34 KiB
description: Pantheon command line interface reference
Pantheon Command Line
This reference describes the syntax of the Pantheon Command Line Interface (CLI) options and subcommands.
pantheon [OPTIONS] [COMMAND]
Runs the Pantheon Ethereum full node client.
!!!tip Use a configuration file to save the command line options in a file.
Options
banned-node-ids
--banned-node-ids=<bannedNodeId>[,<bannedNodeId>...]...
--banned-nodeids=0xc35c3...d615f,0xf42c13...fc456
banned-nodeids=["0xc35c3...d615f","0xf42c13...fc456"]
List of node IDs with which this node will not peer. The node ID is the public key of the node. You can specify the banned node IDs with or without the 0x
prefix.
!!!tip
The singular --banned-node-id
and plural --banned-node-ids
are available and are two
names for the same option.
bootnodes
--bootnodes[=<enode://id@host:port>[,<enode://id@host:port>...]...]
--bootnodes=enode://c35c3...d615f@1.2.3.4:30303,enode://f42c13...fc456@1.2.3.5:30303
bootnodes=["enode://c35c3...d615f@1.2.3.4:30303","enode://f42c13...fc456@1.2.3.5:30303"]
--bootnodes
List of comma-separated enode URLs for P2P discovery bootstrap.
When connecting to MainNet or public testnets, the default is a predefined list of enode URLs.
On custom networks defined by --genesis-file
option,
an empty list of bootnodes is defined by default unless you define custom bootnodes as described in
private network documentation.
!!! note
Specifying that a node is a bootnode
must be done on the command line using --bootnodes
option without value,
not in a configuration file.
config-file
--config-file=<FILE>
--config-file=/home/me/me_node/config.toml
The path to the TOML configuration file.
The default is none
.
!!!note This option is not used when running Pantheon from the Docker image or in a configuration file.
data-path
--data-path=<PATH>
--data-path=/home/me/me_node
data-path="/home/me/me_node"
The path to the Pantheon data directory. The default is the directory in which Pantheon is installed.
!!!note This option is not used when running Pantheon from the Docker image.
discovery-enabled
--discovery-enabled=false
discovery-enabled=false
Enables or disables P2P peer discovery.
The default is true
.
genesis-file
Genesis file is used to create a custom network.
!!!tip
To use a public Ethereum network such as Rinkeby, use the --network
option.
The network option defines the genesis file for public networks.
--genesis-file=<FILE>
--genesis-file=/home/me/me_node/customGenesisFile.json
genesis-file="/home/me/me_node/customGenesisFile.json"
The path to the genesis file.
!!!important
The --genesis-file
and --network
option can't be used at the same time.
!!!note This option is not used when running Pantheon from the Docker image.
graphql-http-cors-origins
--graphql-http-cors-origins=<graphQLHttpCorsAllowedOrigins>
--graphql-http-cors-origins="http://medomain.com","https://meotherdomain.com"
graphql-http-cors-origins=["http://medomain.com","https://meotherdomain.com"]
Comma separated origin domain URLs for CORS validation. The default is none.
graphql-http-enabled
--graphql-http-enabled
graphql-http-enabled=true
Set to true
to enable the GraphQL HTTP service.
The default is false
.
graphql-http-host
--graphql-http-host=<HOST>
# to listen on all interfaces
--graphql-http-host=0.0.0.0
graphql-http-host="0.0.0.0"
Host for GraphQL HTTP to listen on. The default is 127.0.0.1.
To allow remote connections, set to 0.0.0.0
!!!note This option is not used when running Pantheon from the Docker image.
graphql-http-port
--graphql-http-port=<PORT>
# to listen on port 6175
--graphql-http-port=6175
graphql-http-port="6175"
Specifies GraphQL HTTP listening port (TCP). The default is 8547. Ports must be exposed appropriately.
