February 03, 2023
A visual overview
This is a graphical representation of what our chain infrastructure looks like. Not all chains we support get the full or exact services depicted here, but this is the core mainnet infrastructure design we run.
Infrastructure diagram. Inside the purple boxes are private networks. Outside are public.
Horcrux lets us do two things:
- We can use remote signers, so that the private key of the signer is never present on the public servers. Even if a sentry node is compromised, there are no keys to be found or stolen.
- We can scale the validator horizontally. The sentries and signers can be in different datacenters, even on different continents. If one node goes down, the others will still be able to sign the chain. We can lose entire datacenters with zero downtime.
The seed nodes are important for the health of a PoS chain. Many operators still use persistent peers to ensure connectivity, but for a number of reasons this is bad practice compared to using seed nodes. Seed node only job is to ensure that there is an up-to-date list of peers for the chain.
Thanks to the seed node having a current list of reachable peers, we can use that to collect data for our network maps. The data isn't complete or guarranteed to be correct, but is as good of a basis as can be gathered from a single node in a chain.
We provide daily snapshots for most of our chains. Our snapshoting method is the following:
- Spin up a completely fresh node
- Use state sync to catch up
- Stop the node
- Prune the database to reduce the size
- Compress and upload the database to the cloud
- Clean up by removing th node again
This helps us produce snapshots that are as current and as small as possible. Normally our snapshots are in the order of 250 MB to 1.5 GB. Small snapshots makes deploying new nodes based on snapshots much faster.