Home Oracle Hardening Guide — for operators running Oracle from home

[BaumerCrypto]

I published a Home Oracle Hardening Guide for DigiDollar oracle operators who are running from home instead of a VPS. It's in my oracle tools repo alongside the VPS hardening guide.

This came from Aussie Epic — he asked for a guide that covers home lab setups since the VPS guide doesn't apply directly. Home networks have a completely different attack surface: router NAT, port forwarding, dynamic IPs, UPS power management, and local network security instead of SSH and cloud firewalls.

The guide is organized into three tiers:

Tier 1 — Essential (~30 min): Dedicated user account, host firewall (only P2P port), port forwarding rules (never forward RDP/SSH), NTP time sync, automatic security updates, service auto-restart, wallet file permissions.

Tier 2 — Recommended (~1 hour): SSH with key-only auth, Fail2Ban, kernel hardening, router hardening (admin password, firmware, disable UPnP/WPS/remote management), UPS with graceful shutdown.

Tier 3 — Advanced: VLAN isolation, DDNS, WireGuard VPN for remote access, oracle-monitor.sh adaptation for home. Most of this tier is based on my own home network setup — VLANs, managed switches, segmented mining and node infrastructure.

Covers Linux (Ubuntu/Debian), Windows, and macOS since we have oracle operators on all three. Platform-specific commands are clearly marked throughout. Includes version notes for Windows 10/11 and macOS Ventura vs older.

There's a section on DigiByte-Qt wallet vs digibyted daemon for oracle operation — several operators created their keys through Qt and might be running their oracle that way. The guide explains the auto-start limitations and why digibyted daemon is the better choice for 24/7 uptime.

The NTP time sync section exists because of Aussie Epic catching that it was missing from my VPS guide. Oracle bundles have a 3,600-second freshness limit — clock drift on a home machine without NTP can push bundles past that threshold. We saw testnet25 die from exactly this type of timing issue.

Guide: HOME_ORACLE_HARDENING_GUIDE.md
VPS guide: ORACLE_HARDENING_GUIDE.md
Full repo (monitoring scripts, setup tutorials, contributing guidelines, security policy): digidollar-oracle-tools

A hardened home oracle isn't as reliable as a hardened VPS — I'm honest about that in the guide. But a hardened Home Oracle is infinitely better than an unhardened one, and every additional node strengthens the network.

MIT licensed — fork it, use it, improve it. Happy to have it linked from the official setup docs if it's useful.

— digibyte-maxi (Oracle Slot 17) | AKA: BaumerCrypto2.0