Tips for Verified Raspberry Pi Nodes

river: my thoughts on running a node on a VPS, sure it works fine, but I wouldn’t trust it with large amounts, say for minting, so as long you’re not minting, VPS is probably better

btw, maybe an idea to check raspberry pie nodes: it is possible to get the addresses from your wallet, scripted/automatically, through commandline, if the tip bot detects it is the same address as you signed up with, it should measure somehow the time that wallet is online, and only pay after it has showed to be enough online , something like that?

[quote=“MUTO, post:30, topic:2152”]Yes, that is a good starting point. In my opinion we should provide a image for a simple node. Beside that we should provide a guide to self compile a light weight node for POS minting. We have someone for the first part. Who is able to do the second part?

Posted using Tapatalk for Android.[/quote]
I’m not sure why anyone should run a simple node (without minting capability) unless you have a passion for Peercoin. There are quiet a few who have that but it is still a minority of users.
Instead I think we need a RPI node with the minting which is an incentive for users to buy Peercoins. A guide to self-compile is great, but most of us won’t go there. We should make this as simple as the installation of the wallet on a PC or even simpler.

I think trusted binaries with full RPI node for minting compiled by trusted members of the community should be made available here on peercointalk or the website (with checksum). Just like the binaries of the wallets. The provided binary can be relatively easy unpacked to the SD card which goes straight into the Raspberry Pi. If that is possible, I think we should do that.

It would address the issue of many people who don’t have a PC anymore, only a mobile or tablet, which can’t be used for minting (at least not today). The Raspberry Pi can be made plug and play for them for under US$100 (depending on box, sd card etc.) and we have another group of happy Peercoiners contributing to the network (and minting). I would be one of them.

Just my thoughts.

[quote=“masterOfDisaster, post:25, topic:2152”]Secondly, I think I don’t fully understand the intention.

Is it about running a RPI node with Peercoin to raise the number of running nodes
or is it about running a RPI node with a wallet to raise the number of minting nodes?[/quote]

I think we need to figure this out now. As I understand it, there are four main options:

  1. Run a node on R-Pi with less than 8 connections: This is the safest option but as it does not contribute to the network, I don’t think it is a worthwhile option to aim for.

  2. Run a node on R-Pi with port forwarding i.e. more than 8 connections: This contributes to the network but poses security risks. As such, it should only be used as a node and not for storing/minting Peercoins.

  3. Mint on R-Pi: This helps secure the network, but should not be done with port forwarding.

  4. Run a node on VPS: This can be done with port forwarding, but should not be trusted with storing/minting Peercoins.

In my opinion, options 2 and 3 should be the scope of this campaign. Running nodes on a VPS would definitely be helpful, but for this thread we should focus on the Raspberry Pi. Further researching VPS could be a good idea, and it might be possible to pool resources/donate to get lots of full nodes online. If people want to look into this, it should be done in a new thread.

So, we can decide to give the 10 PPC tip for either running a node with port forwarding OR minting without port forwarding. We need feedback on how feasible each of these options are, and if both are able to be confidently verified to prevent cheating.

If one option is considerably more appropriate than the other, then the tip should be for that option only. If both options are possible, the tip can be given for either, with each person deciding which option is best for them personally.

I hope this makes sense and is not just gibberish :slight_smile: This really needs to be decided to give this effort some direction.

[quote=“river333, post:33, topic:2152”][…]
3) Mint on R-Pi: This helps secure the network, but should not be done with port forwarding.

  1. Run a node on VPS: This can be done with port forwarding, but should not be trusted with storing/minting Peercoins.
    […][/quote]

According to Gavin Andresen, I’d prefer to go for options 3 and 4 (instead of 2 and 3):

Most ordinary folks should NOT be running a full node. We need full nodes that are always on, have more than 8 connections (if you have only 8 then you are part of the problem, not part of the solution), and have a high-bandwidth connection to the Internet.

So: if you’ve got an extra virtual machine with enough memory in a data center, then yes, please, run a full node.

A VPS can typically have more bandwidth, more uptime and provide the network with more help than a RPI at home. A small VPS can be rented for a few bucks a month. I’m currently playing with one, the number of connections is already beyond 8 and slowly increasing. Installation of ppcoind should be quite easy, as the cheapest VPS come with linux and we have compiled binaries for x86 linux.

