Connecting to MyEtherWallet

benjaminion edited this page Jan 23, 2017 · 3 revisions

MyEtherWallet is awesome.

I wanted to try running MyEtherWallet (MEW) locally on the QNAP box for use with my Ledger Nano S. This is mainly because I had trouble accessing the node's Parity UI on the laptop I use most, but also because MEW works so beautifully with the Ledger device. Of course I could just use the Web version of MEW, but if you're going to go to all the trouble of running your own Ethereum node, you might as well use it.

The good news is that the MEW team has made this much easier than it used to be with their "Add Custom Node" functionality. You can drop down the list at the top right of the MEW page and point it to your own node by inputting the three parameters: Name (anything), the URL and the port.

There are some configuration issues to consider. I want to use my Ledger Nano S. This means that I must use a version of MEW served over HTTPS (it refuses to connect otherwise). This in turn means that I must access Parity's JSON RPC interface via HTTPS. We'll see how to do that in a bit.

MEW host MEW protocol Parity JSON RPC Can use Nano S?
myetherwallet.com HTTPS HTTPS Yes
Local files file:// HTTP(S) No
QNAP vhost HTTP HTTP(S) No
QNAP vhost HTTPS HTTPS Yes

In the below I have applied the following settings. Change them appropriately for your own environment. As long as you are consistent it should all be fine.

  • Hostname: mew.local (optional, used only on client PC and points to 192.168.1.202)
  • QNAP server IP address: 192.168.1.202
  • JSON RPC port: 8545 (standard), 3000 (https via proxy)

Server set-up

For HTTP access to JSON RPC

Add the following options to your Parity command line (substituting your own IP address, or use 'all'. You may need to update app.json for Ethnetintel to match this. Whatever IP address you use, usual advice is that it's not a good idea to expose it to the outside world):

--jsonrpc-interface 192.168.1.202 --jsonrpc-cors "*" --jsonrpc-hosts all --keys-path "dont_put_secret_files_here_ever"

For HTTPS access to JSON RPC

We're going to use a local proxy on the QNAP server to achieve this.

Add the following options to your Parity command line:

--jsonrpc-interface 127.0.0.1 --jsonrpc-cors "*" --jsonrpc-hosts all --keys-path "dont_put_secret_files_here_ever"

To convert the Parity JSON RPC interface to HTTPS we will configure a proxy server on the QNAP.

  1. Install Node.js v4 from QNAP AppCenter.

  2. Run npm install http-proxy --save

  3. Now create a mew-https-proxy.js file as follows. Substitute your own configuration items.

    var fs = require('fs');
    var httpProxy = require('http-proxy');
    
    httpProxy.createServer({
      target: {
        host: '127.0.0.1',
        port: 8545
      },
      ssl: {
        key: fs.readFileSync('/path/to/server.key', 'utf8'),
        cert: fs.readFileSync('/path/to/server.crt', 'utf8')
      }
    }).listen(3000);
    
  4. Start the proxy with node mew-https-proxy.js

  5. The proxy set-up above pre-supposes that you have available server SSL keys and certificates. There may be certificates installed on the QNAP already that you can use in /etc/ssl/private/myhost.key and /etc/ssl/private/myhost.crt. I made my own self-signed certificate using instructions here for a single domain, and here for a multiple domain certificate.

  6. If you are using a non-official certificate (e.g. self-signed) then it will need to be installed in your browser. For Chrome, you can export the certificate to a file, and then import it into Trusted Root Certification Authorities under Settings -> Show Advanced Settings -> HTTPS/SSL Manage Certificates.

To check all is well with the HTTPS proxy set up, navigate to https://192.168.1.202:3000, and you ought to see a message like "Used HTTP Method is not allowed. POST or OPTIONS is required" and the green padlock in the address bar. There should be no security errors or warnings.

TODO: work out how to start the proxy as a service on QNAP startup. This looks useful.

MyEtherWallet set-up

Local files

If you are not concerned about HTTPS, simplest is probably to download and unpack the MEW files (dist-vxxx.zip, from https://github.com/kvhnuke/etherwallet/releases/latest) to your PC and navigate to index.html. You can then just enter the info for your node in the Add Custom Node dialogue. For my set-up:

When serving JSON RPC over HTTP:

When serving JSON RPC over HTTPS:

Note that the Ledger Nano S won't work in this configuration, but it's fine for other ways of unlocking your keys.

The official MEW website

If you are serving the JSON RPC over HTTPS you can hook up the official MEW website to your own node:

On the QNAP server

You can also install the MEW pages on the QNAP Web Server where you are running Parity.

To do this, I configured a vhost for the domain mew.local and added an entry to my local Windows hosts file on the client PC (C:/Windows/System32/drivers/etc/hosts) to point mew.local to 192.168.1.202. (You don't need to do this on the server side.)

The mew.local vhost is configured to be served over HTTPS on port 8881. You can install your self-signed certificate for the domain using QNAP's control panel (Control Panel -> Security -> Certificate and Private Key), or you can just ignore the browser warnings and click through them.

Unpack the MEW distribution in your vhost's home directory, browse to https://mew.local:8881 and you are good to go:

You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.