Home

Welcome to the BokkyPooBah's Ethereum Workshop wiki!

The associated Meetup group is https://www.meetup.com/BokkyPooBahs-Ethereum-Workshop/.

The associated Telegram chat invite link is https://t.me/joinchat/Ep-XOkwa_uns--L08HhRTw.

There is an associated virtual server we use with this workshop. It is not a highly secured environment, but more of a sandbox for developing Ethereum Dapps and Ethereum based web services.

The server is running the geth Ethereum node softwre on the Ethereum Ropsten Testnet network. See If you need some Ropsten Testnet ethers... for details on connecting to the Ropsten network, and/or to get some Ropsten testnet ethers.

Voting Systems:

• Lurve Voting

---

Table Of Contents

• TODO
• Set Up Virtual Server
  • Set Up Users
  • Set Up Apache
  • Other Virtual Server Housekeeping Tasks
• Set Up The Parity Node
  • Set Up The Parity Binaries
  • Set Up The Parity Service
  • Control The Parity Service
• Set Up The Go Ethereum Environment
  • Set Up The Geth Binaries
  • Set Up The Geth Service
  • Control The Geth Service
  • Use The Geth JavaScript Console
• Security Set Up

---

TODO

• Set up firewall
• SSL certificates
• Build different voting implementations

---

Set Up Virtual Server

• Hosted on 172.104.5.185, this is a Linode 2GB plan costing USD 10 per month for a 2Gb RAM 30Gb storage server.
• Set up the DNS ethvoter.thedao.fund to point to 172.104.5.185
• Installed Ubuntu 16.04 LTS Disk
• Nov 11 2017 Set up DNS www.EtherDevSwamp.org to point to 172.104.5.185

Set Up Users

• The host is created with a root user account

• The root user can then set up additional non-root user accounts using the commands:

  # Sets up the user's account
  adduser {username}
  # Provide the user with `sudo` execute-action-as-superuser access
  usermod -aG sudo {username}
  # Provide the user with admin access, e.g. tail -f /var/log/syslog
  sudo usermod -aG adm {username}
  

• The user can then log in using ssh {username}@ethvoter.thedao.fund

• The user can change their password using the command passwd

Set Up Apache

sudo apt-get -y install apache2

You can now browse http://ethvoter.thedao.fund/.

The webpages can be customised on the virtual server in the directory /var/www/html/.

Other Virtual Server Housekeeping Tasks

# Set hostname to "ethvoter"
sudo hostname ethvoter

• Nov 11 2017 BK Renaming from ethvoter to EthDevSwamp

Update /etc/hosts and /etc/hostname to make the change above survive reboots

$ cat /etc/hosts
127.0.0.1	localhost
127.0.1.1	ethvoter.members.linode.com	ethvoter
...

$ cat /etc/hostname
ethvoter

• Nov 11 2017 BK Renaming from ethvoter to EthDevSwamp

Backup user passwords and groups, just because it took so long to setup.

# usually you wouldn't do this as this sensitive data, another source of leaks
$ tar cjvf user_state.tar.bz2 /etc/group /etc/shadow /etc/gshadow /etc/passwd
# scp it off to somewhere that's not this server
$ scp user_state.tar.bz2 USER@remote_server:.

Disable root login

$ sudo vi /etc/ssh/sshd_config
...
PermitRootLogin no
...

# Reload sshd daemon for the new settings to take effect
$ sudo systemctl reload sshd

Killing processes

If process doesn't shutdown as expected, kill it with pkill
use ps -ef or some equivalent to see what processes are still running
$ pkill 'program name'
$ ps -ef | grep 'program name'
If the program doesn't die or will not exit then use pkill -9
Don't use -9 unless necessary, it doesn't give programs a chance to do internal cleanup.

---

Set Up The Parity Node

NOTE. We were using the Parity node software to set up a connection to the Ethereum blockchain. On Sep 18 2017, the node has been switched to using geth.

Set Up The Parity Binaries

From https://github.com/paritytech/parity/releases, download the Linux x86_64 .deb file. For example:

$ wget http://parity-downloads-mirror.parity.io/v1.7.0/x86_64-unknown-linux-gnu/parity_1.7.0_amd64.deb
$ sudo apt install ./parity_1.7.0_amd64.deb

$ which parity
/usr/bin/parity

Set Up The Parity Service

We will use the systemd service framework

$ vi /etc/systemd/system/parity.service
[Unit]
Description=Parity

[Service]
Type=simple
User=parity
Restart=always
# Mainnet
# ExecStart=/usr/bin/parity --warp --port 30303 --jsonrpc-port 8545 --no-dapps --no-ui
# Ropsten
ExecStart=/usr/bin/parity --chain ropsten --warp --port 30303 --jsonrpc-port 8545 --no-dapps --no-ui

[Install]
WantedBy=default.target

Control The Parity Service

# Start service
sudo systemctl start parity
# Stop service
sudo systemctl stop parity
# View all logs
sudo journalctl -u parity
# Tail log
sudo journalctl -f -u parity

Temporarily Run Parity With The Personal API Enabled

In order to send transactions from this Parity node, the personal API has to be enabled. We will leave the personal API off by default for this node to reduce the security risk.

