Skip to content
You are reading Pantheon development version documentation and some displayed features may not be available in the stable release. You can switch to stable version using the version box at screen bottom.

Pantheon Command Line

This reference describes the syntax of the Pantheon Command Line Interface (CLI) options and subcommands.

pantheon [OPTIONS] [COMMAND]

Runs the Pantheon Ethereum full node client.

Tip

Use a configuration file to save the command line options in a file.

Options

banned-node-ids

--banned-node-ids=<bannedNodeId>[,<bannedNodeId>...]...
--banned-nodeids=0xc35c3...d615f,0xf42c13...fc456
banned-nodeids=["0xc35c3...d615f","0xf42c13...fc456"]

List of node IDs with which this node will not peer. The node ID is the public key of the node. You can specify the banned node IDs with or without the 0x prefix.

Tip

The singular --banned-node-id and plural --banned-node-ids are available and are two names for the same option.

bootnodes

--bootnodes[=<enode://[email protected]:port>[,<enode://[email protected]:port>...]...]
--bootnodes=enode://[email protected]:30303,enode://[email protected]:30303
bootnodes=["enode://[email protected]:30303","enode://[email protected]:30303"]
--bootnodes

List of comma-separated enode URLs for P2P discovery bootstrap.

When connecting to MainNet or public testnets, the default is a predefined list of enode URLs.

On custom networks defined by --genesis-file option, an empty list of bootnodes is defined by default unless you define custom bootnodes as described in private network documentation.

Note

Specifying that a node is a bootnode must be done on the command line using --bootnodes option without value, not in a configuration file.

config-file

--config-file=<FILE>
--config-file=/home/me/me_node/config.toml

The path to the TOML configuration file. The default is none.

Note

This option is not used when running Pantheon from the Docker image or in a configuration file.

data-path

--data-path=<PATH>
--data-path=/home/me/me_node
data-path="/home/me/me_node"

The path to the Pantheon data directory. The default is the directory in which Pantheon is installed.

Note

This option is not used when running Pantheon from the Docker image.

discovery-enabled

--discovery-enabled=false
discovery-enabled=false

Enables or disables P2P peer discovery. The default is true.

genesis-file

Genesis file is used to create a custom network.

Tip

To use a public Ethereum network such as Rinkeby, use the --network option. The network option defines the genesis file for public networks.

--genesis-file=<FILE>
--genesis-file=/home/me/me_node/customGenesisFile.json
genesis-file="/home/me/me_node/customGenesisFile.json"

The path to the genesis file.

Important

The --genesis-file and --network option can’t be used at the same time.

Note

This option is not used when running Pantheon from the Docker image.

host-whitelist

--host-whitelist=<hostname>[,<hostname>...]... or *
--host-whitelist=medomain.com,meotherdomain.com
host-whitelist=["medomain.com", "meotherdomain.com"]

Comma-separated list of hostnames to allow access to the JSON-RPC API. By default, access from localhost and 127.0.0.1 is accepted.

Tip

To allow all hostnames, use *. We don’t recommend allowing all hostnames for production code.

max-peers

--max-peers=<INTEGER>
--max-peers=42
max-peers=42

Specifies the maximum P2P peer connections that can be established. The default is 25.

metrics-category

--metrics-category=<metrics-category>[,metrics-category...]...
--metrics-category=BLOCKCHAIN,PEERS,PROCESS
metrics-category=["BLOCKCHAIN","PEERS","PROCESS"]

Comma separated list of categories for which to track metrics. The default is all categories: BIG_QUEUE, BLOCKCHAIN, EXECUTORS, JVM, NETWORK, PEERS, PROCESS, ROCKSDB, RPC, SYNCHRONIZER.

metrics-enabled

--metrics-enabled
metrics-enabled=true

Set to true to enable the metrics exporter. The default is false.

--metrics-enabled cannot be specified with --metrics-push-enabled. That is, either Prometheus polling or Prometheus push gateway support can be enabled but not both at once.

metrics-host

--metrics-host=<HOST>
--metrics-host=127.0.0.1
metrics-host="127.0.0.1"

Specifies the host on which Prometheus accesses Pantheon metrics. The metrics server respects the --host-whitelist option.

