# Setup Komodo Notary Node

# NN Repo Quick Reference

Disclaimer

This guide serves to offer notary operators a reference for building a Komodo Notary Node server. It is possible that some instructions could be deprecated by the time you read it (e.g. coin commit hashes) - please refer to https://github.com/KomodoPlatform/dPoW/blob/master/doc (opens new window) for more recent updates.

Traditionally, Komodo Notary Nodes have been setup using a "Main" and "Third party" server. The "Main" server is used to notarize KMD and Antara smart chains, and the "Third party" server is used to notarize coins from external projects. Beginning in season 7, the Komodo Notary Node network will allow running the old "Third party" node on the same server as the "Main" node. Though operators may use alternative methods of virtualisation such as proxmox, this guide will focus on using docker containers to run the "Third party" daemons.

The steps for setting up your nodes are as follows:

Secure your Server
Install KMD and LTC Deamons, then launch them, import the private key linked to your "Main" elected pubkey, and let them sync. and let them sync (this may take a couple of days).
Launch the other "Main" server chains, import the private key linked to your "Main" elected pubkey, and let them sync.
Setup the 3rd Party docker containers, import the private key linked to your "3P" elected pubkey, and let them sync.
Install and configure Iguana

Some additional tips will be included at the end of the guide to help with node management and maintainence.

If you face problems, please join the #notarynode channel on the Komodo Discord Server (opens new window) for help.

Note

We recommend the Notary Node Operators to check the Table at https://github.com/KomodoPlatform/dPoW/tree/season-seven#dpow-asset-status (opens new window) for latest information on the repositories and branches/commits to use for installing chains. If there is contradicting information in this document, treat the information within the dPoW reopsitory as the point of truth. Using the exact repository and branch/tag listed is very important for the security of the network.

# Minimum System Requirements

Notary nodes must be run on a dedicated server in a Tier 3 datacenter. Running on a local desktop PC or VPS is not allowed. The minimum system requirements are as follows:

OS: Debian/Ubuntu LTS x64 - minimal installation with Openssh server (recommended).
CPU: A High-Performance CPU (e.g. Xeon, i7/i9, Ryzen, EPYC, etc.) with 8+ Cores
RAM: 64GB+ RAM
HDD: 1TB+ (SSD is recommended)
Bandwidth: 100 Mbps or higher
Location: Within the region where you were elected.

This guide assumes you are using Ubuntu 20.04 LTS. If using Debian 11, scroll to the bottom of this guide for notes on required dependencies and build scripts.

# Creating notary pubkeys

Once you have been elected as a notary node operator, you will need to generate your notary pubkeys and register them with the Komodo Team via your proposal on https://github.com/KomodoPlatform/NotaryNodes (opens new window) soon after the election, so they can be included in the Komodo codebase for the next hardfork.

Notary node operators have to provide 2 seperate pubkeys, one for your Main Server and one for your 3rd Party Server. This means you will have to generate 2 seed phrases (i.e passphrases) individually which will each be linked to a pubkey, and a set of addresses and private keys (WIF).

DO NOT IMPORT YOUR MAIN PUBKEY INTO ANY 3RD PARTY DAEMON. For security, you should never enter your seed phrase or private key in any other node than your specific notary node server. If you ever expose a private key for any particular coin, it can be converted to all other coins easily.

# Generating a pubkey

Your pubkey will start with 02 or 03. Follow this guide to generate all the required info in your own server. You will need the "Compressed Public Key", "Compressed WIF" and "Compressed Address" from the output generated by the script. Based on the default seed used in the genkomodo.php file, we get the following information:

Pubkey: 02a854251adfee222bede8396fed0756985d4ea905f72611740867c7a4ad6488c1
LTC Address: LfK5cYTTSDoSVSYtxkTVv8dGnqXYZRsn86
LTC WIF: 6vCN7rsS1bPFgs98G2PQgcHP2EArh39Un1QDh16YrPrJxCZTthq
KMD Address: RVNKRr2uxPMxJeDwFnTKjdtiLtcs7UzCZn
KMD WIF: UtrRXqvRFUAtCrCTRAHPH6yroQKUrrTJRmxt2h5U4QTUN1jCxTAh
EMC2 Address: EdF2quz8nWrJDwTbbTTieFYUMGfPsVB5dv
EMC2 WIF: T7trfubd9dBEWe3EnFYfj1r1pBueqqCaUUVKKEvLAfQvz3JFsNhs
AYA Address: AVjkMgFfmMZbpFvmTxCcxadnD6g1EdQue3
AYA WIF: T6oxgc9ZYJA1Uvsm31Gb8Mg31hHgLWue7RuqQMjEHUWZEi5TdskL

CHIPS, all Komodo Smart Chains and Komodo source forks like MCL, TOKEL and VRSC use the same address and WIF format as Komodo (KMD).