The installation on RPI drove me nuts, because it takes for ages to compile it for the ARM processor. The RAM on my RPI is low (256 MB with some MB for VGA) and hence I had to create a bigger SWAP file (the SWAP on a Raspbian is only 100 MB to prevent the SD card from wearing out too fast). Now I have a ppcoind on my RPI that doesn’t even support UPNP, hence no “accidental port frowarding” :wink:
Why am I writing this?
A package to install on a RPI would be great to make it easy minting on a RPI. I’m not that linux savvy to cross-compile for a RPI on another machine. So I compiled it on the RPI and had to wait for ages (way beyond 1 hour).
A trusted image with a complete “RPI minter” would be great, but in case the RPI is meant to be minting with huge stashes, I doubt that will be the preferred option for those that have a feeling for security.
The integrity/security/credibility of a compiled installation file for ppcoind can be verified much easier than for a complete operating system image.
One only needs to compile the RPI (with the same flags/options) and create a checksum that can be verified with the one provided. That is not as easy for a complete OS image, as one needs to know exactly what programs are installed (and in what version!) to be able to reconstruct that checksum.

So I second this approach:

[quote=“Cybnate, post:32, topic:2152”][…]
I think trusted binaries with full RPI node for minting compiled by trusted members of the community should be made available here on peercointalk or the website (with checksum). Just like the binaries of the wallets.
[…][/quote]

And just for the Raspberry fans: http://www.raspberrypi.org/raspberry-pi-compute-module-new-product/

Although this is a bit of highjacking this “Tips for Verified Raspberry Pi Nodes” thread, I wanted to share my experience.
As I recently installed Peercoin 0.4 on two of my VPS, I want to share some commands which might help getting it up.
I’m willing to put it in a separate thread (or ask a mod to do that, if it is considered wrong in this thread). I just thought it might be recognized better if I put it here :wink:

This quick guide shall help to get a Peercoin client on a VPS to support the Peercoin network.

I [size=12pt]don’t[/size] recommend using a VPS for PoS minting!
Although this is convenient, it has serious security drawbacks compared to minting on a device, which you own and control. Remember: the VPS runs on a server using virtualization. You have no control over that. So you shouldn’t trust it :wink:

Minimum requirements:

[ul][li]server with x86 CPU[/li]
[li]linux operating system[/li]
[li]256 MB RAM[/li]
[li]400 MB free disk space (currently needed < 350 MB)[/li]
[li]logged in user is able to “sudo” commands[/li]
[li]broadband internet connection with no restrictions (NAT, firewall)[/li][/ul]

The programs “wget” and “tar” should be available out of the box in almost all linux distributions. If not, install them with the appropriate package manager.
I’m not sure, but I think “~/” will be the home directory for most linux distros as well.

Let’s go:
Log on to a console - in case of VPS this is most likely a connection via SSH.
Copy & paste the complete code section should work as well, but I don’t recommend this no-brainer approach :wink:

cd ~/
wget http://sourceforge.net/projects/ppcoin/files/0.4.0/ppcoin-0.4.0-linux.tar.gz/download -O ppcoin-0.4.0-linux.tar.gz
tar xvf ppcoin-0.4.0-linux.tar.gz 

# if you are not sure wether you have a 32 bit or 86 bit linux, you can find it out this way:
uname -a
# there is either something "i686" (32 bit) or " x86_64" (64 bit) in the output

# use the appropriate version of ppcoind. in case of doubt chose the 32 bit version (memory issues at 32 bit seem to be no problem with Peercoin ;) )
sudo cp ppcoin-0.4.0-linux/bin/64/ppcoind /usr/bin/

# or
sudo cp ppcoin-0.4.0-linux/bin/32/ppcoind /usr/bin/

# create a ppcoin.conf file (owner-readable-only) with rpcuser and rpcpassword (required for ppcoind to be run as daemon)
mkdir ~/.ppcoin/
echo rpcuser=bitcoinrpc >> ~/.ppcoin/ppcoin.conf
echo rpcpassword=764ghKJBJR754fghfjzt67rdJGftd587tgf45edhTGdd >> ~/.ppcoin/ppcoin.conf
sudo chmod 700 ~/.ppcoin/
sudo chmod 400 ~/.ppcoin/ppcoin.conf

# start ppcoind as daemon
ppcoind -daemon

# wait some time before you check the status (else "error: couldn't connect to server" is shown)
ppcoind getinfo

# wait for the block chain to be synced

You should inspect the number of connections after ppcoind is runnning for some time. After reaching 8 connections quite fast it is expected to grow slowly. If you constantly stay at 8 connections, there might be something wrong and the desired effect of supporting the network has not been achieved. It might be better to stop ppcoind in that case. But give it some time!

