https://fullynoded.app (work in progress)
🙏🏼 Lightning donation to support development of Fully Noded: http://56uo4htoxdt2tgh6zui5v2q7c4ax43dd3fwueiurgqdw7lpunn2cikqd.onion:5599/donation
- Bitcoin Core 0.20.0
⚠️ There is a known bug with Fully Noded & Bitcoin Core 0.20.1 which breaks psbt finalizing, until the bug is resolved use 0.20.0⚠️ - Tor
A feature rich Bitcoin app which is 100% powered by your own Full Node. Allows you to connect to - and control multiple nodes using a client side native Tor thread making calls to your nodes rpcport via a V3 hidden service with optional Tor V3 authentication, whereby the app can either create a key for you (out of band) or you may supply your own private key.
- Bitcoin Core (0.20.0 is recommended for full functionality)
- Nodl
- myNode
- BTCPayServer
- Raspiblitz
- Embassy
- Create a hidden service that controls your nodes rpcport (there is a mac guide below on how to do that).
- Go to
settings
>node manager
>+
>manually
- Find your bitcoin.conf and input your rpcuser and rpcpassword and a label into the app. See "bitcoin.conf settings" below. No special characters allowed! Only alphanumeric
- Input the hidden services hostname with the port at the end (njcnewicnweiun.onion:8332)
- Tap
save
, you will be alerted it if was saved successfully, it will automatically start connecting to it. Optionally, if you have authentication setup you will need to create V3 auth keys in the app by going tosettings
>security center
>Tor V3 Authentication
>tap the refresh button to create keys out of band or add your own private key by pasting it in
>tap the export button to export your public key
- In BTCPay go to
Server Settings
>Services
> click onFull Node RPC
- In Fully Noded go to
Settings
>Node Manager
>+
>Scan Quick Connect QR
- Once you have scanned the QR the app will automatically connect and start loading the home screen, to ensure its working go home and see the table load. To troubleshoot any connection issue reboot your BTCPayServer and force quit and reopen Fully Noded.
- In Nodl go to the Tor tile settings pane which will dsiplay:
- Click
Details and settings
- If you are on your iPhone or iPad you can click
BTCRPC Link
and it will automatically launch Fully Noded and connect your node. - If you are accessing the Nodl gui via a computer click
QR-Code
:
- In Fully Noded go to
Settings
>Node Manager
>+
>Scan Quick Connect QR
- Once you have scanned the QR the app will automatically connect and start loading the home screen, to ensure its working go home and see the table load. To troubleshoot any connection issue reboot Tor on your Nodl and force quit and reopen Fully Noded.
You can always do this manually by inputting your rpcuser
and rpcpassword
along with the Tor hidden service url in Fully Noded. Just add :8332
to the end of the onion url.
In Raspiblitz:
- Ensure Tor is running
- SSH-MAINMENU > FULLY_NODED
- follow the simple instructions
- In Fully Noded go to
Settings
>Node Manager
>+
>manually
- Simply add the Tor onion url with
:8332
appended to it and your rpc username/password
- In myNode:
- From your dashboard, navigate to the Tor page
- At the bottom of the Tor page your will see the Fully Nodes button, press it.
- You will now see your connection QR. This is for premium myNode users only.
- In Fully Noded go to
Settings
>Node Manager
>+
>Scan Quick Connect QR
and scan the QR
Non premium users can simply get their Tor V3 url for the RPC port add :8332
to the end so it looks like ufiuh2if2ibdd.onion:8332
and get your rpcuser
and rpcpassword
and add them all manually in Fully Noded: Settings
> Node Manager
> +
> manually
- In Specter click the wallet of your choice, Fully Noded is compatible with all of them
- Click
Settings
- Click
export
- In Fully Noded go to the
Active Wallet
tab >+
>import
> scan the Specter export QR code
Unknown error
: restart your node, restart Fully Noded, if that does not work make sure yourrpcpassword
andrpcuser
do not have any special characters, only alphanumeric is allowed, otherwise you will not connect as it breaks the url to your node.Internet connection appears offline
: reboot Tor on your node, force quit and reopen Fully Noded, this works every single time.- If you can not connect and you have added Tor V3 auth to your node then ensure you added the public key correctly as Fully Noded exports it, reboot Tor, force quit Fully Noded and reopen.
- The way Fully Noded works is very robust and reliable, if you have a connection issue there is a reason, don't lose hope :)
- Recover any wallet
- Import any wallet with xpubs/xprvs
- WIF import
- Create watch-only wallets on your node where the seed is encrypted and stored securely on your device so that you may sign the psbt's your node builds for you
- RBF
- Full coin control
- A suite of raw transaction tools: verify, broadcast, build, sign etc...