The default is 127.0.0.1.

metrics-port

--metrics-port=<PORT>
--metrics-port=6174
metrics-port="6174"

Specifies the port (TCP) on which Prometheus accesses Pantheon metrics. The default is 9545. Ports must be exposed appropriately.

metrics-push-enabled

--metrics-push-enabled[=<true|false>]
--metrics-push-enabled
metrics-push-enabled="true"

Set to true to start the push gateway integration.

--metrics-push-enabled cannot be specified with --metrics-enabled. That is, either Prometheus polling or Prometheus push gateway support can be enabled but not both at once.

metrics-push-host

--metrics-push-host=<HOST>
--metrics-push-host=127.0.0.1
metrics-push-host="127.0.0.1"

Host of the Prometheus Push Gateway. The default is 127.0.0.1. The metrics server respects the --host-whitelist option.

Note

When pushing metrics, ensure --metrics-push-host is set to the machine on which the push gateway is. Generally, this will be a different machine to the machine on which Pantheon is running.

metrics-push-interval

--metrics-push-interval=<INTEGER>
--metrics-push-interval=30
metrics-push-interval=30

Interval in seconds to push metrics when in push mode. The default is 15.

metrics-push-port

--metrics-push-port=<PORT>
--metrics-push-port=6174
metrics-push-port="6174"

Port (TCP) of the Prometheus Push Gateway. The default is 9001. Ports must be exposed appropriately.

metrics-push-prometheus-job

--metrics-prometheus-job=<metricsPrometheusJob>
--metrics-prometheus-job="my-custom-job"
metrics-prometheus-job="my-custom-job"

Job name when in push mode. The default is pantheon-client.

miner-coinbase

--miner-coinbase=<Ethereum account address>
--miner-coinbase=fe3b557e8fb62b89f4916b721be55ceb828dbd73
--miner-coinbase="0xfe3b557e8fb62b89f4916b721be55ceb828dbd73"

Account to which mining rewards are paid. You must specify a valid coinbase when you enable mining using the --miner-enabled option or the miner_start JSON RPC-API method.

Note

This option is ignored in networks using Clique and IBFT 2.0 consensus protocols.

miner-enabled

--miner-enabled
miner-enabled=true

Enables mining when the node is started. Default is false.

miner-extra-data

--miner-extra-data=<Extra data>
--miner-extra-data=0x444F4E27542050414E4943202120484F444C2C20484F444C2C20484F444C2021
miner-extra-data="0x444F4E27542050414E4943202120484F444C2C20484F444C2C20484F444C2021"

A hex string representing the 32 bytes to be included in the extra data field of a mined block. The default is 0x.

min-gas-price

--min-gas-price=<minTransactionGasPrice>
--min-gas-price=1337
min-gas-price="1337"

The minimum price that a transaction offers for it to be included in a mined block. The default is 1000.

network

--network=<NETWORK>
--network=rinkeby
network="rinkeby"

Predefined network configuration. The default is mainnet.

Possible values are :

mainnet
Main Ethereum network
ropsten
PoW test network similar to current main Ethereum network.
rinkeby
PoA test network using Clique.
goerli
PoA test network using Clique.
dev
PoW development network with a very low difficulty to enable local CPU mining.

Note

Values are case insensitive, so either mainnet or MAINNET works.

Important

The --network and --genesis-file option cannot be used at the same time.

network-id

--network-id=<INTEGER>
--network-id=8675309
network-id="8675309"

P2P network identifier.

This option can be used to override the default network ID. The default value is the network chain ID defined in the genesis file.

node-private-key-file

--node-private-key-file=<FILE>
--node-private-key-file=/home/me/me_node/myPrivateKey
node-private-key-file="/home/me/me_node/myPrivateKey"

<FILE> is the path of the private key file of the node. The default is the key file in the data directory. If no key file exists, a key file containing the generated private key is created; otherwise, the existing key file specifies the node private key.

Attention

The private key is not encrypted.

Note

This option is not used when running Pantheon from the Docker image.

p2p-enabled

--p2p-enabled=<true|false>
--p2p-enabled=false
p2p-enabled=false

Enables or disables all p2p communication. The default is true.

p2p-host

--p2p-host=<HOST>
# to listen on all interfaces
--p2p-host=0.0.0.0
p2p-host="0.0.0.0"

Specifies the host on which P2P listens. The default is 127.0.0.1.

