What would be potential problems with building "private" Ethereum network on AWS?

by Nicholas   Last Updated January 20, 2018 20:28 PM

Suppose I have two EC2 instances on AWS that are running geth nodes. They have the same genesis block and are in synchronization because peering is setup with open port 30303 (by default is for peering among nodes).

What would be potential issues with this setup? Wouldn't others be able to access from outside the network by hitting the open ports?

Also any issues with scaling?

Answers 1

As you say if your nodes are listening on the internet then other nodes would be able to communicate with yours. If they knew the genesis settings they could actually mine in your network, and if you have an open JSON-RPC port and they had gas on the network they could send transactions.

The solution is to restrict access at the network level, so your nodes can only talking to each other on the relevant ports, and do not accept access from other nodes. There are a few ways to do this:

  • Create firewall rules using AWS security policies
  • Create firewall rules on your EC2 instances, eg with iptables
  • Use a VPN
  • Make the nodes listen only on localhost, and connect them using SSH tunnels
Edmund Edgar
Edmund Edgar
January 21, 2018 00:18 AM

Related Questions

Best Method to Increase TPS on PoA Blockchain

Updated July 15, 2018 18:28 PM

How to add peers on a private network?

Updated July 14, 2017 23:28 PM

Calculate Private Proof-of-Authority TPS

Updated July 17, 2018 13:28 PM