ppcoind hovers between 17 and 21 connections (after ppcoind is running for approx. 2 hours; I’ll monitor that):

ppcoind getinfo
{
    "version" : "v0.4.0ppc-beta",
    "protocolversion" : 60004,
    "walletversion" : 60000,
    "balance" : 0.00000000,
    "newmint" : 0.00000000,
    "stake" : 0.00000000,
    "blocks" : 105594,
    "moneysupply" : 21293800.47462900,
    "connections" : 20,
    "proxy" : "",
    "ip" : "obfuscated",
    "difficulty" : 103854944.26609707,
    "testnet" : false,
    "keypoololdest" : 1396903475,
    "keypoolsize" : 101,
    "paytxfee" : 0.01000000,
    "errors" : ""
}

…for the record: one of my VPS troubles me. Getinfo shows “ip” : “0.0.0.0” and 0 connections. There’s something wrong… I bet there’s some NAT as part of the virtualization :frowning:

Hi! I’m currently working on a complete install&configure script for the official raspbian (‘wheezy’) image. I can make time for it during the evening, it will be some hours work spread over one or two weeks, depending on the bumps in the road :stuck_out_tongue:

For the last pi image I made (peercoin-raspi 0.3.0) I used pre cooked binaries by valermos. This time I’d prefer to use either official binaries or built-in compilation in the install&configure script, so all binaries can be verified.

I found some info on how to compile bitcoin-qt on a pi (here: http://coincafe.net/2013/07/06/how-to-run-bitcoin-qt-on-the-raspberry-pi/) , but no detailed information on compiling ppcoin-qt. Does anyone know if it has the same dependencies and directory structure (ie the ‘cd ppcoin, qmake, make’ part)? I’m familiar with scripting, but much less with compiling code. @Jimmy: do you have tips on this?

I can post a test version in this thread, and add or change things on request, like scripts and desktop items. Or I can contribute the install&configure script to a larger running project.

On how to verify that someone actually has a pi, I like Cybnate’s idea of a photo of the screen with serial number, a newspaper date, and maybe a peercointalk user name. It’s possible to forge this, but it will take a lot of effort. The metadata of the photo could also be a requirement, ie the photo file has to have camera metadata in it, and no ‘photoshop’ or ‘gimp’ :wink:

Is it possible to connect raspberry pi and a osx laptop with USB and control it from there as I don’t have keyboard, hmdi monitor…, who have them these days

That should be possible, but with a lot of configuration on the pi, for which you’ll need a keyboard and monitor :smiley:
You can also use a TV with hdmi, and usb keyboards/mice are really cheap.

[quote=“Tea42, post:37, topic:2152”][…]
For the last pi image I made (peercoin-raspi 0.3.0) I used pre cooked binaries by valermos. This time I’d prefer to use either official binaries or built-in compilation in the install&configure script, so all binaries can be verified.
[…]
compiling ppcoin-qt
[…][/quote]

I second that approach (using the source code), but I’d recommend to think about using ppcoind instead of ppcoin-qt. Compiling ppcoind is straightforward, although it takes roughly 1.5 hours when compiling it native on the RPI (I’ve not digged into cross-compiling). There are unfortunately no binaries available (that I’m aware of and which I’d trust).
For using ppcoin-qt you need a keyboard and a monitor attached to the RPI (or you need to export the display or use VNC or else…).
Using ppcoind only requires SSH access via network, so that’s less effort in most cases.

I’m not aware of such a remote control feature.
Have you considered controlling it via network/SSH?

[quote=“masterOfDisaster, post:40, topic:2152”]I second that approach (using the source code), but I’d recommend to think about using ppcoind instead of ppcoin-qt. Compiling ppcoind is straightforward, although it takes roughly 1.5 hours when compiling it native on the RPI (I’ve not digged into cross-compiling). There are unfortunately no binaries available (that I’m aware of and which I’d trust).
For using ppcoin-qt you need a keyboard and a monitor attached to the RPI (or you need to export the display or use VNC or else…).
Using ppcoind only requires SSH access via network, so that’s less effort in most cases.[/quote]

Yeah ppcoind is far more lightweight and efficient, but also less suitable for people who are not familiar with the command line. For more adoption, I would include ppcoin-qt aswell as ppcoind.