Note

This option is not used when running Pantheon from the Docker image.

p2p-port

--p2p-port=<PORT>
# to listen on port 1789
--p2p-port=1789
p2p-port="1789"

Specifies the P2P listening ports (UDP and TCP). The default is 30303. Ports must be exposed appropriately.

Note

This option is not used when running Pantheon from the Docker image.

permissions-accounts-config-file-enabled

--permissions-accounts-config-file-enabled[=<true|false>]
--permissions-accounts-config-file-enabled
permissions-accounts-config-file-enabled=true

Set to enable file-based account level permissions. Default is false.

permissions-accounts-config-file

--permissions-accounts-config-file=<FILE>
--permissions-accounts-config-file=/home/me/me_configFiles/myPermissionsFile
permissions-accounts-config-file="/home/me/me_configFiles/myPermissionsFile"

Path to the accounts permissions configuration file. Default is the permissions_config.toml file in the data directory.

Tip

--permissions-accounts-config-file and --permissions-nodes-config-file can use the same file.

Note

This option is not used when running Pantheon from the Docker image.

permissions-nodes-config-file-enabled

--permissions-nodes-config-file-enabled[=<true|false>]
--permissions-nodes-config-file-enabled
permissions-nodes-config-file-enabled=true

Set to enable file-based node level permissions. Default is false.

permissions-nodes-config-file

--permissions-nodes-config-file=<FILE>
--permissions-nodes-config-file=/home/me/me_configFiles/myPermissionsFile
permissions-nodes-config-file="/home/me/me_configFiles/myPermissionsFile"

Path to the nodes permissions configuration file. Default is the permissions_config.toml file in the data directory.

Tip

--permissions-nodes-config-file and --permissions-accounts-config-file can use the same file.

Note

This option is not used when running Pantheon from the Docker image.

permissions-nodes-contract-address

--permissions-nodes-contract-address=<ContractAddress>
--permissions-nodes-contract-address=xyz
permissions-nodes-contract-address=xyz

Specifies the contract address for onchain node permissioning.

permissions-nodes-contract-enabled

--permissions-nodes-contract-enabled[=<true|false>]
--permissions-nodes-contract-enabled
permissions-nodes-contract-enabled=true

Enables contract-based onchain node permissioning. Default is false.

privacy-enabled

--privacy-enabled[=<true|false>]
--privacy-enabled=false
privacy-enabled=false

Set to enable private transactions. The default is false.

privacy-precompiled-address

--privacy-precompiled-address=<privacyPrecompiledAddress>

Address to which the privacy pre-compiled contract is mapped. The default is 126.

privacy-public-key-file

--privacy-public-key-file=<privacyPublicKeyFile>
--privacy-public-key-file=Orion/nodeKey.pub
privacy-public-key-file="Orion/nodeKey.pub"

Path to the public key of the Orion node.

Note

This option is not used when running Pantheon from the Docker image.

privacy-url

--privacy-url=<privacyUrl>
--privacy-url=http://127.0.0.1:8888
privacy-url="http://127.0.0.1:8888"

URL on which the Orion node is running.

rpc-http-api

--rpc-http-api=<api name>[,<api name>...]...
--rpc-http-api=ETH,NET,WEB3
rpc-http-api=["ETH","NET","WEB3"]

Comma-separated APIs to enable on the HTTP JSON-RPC channel. When you use this option, the --rpc-http-enabled option must also be specified. The available API options are: ADMIN, ETH, NET, WEB3, CLIQUE, IBFT, PERM, DEBUG, MINER, EEA, and TXPOOL. The default is: ETH, NET, WEB3.

Tip

The singular --rpc-http-api and plural --rpc-http-apis are available and are two names for the same option.

rpc-http-authentication-credentials-file

--rpc-http-authentication-credentials-file=<FILE>
--rpc-http-authentication-credentials-file=/home/me/me_node/auth.toml
rpc-http-authentication-credentials-file="/home/me/me_node/auth.toml"

Credentials file for JSON-RPC API authentication.

Note

This option is not used when running Pantheon from the Docker image.

rpc-http-authentication-enabled

--rpc-http-authentication-enabled
--rpc-http-authentication-enabled
rpc-http-authentication-enabled=true

Set to true to require authentication for the HTTP JSON-RPC service.

rpc-http-cors-origins

--rpc-http-cors-origins=<url>[,<url>...]... or all or *
# You can whitelist one or more domains with a comma-separated list.

