[Ethereum] Is it safe to publicly host a parity node

nodejsparitySecurityweb3js

In the normal use case, Parity runs on localhost. However, I'm building a demo web site that uses Web3JS to connect to a public parity node running on port 8545.

I am publicly serving a Node/VueJS site using nginx. The client-side Web3 javascript is looking at localhost:8545 which implies that the users needs to run Parity on their local machine for the page to work.

It is a hassle for users to install parity and setup a config file just to view this web page.

One thought I had was to run a public parity node on port 8545 to circumvent these extra steps. However, I'm concerned about safety.

Is this safe, and what are the recommended best practices for accomplishing this?

Best Answer

Let me walk you through the options.

I'm assuming you are only requiring the RPC for your users, so either run parity in --public-node mode which disables account storage and transaction signing on your server or disable the wallet with --no-ui.
If you really only want to serve RPC, you can not only disable --no-ui but also the websocket with --no-ws and the dapps server with --no-dapps.
To expose your RPC to the public, you have to set your --jsonrpc-interface to <your public ip> and allow --jsonrpc-hosts all.
And finally, to your initial question: To only expose safe APIs for your users, you can set --jsonrpc-apis safe.

So it looks something like that:

parity --no-ui --no-ws --no-dapps --jsonrpc-interface 133.3.3.37 --jsonrpc-hosts all --jsonrpc-apis safe

Please let me know if this is what you were looking for.

Disclosure: I work for Parity.

Best Answer

Related Solutions

[Ethereum] How to connect a web site to a geth node

[Ethereum] How does web3.js verify that it is geth that is listening on port 8545

Related Topic