!!!note This option is not used when running Pantheon from the Docker image.
host-whitelist
--host-whitelist=<hostname>[,<hostname>...]... or "*"
--host-whitelist=medomain.com,meotherdomain.com
host-whitelist=["medomain.com", "meotherdomain.com"]
Comma-separated list of hostnames to allow access to the JSON-RPC API.
By default, access from localhost
and 127.0.0.1
is accepted.
!!!tip
To allow all hostnames, use "*"
. We don't recommend allowing all hostnames for production code.
max-peers
--max-peers=<INTEGER>
--max-peers=42
max-peers=42
Specifies the maximum P2P peer connections that can be established. The default is 25.
metrics-category
--metrics-category=<metrics-category>[,metrics-category...]...
--metrics-category=BLOCKCHAIN,PEERS,PROCESS
metrics-category=["BLOCKCHAIN","PEERS","PROCESS"]
Comma separated list of categories for which to track metrics. The default is all categories:
BIG_QUEUE
, BLOCKCHAIN
, EXECUTORS
, JVM
, NETWORK
, PEERS
, PROCESS
, ROCKSDB
, RPC
, SYNCHRONIZER
.
metrics-enabled
--metrics-enabled
metrics-enabled=true
Set to true
to enable the metrics exporter.
The default is false
.
--metrics-enabled
cannot be specified with --metrics-push-enabled
. That is, either Prometheus polling or Prometheus
push gateway support can be enabled but not both at once.
metrics-host
--metrics-host=<HOST>
--metrics-host=127.0.0.1
metrics-host="127.0.0.1"
Specifies the host on which Prometheus accesses Pantheon metrics.
The metrics server respects the --host-whitelist
option.
The default is 127.0.0.1
.
metrics-port
--metrics-port=<PORT>
--metrics-port=6174
metrics-port="6174"
Specifies the port (TCP) on which Prometheus accesses Pantheon metrics.
The default is 9545
. Ports must be exposed appropriately.
metrics-push-enabled
--metrics-push-enabled[=<true|false>]
--metrics-push-enabled
metrics-push-enabled="true"
Set to true
to start the push gateway integration.
--metrics-push-enabled
cannot be specified with --metrics-enabled
. That is, either Prometheus polling or Prometheus
push gateway support can be enabled but not both at once.
metrics-push-host
--metrics-push-host=<HOST>
--metrics-push-host=127.0.0.1
metrics-push-host="127.0.0.1"
Host of the Prometheus Push Gateway.
The default is 127.0.0.1
.
The metrics server respects the --host-whitelist
option.
!!! note
When pushing metrics, ensure --metrics-push-host
is set to the machine on which the push gateway is.
Generally, this will be a different machine to the machine on which Pantheon is running.
metrics-push-interval
--metrics-push-interval=<INTEGER>
--metrics-push-interval=30
metrics-push-interval=30
Interval in seconds to push metrics when in push
mode. The default is 15.
metrics-push-port
--metrics-push-port=<PORT>
--metrics-push-port=6174
metrics-push-port="6174"
Port (TCP) of the Prometheus Push Gateway.
The default is 9001
. Ports must be exposed appropriately.
metrics-push-prometheus-job
--metrics-prometheus-job=<metricsPrometheusJob>
--metrics-prometheus-job="my-custom-job"
metrics-prometheus-job="my-custom-job"
Job name when in push
mode. The default is pantheon-client
.
miner-coinbase
--miner-coinbase=<Ethereum account address>
--miner-coinbase=fe3b557e8fb62b89f4916b721be55ceb828dbd73
--miner-coinbase="0xfe3b557e8fb62b89f4916b721be55ceb828dbd73"
Account to which mining rewards are paid.
You must specify a valid coinbase when you enable mining using the --miner-enabled
option or the miner_start
JSON RPC-API method.
!!!note This option is ignored in networks using Clique and IBFT 2.0 consensus protocols.
miner-enabled
--miner-enabled
miner-enabled=true
Enables mining when the node is started.