# Do not keep your seed phrase or private keys saved in your local computer! Never import it into any other apps!

If your notary seed or private keys are compromised, it not only places your server and notary funds at risk, but may also compromise the security of the entire dPoW network. If you ever suspect that your seed or private keys have been compromised, you should immediately contact the Komodo Team so steps can be taken to mitigate any potential threats.

It is recommended that you write down the randomly generated seed (24 words) in a piece of paper (or use a rugged physical backup like CryptoSteel), then type directly into your server, or generate the seed phrase on the server itself with a tool like https://github.com/smk762/DragonhoundTools/blob/master/wallet/gen_seed.py (opens new window).

# Security

Before doing anything further, ensure that your server is secure.

Note

In the examples below, I will use the username dragonhound. Please replace this with your own username. Make sure to use a password manager like KeePassXC (opens new window) to generate and store your sudo passwords an SSH keys, and backup your password database to a secure location so you dont lose access to your server if your desktop/laptop fails.

Update the system: sudo apt-get update && sudo apt-get upgrade -y

Create a new user & give it sudo permissions (opens new window):

adduser dragonhound # to add a new user
passwd dragonhound # set a password for new user
usermod -aG sudo dragonhound # to give the user sudo permissions
su - dragonhound # to switch to the new user

Install Fail2ban (opens new window) with sudo apt install fail2ban. It will start automatically after installation.
Install UFW (opens new window) (make sure to allow SSH access before enabling the firewall).
```
sudo apt install ufw
sudo ufw allow OpenSSH
sudo ufw enable
```
Create an SSH key (opens new window) on your PC, then add the public SSH key to the server. This will allow you to login without a password. Repeat this step for each device you will use to access the server. For example:
- Create an ED25519 SSH key (e.g. on your laptop) with ssh-keygen -t ed25519 -C "dragonhound@laptop"
- View the public key with cat ~/.ssh/id_ed25519.pub.
- It will look like ssh-ed25519 AAAAC3NzaC1lZD42STE5AAAAIK0wmN/Cr3JXqmLW7u+g9pTh+wyqDHpSQEIQczXkVx9q dragonhound@laptop
Add the SSH key to your server:
- On the server, create a .ssh folder in your home directory with mkdir ~/.ssh
- Create a file to contain authorized keys with nano ~/.ssh/authorized_keys
- Paste the public key into the file, then save and exit.
- Restrict file permissions with sudo chmod 600 ~/.ssh/authorized_keys and sudo chmod 700 ~/.ssh
- To confirm that the key works, open a new terminal on your desktop/laptop and run ssh dragonhound@<SERVER_IP>. If everything is working, you should be logged in without being asked for a password.
Disable password authentication (opens new window)
- Make sure you have added your SSH key to the server and confirmed it is working before doing this!
- Open the SSH daemon config file with sudo nano /etc/ssh/sshd_config
- Find the line that says #PasswordAuthentication yes and change it to PasswordAuthentication no then save and exit the file.
- Restart the SSH daemon with sudo systemctl restart sshd
Disable root login (opens new window)
- Open the SSH daemon config file with sudo nano /etc/ssh/sshd_config
- Set PermitRootLogin no then save and exit the file
- Restart the SSH daemon with sudo systemctl restart sshd
Add 32GB of swap space (opens new window)
- View existing swap space with sudo swapon --show, existing physical an virtual memory with free -h, and disk space with df -h.
- Create a 32GB swap file with sudo fallocate -l 32G /swapfile
- Restrict swap file permissions to root only with sudo chmod 600 /swapfile
- Mark the file as swap space with sudo mkswap /swapfile
- Activate the swap file with sudo swapon /swapfile
- Verify that the swap space is active with sudo swapon --show and free -h
- To make the swap file permanent, we'll edit the fstab file. - First, backup the fstab file with sudo cp /etc/fstab /etc/fstab.bak - Update it with echo '/swapfile none swap sw 0 0' | sudo tee -a /etc/fstab
- Now your swap space should be retained after rebooting.
Change the SSH port (opens new window) (optional, but recommended)
- Open the ssh daemon config file with sudo nano /etc/ssh/sshd_config
- Change the Port value to something other than 22 (e.g. Port 2222)
- Allow the new port in the firewall sudo ufw allow 2222 comment ssh
- Save and exit the file, then restart the SSH service with sudo systemctl restart sshd
- Test the new port with ssh dragonhound@<SERVER_IP> -p 2222