To Run Parity With The Personal API Enabled

• Stop the system Parity service

  $ sudo systemctl stop parity
  

• Switch to the parity user

  sudo su -
  {enter your password}
  
  root@ethvoter:~# su - parity
  parity@ethvoter:~$ 
  

• Start Parity with the personal API:

  parity@ethvoter:~$ parity --chain ropsten --jsonrpc-port 8545  --jsonrpc-apis "web3,eth,net,parity,traces,rpc,personal"
  

• In a separate window, run geth and note that the personal module is enabled:

  $ geth attach rpc:http://localhost:8545
  ...
   modules: eth:1.0 net:1.0 parity:1.0 personal:1.0 rpc:1.0 traces:1.0 web3:1.0
  ...
  

• To create a new account (once off):

  > personal.newAccount("{password}")
  "0x74ed6eb23c21403d7a00bf388a2ec691b98ba8ed"
  > eth.accounts
  ["0x74ed6eb23c21403d7a00bf388a2ec691b98ba8ed"]
  

• In between, I've transferred 200 RtETH to the new account

  > web3.fromWei(eth.getBalance(eth.accounts[0]), "ether")
  200
  

• To unlock the main account:

  > personal.unlockAccount(eth.accounts[0], "{password}")
  true
  

• Exit geth with Control-D

• Back in the window where you manually started Parity, type Control-C to terminate Parity, then start the Parity system service

  $ sudo systemctl stop parity
  

---

Set Up The Go Ethereum Environment

We will be using Go Ethereum (geth) as a command line JavaScript console.

As of Sep 18 2017, this node is running the geth service on the Ropsten testnet.

Set Up The Geth Binaries

From https://github.com/ethereum/go-ethereum/wiki/Installation-Instructions-for-Ubuntu:

$ sudo apt-get install software-properties-common
$ sudo add-apt-repository -y ppa:ethereum/ethereum
$ sudo apt-get update
$ sudo apt-get install ethereum

$ which geth
/usr/bin/geth

Set Up The Geth Service

We will use the systemd service framework

$ vi /etc/systemd/system/parity.service
[Unit]
Description=Geth

[Service]
Type=simple
User=geth
Restart=always
# Mainnet
# ExecStart=/usr/bin/geth --rpc
# Ropsten
ExecStart=/usr/bin/geth --testnet --fast --rpc --rpcapi "eth,net,web3,debug,personal" --bootnodes "enode://20c9ad97c081d63397d7b685a412227a40e23c8bdc6688c6f37e97cfbc22d2b4d1db1510d8f61e6a8866ad7f0e17c02b14182d37ea7c3c8b9c2683aeb6b733a1@52.169.14.227:30303,enode://6ce05930c72abc632c58e2e4324f7c7ea478cec0ed4fa2528982cf34483094e9cbc9216e7aa349691242576d552a2a56aaeae426c5303ded677ce455ba1acd9d@13.84.180.240:30303"

[Install]
WantedBy=default.target

Control The Geth Service

# Start service
sudo systemctl start geth
# Stop service
sudo systemctl stop geth
# View all logs
sudo journalctl -u geth
# Tail log
sudo journalctl -f -u geth

Use The Geth JavaScript Console

geth attach rpc:http://localhost:8545

Ropsten Testnet (Current Setup)