Default is false
.
miner-extra-data
--miner-extra-data=<Extra data>
--miner-extra-data=0x444F4E27542050414E4943202120484F444C2C20484F444C2C20484F444C2021
miner-extra-data="0x444F4E27542050414E4943202120484F444C2C20484F444C2C20484F444C2021"
A hex string representing the 32 bytes to be included in the extra data field of a mined block. The default is 0x.
min-gas-price
--min-gas-price=<minTransactionGasPrice>
--min-gas-price=1337
min-gas-price="1337"
The minimum price that a transaction offers for it to be included in a mined block. The default is 1000.
network
--network=<NETWORK>
--network=rinkeby
network="rinkeby"
Predefined network configuration.
The default is mainnet
.
Possible values are :
mainnet
- Main Ethereum network
ropsten
- PoW test network similar to current main Ethereum network.
rinkeby
- PoA test network using Clique.
goerli
- PoA test network using Clique.
dev
- PoW development network with a very low difficulty to enable local CPU mining.
!!!note
Values are case insensitive, so either mainnet
or MAINNET
works.
!!!important
The --network
and --genesis-file
option cannot be used at the same time.
network-id
--network-id=<INTEGER>
--network-id=8675309
network-id="8675309"
This option can be used to override the default network ID. The default value is the network chain ID defined in the genesis file.
node-private-key-file
--node-private-key-file=<FILE>
--node-private-key-file=/home/me/me_node/myPrivateKey
node-private-key-file="/home/me/me_node/myPrivateKey"
<FILE>
is the path of the private key file of the node.
The default is the key file in the data directory.
If no key file exists, a key file containing the generated private key is created;
otherwise, the existing key file specifies the node private key.
!!!attention The private key is not encrypted.
!!!note This option is not used when running Pantheon from the Docker image.
p2p-enabled
--p2p-enabled=<true|false>
--p2p-enabled=false
p2p-enabled=false
Enables or disables all p2p communication. The default is true.
p2p-host
--p2p-host=<HOST>
# to listen on all interfaces
--p2p-host=0.0.0.0
p2p-host="0.0.0.0"
Specifies the host on which P2P listens. The default is 127.0.0.1.
!!!note This option is not used when running Pantheon from the Docker image.
p2p-port
--p2p-port=<PORT>
# to listen on port 1789
--p2p-port=1789
p2p-port="1789"
Specifies the P2P listening ports (UDP and TCP). The default is 30303. Ports must be exposed appropriately.
!!!note This option is not used when running Pantheon from the Docker image.
permissions-accounts-config-file-enabled
--permissions-accounts-config-file-enabled[=<true|false>]
--permissions-accounts-config-file-enabled
permissions-accounts-config-file-enabled=true
Set to enable file-based account level permissions. Default is false
.
permissions-accounts-config-file
--permissions-accounts-config-file=<FILE>
--permissions-accounts-config-file=/home/me/me_configFiles/myPermissionsFile
permissions-accounts-config-file="/home/me/me_configFiles/myPermissionsFile"
Path to the accounts permissions configuration file.
Default is the permissions_config.toml
file in the data directory.
!!! tip
--permissions-accounts-config-file
and --permissions-nodes-config-file
can use the same file.
!!!note This option is not used when running Pantheon from the Docker image.
permissions-nodes-config-file-enabled
--permissions-nodes-config-file-enabled[=<true|false>]
--permissions-nodes-config-file-enabled
permissions-nodes-config-file-enabled=true
Set to enable file-based node level permissions. Default is false
.
permissions-nodes-config-file
--permissions-nodes-config-file=<FILE>
--permissions-nodes-config-file=/home/me/me_configFiles/myPermissionsFile
permissions-nodes-config-file="/home/me/me_configFiles/myPermissionsFile"
Path to the nodes permissions configuration file.
Default is the permissions_config.toml
file in the data directory.
!!! tip
--permissions-nodes-config-file
and --permissions-accounts-config-file
can use the same file.
!!!note This option is not used when running Pantheon from the Docker image.
permissions-nodes-contract-address
--permissions-nodes-contract-address=<ContractAddress>
--permissions-nodes-contract-address=xyz
permissions-nodes-contract-address=xyz
Specifies the contract address for onchain node permissioning.
permissions-nodes-contract-enabled
--permissions-nodes-contract-enabled[=<true|false>]
--permissions-nodes-contract-enabled
permissions-nodes-contract-enabled=true
Enables contract-based onchain node permissioning. Default is false
.
privacy-enabled
--privacy-enabled[=<true|false>]
--privacy-enabled=false
privacy-enabled=false
Set to enable private transactions. The default is false.
privacy-precompiled-address
--privacy-precompiled-address=<privacyPrecompiledAddress>
Address to which the privacy pre-compiled contract is mapped. The default is 126.
privacy-public-key-file
--privacy-public-key-file=<privacyPublicKeyFile>
--privacy-public-key-file=Orion/nodeKey.pub
privacy-public-key-file="Orion/nodeKey.pub"
Path to the public key of the Orion node.
!!!note This option is not used when running Pantheon from the Docker image.
privacy-url
--privacy-url=<privacyUrl>
--privacy-url=http://127.0.0.1:8888
privacy-url="http://127.0.0.1:8888"
URL on which the Orion node is running.
rpc-http-api
--rpc-http-api=<api name>[,<api name>...]...
--rpc-http-api=ETH,NET,WEB3
rpc-http-api=["ETH","NET","WEB3"]
Comma-separated APIs to enable on the HTTP JSON-RPC channel.
When you use this option, the --rpc-http-enabled
option must also be specified.
The available API options are: ADMIN
, ETH
, NET
, WEB3
, CLIQUE
, IBFT
, PERM
, DEBUG
, MINER
, EEA
, and TXPOOL
.
The default is: ETH
, NET
, WEB3
.
!!!tip
The singular --rpc-http-api
and plural --rpc-http-apis
are available and are two
names for the same option.
rpc-http-authentication-credentials-file
--rpc-http-authentication-credentials-file=<FILE>
--rpc-http-authentication-credentials-file=/home/me/me_node/auth.toml
rpc-http-authentication-credentials-file="/home/me/me_node/auth.toml"
Credentials file for JSON-RPC API authentication.
!!!note This option is not used when running Pantheon from the Docker image.
rpc-http-authentication-enabled
--rpc-http-authentication-enabled
--rpc-http-authentication-enabled
rpc-http-authentication-enabled=true
Set to true
to require authentication for the HTTP JSON-RPC service.
rpc-http-cors-origins
--rpc-http-cors-origins=<url>[,<url>...]... or all or "*"
# You can whitelist one or more domains with a comma-separated list.
--rpc-http-cors-origins="http://medomain.com","https://meotherdomain.com"
rpc-http-cors-origins=["http://medomain.com","https://meotherdomain.com"]
# The following allows Remix to interact with your Pantheon node.
--rpc-http-cors-origins="http://remix.ethereum.org"
Specifies domain URLs for CORS validation. Domain URLs must be enclosed in double quotes and comma-separated.
Listed domains can access the node using JSON-RPC. If your client interacts with Pantheon using a browser app (such as Remix or a block explorer), you must whitelist the client domains.
The default value is "none"
.
If you don't whitelist any domains, browser apps cannot interact with your Pantheon node.
!!!note
To run a local Pantheon node as a backend for MetaMask and use MetaMask anywhere, set --rpc-http-cors-origins
to "all"
or "*"
.
To allow a specific domain to use MetaMask with the Pantheon node, set --rpc-http-cors-origins
to the client domain.
!!!tip
For development purposes, you can use "all"
or "*"
to accept requests from any domain,
but we don't recommend this for production code.
rpc-http-enabled
--rpc-http-enabled
rpc-http-enabled=true
Set to true
to enable the HTTP JSON-RPC service.
The default is false
.
rpc-http-host
--rpc-http-host=<HOST>
# to listen on all interfaces
--rpc-http-host=0.0.0.0
rpc-http-host="0.0.0.0"
Specifies the host on which HTTP JSON-RPC listens. The default is 127.0.0.1.
To allow remote connections, set to 0.0.0.0
!!! caution Setting the host to 0.0.0.0 exposes the RPC connection on your node to any remote connection. In a production environment, ensure you are using a firewall to avoid exposing your node to the internet.
!!!note This option is not used when running Pantheon from the Docker image.
rpc-http-port
--rpc-http-port=<PORT>
# to listen on port 3435
--rpc-http-port=3435
rpc-http-port="3435"
Specifies HTTP JSON-RPC listening port (TCP). The default is 8545. Ports must be exposed appropriately.
!!!note This option is not used when running Pantheon from the Docker image.
rpc-ws-api
--rpc-ws-api=<api name>[,<api name>...]...
--rpc-ws-api=ETH,NET,WEB3
rpc-ws-api=["ETH","NET","WEB3"]
Comma-separated APIs to enable on WebSockets channel.
When you use this option, the --rpc-ws-enabled
option must also be specified.
The available API options are: ADMIN
,ETH
, NET
, WEB3
, CLIQUE
, IBFT
, PERM', DEBUG
, MINER
, EEA
, and TXPOOL
.
The default is: ETH
, NET
, WEB3
.
!!!tip
The singular --rpc-ws-api
and plural --rpc-ws-apis
are available and are just two
names for the same option.
rpc-ws-authentication-credentials-file
--rpc-ws-authentication-credentials-file=<FILE>
--rpc-ws-authentication-credentials-file=/home/me/me_node/auth.toml
rpc-ws-authentication-credentials-file="/home/me/me_node/auth.toml"
Credentials file for JSON-RPC API authentication.
!!!note This option is not used when running Pantheon from the Docker image.
rpc-ws-authentication-enabled
--rpc-ws-authentication-enabled
--rpc-ws-authentication-enabled
rpc-ws-authentication-enabled=true
Set to true
to require authentication for the WebSockets JSON-RPC service.
!!! note
wscat
does not support headers. Authentication requires an authentication token to be passed in the
request header. To use authentication with WebSockets, an app that supports headers is required.
rpc-ws-enabled
--rpc-ws-enabled
rpc-ws-enabled=true
Set to true
to enable the WebSockets JSON-RPC service.
The default is false
.
rpc-ws-host
--rpc-ws-host=<HOST>
# to listen on all interfaces
--rpc-ws-host=0.0.0.0
rpc-ws-host="0.0.0.0"
Host for Websocket WS-RPC to listen on. The default is 127.0.0.1.
To allow remote connections, set to 0.0.0.0
!!!note This option is not used when running Pantheon from the Docker image.
rpc-ws-port
--rpc-ws-port=<PORT>
# to listen on port 6174
--rpc-ws-port=6174
rpc-ws-port="6174"
Specifies Websockets JSON-RPC listening port (TCP). The default is 8546. Ports must be exposed appropriately.
!!!note This option is not used when running Pantheon from the Docker image.
tx-pool-max-size
--tx-pool-max-size=<INTEGER>
--tx-pool-max-size=2000
tx-pool-max-size="2000"
Maximum number of transactions kept in the transaction pool. Default is 4096.
tx-pool-retention-hours
--tx-pool-retention-hours=<INTEGER>
--tx-pool-retention-hours=5
tx-pool-retention-hours="5"
Maximum period in hours to retain pending transactions in the transaction pool. Default is 13.
help
-h, --help
Show the help message and exit.
logging
-l, --logging=<LEVEL>
--logging=DEBUG
logging="DEBUG"
Sets the logging verbosity.
Log levels are OFF
, FATAL
, WARN
, INFO
, DEBUG
, TRACE
, ALL
.
Default is INFO
.
version
-V, --version
Print version information and exit.
Fast Sync Options
sync-mode
--sync-mode=FAST
--sync-mode=FAST
sync-mode="FAST"
Specifies the synchronization mode. Default is FULL
.
fast-sync-min-peers
--fast-sync-min-peers=<INTEGER>
--fast-sync-min-peers=2
fast-sync-min-peers=2
Minimum number of peers required before starting fast sync. Default is 5.