# Additional Configuration Tweaks

The steps below are optional, but recommended to give your node a better chance of performing well based on the experiences of prior season Natary Node Operators.

# Set `ulimit` parameters on Ubuntu permanently

By default, the number of open files per user in Ubuntu is 1024. In our case this number is too small so we will increase it.

This is done with the ulimit command:

ulimit -a   # see all the kernel parameters
ulimit -n   # see the number of open files
ulimit -n 1000000  #  set the number open files to 1000000

This will only set the ulimit parameters for the current command terminal and user, meaning that after a reboot you’ll need to set the parameter again. Do the following to set it permanently:

Edit the /etc/security/limits.conf file
```
sudo nano /etc/security/limits.conf
```

Add these lines:

* soft nofile 1000000
* hard nofile 1000000

Save and close file

# Set `pam_limits` to `required`

Linux uses PAM (pluggable authentication modules) in the authentication process as a layer that mediates between user and application. The pam_limits PAM module sets limits on the system resources that can be obtained in a user-session.

Edit the /etc/pam.d/common-session file
```
sudo nano /etc/pam.d/common-session
```
Add this line:
```
session required pam_limits.so
```
Save and close the file.

We're done! Now let's stop all our wallet daemons safely with RPC commands and reboot the server using sudo reboot or sudo shutdown -r command. After the reboot, log back in and check the ulimit parameters again.

ulimit -n

# Install Iguana & Coin Daemons

The daemons will take a couple of days to sync, so it's best to get them started as soon as possible. If you encounter any errors, please join the #notarynode channel on the Komodo Discord Server (opens new window) for help.

Note

-j$(nproc) uses all the available processor threads while compiling. If you don't want to use all threads, you may specify the number directly like so: -j8 will use only 8 threads. Alternatively, you may like to use -j$(expr $(nproc) - 1), which will use all the available processors except one.

Install dependencies:

sudo apt-get install build-essential pkg-config libc6-dev m4 g++-multilib autoconf libtool ncurses-dev unzip git python3 python3-zmq zlib1g-dev wget libcurl4-gnutls-dev bsdmainutils automake curl libsodium-dev jq libfmt-dev autotools-dev cmake clang htop libevent-dev libboost-system-dev libboost-filesystem-dev libboost-chrono-dev libboost-program-options-dev libboost-test-dev libboost-thread-dev libssl-dev libnanomsg-dev -y

# Install Iguana

Iguana is the software used to perform notarizations, and needs to be installed from the dPoW (opens new window) repository.

Clone the dPoW repository and build Iguana:

cd ~
# Clone repository
git clone https://github.com/KomodoPlatform/dPoW -b season-seven
cd dPoW/iguana
# Build Iguana
make

Create pubkey files: Iguana will reference these files when launching to validate your node as an elected notary.

echo "pubkey=<YOUR_MAIN_PUBKEY>" > ~/dPoW/iguana/pubkey.txt
echo "pubkey=<YOUR_3P_PUBKEY>" > ~/dPoW/iguana/pubkey_3p.txt

Create wp files:
- These files will be used to unlock your wallets when Iguana launches, and are named according to the iguana port they are targeting. The contents will include your seed phrase (or a private key) from the Main or 3P coins you want to unlock for notarisation.
- The Main Iguana uses port 7776. Create a file called ~/dPoW/iguana/wp_7776 and add the contents as below:

curl --url "http://127.0.0.1:7776" --data '{
    "method": "walletpassphrase",
    "params": ["YOUR_MAIN_SEEDPHRASE_OR_PRIVATE_KEY", 9999999]
}'

The Third Party Iguana uses port 7779. Create a file called ~/dPoW/iguana/wp_7779 and add the contents as below:

curl --url "http://127.0.0.1:7779" --data '{
    "method": "walletpassphrase",
    "params": ["YOUR_3P_SEEDPHRASE_OR_PRIVATE_KEY", 9999999]
}'

Restrict file permissions and make executable:

chmod 700 ~/dPoW/iguana/wp_7776
chmod 700 ~/dPoW/iguana/wp_7779

# Install KMD

Go to home folder cd ~
Clone repo: git clone https://github.com/KomodoPlatform/komodo -b master
Enter repo folder cd komodo
Fetch Zcash params: ./zcutil/fetch-params.sh
Build Komodo: ./zcutil/build.sh -j$(nproc)

Create the data folder and a komodo.conf config file

cd ~
mkdir .komodo
nano ~/.komodo/komodo.conf

Add the following lines to the komodo.conf file and save it (replace rpcuser and rpcpassword)

rpcuser=usernameChangeItToSomethingSecure
rpcpassword=passwordChangeItToSomethingSecure
txindex=1
addressindex=1
spentindex=1
server=1
daemon=1
rpcworkqueue=256
rpcbind=127.0.0.1
rpcallowip=127.0.0.1
port=7770
rpcport=7771
addnode=15.235.204.174 # Dragonhound_AR
addnode=209.222.101.247 # Dragonhound_NA
addnode=103.195.100.32 # Dragonhound_DEV

Restrict access to the komodo.conf file

chmod 600 ~/.komodo/komodo.conf

symlink pubkey files to komodo directory:

ln -s ~/dPoW/iguana/pubkey.txt ~/komodo/src/pubkey.txt
ln -s ~/dPoW/iguana/pubkey_3p.txt ~/komodo/src/pubkey_3p.txt

# Install LTC

Clone repo: git clone https://github.com/litecoin-project/litecoin -b 0.16
Enter repo folder cd litecoin

Create build.sh script with the following contents and give it executable permissions (chmod +x build.sh)

#!/bin/bash
# LTC & 3P Coins build script for Ubuntu & Debian (c) Decker
make -C ${PWD}/depends v=1 NO_PROTON=1 NO_QT=1 HOST=$(depends/config.guess) -j$(nproc --all)
./autogen.sh
CXXFLAGS="-g0 -O2" \
CONFIG_SITE="$PWD/depends/$(depends/config.guess)/share/config.site" ./configure --disable-tests --disable-bench --without-miniupnpc --enable-experimental-asm --with-gui=no --disable-bip70
make V=1 -j$(nproc --all)

Execute ./build.sh to compile the Litecoin binaries.

Create the data folder and a litecoin.conf config file

cd ~
mkdir .litecoin
nano ~/.litecoin/litecoin.conf

Insert the following contents inside the litecoin.conf file and save it. (change the rpcuser and rpcpassword values)

txindex=1
rpcport=9332
rpcuser=litecoinrpcChangeThisToSomethingSecure
rpcpassword=passwordChangeThisToSomethingSecure
addnode=15.235.204.174 # Dragonhound_AR
addnode=209.222.101.247 # Dragonhound_NA
addnode=103.195.100.32 # Dragonhound_DEV

Restrict access to the litecoin.conf file and .litecoin directory.

chmod 600 ~/.litecoin/litecoin.conf
chmod 700 ~/.litecoin

# Install Third Party coins daemons in Docker

Follow the instructions in https://github.com/smk762/notary_docker_3p#notary_docker_3p (opens new window) to setup the third party coins in docker.

If you need help, please reach out to the Komodo Discord #notary-node channel.

# Create Symbolic Links for deamons and cli's

For the Main coins:

sudo ln -s ~/komodo/src/komodod /usr/local/bin/komodod
sudo ln -s ~/komodo/src/komodo-cli /usr/local/bin/komodo-cli
sudo ln -s ~/litecoin/src/litecoind /usr/local/bin/litecoind
sudo ln -s ~/litecoin/src/litecoin-cli /usr/local/bin/litecoin-cli

# Launch the daemons

First, create a start script with nano start.sh to start the main chains with:

#!/bin/bash
# Get our pubkey
source ~/komodo/src/pubkey.txt
# Start LTC
litecoind &
sleep 60
# Start KMD
komodod -gen -genproclimit=1 -pubkey=$pubkey -minrelaytxfee=0.000035 -opretmintxfee=0.004 -notary=".litecoin/litecoin.conf" &
sleep 600
# Start all other Main Smart Chains
cd ~/dPoW/iguana
./assetchains.old

Save and exit the file, then make it executable with chmod +x start.sh. Now you can launch all the main chains with ./start.sh!

