Enhancing Tezos Node Performance and Security with TzProxy

By Felipe Cardozo

‍

Introduction

TzProxy is a reverse proxy specifically designed for Tezos nodes, offering a range of features that enhance Tezos node performance, security, and manageability. In this blog post, we will delve into the various aspects of TzProxy and how it can significantly optimize your Tezos node setup.

At Marigold, we developed TzProxy to make our public nodes more reliable. You can know more about our Tezos Nodes on our Status Page.

‍

Setup

Setting up TzProxy for your Tezos node is straightforward and can yield remarkable benefits.
TzProxy acts as an intermediary between client requests and your Tezos RPC node, effectively offloading tasks that can otherwise impact your node’s performance.

Before we start, it’s important to understand that TzProxy exclusively manages Remote Procedure Calls (RPC) from Tezos and does not handle peer-to-peer interactions between tezos nodes.

To get started, follow these steps:

Pre-requisite

It’s needed a Tezos node running, you can find more about it below:

• Official Documentation - How to get Tezos
• Marigold - Open your Bakery

Install TzProxy

Begin by installing TzProxy on the same server as your Tezos node. You can download the latest TzProxy binaries on GitHub Releases, or use our docker images.

Configure TzProxy

If you are not using the default route address for Tezos nodes, the http://127.0.0.1:8732, it’s recommended that you create a custom configuration, for that, just create a file named tzproxy.yaml in the same directory of the binary.

tezos_host: 127.0.0.1:8732

If you don’t create this file, it will be created with the below default configurations when starting for the first time:

cache:
    disabled_routes:
        - /monitor/.*
    enabled: true
    size_mb: 100
    ttl: 5
cors:
    enabled: true
deny_list:
    enabled: false
    values: []
deny_routes:
    enabled: true
    values:
        - /injection/block
        - /injection/protocol
        - /network.*
        - /workers.*
        - /worker.*
        - /stats.*
        - /config
        - /chains/main/blocks/.*/helpers/baking_rights
        - /chains/main/blocks/.*/helpers/endorsing_rights
        - /helpers/baking_rights
        - /helpers/endorsing_rights
        - /chains/main/blocks/.*/context/contracts(/?)$
gc:
    percent: 20
gzip:
    enabled: true
host: 0.0.0.0:8080
logger:
    bunch_size: 1000
    pool_interval_seconds: 10
metrics:
    enabled: true
    host: 0.0.0.0:9000
    pprof: false
rate_limit:
    enabled: false
    max: 300
    minutes: 1
tezos_host: 127.0.0.1:8732

Then just run the binary:

./tzproxy

Finally, you can test with:

curl http://localhost:8080/chains/main/blocks/head/header

We will talk more about these configurations on next topics.

‍

Rate Limit and Cache

TzProxy allows you to set up a memory cache and rate limit to reduce requests of users that are sending a large bunch of requests in a short period of time, with a cache and rate limit your Tezos node will be hit fewer times, meaning a more stable and reliable node.

If you want to learn more about TzProxy, please read our blog post on Marigold website Enhancing Tezos Node Performance and Security with TzProxy