# Configure Bitcoin Core ## Configure Bitcoin Core ### Base Configuration Let's create the needed files: ```bash cd ~ ``` ```bash mkdir ~/.bitcoin ``` ```bash touch ~/.bitcoin/bitcoin.conf ``` Add the following configuration to the `bitcoin.conf` file we just created: {% hint style="warning" %} With the configuration below the node will be accessible **only on localhost and on the Tor network**. Refer to [the configuration file on this page](https://theroadtonode.com/bitcoin-core/configure-and-start#configuration) if you wish to also expose your node via IPv4/IPv6. {% endhint %} ```bash # Enable JSON-RPC API on port 8332 server=1 # Restrict JSON-RPC API to localhost only rpcbind=127.0.0.1 rpcallowip=127.0.0.1 # Run Bitcoin Core as a background daemon daemon=1 # Accept incoming P2P traffic (port 8333) to be a full participant in the network # If set to 0, other nodes can't sync from us, but we can still sync from them listen=1 # Keep full index of all transactions, not just those of the node's wallet. # Uses more space but allows querying any transaction by its txid # We need it if we want to run an Electrum Server or a blockchain explorer txindex=1 # Cache size in MBs. Lower it to 500 after the first blockchain sync is complete. dbcache=3000 # Run the node **only** on the Tor network onlynet=onion proxy=127.0.0.1:9050 bind=127.0.0.1 # Use native segwit addresses by default addresstype=bech32 changetype=bech32 ``` ### JSON-RPC API Bitcoin provides a control interface via a **JSON-RPC API** on port **8332**. We enabled with `server=1` in the `bitcoin.conf` file. Other locally running applications that need to interact with Bitcoin's JSON-RPC API will use the cookie located at `~/.bitcoin/.cookie`. If you ever want to connect remotely running applications to the JSON-RPC API, you can create a set of credentials with the command below: ``` python3 ~/bitcoin/share/rpcauth/rpcauth.py ``` Verify the output and append the mentioned line to the bottom of the `bitcoin.conf` file. {% hint style="warning" %} Save the plain text password securely because the line added to `bitcoin.conf` contains only the hash. {% endhint %} ## Configure Tor Bitcoin Core and other applications you install will heavily rely on Tor to connect with peers and ensure our wallets remain accessible. **Proper configuration is critical.** ### