๐Ÿ”ขOperating and Running a Data Proxy

Below is a step-by-step guide to initializing and running a Data Proxy to the SEDA Network

Running a proxy node

For more information on the proxy node architecture checkout the Data Proxy overview.

Prerequisites

Install Bun:

curl -fsSL https://bun.sh/install | bash

Clone the Data Proxy directory:

git clone https://github.com/sedaprotocol/seda-data-proxy.git ./my-project

Install the project dependencies:

cd ./my-project

bun install 

Checkout the CLI commands:

bun start --help

Preparing a Node

Note: The SEDA network won't be able to access your proxy node unless you expose it on a public IP or domain.

Start by generating the config.json (mandatory) and data-proxy-private-key.json. The private key will be used for for signing data. It can also be passed with the following environment variable: SEDA_DATA_PROXY_PRIVATE_KEY. The environment variable takes precedence over the default key file, but when an explicit key file is specified that will take precedence.

bun start init
{
    "routeGroup": "proxy", // Will host at myproxy.com/proxy
    "routes": [
        {
            "path": "/*",
            "upstreamUrl": "https://myapi.com/endpoint/{*}", // {*} will be string replaced with user's api endpoint
            "headers": {
                "x-api-key": "MY-API-KEY",
                "accept": "application/json"
            }
        }
    ]
}

Registering a Node

Next you'll need to register your data proxy on the SEDA network. This can be done through a CLI command which will create a transaction for you which you can submit through the SEDA explorer.

bun start register <payout_address> <fee>
  • payout_address: Required. The SEDA address on which you would like to receive the payout for provided services.

  • <fee>: Required. The amount of SEDA you want to charge per request.

  • --memo: Optional. Free form text you can attach to your data proxy registration.

Clicking on the link will take you to the SEDA explorer where you can double check the attributes before connecting a wallet and signing the transaction. The address of the wallet which signed the transaction will be the admin of the data proxy: they're able to change the payout_address, memo, and submit fee updates. Admin ownership can be changed through the explorer by submitting a transaction.

Example invocation and output:

$ bun start register seda1lyfkj6xwecq3462qa683s78weexhp7d72ku3qf 1

# Should output something like the following
Fee amount: 		1 SEDA (1000000000000000000aseda)
Payout address: 	seda1lyfkj6xwecq3462qa683s78weexhp7d72ku3qf
Signed hash: 		ddca6a941e3db1e30aefb00816636bdf9346a103ec1ac7926036867d6a7e7889
Public key: 		0267f09f7a6b1f0be3458edd1aab59d00a4f7e827cd9a37624f94642f5ebd8e82c
Signature: 		b0e4b8ee137c983a74d07d21533d4b9119abb7cc82fb6ba0bc43a08cacb9c55777de3552ad4f7fab397e214b39114ca88951d6a1d54bdbe4db921955bc498169
Signature recovery id: 	1

Submit your transaction on:
https://devnet.explorer.seda.xyz/data-proxy/register?fee=1000000000000000000aseda&payoutAddress=seda1lyfkj6xwecq3462qa683s78weexhp7d72ku3qf&publicKey=0267f09f7a6b1f0be3458edd1aab59d00a4f7e827cd9a37624f94642f5ebd8e82c&signature=b0e4b8ee137c983a74d07d21533d4b9119abb7cc82fb6ba0bc43a08cacb9c55777de3552ad4f7fab397e214b39114ca88951d6a1d54bdbe4db921955bc498169&recoveryId=1&memo=

Running a Node

If the setup and registration are complete you should now be able to run the data proxy node. To start your proxy execute the following command:

bun start run

# The console will output something similiar:
2024-08-19 13:21:46.624 info: Proxy routes is at <http://127.0.0.1:5384/proxy/>

Your proxy is now running and ready to receive requests from the SEDA network.

Debugging

By default the data proxy node will validate that incoming requests originate from the SEDA network by eligible entities. If you want to verify everything is set up correctly you can pass the --disable-proof flag when starting the binary; this disables all incoming request verification on the proxy.

# Start the proxy without the request proof mechanism so it's easier to debug
bun start run --disable-proof

Configuration

Route Group

All proxy routes are grouped under a single path prefix, by default this is "proxy". You can change this by specifying the routeGroup attribute in the config.json:

{
  "routeGroup": "custom",
  // Rest of config
}

Base URL

In case you want to have software in front of the data proxy to handle the request (such as another proxy or an API management solution) it's possible that the public URL of the data proxy is different from the URL that the data proxy services. This causes a problem in the tamper proofing mechanism since the data proxy needs to sign the request URL, in order to prove that the overlay node did not change the URL. To prevent this you can specify the baseURL option in the config.json:

{
  "routeGroup": "proxy",
  "baseURL": "https://my-public-data-proxy.com"
}

Just the protocol and host should be enough, no trailing slash.

Should you do additional path rewriting in the proxy layer you can add that to the baseURL option, but this is not recommended.

Multiple Routes

A single data proxy can expose different data sources through a simple mapping in the config.json. The routes attribute takes an array of proxy route objects which can each have their own configuration.

The two required attributes are path and upstreamUrl. These specify how the proxy should be called and how the proxy should call the upstream. By default a route is configured as GET, but optionally you can specify which methods the route should support with the method attribute.

