with a comma-separated list. --rpc-http-cors-origins="http://medomain.com","https://meotherdomain.com"
BESU_RPC_HTTP_CORS_ORIGINS="http://medomain.com","https://meotherdomain.com"
rpc-http-cors-origins=["http://medomain.com","https://meotherdomain.com"]
# The following allows Remix to interact with your Besu node. --rpc-http-cors-origins="http://remix.ethereum.org"
Specifies domain URLs for CORS validation. Domain URLs must be enclosed in double quotes and comma-separated.
Listed domains can access the node using JSON-RPC. If your client interacts with Besu using a browser app (such as Remix or a block explorer), you must whitelist the client domains.
The default value is "none".
If you don’t whitelist any domains, browser apps cannot interact with your Besu node.
Note
To run a local Besu node as a backend for MetaMask and use MetaMask anywhere, set --rpc-http-cors-origins to "all" or "*".
To allow a specific domain to use MetaMask with the Besu node, set --rpc-http-cors-origins to the client domain.
Tip
For development purposes, you can use "all" or "*" to accept requests from any domain,
but we don’t recommend this for production code.
rpc-http-enabled
--rpc-http-enabled
BESU_RPC_HTTP_ENABLED=true
rpc-http-enabled=true
Set to true to enable the HTTP JSON-RPC service.
The default is false.
rpc-http-host
--rpc-http-host=<HOST>
# to listen on all interfaces --rpc-http-host=0.0.0.0
BESU_RPC_HTTP_HOST=0.0.0.0
rpc-http-host="0.0.0.0"
Specifies the host on which HTTP JSON-RPC listens. The default is 127.0.0.1.
To allow remote connections, set to 0.0.0.0
Caution
Setting the host to 0.0.0.0 exposes the RPC connection on your node to any remote connection. In a production environment, ensure you are using a firewall to avoid exposing your node to the internet.
rpc-http-port
--rpc-http-port=<PORT>
# to listen on port 3435 --rpc-http-port=3435
BESU_RPC_HTTP_PORT=3435
rpc-http-port="3435"
Specifies HTTP JSON-RPC listening port (TCP). The default is 8545. Ports must be exposed appropriately.
rpc-ws-api
--rpc-ws-api=<api name>[,<api name>...]...
--rpc-ws-api=ETH,NET,WEB3
BESU_RPC_WS_API=ETH,NET,WEB3
rpc-ws-api=["ETH","NET","WEB3"]
Comma-separated APIs to enable on WebSockets channel.
When you use this option, the --rpc-ws-enabled option must also be specified.
The available API options are: ADMIN,ETH, NET, WEB3, CLIQUE, IBFT, PERM, DEBUG, MINER, EEA, PRIV, and TXPOOL.
The default is: ETH, NET, WEB3.
Tip
The singular --rpc-ws-api and plural --rpc-ws-apis are available and are just two
names for the same option.
rpc-ws-authentication-credentials-file
--rpc-ws-authentication-credentials-file=<FILE>
--rpc-ws-authentication-credentials-file=/home/me/me_node/auth.toml
BESU_RPC_WS_AUTHENTICATION_CREDENTIALS_FILE=/home/me/me_node/auth.toml
rpc-ws-authentication-credentials-file="/home/me/me_node/auth.toml"
Credentials file for JSON-RPC API authentication.
rpc-ws-authentication-enabled
--rpc-ws-authentication-enabled
--rpc-ws-authentication-enabled
BESU_RPC_WS_AUTHENTICATION_ENABLED=true
rpc-ws-authentication-enabled=true
Set to true to require authentication for the WebSockets JSON-RPC service.
Note
wscat does not support headers. Authentication requires an authentication token to be passed in the
request header. To use authentication with WebSockets, an app that supports headers is required.
rpc-ws-authentication-jwt-public-key-file
--rpc-http-authentication-jwt-public-key-file=<FILE>
--rpc-http-authentication-jwt-public-key-file=publicKey.pem
BESU_RPC_HTTP_AUTHENTICATION-JWT-PUBLIC-KEY-FILE="publicKey.pem"
rpc-http-authentication-jwt-public-key-file="publicKey.pem"
JWT public key file for JSON-RPC websocket authentication when authenticating with an external JWT token.
rpc-ws-enabled
--rpc-ws-enabled
BESU_RPC_WS_ENABLED=true
rpc-ws-enabled=true
Set to true to enable the WebSockets JSON-RPC service.
The default is false.
rpc-ws-host
--rpc-ws-host=<HOST>
# to listen on all interfaces --rpc-ws-host=0.0.0.0
BESU_RPC_WS_HOST=0.0.0.0
rpc-ws-host="0.0.0.0"
Host for Websocket WS-RPC to listen on. The default is 127.0.0.1.
To allow remote connections, set to 0.0.0.0
rpc-ws-port
--rpc-ws-port=<PORT>
# to listen on port 6174 --rpc-ws-port=6174
BESU_RPC_WS_PORT=6174
rpc-ws-port="6174"
Specifies Websockets JSON-RPC listening port (TCP). The default is 8546. Ports must be exposed appropriately.
sync-mode
--sync-mode=FAST
--sync-mode=FAST
BESU_SYNC_MODE=FAST
sync-mode="FAST"
Specifies the synchronization mode. Default is FULL.
target-gas-limit
--target-gas-limit=<INTEGER>
--target-gas-limit=8000000
BESU_TARGET_GAS_LIMIT=8000000
target-gas-limit="8000000"
Specifies the gas limit toward which Besu will gradually move on an existing network, if enough miners are in agreement. Use target-gas-limit to change the block gas limit set in the genesis file without creating a new network. The gas limit between blocks can change only 1/1024th, so the target tells the block creator how to set the gas limit in its block. If the values are the same or within 1/1024th, the limit is set to the specified value. Otherwise, the limit moves as far as it can within that constraint.
If a value for target-gas-limit is not specified, the block gas limit remains at the value specified in the genesis file.
tx-pool-max-size
--tx-pool-max-size=<INTEGER>
--tx-pool-max-size=2000
BESU_TX_POOL_MAX_SIZE=2000
tx-pool-max-size="2000"
Maximum number of transactions kept in the transaction pool. Default is 4096.
tx-pool-retention-hours
--tx-pool-retention-hours=<INTEGER>
--tx-pool-retention-hours=5
BESU_TX_POOL_RETENTION_HOURS=5
tx-pool-retention-hours="5"
Maximum period in hours to retain pending transactions in the transaction pool. Default is 13.
version
-V, --version
Print version information and exit.