- A suite of PSBT tools: process, finalize, analyze, decode, join, combine etc...
- HWW Paring
- Easy HD Multisig capability
- Easy Cold Storage
- Coldcard, Ledger, Trezor, Wasabi wallet compatibilty for building psbt's/watch-only wallets or recovery
- Most of the Bitcoin Core JSON-RPC API is covered
- wallet.dat encryption for hot wallets
- So much more
- BIP39 compatiblity for your Node
- 100% self sovereign Bitcoin use, Fully Noded is 95% powered by your own node with some additional code for smartly creating wallets and signing psbt's offline, a very minimized third party.
here is the open Telegram group.
For basic usage check out the website QA here.
For a more in depth Q&A inspired by discussions on the telegram group check out our Question and Answers
- Soon ™️, for now read these medium posts which go over some basics:
- Also going through the questions & answers might be an instructional experience.
Run brew --version
in a terminal, if you get a valid response you have brew installed already. If not, install brew:
mkdir homebrew && curl -L https://github.com/Homebrew/brew/tarball/master | tar xz --strip 1 -C homebrew
Wait for brew to finish.
- Install carthage and libwally dependencies:
brew install automake autoconf libtool gnu-sed carthage
- Install Xcode
- You will need a free Apple developer account create one here
- In Xcode, click "Xcode" > "preferences" > "Accounts" > add your github account
- Go to Fully Noded in GitHub click "Code" -> "Open in Xcode"
- Once open quit Xcode
- Open Terminal
cd FullyNoded
carthage build libwally-swift
and let carthage do its thing
That's it, you can now run the app in XCode.
Run brew --version
in a terminal, if you get a valid response you have brew installed already. If not, install brew:
mkdir homebrew && curl -L https://github.com/Homebrew/brew/tarball/master | tar xz --strip 1 -C homebrew
- run
brew install tor
in a terminal - Once Tor is installed you will need to create a Hidden Service.
- Now first locate your
torrc
file, this is Tor's configuration file. Open Finder and typeshift command h
to navigate to your home folder andshift command .
to show hidden files. - If you've not been able to locate the torrc file, you might have to create the torrc file manually first. Do this by copying the torrc.sample -file:
cp /usr/local/etc/tor/torrc.sample /usr/local/etc/tor/torrc
and give the file it's right permissionchmod 700 /usr/local/etc/tor/torrc
- The torrc file should be located at
/usr/local/etc/tor/torrc
, to edit it you can open terminal and runsudo nano /usr/local/etc/tor/torrc
- Find the line that looks like:
#ControlPort 9051
and delete the#
- Find the line that looks like:
#CookieAuthentication 1
and delete the#
- Then locate the section that looks like:
## Once you have configured a hidden service, you can look at the
## contents of the file ".../hidden_service/hostname" for the address
## to tell people.
##
## HiddenServicePort x y:z says to redirect requests on port x to the
## address y:z.
- And below it add one Hidden Service for each port:
HiddenServiceDir /usr/local/var/lib/tor/fullynoded/main
HiddenServiceVersion 3
HiddenServicePort 8332 127.0.0.1:8332
HiddenServiceDir /usr/local/var/lib/tor/fullynoded/test
HiddenServiceVersion 3
HiddenServicePort 18332 127.0.0.1:18332
HiddenServiceDir /usr/local/var/lib/tor/fullynoded/regtest
HiddenServiceVersion 3
HiddenServicePort 18443 127.0.0.1:18443
The syntax is HiddenServicePort xxxx 127.0.0.1:18332
, xxxx
represents a synthetic port (virtual port), that means it doesn't matter what number you assign to xxxx
. However, to make it simple just keep the ports the same.
-
Save and close nano with
ctrl x
+y
+enter
to save and exit nano (follow the prompts) -
Start Tor by opening a terminal and running
brew services start tor
-
Tor should start and you should be able to open Finder and navigate to your onion address(es) you need for Fully Noded:
/usr/local/var/lib/tor/fullynoded/main
(the directory for mainnet we added to the torrc file) and see a file calledhostname
, open it and copy the onion address, that you need for Fully Noded./usr/local/var/lib/tor/fullynoded/test
(the directory for testnet we added to the torrc file), same: there is file calledhostname
, open it etc./usr/local/var/lib/tor/fullynoded/regtest
(the directory for regtest net we added to the torrc file); same asmain
andtest
.