{
  "routeGroup": "proxy",
  "routes": [
    {
      "path": "/eth-usd",
      "upstreamUrl": "https://myapi.com/eth-usd"
      // Default method is GET
    },
    {
      "path": "/btc-usd",
      "upstreamUrl": "https://myapi.com/btc-usd",
      // You can set multiple methods for the same route
      "method": ["GET", "HEAD"]
    },
  ],
}

The OPTIONS method is reserved and cannot be used for a route.

Base URL per route

In addition to specifying the baseURL at the root level you can also specify it per route. The baseURL at the route level will take precedence over one at the root level.

{
  "routeGroup": "proxy",
  "baseURL": "https://data-proxy.com",
  "routes": [
    {
      // This route will use the "baseURL" from the root
      "path": "/eth-usd",
      "upstreamUrl": "https://myapi.com/eth-usd"
    },
    {
      // This route will use its own "baseURL"
      "baseURL": "https://btc.data-proxy.com",
      "path": "/btc-usd",
      "upstreamUrl": "https://myapi.com/btc-usd"
    },
  ],
}

Upstream Request Headers

Should your upstream require certain request headers you can configure those in the routes object. All headers specified in the headers attribute will be sent to the upstream in addition to headers specified by the original request.

{
  "routeGroup": "proxy", 
  "routes": [
    {
      "path": "/eth",
      "upstreamUrl": "https://myapi.com/endpoint/eth",
      "headers": {
        "x-api-key": "MY-API-KEY",
        "accept": "application/json"
      }
    }
  ]
}

Environment Variable Injection

Sometimes you don't want to expose your API key in a config file, or you have multiple environments running. The Data Proxy node has support for injecting environment variables through the {$MY_ENV_VARIABLE} syntax:

{
  "routeGroup": "proxy",
  "routes": [
    {
      "path": "/odds",
      "upstreamUrl": "https://swapi.dev/api/my-odds",
      "headers": {
        "x-api-key": "{$SECRET_API_KEY}",
      },
    },
  ],
}

Environment variables are evaluated during startup of the data proxy. If it detects variables in the config which aren't present in the environment the process will exit with an error message detailing which environment variable it was unable to find.

Path Parameters

The routes objects have support for path parameter variables and forwarding those to the upstream. Simply declare a variable in your path with the :varName: syntax and reference them in the upstreamUrl with the {:varName:} syntax. See below for an example:

{
  "routeGroup": "proxy",
  "routes": [
    {
      "path": "/:coinA/:coinB",
      // Use {} to inject route variables
      "upstreamUrl": "https://myapi.com/{:coinA}-{:coinB}"
    },
  ],
}

Forwarding Response Headers

By default the data proxy node will only forward the content-type header from the upstream response. If required you can specify which other headers the proxy should forward to the requesting client:

{
  "routeGroup": "proxy",
  "routes": [
    {
      "path": "/planets/:planet",
      "upstreamUrl": "https://swapi.dev/api/planets/{:planet}",
      // Now the API will also return the server header from SWApi
      "forwardResponseHeaders": ["content-type", "server"],
      "headers": {
        "x-api-key": "some-api-key",
      },
    },
  ],
}

Wildcard routes

The Data Proxy node has support for wildcard routes, which allows you to quickly expose all your APIs:

{
  "routeGroup": "proxy",
  "routes": [
    {
      // The whole path will be injected in the URL
      "path": "/*",
      "upstreamUrl": "https://swapi.dev/api/{*}",
      "headers": {
        "x-api-key": "some-api-key",
      },
    },
  ],
}

JSON path

If you don't want to expose all API info you can use jsonPath to return a subset of the response:

{
  "routeGroup": "proxy",
  "routes": [
    {
      "path": "/planets/:planet",
      "upstreamUrl": "https://swapi.dev/api/planets/{:planet}",
      // Calling the API http://localhost:5384/proxy/planets/1 will only return "Tatooine" and omit the rest
      "jsonPath": "$.name",
      "headers": {
        "x-api-key": "some-api-key",
      },
    },
  ],
}

Status Endpoint

The Data Proxy node has support for exposing status information through some endpoints. This can be used to monitor the health of the node and the number of requests it has processed.

The status endpoint has two routes:

  • /status/health Returns a JSON object with the following structure:

    {
      "status": "healthy",
      "metrics": {
        "uptime": "P0Y0M1DT2H3M4S", // ISO 8601 duration since the node was started
        "requests": 1024, // Number of requests processed
        "errors": 13 // Number of errors that occurred
      }
    }
  • /status/pubkey Returns the public key of the node.

    {
      "pubkey": "031b84c5567b126440995d3ed5aaba0565d71e1834604819ff9c17f5e9d5dd078f"
    }

Status Configuration

The status endpoints can be configured in the config file under the statusEndpoints attribute:

{
  // Other config...
  "statusEndpoints": {
    "root": "status",
    // Optional
    "apiKey": {
      "header": "x-api-key",
      "secret": "some-secret"
    }
  }
}
  • root: Root path for the status endpoints. Defaults to status.

  • apiKey: Optionally secure the status endpoints with an API key. The header attribute is the header key that needs to be set, and secret is the value that it needs to be set to. The statusEndpoints.apiKey.secret attribute supports the {$MY_ENV_VARIABLE} syntax for injecting a value from the environment during start up.

Last updated