> eth.syncing
{
  currentBlock: 1246169,
  highestBlock: 1671614,
  startingBlock: 0,
  warpChunksAmount: null,
  warpChunksProcessed: null
}
> eth.blockNumber
1246490
> eth.getBlock("latest")
{
  author: "0x007bd4ee4528cc703e779aa5ae01cb433e771b1e",
  difficulty: 526071604,
  extraData: "0xd5830106088650617269747986312e31372e30826c69",
  gasLimit: 4704624,
  gasUsed: 93773,
  hash: "0x61344fa9100bcd7bc06f3f9527f6e44e51bd8f687d041e9bf330841deb991145",
  logsBloom: "0x00000000000000000000000000000000000000000000000000000004000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000008000000040000000008000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000800000000000000000000000000000000000000000000100000000000001000000000000000000000000000000000000000000000000000000000002000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000",
  miner: "0x007bd4ee4528cc703e779aa5ae01cb433e771b1e",
  mixHash: "0x29cdc2a36fb407470f096ce889b149e63e1983ce1b18c9a85c899667a31756ac",
  nonce: "0x689f4466087eddda",
  number: 1246768,
  parentHash: "0x450995985c777bc9b92d3ba0195c1198b0e3143a35422d16e7baa56fa377f14c",
  receiptsRoot: "0xb1d1aebbdde4a34776fb7942438893d66b2bac49b55f6455e227dfc62e1d8565",
  sealFields: ["0xa029cdc2a36fb407470f096ce889b149e63e1983ce1b18c9a85c899667a31756ac", "0x88689f4466087eddda"],
  sha3Uncles: "0x1dcc4de8dec75d7aab85b567b6ccd41ad312451b948a7413f0a142fd40d49347",
  size: 942,
  stateRoot: "0x5236ca80f66cc5635cbda2e877e27eca8c2bf00a6333981052d302598a0ffe7b",
  timestamp: 1499306308,
  totalDifficulty: 849573643257611,
  transactions: ["0x06af7c91ad06a5a3279dd11eb55f3b6def28443eaeebb8cb471d837d347a494a", "0xc3f24371335bfabd176e06932b0715c54af8746d421e69d3b77d0d1a1c79863e", "0xcf95bd9af08368a24269d370c251690c8217b0e904334689afe549336759c223"],
  transactionsRoot: "0x7daab3610008c0eb12726113fb1fdfd6237ad5d5d9bf783e19316dcb652fe517",
  uncles: []
}

Mainnet (Not The Current Setup)

> eth.syncing
false
> eth.blockNumber
4272289
> eth.getBlock("latest")
{
  author: "0x829bd824b016326a401d083b33d092293333a830",
  difficulty: 2288477945824471,
  extraData: "0xe4b883e5bda9e7a59ee4bb99e9b1bc",
  gasLimit: 6738666,
  gasUsed: 4148659,
  hash: "0x5fe0743e95339fbcb5df38f6b9b5178508b08aee9787559918f7e0a1092e90b3",
  logsBloom: "0x2140...4000",
  miner: "0x829bd824b016326a401d083b33d092293333a830",
  mixHash: "0x0cfd9216c0174a9991a0bcc6186f1cf2f1a6711e015b55873bd1a159a7a27f51",
  nonce: "0x4306bf140450c273",
  number: 4272289,
  parentHash: "0x8bd3d9d2fedac89b413010f7211770c72adbab2d42df14e5afb4573e4a70755e",
  receiptsRoot: "0xc947de7603468b520c5da43780cd0f70bdfad63a1b2bbaa67321ebd7b4a32793",
  sealFields: ["0xa00cfd9216c0174a9991a0bcc6186f1cf2f1a6711e015b55873bd1a159a7a27f51", "0x884306bf140450c273"],
  sha3Uncles: "0x1dcc4de8dec75d7aab85b567b6ccd41ad312451b948a7413f0a142fd40d49347",
  size: 19088,
  stateRoot: "0xa6a684968f1cea57435cfab9ccd4c5004928bf5c8738b7557a09ecf30819eb0b",
  timestamp: 1505373561,
  totalDifficulty: 927392860016645793913,
  transactions: ["0x9c9370a5edd5d448f21f2d870cb3202505fda016a94325def3bc6204a2f36c90", "0x250c25860a681b286ac2c6f55ffd19a851fddefbefcf1aa5d7bb36a286d2f536", "0xe747a0e320df4b5e5616ca6e547ff425520cf9b6c7bacb8776580800106df727", ..., "0x8923499cf9abe9f46696cbc89cadb2f7ee561c1feaff5f125c3ca757636e2c86"],
  transactionsRoot: "0x291f1259aa7970b9194cfc922ec508d6370195899d217813f01c91c25e26f4a7",
  uncles: []
}

---

Security set up

See:

• How To Create a Self-Signed SSL Certificate for Apache in Ubuntu 16.04 Ignore the self-signed SSL certificate in this article as the Let's Encrypt certificate will be installed in the next step
• How To Secure Apache with Let's Encrypt on Ubuntu 16.04
• How To Setup a Firewall with UFW on an Ubuntu and Debian Cloud Server
• Nov 11 2017 - # sudo certbot --apache -d ethvoter.thedao.fund -d www.EtherDevSwamp.org -d EtherDevSwamp.org