1. 配置文件一览
1.1. chainmaker-go
1.1.1. chainmaker.yml节点配置
#
# Copyright (C) BABEC. All rights reserved.
# Copyright (C) THL A29 Limited, a Tencent company. All rights reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
# [*] the represented items could not be modified after startup
# "auth_type" should be consistent among the whole chain configuration files(e.g., bc1.yml and chainmaker.yml)
# The auth type can be permissionedWithCert, permissionedWithKey, public.
# By default it is permissionedWithCert.
# permissionedWithCert: permissioned blockchain, using x.509 certificate to identify members.
# permissionedWithKey: permissioned blockchain, using public key to identify members.
# public: public blockchain, using public key to identify members.
auth_type: "permissionedWithCert" # [*]
# Logger settings
log:
# Logger configuration file path.
config_file: ../config/wx-org1.chainmaker.org/log.yml
# Crypto engine config
crypto_engine: tjfoc #support gmssl, tencentsm and tjfoc
# Chains the node currently joined in
blockchain:
# chain id and its genesis block file path.
- chainId: chain1
genesis: ../config/wx-org1.chainmaker.org/chainconfig/bc1.yml
- chainId: chain2
genesis: ../config/wx-org1.chainmaker.org/chainconfig/bc2.yml
# - chainId: chain3
# genesis: ../config/{org_path3}/chainconfig/bc3.yml
# - chainId: chain4
# genesis: ../config/{org_path4}/chainconfig/bc4.yml
# Blockchain node settings
node:
# Organization id is the node belongs to.
# When the auth type is public, org id is ignored.
org_id: wx-org1.chainmaker.org # [*]
# Private key file path
priv_key_file: ../config/wx-org1.chainmaker.org/certs/node/consensus1/consensus1.sign.key # [*]
# Certificate file path
cert_file: ../config/wx-org1.chainmaker.org/certs/node/consensus1/consensus1.sign.crt # [*]
# Certificate cache size, used to speed up member identity verification.
# By default the cache size is 1000.
cert_cache_size: 1000
# fast sync settings
fast_sync:
# Enable it or not
enabled: false # [*]
# The number of blocks that did not perform fast synchronization at the end
min_full_blocks: 10
# PKCS#11 crypto settings
pkcs11:
# Enable it or not
enabled: false # [*]
# Path for the pkcs11 interface file(.so)
library: /usr/local/lib64/pkcs11/libupkcs11.so
# Label for the slot to be used
label: HSM
# HSM Password
password: 11111111
# Size for HSM session cache, default value is 10.
session_cache_size: 10
# Hash algorithm is used to calculate SKI.
# It can be SHA256 or SM3.
hash: "SHA256" # [*]
# Network Settings
net:
# Network provider, can be libp2p or liquid.
# libp2p: using libp2p components to build the p2p module.
# liquid: a new p2p network module. We build it from 0 to 1.
# This item must be consistent across the blockchain network.
provider: LibP2P
# The address and port the node listens on.
# By default, it uses 0.0.0.0 to listen on all network interfaces.
listen_addr: /ip4/0.0.0.0/tcp/11301
# Max stream of a connection.
# peer_stream_pool_size: 100
# Max number of peers the node can connect.
# max_peer_count_allow: 20
# The strategy for eliminating node when the amount of connected peers reaches the max value
# It could be: 1 Random, 2 FIFO, 3 LIFO. The default strategy is LIFO.
# peer_elimination_strategy: 3
# The seeds list used to setup network among all the peer seed when system starting.
# The connection supervisor will try to dial seed peer whenever the connection is broken.
# Example ip format: "/ip4/127.0.0.1/tcp/11301/p2p/"+nodeid
# Example dns format:"/dns/cm-node1.org/tcp/11301/p2p/"+nodeid
seeds:
- "/ip4/127.0.0.1/tcp/11301/p2p/QmbAJs1MXEMxB73emPdzN3pJ6fHSDRKNr8BLcJms1bT4Kz"
- "/ip4/127.0.0.1/tcp/11302/p2p/QmVjyEBHCi7JdMNMipk1BiCphAEa2rGBbnbwcc8DhUfaZW"
- "/ip4/127.0.0.1/tcp/11303/p2p/QmNSefpUis1kip2U7nPish8BamChhT1bafWSxsWAkYS3av"
- "/ip4/127.0.0.1/tcp/11304/p2p/QmXy3S8reg2nhXEaiLUvVAMkqsFw9cSRmxDS95kosUWTuH"
# Network tls settings.
tls:
# Enable tls or not. Currently it can only be true...
enabled: true
# TLS private key file path.
priv_key_file: ../config/wx-org1.chainmaker.org/certs/node/consensus1/consensus1.tls.key
# TLS Certificate file path.
cert_file: ../config/wx-org1.chainmaker.org/certs/node/consensus1/consensus1.tls.crt
# The blacklist is automatically block the listed seed to connect.
# blacklist:
# The addresses in blacklist.
# The address format can be ip or ip+port.
# addresses:
# - "127.0.0.1:11301"
# - "192.168.1.8"
# The node ids in blacklist.
# node_ids:
# - "QmeyNRs2DwWjcHTpcVHoUSaDAAif4VQZ2wQDQAUNDP33gH"
# RPC server max send/receive message size in MB(default 4MB)
max_send_msg_size: 10
max_recv_msg_size: 10
# Transaction pool settings
# Other txpool settings can be found in tx_Pool_config.go
txpool:
# txpool type, can be signle or batch.
# By default the txpool type is single.
pool_type: "single"
# Max transaction count in txpool.
# If txpool is full, the following transactions will be discarded.
max_txpool_size: 50000
# Max config transaction count in config txpool.
max_config_txpool_size: 10
# Interval of creating a transaction batch, only for batch txpool, in millisecond.
# batch_create_timeout: 200
# RPC service setting
rpc:
# RPC type, can only be grpc now
provider: grpc # [*]
# RPC port
port: 12301
# Interval of checking trust root changes, in seconds.
# If changed, the rpc server's root certificate pool will also change.
# Only valid if tls is enabled.
# The minium value is 10.
check_chain_conf_trust_roots_change_interval: 60
# Rate limit related settings
# Here we use token bucket to limit rate.
ratelimit:
# Ratelimit switch. Default is false.
enabled: false
# Rate limit type
# 0: limit globally, 1: limit by ip
type: 0
# Token number added to bucket per second.
# -1: unlimited, by default is 10000.
token_per_second: -1
# Token bucket size.
# -1: unlimited, by default is 10000.
token_bucket_size: -1
# Rate limit settings for subscriber
subscriber:
ratelimit:
token_per_second: 100
token_bucket_size: 100
# RPC TLS settings
tls:
# TLS mode, can be disable, oneway, twoway.
mode: twoway
# RPC TLS private key file path
priv_key_file: ../config/wx-org1.chainmaker.org/certs/node/consensus1/consensus1.tls.key
# RPC TLS public key file path
cert_file: ../config/wx-org1.chainmaker.org/certs/node/consensus1/consensus1.tls.crt
# RPC blacklisted ip addresses
blacklist:
addresses:
# - "127.0.0.1"
# Monitor related settings
monitor:
# Monitor service switch, default is false.
enabled: false
# Monitor service port
port: 14321
# PProf Settings
pprof:
# If pprof is enabled or not
enabled: false
# PProf port
port: 24321
# Consensus related settings
consensus:
raft:
# Take a snapshot based on the set the number of blocks.
# If raft nodes change, a snapshot is taken immediately.
snap_count: 10
# Saving wal asynchronously switch. Default is true.
async_wal_save: true
# Min time unit in rate election and heartbeat.
ticker: 1
# Scheduler related settings
scheduler:
# whether log the txRWSet map in debug mode
rwset_log: false
# Storage config settings
# Contains blockDb, stateDb, historyDb, resultDb, contractEventDb
#
# blockDb: block transaction data, support leveldb, mysql, badgerdb, tikvdb
# stateDb: world state data, support leveldb, mysql, badgerdb, tikvdb
# historyDb: world state change history of transactions, support leveldb, mysql, badgerdb, tikvdb
# resultDb: transaction execution results data, support leveldb, mysql, badgerdb, tikvdb
# contractEventDb: contract emit event data, support mysql
#
# provider, sqldb_type cannot be changed after startup.
# store_path, dsn the content cannot be changed after startup.
storage:
# Default store path
store_path: ../data/wx-org1.chainmaker.org/ledgerData1 # [*]
# Prefix for mysql db name
# db_prefix: org1_
# Minimum block height not allowed to be archived
unarchive_block_height: 300000
# Symmetric encryption algorithm for writing data to disk. can be sm4 or aes
# encryptor: sm4 # [*]
# Disable block file db, default: false
disable_block_file_db: false
# async write block in file block db to disk, default: false, so default is sync write disk
logdb_segment_async: false
# file size of .fdb, MB, default: 20
logdb_segment_size: 128
# Symmetric encryption key:16 bytes key
# If pkcs11 is enabled, it is the keyID
# encrypt_key: "1234567890123456"
write_block_type: 0 # 0 common write,1 quick write
state_cache_config:
life_window: 3000000000000 #key/value ttl time, ns
clean_window: 1000000000
max_entry_size: 500
hard_max_cache_size: 10240 #cache size MB
# Block db config
blockdb_config:
# Databases type support leveldb, sql, badgerdb, tikvdb
provider: leveldb # [*]
# If provider is leveldb, leveldb_config should not be null.
leveldb_config:
# LevelDb store path
store_path: ../data/wx-org1.chainmaker.org/block
# Example for sql provider
# Databases type support leveldb, sql, badgerdb, tikvdb
# provider: sql # [*]
# If provider is sql, sqldb_config should not be null.
# sqldb_config:
# Sql db type, can be mysql, sqlite. sqlite only for test
# sqldb_type: mysql # # [*]
# Mysql connection info, the database name is not required. such as: root:admin@tcp(127.0.0.1:3306)/
# dsn: root:password@tcp(127.0.0.1:3306)/
# Example for badgerdb provider
# Databases type support leveldb, sql, badgerdb, tikvdb
# provider: badgerdb
# If provider is badgerdb, badgerdb_config should not be null.
# badgerdb_config:
# BadgerDb store path
# store_path: ../data/wx-org1.chainmaker.org/history
# Whether compression is enabled for stored data, default is 0: disabled
# compression: 0
# Key and value are stored separately when value is greater than this byte, default is 1024 * 10
# value_threshold: 256
# Number of key value pairs written in batch. default is 128
# write_batch_size: 1024
# Example for tikv provider
# provider: tikvdb
# If provider is tikvdb, tikvdb_config should not be null.
# tikvdb_config:
# db_prefix: "node1_" #default is ""
# endpoints: "127.0.0.1:2379" # tikv pd server url,support multi url, example :"192.168.1.2:2379,192.168.1.3:2379"
# max_batch_count: 128 # max tikv commit batch size, default: 128
# grpc_connection_count: 16 # chainmaker and tikv connect count, default: 4
# grpc_keep_alive_time: 10 # keep connnet alive count, default: 10
# grpc_keep_alive_timeout: 3 # keep connnect alive time, default: 3
# write_batch_size: 128 # commit tikv bacth size each time, default: 128
# State db config
statedb_config:
provider: leveldb
leveldb_config:
store_path: ../data/wx-org1.chainmaker.org/state
# History db config
historydb_config:
provider: leveldb
disable_key_history: false
disable_contract_history: true
disable_account_history: true
leveldb_config:
store_path: ../data/wx-org1.chainmaker.org/history
# Result db config
resultdb_config:
provider: leveldb
leveldb_config:
store_path: ../data/wx-org1.chainmaker.org/result
# Disable contract event database or not. If it is false, contract_eventdb_config must be mysql
disable_contract_eventdb: true
# Contract event db config
contract_eventdb_config:
# Event db only support sql
provider: sql
# Sql db config
sqldb_config:
# Event db only support mysql
sqldb_type: mysql
# Mysql connection info, such as: root:admin@tcp(127.0.0.1:3306)/
dsn: root:password@tcp(127.0.0.1:3306)/
# Docker go virtual machine configuration
vm:
# Enable docker go virtual machine
enable_dockervm: {enable_dockervm}
# Docker go virtual machine container name
dockervm_container_name: {dockervm_container_name}
# Mount point in chain maker
dockervm_mount_path: ../data/{org_id}/docker-go
# Specify log file path
dockervm_log_path: ../log/{org_id}/docker-go
# Whether to print log at terminal
log_in_console: false
# Log level
log_level: INFO
# Unix domain socket open, used for chainmaker and docker manager communication
uds_open: true
# Number of user Ids
user_num: 100
# Timeout per transaction, Unit: second
time_limit: 8
# Max process for contract
max_concurrency: 50
# Grpc max send message size, Default size is 4, Unit: MB
max_send_msg_size: 10
# Grpc max receive message size, Default size is 4, Unit: MB
max_recv_msg_size: 10
1.1.2. bc1.yml 链配置
#
# Copyright (C) BABEC. All rights reserved.
# Copyright (C) THL A29 Limited, a Tencent company. All rights reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
# This file is used to generate genesis block.
# The content should be consistent across all nodes in this chain.
# chain id
chain_id: chain1
# chain maker version
version: v2.2.0
# chain config sequence
sequence: 0
# The blockchain auth type, shoudle be consistent with auth type in node config (e.g., chainmaker.yml)
# The auth type can be permissionedWithCert, permissionedWithKey, public.
# By default it is permissionedWithCert.
# permissionedWithCert: permissioned blockchain, using x.509 certificate to identify members.
# permissionedWithKey: permissioned blockchain, using public key to identify members.
# public: public blockchain, using public key to identify members.
auth_type: "permissionedWithCert"
# Crypto settings
crypto:
# Hash algorithm, can be SHA256, SHA3_256 and SM3
hash: SHA256
# User contract related settings
contract:
# If the sql support contract is enabled or not.
# If it is true, storage.statedb_config.provider in chainmaker.yml should be sql.
enable_sql_support: false
# vm support config
vm:
addr_type: 0 # 0:chainmaker, 1:zxl, 2:ethereum(reserve)
# enable vm list
support_list:
- "wasmer"
- "gasm"
- "evm"
- "dockergo"
# Block proposing related settings
block:
# Verify the transaction timestamp or not
tx_timestamp_verify: true
# Transaction timeout, in second.
# if abs(now - tx_timestamp) > tx_timeout, the transaction is invalid.
tx_timeout: 600
# Max transaction count in a block.
block_tx_capacity: 100
# Max block size, in MB
block_size: 10
# The interval of block proposing attempts
block_interval: 2000
# Core settings
core:
# Max scheduling time of a block, in second.
# [0, 60]
tx_scheduler_timeout: 10
# Max validating time of a block, in second.
# [0, 60]
tx_scheduler_validate_timeout: 10
# Used for handling txs with sender conflicts efficiently
enable_sender_group: false
# Used for dynamic tuning the capacity of tx execution goroutine pool
enable_conflicts_bit_window: true
# Used for handling txs with sender conflicts efficiently
enable_sender_group: false
# Used for dynamic tuning the capacity of tx execution goroutine pool
enable_conflicts_bit_window: true
# Consensus message compression related settings
# consensus_turbo_config:
# If consensus message compression is enabled or not.
# consensus_message_turbo: true
# Max retry count of fetching transaction in txpool by txid.
# retry_time: 500
# Retry interval of fetching transaction in txpool by txid, in ms.
# retry_interval: 20
# snapshot settings
# snapshot:
# Enable the evidence snapshot or not.
# enable_evidence: false
# scheduler settings
# scheduler:
# Enable the evidence scheduler or not.
# enable_evidence: false
# Consensus settings
consensus:
# Consensus type
# 0-SOLO, 1-TBFT, 3-MAXBFT, 4-RAFT, 5-DPOS, 6-ABFT
type: 1
# Consensus node list
nodes:
# Each org has one or more consensus nodes.
# We use p2p node id to represent nodes here.
- org_id: "wx-org1.chainmaker.org"
node_id:
- "QmbAJs1MXEMxB73emPdzN3pJ6fHSDRKNr8BLcJms1bT4Kz"
- org_id: "wx-org2.chainmaker.org"
node_id:
- "QmVjyEBHCi7JdMNMipk1BiCphAEa2rGBbnbwcc8DhUfaZW"
- org_id: "wx-org3.chainmaker.org"
node_id:
- "QmNSefpUis1kip2U7nPish8BamChhT1bafWSxsWAkYS3av"
- org_id: "wx-org4.chainmaker.org"
node_id:
- "QmXy3S8reg2nhXEaiLUvVAMkqsFw9cSRmxDS95kosUWTuH"
# We can specify other consensus config here in key-value format.
ext_config:
# - key: aa
# value: chain01_ext11
# Trust roots is used to specify the organizations' root certificates in permessionedWithCert mode.
# When in permessionedWithKey mode or public mode, it represents the admin users.
trust_roots:
# trust roots list start
# org id and root file path list.
- org_id: "wx-org1.chainmaker.org"
root:
- "../config/wx-org1.chainmaker.org/certs/ca/wx-org1.chainmaker.org/ca.crt"
- org_id: "wx-org2.chainmaker.org"
root:
- "../config/wx-org1.chainmaker.org/certs/ca/wx-org2.chainmaker.org/ca.crt"
- org_id: "wx-org3.chainmaker.org"
root:
- "../config/wx-org1.chainmaker.org/certs/ca/wx-org3.chainmaker.org/ca.crt"
- org_id: "wx-org4.chainmaker.org"
root:
- "../config/wx-org1.chainmaker.org/certs/ca/wx-org4.chainmaker.org/ca.crt"
# trust roots list end
# Trust members are members that do not need to be verified against trust roots.
# trust_members:
# Each trust member should specify: member info file path, org id, role, and tls node id if any.
# - member_info: ""
# org_id: ""
# role: "consensus"
# node_id: ""
# Resource policies settings
resource_policies:
- resource_name: CHAIN_CONFIG-NODE_ID_UPDATE
policy:
# Rule can be Any, All, Majority, Self...
rule: SELF
# The org id list, all organizations are need if here is null.
org_list:
# The role list
role_list:
- admin
- resource_name: CHAIN_CONFIG-TRUST_ROOT_ADD
policy:
rule: MAJORITY
org_list:
role_list:
- admin
- resource_name: CHAIN_CONFIG-CERTS_FREEZE
policy:
rule: ANY
org_list:
role_list:
- admin
# The disabled native contract list
# Disable the system contract by specifying the system contract name
# Can disabled native contract name contains CHAIN_CONFIG, CHAIN_QUERY, CERT_MANAGE, GOVERNANCE, MULTI_SIGN, PRIVATE_COMPUTE, DPOS_ERC20, DPOS_STAKE, CROSS_TRANSACTION, PUBKEY_MANAGE
disabled_native_contract:
# - CONTRACT_NAME
1.2. chainmaker-cryptogen
1.2.1. crypto_config_template.yml证书生成配置
crypto_config:
- domain: chainmaker.org
host_name: wx-org
count: 4 # 如果为1,直接使用host_name,否则添加递增编号
# pk_algo: sm2
pk_algo: ecc_p256
ski_hash: sha256
## pkcs11配置
pkcs11:
enabled: false
library: /usr/local/lib64/pkcs11/libupkcs11.so
label: HSM
password: 11111111
session_cache_size: 10
hash: "SHA256" # hash algorithm used to compute SKI
specs: &specs_ref
expire_year: 10
sans:
- chainmaker.org
- localhost
- 127.0.0.1
location: &location_ref
country: CN
locality: Beijing
province: Beijing
# CA证书配置
ca:
location:
<<: *location_ref
specs:
<<: *specs_ref
# 节点证书配置
node:
- type: consensus
# 共识节点数量
count: 1
# 共识节点配置
location:
<<: *location_ref
specs:
<<: *specs_ref
expire_year: 5
- type: common
# 普通节点数量
count: 1
# 普通节点配置
location:
<<: *location_ref
specs:
<<: *specs_ref
expire_year: 5
user:
- type: admin
# 管理员证书数量
count: 1
# 管理员证书配置
location:
<<: *location_ref
expire_year: 5
- type: client
# 普通用户证书数量
count: 1
# 普通用户证书配置
location:
<<: *location_ref
expire_year: 5
- type: light
# 轻节点用户证书数量
count: 1
# 轻节点用户证书配置
location:
<<: *location_ref
expire_year: 5
1.3. sdk-go
1.3.1. sdk_config.yml
chain_client:
# 链ID
chain_id: "chain1"
# 组织ID
org_id: "wx-org1.chainmaker.org"
# 客户端用户私钥路径
user_key_file_path: "./testdata/crypto-config/wx-org1.chainmaker.org/user/client1/client1.tls.key"
# 客户端用户证书路径
user_crt_file_path: "./testdata/crypto-config/wx-org1.chainmaker.org/user/client1/client1.tls.crt"
# 客户端用户交易签名私钥路径(若未设置,将使用user_key_file_path)
user_sign_key_file_path: "./testdata/crypto-config/wx-org1.chainmaker.org/user/client1/client1.sign.key"
# 客户端用户交易签名证书路径(若未设置,将使用user_crt_file_path)
user_sign_crt_file_path: "./testdata/crypto-config/wx-org1.chainmaker.org/user/client1/client1.sign.crt"
# 同步交易结果模式下,轮训获取交易结果时的最大轮训次数,删除此项或设为<=0则使用默认值 10
retry_limit: 10
# 同步交易结果模式下,每次轮训交易结果时的等待时间,单位:ms 删除此项或设为<=0则使用默认值 500
retry_interval: 500
# [可选] 证书别名,用于构建交易时替代user_sign_crt_file_path所指的证书内容
# alias: clientCert1
nodes:
- # 节点地址,格式为:IP:端口:连接数
node_addr: "127.0.0.1:12301"
# 节点连接数
conn_cnt: 10
# RPC连接是否启用双向TLS认证
enable_tls: true
# 信任证书池路径
trust_root_paths:
- "./testdata/crypto-config/wx-org1.chainmaker.org/ca"
# TLS hostname
tls_host_name: "chainmaker.org"
archive:
# 数据归档链外存储相关配置
type: "mysql"
dest: "root:123456:localhost:3306"
secret_key: xxx
rpc_client:
max_receive_message_size: 16 # grpc客户端接收消息时,允许单条message大小的最大值(MB)
max_send_message_size: 16 # grpc客户端发送消息时,允许单条message大小的最大值(MB)
pkcs11:
enabled: false # pkcs11 is not used by default
library: /usr/local/lib64/pkcs11/libupkcs11.so # path to the .so file of pkcs11 interface
label: HSM # label for the slot to be used
password: 11111111 # password to logon the HSM(Hardware security module)
session_cache_size: 10 # size of HSM session cache, default to 10
hash: "SHA256" # hash algorithm used to compute SKI
1.4. cmc
sdk_config.yml同 sdk-go的sdk_config.yml