-
The
HiddenServicePort
needs to control your nodes rpcport, by default for mainnet that is 8332, for testnet 18332 and for regtest 18443. -
All three
HiddenServiceDir
's inmain
,test
andregtest
subdirectories of/usr/local/var/lib/tor/fullynoded
need to have permission 700, You can check this yourself (How to interpret file permissions)If not, they must be changed to 700 withchmod 700
command:chmod 700 /usr/local/var/lib/tor/fullynoded/main
chmod 700 /usr/local/var/lib/tor/fullynoded/test
chmod 700 /usr/local/var/lib/tor/fullynoded/regtest
-
A ready to use
torrc
file that conforms to the guidelines above is available here. -
Check that your node is on, that it's really running.
-
Now in Fully Noded go to
Settings
>Node Manager
>+
and add a new node by inputting your RPC credentials and copy and paste your onion address with the port at the endqndoiqnwoiquf713y8731783rgd.onion:8332
. -
You should never type (password) fields manually, just copy and paste between devices. Between Apple Mac, iphone and iPad, the clipboard will be synced as soon as you put on bluetooth on at least two of the devices. Once bluetooth is on on your mac and ipad then it should automatically paste over from the computer to iPad and back. Same should work for iPhone.
-
Add mainnet, testnet, and / or regtest net at your convenience. You can run all three and connect to all three.
-
Restart Tor on your nodes computer `brew services restart tor, and check that your node is on; that it's really running. Hard stop FN app on your device and reopen FN.
-
And you should be able to connect to your V3 hidden service from anywhere in the world with your node completely behind a firewall and no port forwarding
- Here is an example bitcoin.conf file best suited for Fully Noded:
#forces your node to accept rpc commands
server=1
# Up to you if you want to prune or not
prune=1000
#Choose any username or password, make the password very strong
rpcuser=yourUserName
rpcpassword=aVeryStrongPasswordSuchAs128dnc849vn9n7gSS
#if you only want to accept connections over tor the following settings are needed
bind=127.0.0.1
proxy=127.0.0.1:9050
listen=1
debug=tor
# This is redundant but only allows your computer to access your node
rpcallowip=127.0.0.1
# For a faster IBD use dbcach=half your ram - for 8gb ram set dbcache to 4000
dbcache=4000
First get your connection going. Resolve the connection issue first then add the keypair, to keep things simple. Some double checks ( A more extensive guide here):
- Your node is running either mainnet, testnet or regtest
- Your node is on, it's really running (check that it's running)
- You've made the appropriate HiddenService -Dir, -Version and -Port declaration in your torrc file for at least the matching port (respectively 8332, 18332 and/or 18443).
- You've started Tor for the changes to take effect
- You've looked up the hostname files
-
in Fully Noded, make sure you have added a node with this type of onion url:
qsctzvoadnehtt5tpjtprudxrrx2b76kra7e2lkbyjpdksncbclrdk5l.onion:18332 (testnet example)
-
You've force quit and reopened FN to connect again, you've had to
brew services restart tor
, for the authentication to take effect.As long as your
authorized _clients
dir of the matchingHiddenServiceDir
decalration in yourtorrc
is empty you won’t need to add a keypair to connect. That's why V3 Auth Keypair generation is optional.
How to add extra security by adding a V3 Auth Keypair to a already established (Tor Hidden Services) connection?
- Do it in FullyNoded
Install python3, pip3, virtualenv and then run the following commands in a terminal (do this on any machine):
virtualenv -p python3 ENV
source ENV/bin/activate
pip install pynacl
sudo nano createKeys.py
- Copy and paste this script into the terminals nano session:
#!/usr/bin/env python3
import base64
try:
import nacl.public
except ImportError:
print('PyNaCl is required: "pip install pynacl" or similar')
exit(1)
def key_str(key):
# bytes to base 32
key_bytes = bytes(key)
key_b32 = base64.b32encode(key_bytes)
# strip trailing ====
assert key_b32[-4:] == b'===='
key_b32 = key_b32[:-4]
# change from b'ASDF' to ASDF
s = key_b32.decode('utf-8')
return s
def main():
priv_key = nacl.public.PrivateKey.generate()
pub_key = priv_key.public_key
print('public: %s' % key_str(pub_key))
print('private: %s' % key_str(priv_key))
if __name__ == '__main__':
exit(main())
use ctrl-x
to quit, y
to save and return
to exit nano
Then simply run:
python3 createKeys.py
and it returns your key pair:
public: PHK2DFSCNNJ75U3GUA3SHCVEGPEJMZAPEKQGL5YLVM2GV6NORB6Q
private: DARUBG4CIQ4FMPTGUOE36P7DYCKHRBCCNPU5QWCSYBFPWBCA5RCQ
The private key is for Fully Noded (paste it or scan it as a QR code when you add your node). The public key is for your servers authorized_clients
directory.
