Fulcrum
Fulcrum is a fast & nimble SPV server for Bitcoin Cash, Bitcoin BTC, and Litecoin created by Calin Culianu. It can be used as an alternative to Electrs because of its performance, as we can see in Craig Raw’s comparison of servers.
Preparations
Install dependencies
These are build dependencies (safe to remove after installation, if you want)
$SU apk add --virtual .build-deps autoconf g++ git gnupg jemalloc-dev lz4-dev \
make pkgconf qt6-qtbase-dev rocksdb-dev zeromq-devThese are runtime dependencies
$SU apk add jemalloc libzmq qt6-qtbase rocksdbCreate the fulcrum user/group
$SU addgroup -S fulcrum$SU adduser \
-S \
-D \
-H \
-h /dev/null \
-s /sbin/nologin \
-G fulcrum \
-g fulcrum \
fulcrumAdd fulcrum user to the bitcoin group
$SU adduser fulcrum bitcoinAdd the user satoshi to the group fulcrum as well
$SU adduser satoshi fulcrum && exec su -l satoshiReverse proxy
In the Security section, we already set up a reverse proxy. Now we can add the Electrum server configuration.
- Enable the reverse proxy to add SSL/TLS encryption to the Electrum server communication. Create the configuration file and paste the following content
$SU $EDITOR /etc/caddy/streams/electrum.caddy/etc/caddy/streams/electrum.caddy
:50002 {
route {
tls
proxy {
upstream 127.0.0.1:50001
}
}
}- Reload Caddy
$SU rc-service caddy reloadFirewall
- Configure the firewall to allow incoming requests
$SU $EDITOR /etc/awall/optional/electrum.json/etc/awall/optional/electrum.json
{
"description": "Allow Electrum SSL",
"filter": [
{
"in": "internet",
"out": "_fw",
"service": { "proto": "tcp", "port": 50002 },
"action": "accept",
"conn-limit": { "count": 10, "interval": 60 }
}
]
}- Enable it
$SU awall enable electrum
$SU awall activateInstallation
An easy and performant way to run an Electrum server is to use Fulcrum, the fast & nimble Electrum Server. There are no compatible binaries available, so we will compile the application ourselves.
Download source code
We get the latest release of the Fulcrum source code, verify it, compile it to an executable binary and install it.
- Download the source code for the latest Fulcrum release. You can check the release page to see if a newer release is available. Other releases might not have been properly tested with the rest of the Microbolt configuration, though.
cd /tmpVERSION=1.11.1git clone --branch v$VERSION https://github.com/cculianu/Fulcrum.git && cd FulcrumSignature check
- To avoid using bad source code, verify that the release has been properly signed by the main developer Calin Culianu.
url="https://raw.githubusercontent.com/Electron-Cash/keys-n-hashes/master/pubkeys/calinkey.txt"
wget -qO- "$url" | gpg --importgit verify-commit v$VERSIONConfigure, compile and install
- Now compile the source code into an executable binary and install it.
qmake6 \
Fulcrum.pro \
-o build/CC=gcc \
CXX=g++ \
make -C build$SU install -m 0755 -o root -g root -t /usr/bin ./build/Fulcrum$SU install -m 0755 -o root -g root -t /usr/bin ./FulcrumAdmin$SU install -D -m 0660 -o fulcrum -g fulcrum ./doc/fulcrum-example-config.conf /etc/fulcrum/fulcrum.conf- Download the custom Fulcrum banner based on Microbolt. Create your own if you want here
$SU wget \
https://gist.githubusercontent.com/doitwithnotepad/\
4472a92414223672d9ab4c3b55d0cd23/raw/ecb086f1b8cca49f22929778ac167b35915842e7/\
banner.txt \
-O /etc/fulcrum/banner.txtStrip installed binaries
$SU strip -v /usr/bin/FulcrumCleanup
cd
rm -rf /tmp/Fulcrum
$SU apk del .build-depsConfiguration
- Modify the config file with the following content
$SU $EDITOR /etc/fulcrum/fulcrum.conf/etc/fulcrum/fulcrum.conf
[...]
#datadir = /path/to/a/dir
[...]
#rpcuser = Bob_The_Banker
[...]
#rpcpassword = hunter1
[...]
rpccookie = /var/lib/bitcoind/.cookie
[...]
tcp = 0.0.0.0:50001
[...]
banner = /etc/fulcrum/banner.txt
[...]
peering = false
[...]Slow-performance devices
/etc/fulcrum/fulcrum.conf
[...]
bitcoind_clients = 1
[...]
bitcoind_timeout = 600
[...]
db_max_open_files = # RAM: 4GB -> 200 | 8GB -> 400
[...]
db_mem = 1024.0
[...]
worker_threads = 1
[...]Remote access over Tor
To use your Electrum server when you’re on the go, you can easily create a Tor hidden service. This way, you can connect the BitBoxApp or Electrum wallet also remotely, or even share the connection details with friends and family. Note that the remote device needs to have Tor installed as well.