--rpc-http-cors-origins="http://medomain.com","https://meotherdomain.com"
rpc-http-cors-origins=["http://medomain.com","https://meotherdomain.com"]
# The following allows Remix to interact with your Pantheon node.

--rpc-http-cors-origins="http://remix.ethereum.org"

Specifies domain URLs for CORS validation. Domain URLs must be enclosed in double quotes and comma-separated.

Listed domains can access the node using JSON-RPC. If your client interacts with Pantheon using a browser app (such as Remix or a block explorer), you must whitelist the client domains.

The default value is "none". If you don’t whitelist any domains, browser apps cannot interact with your Pantheon node.

Note

To run a local Pantheon node as a backend for MetaMask and use MetaMask anywhere, set --rpc-http-cors-origins to "all" or "*". To allow a specific domain to use MetaMask with the Pantheon node, set --rpc-http-cors-origins to the client domain.

Tip

For development purposes, you can use "all" or "*" to accept requests from any domain, but we don’t recommend this for production code.

rpc-http-enabled

--rpc-http-enabled
rpc-http-enabled=true

Set to true to enable the HTTP JSON-RPC service. The default is false.

rpc-http-host

--rpc-http-host=<HOST>
# to listen on all interfaces
--rpc-http-host=0.0.0.0
rpc-http-host="0.0.0.0"

Specifies the host on which HTTP JSON-RPC listens. The default is 127.0.0.1.

To allow remote connections, set to 0.0.0.0

Caution

Setting the host to 0.0.0.0 exposes the RPC connection on your node to any remote connection. In a production environment, ensure you are using a firewall to avoid exposing your node to the internet.

Note

This option is not used when running Pantheon from the Docker image.

rpc-http-port

--rpc-http-port=<PORT>
# to listen on port 3435
--rpc-http-port=3435
rpc-http-port="3435"

Specifies HTTP JSON-RPC listening port (TCP). The default is 8545. Ports must be exposed appropriately.

Note

This option is not used when running Pantheon from the Docker image.

rpc-ws-api

--rpc-ws-api=<api name>[,<api name>...]...
--rpc-ws-api=ETH,NET,WEB3
rpc-ws-api=["ETH","NET","WEB3"]

Comma-separated APIs to enable on WebSockets channel. When you use this option, the --rpc-ws-enabled option must also be specified. The available API options are: ADMIN,ETH, NET, WEB3, CLIQUE, IBFT, PERM', DEBUG, MINER, EEA, and TXPOOL. The default is: ETH, NET, WEB3.

Tip

The singular --rpc-ws-api and plural --rpc-ws-apis are available and are just two names for the same option.

rpc-ws-authentication-credentials-file

--rpc-ws-authentication-credentials-file=<FILE>
--rpc-ws-authentication-credentials-file=/home/me/me_node/auth.toml
rpc-ws-authentication-credentials-file="/home/me/me_node/auth.toml"

Credentials file for JSON-RPC API authentication.

Note

This option is not used when running Pantheon from the Docker image.

rpc-ws-authentication-enabled

--rpc-ws-authentication-enabled
--rpc-ws-authentication-enabled
rpc-ws-authentication-enabled=true

Set to true to require authentication for the WebSockets JSON-RPC service.

Note

wscat does not support headers. Authentication requires an authentication token to be passed in the request header. To use authentication with WebSockets, an app that supports headers is required.

rpc-ws-enabled

--rpc-ws-enabled
rpc-ws-enabled=true

Set to true to enable the WebSockets JSON-RPC service. The default is false.

rpc-ws-host

--rpc-ws-host=<HOST>
# to listen on all interfaces
--rpc-ws-host=0.0.0.0
rpc-ws-host="0.0.0.0"

Host for Websocket WS-RPC to listen on. The default is 127.0.0.1.

To allow remote connections, set to 0.0.0.0

Note

This option is not used when running Pantheon from the Docker image.

rpc-ws-port

--rpc-ws-port=<PORT>
# to listen on port 6174
--rpc-ws-port=6174
rpc-ws-port="6174"

Specifies Websockets JSON-RPC listening port (TCP). The default is 8546. Ports must be exposed appropriately.