Subcommands
blocks
Provides blocks related actions.
import
pantheon blocks import --from=<block-file>
pantheon blocks import --from=/home/me/me_project/mainnet.blocks
Imports blocks from the specified file into the blockchain database
public-key
This command provides node public key related actions.
export
pantheon public-key export [--to=<key-file>]
pantheon --data-path=<node data path> public-key export
pantheon --data-path=<node data path> public-key export --to=/home/me/me_project/not_precious_pub_key
Outputs the node public key to standard output or writes it to the specified file if
--to=<key-file>
is specified.
export-address
pantheon public-key export-address [--to=<address-file>]
pantheon --data-path=<node data path> public-key export-address
pantheon --data-path=<node data path> public-key export-address --to=/home/me/me_project/me_node_address
Outputs the node public key address to standard output or writes it to the specified file if
--to=<key-file>
is specified.
password
Provides password related actions.
hash
This command generates the hash of a given password. Include the hash in the credentials file for JSON-RPC API authentication.
pantheon password hash --password=<my-password>
pantheon password hash --password=myPassword123
operator
Provides operator actions.
generate-blockchain-config
This command generates IBFT 2.0 configuration files.
pantheon operator generate-blockchain-config --config-file=<FILE> --to=<DIRECTORY> [--genesis-file-name=<FILE>] [--private-key-file-name=<FILE>] [--public-key-file-name=<FILE>]
pantheon operator generate-blockchain-config --config-file=config.json --to=myNetworkFiles
The configuration file has 2 subnested JSON nodes. The first is the genesis
property defining
the IBFT 2.0 genesis file except for the extraData
string. The
second is the blockchain
property defining the number of key pairs to generate.
rlp
Provides RLP related actions.
encode
This command encodes a typed JSON value from a file or from the standard input into an RLP hexadecimal string.
pantheon rlp encode [--from=<FILE>] [--to=<FILE>] [--type=<type>]
pantheon rlp encode --from=ibft_extra_data.json --to=extra_data_for_ibft_genesis.txt --type=IBFT_EXTRA_DATA
cat extra_data.json | pantheon rlp encode > rlp.txt
The IBFT_EXTRA_DATA
type is the only type supported for RLP encoding.
This data is included in the IBFT 2.0 genesis file.
???+ summary "IBFT 2.0 Extra Data"
To generate the RLP encoded extraData
string, specify a JSON input that is array of validator addresses
in ascending order.
??? tip "JSON Schema for IBFT_EXTRA_DATA"
The following JSON Schema can be used to validate that your JSON data is well formed. You can use an online validation tool
such as https://www.jsonschemavalidator.net/ to validate your JSON content.
```json
{
"$schema": "http://json-schema.org/draft-07/schema#",
"$id": "http://tech.pegasys.pantheon/cli_rlp_ibft_extra_data.json",
"type": "array",
"definitions": {},
"title": "IBFT extra data",
"description":"JSON format used as input to generate an IBFT extra data RLP string",
"items": {
"$id": "#/address",
"type": "string",
"title": "Validator address",
"description":"The validator node address",
"default": "",
"examples": [
"be068f726a13c8d46c44be6ce9d275600e1735a4",
"5ff6f4b66a46a2b2310a6f3a93aaddc0d9a1c193"
],
"pattern":"^([0-9a-f]{40})$"
}
}
```
!!!example "Example IBFT_EXTRA_DATA encoding"
```json tab="JSON Input"
[
"be068f726a13c8d46c44be6ce9d275600e1735a4",
"5ff6f4b66a46a2b2310a6f3a93aaddc0d9a1c193"
]
```
``` tab="RLP Output"
0xf853a00000000000000000000000000000000000000000000000000000000000000000ea94be068f726a13c8d46c44be6ce9d275600e1735a4945ff6f4b66a46a2b2310a6f3a93aaddc0d9a1c193808400000000c0
```