Threshold Access Control (TACo)
  • Getting Started
    • Introduction to TACo
    • How TACo Works
    • Quickstart (Testnet)
  • For Developers
    • Integrate TACo Into Apps
      • Testnets
      • Mainnet Access
      • Mainnet Deployment
    • Ecosystem Integrations
      • OrbisDB
      • Waku
      • Irys
      • ComposeDB
      • Turbo
    • API
      • Encryptor Allowlist
      • Encrypt & Decrypt
      • Authentication
        • Condition Context
      • Access Control
        • TimeCondition
        • RpcCondition
        • ContractCondition
          • Use custom contract calls
          • Implement access revocation via smart contract
        • JSON Endpoint Conditions
          • JsonApiCondition
          • JsonRpcCondition
        • JWT Conditions
        • Logical Conditions
          • CompoundCondition
          • IfThenElseCondition
          • SequentialCondition
        • WIP / Feature Requests
          • Any (Major) EVM Chain Condition Support
    • Blueprints & Inspiration
      • Seed phrase recovery & transfer
      • Digital Rights Management for on-chain assets
      • Trustless channels for journalists, archivists & whistleblowers
      • Crowdsourcing real-world data with trustless contribution
  • For Product Leads
    • Value Propositions
    • Capabilities & Extensions
    • Use cases
      • Seed phrase recovery & transfer
      • Digital Rights Management for on-chain assets
      • Trustless channels for journalists, archivists & whistleblowers
      • Crowdsourcing real-world data with trustless contribution
    • Mainnet Fees
    • Trust Assumptions
      • Mainnet Trust Disclosure (Provider Answers)
      • Mainnet Trust Model Foundation
      • Trust levers & parameter packages
  • Reference
    • Contract Addresses
    • Architecture
      • Porter
    • Github
    • TACo Playground
    • TACo Scan
  • For Node Operators
    • Getting Set Up
      • Minimum System Requirements
      • Run a TACo Node with Docker
    • Operations
      • TACo Node Management
      • TACo Node Recovery
      • Stake Authorization
    • Duties, Compensation & Penalties
    • Run a Porter Instance
Powered by GitBook
On this page
  • Security Considerations
  • Run via Docker
  1. For Node Operators

Run a Porter Instance

PreviousDuties, Compensation & Penalties

Last updated 1 month ago

Managing a Porter instance on mainnet is more involved than operating a mainnet node, requiring solid server administration skills. This includes understanding how to provision and secure servers, applying security best practices, and maintaining consistent system performance. Key competencies like network configuration, SSL/TLS encryption, and CORS, are also essential to ensure the secure and efficient operation of your Porter instance.

By default, Porter runs over HTTP. However, Porter instances must be secured with a valid HTTPS certificate in order to be compatible with network applications. A Porter instance running without SSL/TLS is not only insecure but also browser-based apps and websites will be unable to connect.

To secure your Docker-run Porter instance with HTTPS, use a reverse proxy like or for SSL processing, and potentially for automated SSL certificate issuance and renewal. Additionally, consider using cloud-based services like AWS/Digital Ocean load balancers or Cloudflare for SSL termination and enhanced security.

Security Considerations

  • HTTPS: To run the Porter service over HTTPS, it will require a TLS key and a TLS certificate.

  • CORS: Allowed origins for

  • Authentication: Optional usage restriction (non-public instance) via authentication protocols, e.g. basic authentication, etc. if desired

Run via Docker

  1. Get the latest porter image

    $ docker pull nucypher/porter:latest

  2. Run Porter HTTP Service on port 80

    $ docker run -d \
--name porter \
-v ~/.local/share/nucypher/:/root/.local/share/nucypher:rw \
-p 80:9155 \
--restart=unless-stopped \
nucypher/porter:latest \
nucypher-porter run \
--eth-endpoint https://<ETH ENDPOINT URI> \
--polygon-endpoint https://<POLYGON ENDPOINT URI> \
--domain <TACO DOMAIN>

    The command above is for illustrative purposes and can be modified as necessary.

  3. Porter will be available on default port 80 (HTTP)

  4. View Porter logs

    $ docker logs -f porter

  5. Stop Porter service

    $ docker stop porter

View the for more information.

Nginx
Apache
Let's Encrypt
Cross-Origin Resource Sharing (CORS)
Porter Github repos