- Add the following lines in the section for “location-hidden services” in the
torrcfile.
$SU $EDITOR /etc/tor/torrc/etc/tor/torrc
# Hidden Service Electrum
HiddenServiceDir /var/lib/tor/electrum/
HiddenServiceVersion 3
HiddenServicePoWDefensesEnabled 1
HiddenServicePort 50002 127.0.0.1:50002- Reload Tor configuration and get your connection address.
$SU rc-service tor reload
$SU cat /var/lib/tor/electrum/hostnameoutput
abcdefg..............xyz.onion- You should now be able to connect to your Electrum server remotely via Tor
using your hostname and port
50002
Autostart on boot
Fulcrum needs to start automatically on system boot.
- Create the Fulcrum init.d unit and copy/paste the following configuration
$SU $EDITOR /etc/init.d/fulcrum/etc/init.d/fulcrum
#!/sbin/openrc-run
: ${FULCRUM_CONFIGFILE:=/etc/fulcrum/fulcrum.conf}
: ${FULCRUM_DATADIR:=/var/lib/fulcrum}
: ${FULCRUM_LOGDIR:=/var/log/fulcrum}
: ${FULCRUM_USER:=fulcrum}
: ${FULCRUM_GROUP:=fulcrum}
: ${FULCRUM_BIN:=/usr/bin/Fulcrum}
: ${FULCRUM_ADMINPORT:=8000}
: ${FULCRUM_OPTS=${FULCRUM_OPTS}}
: ${FULCRUM_SIGTERM_TIMEOUT:=600}
FULCRUM_PIDDIR="/run/fulcrum"
required_files="${FULCRUM_CONFIGFILE}"
pidfile="${FULCRUM_PIDDIR}/${SVCNAME}.pid"
retry="${FULCRUM_SIGTERM_TIMEOUT}"
name="Fulcrum"
description="A fast & nimble SPV Server for BCH, BTC, and LTC"
command="${FULCRUM_BIN}"
command_args="${FULCRUM_CONFIGFILE}
--datadir ${FULCRUM_DATADIR}
--admin ${FULCRUM_ADMINPORT}
--pidfile ${pidfile}
${FULCRUM_OPTS}"
command_user="${FULCRUM_USER}:${FULCRUM_GROUP}"
command_background="true"
start_stop_daemon_args="--stdout ${FULCRUM_LOGDIR}/debug.log
--stderr ${FULCRUM_LOGDIR}/debug.log"
depend() {
use bitcoind
after bitcoind
}
start_pre() {
checkpath --file --mode 0660 --owner "${command_user}" "${FULCRUM_CONFIGFILE}"
checkpath --directory --mode 0750 --owner "${command_user}" "${FULCRUM_DATADIR}"
checkpath --directory --mode 0755 --owner "${command_user}" "${FULCRUM_LOGDIR}"
checkpath --directory --mode 0755 --owner "${command_user}" "${FULCRUM_PIDDIR}"
checkconfig
}
start_post() {
checkpath --file --owner "${command_user}" "${pidfile}"
}
checkconfig() {
if ! grep -qs '^rpccookie = ' "${FULCRUM_CONFIGFILE}"
then
eerror ""
eerror "ERROR: You must set a rpccookie path to run Fulcrum."
eerror "The setting must appear in ${FULCRUM_CONFIGFILE}"
eerror ""
return 1
fi
}- Enable execution permission
$SU chmod +x /etc/init.d/fulcrumEnable logrotate
- Enter the complete next configuration. Save and exit
$SU $EDITOR /etc/logrotate.d/fulcrum/etc/logrotate.d/fulcrum
/var/log/fulcrum/*.log {
weekly
missingok
rotate 104
compress
delaycompress
notifempty
create 0640 fulcrum fulcrum
sharedscripts
postrotate
kill -HUP `cat /run/fulcrum/fulcrum.pid`
endscript
}- Test
$SU logrotate /etc/logrotate.d/fulcrum --debugEnable and start Fulcrum
$SU rc-update add fulcrum$SU rc-service fulcrum start- Check the log to see Fulcrum output. Exit with
Ctrl-C
tail -f /var/log/fulcrum/debug.logFulcrum will now index the whole Bitcoin blockchain so that it can provide all necessary information to signing devices. With this, the signing devices you use no longer need to connect to any third-party server to communicate with the Bitcoin peer-to-peer network.
For the future: Fulcrum upgrade
Follow again Fulcrum page replacing the environment variable
VERSION=x.xx value for the latest if it has not been already changed in this
guide.
- Update the Fulcrum configuration if necessary (see release notes)
$SU $EDITOR /etc/fulcrum/fulcrum.conf- Restart the service to apply the changes
$SU rc-service fulcrum restart