To be saved in a file called fullynoded.auth
Go to your hidden services driectory that you added to your torrc (/var/lib/tor/theNodlTorDirectoryName/authorized_clients/fullynoded.auth):
HiddenServiceDir /var/lib/tor/FullyNodedV3/ (**theNodlTorDirectoryName** is FullyNodedV3 in this example)
Open the example file:
sudo nano /var/lib/tor/FullyNodedV3/authorized_clients/fullynoded.auth
and paste in:
descriptor:x25519:PHK2DFSCNNJ75U3GUA3SHCVEGPEJMZAPEKQGL5YLVM2GV6NORB6Q
No space, no newline.
Save and exit and you have one of the most secure node/light client set ups possible. (assuming your server is firewalled off)
I will happily share my enitre RPC-url and -password with anyone, there is no way they can hack this Tor V3 auth, granted they can not get the private key obviously. Fully Noded creates the private key offline, encrypts it heavily and stores it in the most secure way possible.
Fully Noded has a deep link registered with the following prefixes btcstandup://
and btcrpc://
either prefix will work.
If you are a node manufacturer you can embed such a link to your web based UI that allows a user who has Fully Noded installed on their device to add and connect to their node with a single tap from the web based UI.
The url can also be displayed as a QR Code and a user can simply scan it when they go to add a node in Fully Noded.
The format of the URL is:
btcrpc://<rpcuser>:<rpcpassword>@<hidden service hostname>:<hidden service port>?label=<optional node label>
Example with node label:
btcrpc://rpcuser:rpcpassword@kjhfefe.onion:8332?label=Your%20Nodes%20Name
Example without node label:
btcrpc://rpcuser:rpcpassword@kjhfefe.onion:8332?
Fully Noded is compatible with V3 authenticated hidden services, the user has the option in the app to add a V3 private key for authentication.
- All network traffic is encrypted by default using Tor.
- Fully Noded NEVER uses another server or uploads data or requires any data (KYC/AML) from you whatsoever, your node is the only back end to the app.
- Any information the app saves onto the device locally is encrypted to AES standards and the encryption key is stored on the secure enclave. DYOR regarding iPhone security.
Bitcoin Core includes a ton of functionality that is not shown to the user in the GUI, this functionality must be accessed by using the command line aka CLI, doing so can be quite tedious where tiny typos will return errors. Fully Noded does the hard work of issuing the CLI commands to your node in a programmatic and reliable way powered by the taps you make on your iPhone. The purpose of Fully Noded is to allow users a secure and private way to connect to and control their node, unlocking all the powerful features Bitcoin Core has to offer without needing to use CLI.
Fully Noded needs to connect to the computer that your node is running on in order to issue commands to your node. It does this using Tor.
Connecting to your nodes computer is the first part, once connected Fully Noded then needs to be able to issue RPC commands to your node. It issues these commands to your local host over curl. In order to be able to do that Fully Noded needs to know your RPC credentials, rpcusername
and rpcpassword
.
Once Fully Noded is connected it will start issuing commands one at a time, here are some from the home table:
curl --data-binary '{"jsonrpc": "1.0", "id":"curltest", "method": "listwallets", "params":[] }' -H 'content-type: text/plain;' http://user:password@nwfwjfwjbefiu.onion:18443/
curl --data-binary '{"jsonrpc": "1.0", "id":"curltest", "method": "getbalance", "params":["*", 0, false] }' -H 'content-type: text/plain;' http://user:password@wfwjfwjbefiu.onion:18443/
curl --data-binary '{"jsonrpc": "1.0", "id":"curltest", "method": "listtransactions", "params":["*", 50, 0, true] }' -H 'content-type: text/plain;' http://user:password@wfwjfwjbefiu.onion:18443/
The method
is a bitcoin-cli
command and you can use this great resource to dive deeper into what they all do.
This is the code in Fully Noded from the Node Logic class which issues the above commands, if you look at it you will see a lot of commands that look like this:
reducer.makeCommand(command: .listunspent, param: "0", completion: getResult)
The .listunspent
directly represents the bitcoin-cli
commands we linked to just above and the params
represent the options you can pass with those commands. You can get the same functionality copying and pasting these commands into a terminal or using the Bitcoin-Qt console.
Please let us know if you have issues.
PR's welcome.
- Tor for connecting to your node more privately and securely.
- LibWally-Swift for generating BIP39 seed words, deriving keys and signing psbt's.