This project is a minimized 1RPC application which relays JSON-RPC requests.
In addition to normal relays, it sanitizes your JSON-RPC by masking out the metadata (like IP address, User-Agent) carried with HTTP requests, and breaks down special eth_call
s which may leak your wallets relationship to ensure zero-tracking.
Leveraging the attestable-build-tool, we achieve a reproducible build and result in the same MREnclave. If you're interested in the whole compilation process, you can download the source code and trigger an attestable build by yourself.
You can view the latest attestation report at its release page.
Currently 1RPC-lite is hosted in Azure Cloud and uses Intel DCAP to complete the TEE attestation, ensuring that the hardware execution environment and the running code are matched as expected.
In Automata Testnet, we implement an on-chain DCAP quote verification, and you can find the current attestation it Automata Testnet.
If you are going to run demo with https, plz prepare domain.key
and domain.crt
.
OR you just touch empty files at above locations for local test purpose.
> touch domain.key
> touch domain.crt
1RPC lite app can run in 2 modes:
- relay mode: relay jsonrpc requests, no protection details conveyed
- demo mode: not relay websocket jsonrpc requests, but instead send protection details via websocket channel
- both modes load routes from static json config file (example in following section)
- make sure no duplicate keys in routes
wss
routes take no effect in demo mode
edit config-relay-example.json
{
"eth": "http://127.0.0.1:8545", // <- replace with your prefered endpoint
"dot": "wss://rpc.polkadot.io", // etc
}
> RELEASE=1 ./scripts/1rpc.sh -r config-relay-example.json -d false --tls domain
(--tls domain
is to lookup domain.key
and domain.crt
)
You can add env SGX=1
to build&run the SGX version, before that you need to setup SGX
environment. You can find the installation guides
for Intel SGX software on the 01.org website. Besides, you need to prepare an account as well, to submit the dcap attestation in Automata Testnet.
Test out:
- make http jsonrpc requests to
http://127.0.0.1:3400/eth/$token
- or
wscat -c ws://127.0.0.1:3400/dot
, then make jsonrpc requests
edit config-demo-example.json
{
"eth": "http://127.0.0.1:8545" // <- replace with your prefered endpoint
}
> RELEASE=1 ./scripts/1rpc.sh -r config-demo-example.json --tls domain
Test out:
- choose some
token
wscat -c ws://127.0.0.1:3400/ws/$token
to open ws channel- make http jsonrpc requests to
http://127.0.0.1:3400/eth/$token
- you'll recv protection details in ws channel
Thank you for considering contributing to 1rpc-lite!
Before You Contribute:
- Raise an Issue: If you find a bug or wish to suggest a feature, please open an issue first to discuss it. Detail the bug or feature so we understand your intention.
- Pull Requests (PR): Before submitting a PR, ensure:
- Your contribution successfully builds.
- It includes tests, if applicable. Your efforts help make 1rpc-lite better, and we truly appreciate your support!