Also, for a minting wallet, I’d prefer to completely disable ssh, and firewall everything except the peercoin port 9902, just to be sure. That way you’d need actual local access to the device to get to the wallet.

[quote=“masterOfDisaster, post:40, topic:2152”]I’m not aware of such a remote control feature.
Have you considered controlling it via network/SSH?[/quote]

How does work ? Let’s say I can connect a raspberry to my hub using a network cable, it will need dhcp ? So I have to scan for the new ip inside my local network and connect to it, which means I have to burn a raspberry linux image on my ssd card from my laptop ?

If you have no image on your RPI’s SD card, you can’t boot, right?
So, yes, you copy a linux image (Raspbian is quite popular) on the SD card using your laptop, boot the RPI, connect it to the network, find out the IP address of the RPI and hope for SSH being enabled. I’m not sure whether this is true for e.g. Raspbian. If you need to download or start sshd first, you will have no success without a keyboard and a monitor.

If there was a trusted source binary for peercoind (with multiple, verifiable gitian signatures), would that suffice? If we can get enough of us working on separate efforts to build a signed copy, we can compile them together into something that that you could pull down with ‘wget’ or, if via the ‘apt-get’ package manager.

[quote=“Ben, post:44, topic:2152”]If there was a trusted source binary for peercoind (with multiple, verifiable gitian signatures), would that suffice?
[…][/quote]
I think that is the kind of trust we should be striving for. That can provide the same level of trust as the source code or the binaries from Sunny King already do. That would even be true for those who are not interested in trust and tend to install whatever runs fine :wink:
…I think we should raise the bar (in terms of security, integrity, trust) quite high as this is long past fun and research, but about lots of money (in some cases)…

That would help a whole lot, since it saves a lot of time and effort for compiling the thing. Apt-get can automatically install dependencies aswell. That will make it way easier to install peercoin on a raspberry pi.

[quote=“river333, post:33, topic:2152”]I think we need to figure this out now. As I understand it, there are four main options:

  1. Run a node on R-Pi with less than 8 connections: This is the safest option but as it does not contribute to the network, I don’t think it is a worthwhile option to aim for.

  2. Run a node on R-Pi with port forwarding i.e. more than 8 connections: This contributes to the network but poses security risks. As such, it should only be used as a node and not for storing/minting Peercoins.

  3. Mint on R-Pi: This helps secure the network, but should not be done with port forwarding.

  4. Run a node on VPS: This can be done with port forwarding, but should not be trusted with storing/minting Peercoins.

In my opinion, options 2 and 3 should be the scope of this campaign.[/quote]

Thank You river333 this helps clarify the issue. I am in agreement with your assessment on focusing on options 2 and 3. After thought and head scratching I have come down on the side of option 2 (requiring port forwarding). That is if providing port forwarding really does strengthen the Peercoin Network? I would love to hear feedback on this issue from some of the savvy networking guys.

The reason I don’t want to do number 3 (minting) is because with this modest “tips” program I hope many new people might try their first cryptos if they are already RPi fans, or they might try their first Peercoin on RPi if they are now crypto fans. Either way they probably won’t be coming for the 10 PPC tip if they already have large PPC holdings. So, it would be frustrating for them to try to mint when they don’t already have a lot of coin or coinage. Better to just get them running a node and learning Peercoin for starters. Then we give them their tip and they are happy and the Peercoin Network is stronger.

In the future, I think with cold-locked minting where the private key has never been on line, then I think at that time these (port forwarded) open port nodes will be able to mint with very strong security.

For verification, what about requiring:

1.) an optional publicly posted photograph on this forum of a piece of pie, or their RPi, and a must-do minimum 50 word introduction of themselves posted under their new Peercointalk user name; and

2.) a privately emailed photograph of their RPi screen with the RPi Serial Number and successful Port Forward showing.

Edit: also, they need to include the Peercoin public address that we can send their tip to :slight_smile:

That would help a whole lot, since it saves a lot of time and effort for compiling the thing. Apt-get can automatically install dependencies aswell. That will make it way easier to install peercoin on a raspberry pi.[/quote]

I like this above quoted thinking
so much that it makes me want to:
:slight_smile: :slight_smile: :slight_smile: [size=10pt] Spread Peercoin on Pi[/size] :slight_smile: :slight_smile: :slight_smile:

  :) :) :)   [b][size=12pt] Spread Peercoin on Pi [/size][/b]   :) :) :)