Launch the 3P dockerised daemons:

cd ~/notary_docker_3p
# To launch all deamons at once
docker-compose up -d
# To launch a single coins deamon (use lowercase ticker)
docker-compose up <TICKER> -d

Import your private keys to each coin daemon. Ensure that a space is added at the beginning of each command to prevent the key being saved to ~/.bash_history.

eg, komodo-cli importprivkey <KEY> will be saved to bash history, but komodo-cli importprivkey <KEY> will not.

# For Komodo
 komodo-cli importprivkey <KMD_PRIVATE_KEY>
# For Litecoin
 litecoin-cli importprivkey <KMD_PRIVATE_KEY>
# For individual main smart chains (replace <TICKER> with the smart chain ticker)
 komodo-cli -ac_name=<TICKER> importprivkey <KMD_PRIVATE_KEY>
# For all main smart chains
cd ~/dPoW/iguana
./listassetchains | while read chain; do
    echo $chain
    komodo-cli -ac_name=$chain importprivkey <KMD_PRIVATE_KEY>
done
# For 3P deamons
"Use the 3rd party coins' cli binaries to import the private keys for each coin."

Check the sync status

# Check the status of the KMD sync process
tail -f ~/.komodo/debug.log
# Check the status of the LTC sync process
tail -f ~/.litecoin/debug.log
# Check the status of the Main smart chain sync process
tail -f ~/.komodo/<TICKER>/debug.log
# Check the status of the 3P smart chain sync process  (use lowercase ticker)
cd ~/notary_docker_3p
docker compose logs -f <TICKER> --tail 20

The debug.log will have lines like:

2023-06-15 09:08:05 UpdateTip: new best=0c01379c24db5055444983d447ce5af58a9ed50072b4a08a3fec0b151cf51213 height=3463643 log2_work=53.293613 tx=20987955 date=2023-06-15 09:08:06 progress=1.000000 cache=43.6MiB(143561tx)

When you see progress=1.000000, the chain is in sync! This can take a while, so be patient.

Once sync'd, we can confirm our private keys were correctly imported by using the validateaddress command with the KMD address linked to our private key. For example:

komodo-cli validateaddress RDragoNHdwovvsDLSLMiAEzEArAD3kq6FN

This will return a JSON object with the address details. If the address is valid, you will see "ismine": true.

{
  "isvalid": true,
  "address": "RDragoNHdwovvsDLSLMiAEzEArAD3kq6FN",
  "scriptPubKey": "76a91432311a35188a9439c6c866e842564d6fefd3a02888ac",
  "segid": 45,
  "ismine": true,
  "iswatchonly": false,
  "isscript": false,
  "pubkey": "038e010c33c56b61389409eea5597fe17967398731e23185c84c472a16fc5d34ab",
  "iscompressed": true,
  "account": ""
}

# AtomicDEX Seed node setup (optional, but recommended)

Simple scripts to setup and configure MM2 as a seednode on your 3P server are available at https://github.com/smk762/nn_mm2_seed (opens new window). The mm2 seed node will also need ports 38890 and 38900 opened on the 3p server.

This may be included in the 3P dockerised setup in the future.

# Stop All Coin Daemons Safely

Once you've completed syncing, imported and validated your keys in all your daemons, we'll stop all the daemons for some final configuration.

WARNING

Unless you are a fan of corrupt databases, never use kill -9 to stop any Coin daemon. Always shutdown wallet daemon and iguana gracefully with pkill -15 iguana or use the commands below.