Note

This option is not used when running Pantheon from the Docker image.

tx-pool-max-size

--tx-pool-max-size=<INTEGER>
--tx-pool-max-size=2000
tx-pool-max-size="2000"

Maximum number of transactions kept in the transaction pool. Default is 4096.

tx-pool-retention-hours

--tx-pool-retention-hours=<INTEGER>
--tx-pool-retention-hours=5
tx-pool-retention-hours="5"

Maximum period in hours to retain pending transactions in the transaction pool. Default is 13.

help

-h, --help

Show the help message and exit.

logging

-l, --logging=<LEVEL>
--logging=DEBUG
logging="DEBUG"

Sets the logging verbosity. Log levels are OFF, FATAL, WARN, INFO, DEBUG, TRACE, ALL. Default is INFO.

version

  -V, --version

Print version information and exit.

Fast Sync Options

sync-mode

--sync-mode=FAST
--sync-mode=FAST
sync-mode="FAST"

Specifies the synchronization mode. Default is FULL.

fast-sync-min-peers

--fast-sync-min-peers=<INTEGER>
--fast-sync-min-peers=2
fast-sync-min-peers=2

Minimum number of peers required before starting fast sync. Default is 5.

Commands

Pantheon subcommands are:

blocks

This command provides blocks related actions.

import

pantheon blocks import --from=<block-file>
pantheon blocks import --from=/home/me/me_project/mainnet.blocks

Imports blocks from the specified file into the blockchain database

public-key

This command provides node public key related actions.

export

pantheon public-key export [--to=<key-file>]
pantheon --data-path=<node data path> public-key export
pantheon --data-path=<node data path> public-key export --to=/home/me/me_project/not_precious_pub_key

Outputs the node public key to standard output or writes it to the specified file if --to=<key-file> is specified.

export-address

pantheon public-key export-address [--to=<address-file>]
pantheon --data-path=<node data path> public-key export-address
pantheon --data-path=<node data path> public-key export-address --to=/home/me/me_project/me_node_address

Outputs the node public key address to standard output or writes it to the specified file if
--to=<key-file> is specified.

password

This command provides password related actions.

hash

This command generates the hash of a given password. Include the hash in the credentials file for JSON-RPC API authentication.

pantheon password hash --password=<my-password>
pantheon password hash --password=myPassword123

rlp

This command provides RLP related actions.

encode

This command encodes a typed JSON value from a file or from the standard input into an RLP hexadecimal string.

pantheon rlp encode [--from=<FILE>] [--to=<FILE>] [--type=<type>]
pantheon rlp encode --from=ibft_extra_data.json --to=extra_data_for_ibft_genesis.txt --type=IBFT_EXTRA_DATA
cat extra_data.json | pantheon rlp encode > rlp.txt

The IBFT_EXTRA_DATA type is the only type supported for RLP encoding. This data is included in the IBFT 2.0 genesis file.

IBFT 2.0 Extra Data

To generate the RLP encoded extraData string, specify a JSON input that is array of validator addresses in ascending order.

JSON Schema for IBFT_EXTRA_DATA

The following JSON Schema can be used to validate that your JSON data is well formed. You can use an online validation tool such as https://www.jsonschemavalidator.net/ to validate your JSON content.

{
  "$schema": "http://json-schema.org/draft-07/schema#",
  "$id": "http://tech.pegasys.pantheon/cli_rlp_ibft_extra_data.json",
  "type": "array",
  "definitions": {},
  "title": "IBFT extra data",
  "description":"JSON format used as input to generate an IBFT extra data RLP string",
  "items": {
    "$id": "#/address",
    "type": "string",
    "title": "Validator address",
    "description":"The validator node address",
    "default": "",
    "examples": [
      "be068f726a13c8d46c44be6ce9d275600e1735a4",
      "5ff6f4b66a46a2b2310a6f3a93aaddc0d9a1c193"
    ],
    "pattern":"^([0-9a-f]{40})$"
  }
}

Example IBFT_EXTRA_DATA encoding

[
  "be068f726a13c8d46c44be6ce9d275600e1735a4",
  "5ff6f4b66a46a2b2310a6f3a93aaddc0d9a1c193"
]
0xf853a00000000000000000000000000000000000000000000000000000000000000000ea94be068f726a13c8d46c44be6ce9d275600e1735a4945ff6f4b66a46a2b2310a6f3a93aaddc0d9a1c193808400000000c0
Questions or feedback? You can discuss issues and obtain free support on Pantheon Gitter channel.
For paid professional support by PegaSys, contact us at [email protected]