# To stop KMD
komodo-cli stop
# To stop LTC
litecoin-cli stop
# For all other Main Smart Chains
cd ~/komodo/src
./fiat-cli stop
# For individual 3P dockerised daemons
cd ~/nn_docker_3p
docker compose stop <TICKER> # Use lowercase ticker
# For all 3P dockerised daemons
cd ~/nn_docker_3p
docker compose stop

# Restrict access to config files

Once all the chains' daemons have stopped, let's restrict access to all the .conf files inside ~/.komodo and ~/.komodo_3p folders

find ~/.komodo -type f -iname "*.conf" -exec chmod 600 {} \;
find ~/.komodo_3p -type f -iname "*.conf" -exec chmod 600 {} \;

# Address whitelisting (optional, but recommended)

If you are using a whitelist for incoming transactions (recommended to avoid dust attacks!) funding top ups will come from the dragonhound_DEV nodes using the addresses RHi882Amab35uXjqBZjVxgEgmkkMu454KK (Main), and RLdmqsXEor84FC8wqDAZbkmJLpgf2nUSkq (3P), so add these addresses to your respective whitelists. This can be done by:

Adding -whitelistaddress=<address> to your daemon launch strings, or
Adding whitelistaddress=<address> to your daemon conf files

# Create `start` Script

We need a start script in the home dir to start Komodo, Smart Chains and all 3rd party coin daemons with the -pubkey option. -pubkey is not required for LTC daemon, but other coins must be launched with it to be able to notarise.

You can also use the setpubkey command to set the pubkey for a running daemon. For example:
```
komodo-cli setpubkey <pubkey>
```
Alternatively, you can set the pubkey in your conf file to make sure it is set every time you launch a daemon. For example:
```
echo "pubkey=<pubkey>" >> ~/.komodo/komodo.conf
```
Create and open a start file
```
nano ~/start
```

Add the following lines:

#!/bin/bash
# Get our pubkey
source ~/komodo/src/pubkey.txt
# Start LTC
litecoind &
sleep 60
# Start KMD
komodod -gen -genproclimit=1 -pubkey=$pubkey -minrelaytxfee=0.000035 -opretmintxfee=0.004 -notary=".litecoin/litecoin.conf" &
sleep 600
# Start all other Main Smart Chains
cd ~/dPoW/iguana
./assetchains.old

Make the start file executable:
```
chmod +x start
```

Note the KMD launch string includes some extra parameters:

-gen - enables mining
-genproclimit=1 - sets the number of threads to use for mining
-minrelaytxfee=0.000035 - sets the minimum relay fee for transactions
-opretmintxfee=0.004 - sets the minimum fee for OP_RETURN transactions
-notary=".litecoin/litecoin.conf" - sets the location of the notary node's litecoin.conf file. This is required to be able to notarise KMD -> LTC.

# Execute the `start` script

This may take up to 20-30 minutes before all chains are responsive (depending on your system spec).

cd ~
./start

Don't forget to also restart the dockerised 3rd party daemons.

cd ~/nn_docker_3p
./start_3p.sh

# Start `Iguana` and begin notarising

Notaries are responsible funding their Notary KMD addresses - funds for other chains will be provided from the Komodo team.
All notary addresses on all dPoW coins (except KMD) will be funded at the start of a season, and periodically topped up as the season progresses.
Please contact smk on Discord if you need a top up.
Notary funds are for notarisation only, and should not leave your notary addresses for any other purpose.
At the end of the season, any remaining funds are to be returned to smk for redistribution to the notaries elected for the next season.

Make sure all daemons have started properly and are responding to RPC commands before starting Iguana.

To start notarising the Main coins, run:
```
cd ~/dPoW/iguana
./m_notary_main
```

To start notarising the 3rd party coins, run:

cd ~/dPoW/iguana
./m_notary_3rdparty_docker

This will take a few minutes to add peer notaries, and register the coin daemons with Iguana. You will see INIT with 64 notaries once the process finishes.

# Firewall and Ports

Enable ufw and close all routes except ssh. Create rules to allow the following:

Each daemon's P2P port. You can find these in the daemon's conf file, or by looking at the response from sudo netstat -plant.
Iguana's Main P2P port (13348)
Iguana's 3P P2P port (13345)
AtomicDEX API P2P ports (38890 & 38900)

For example:

# Main ports
sudo ufw allow 7770 comment 'KMD Main P2P'
sudo ufw allow 9333 comment 'LTC Main P2P'
sudo ufw allow 20848 comment 'CCL Main P2P'
sudo ufw allow 20931 comment 'CLC Main P2P'
sudo ufw allow 23225 comment 'GLEEC Main P2P'
sudo ufw allow 12985 comment 'ILN Main P2P'
sudo ufw allow 10701 comment 'KOIN Main P2P'
sudo ufw allow 8426 comment 'NINJA Main P2P'
sudo ufw allow 45452 comment 'PIRATE Main P2P'
sudo ufw allow 11340 comment 'SUPERNET Main P2P'
sudo ufw allow 36789 comment 'THC Main P2P'
# Third party P2P ports
sudo ufw allow 8770 comment 'KMD 3P P2P'
sudo ufw allow 29404 comment 'TOKEL P2P'
sudo ufw allow 33824 comment 'MCL P2P'
sudo ufw allow 27485 comment 'VRSC P2P'
sudo ufw allow 26001 comment 'AYA P2P'
sudo ufw allow 57777 comment 'CHIPS P2P'
sudo ufw allow 41878 comment 'EMC2 P2P'
sudo ufw allow 41888 comment 'MIL P2P'
# Iguana P2P ports
sudo ufw allow 13348 comment 'Iguana Main P2P'
sudo ufw allow 13345 comment 'Iguana 3P P2P'
# AtomicDEX P2P ports
sudo ufw allow 38890 comment 'AtomicDEX P2P'
sudo ufw allow 38900 comment 'AtomicDEX P2P'

Make sure you dont expose any RPC ports! This may give the whole internet access to your deamons!

# NN Scripts

There are many open sourced scripts for managing your Komodo Notary Node servers. If you're having trouble with something, you can have a look at these tools (opens new window), or ask the other NN's, who will show you the scripts they use to overcome issues. With that being said, if you find a way to make a job easier or find a way to better the ecosystem, please let the rest of the NN OPs know, we would love to hear it.

# Setup for Debian 11

Install the following dependancies:

sudo apt-get install -y tmux dc bc dnsutils speedtest-cli build-essential git libsodium-dev libssl-dev pkg-config autoconf automake bsdmainutils cmake curl g++-multilib htop libboost-all-dev libc6-dev libgtest-dev libtool m4 software-properties-common unzip wget zlib1g-dev binutils-dev clang jq libcurl4-openssl-dev libdb++-dev libevent-dev libexpat1-dev libgnutls28-dev libldns-dev liblzma-dev libnanomsg-dev libncurses-dev libprotobuf-dev libqrencode-dev libreadline-dev libunwind-dev ncurses-dev ntp ntpdate protobuf-compiler python3-pip

Use the template below to create build scripts for coins as needed:

# AnyCoin compile script (q) Decker, 2021-2022
make -C ${PWD}/depends v=1 NO_PROTON=1 NO_QT=1 HOST=$(depends/config.guess) -j$(nproc --all)
./autogen.sh
CXXFLAGS="-g0 -O2" \
CONFIG_SITE="$PWD/depends/$(depends/config.guess)/share/config.site" ./configure --disable-tests --disable-bench --without-miniupnpc --enable-experimental-asm --with-gui=no --disable-bip70
make V=1 -j$(nproc --all)

How to Update Komodo →

# Setup Komodo Notary Node

# NN Repo Quick Reference

# Minimum System Requirements

# Creating notary pubkeys

# Generating a pubkey

# Do not keep your seed phrase or private keys saved in your local computer! Never import it into any other apps!

# Security

# Additional Configuration Tweaks

# Set ulimit parameters on Ubuntu permanently

# Set pam_limits to required

# Install Iguana & Coin Daemons

# Install Iguana

# Install KMD

# Install LTC

# Install Third Party coins daemons in Docker

# Create Symbolic Links for deamons and cli's

# Launch the daemons

# AtomicDEX Seed node setup (optional, but recommended)

# Stop All Coin Daemons Safely

# Restrict access to config files

# Address whitelisting (optional, but recommended)

# Create start Script

# Execute the start script

# Start Iguana and begin notarising

# Firewall and Ports

# NN Scripts

# Setup for Debian 11

# Set `ulimit` parameters on Ubuntu permanently

# Set `pam_limits` to `required`

# Create `start` Script

# Execute the `start` script

# Start `Iguana` and begin notarising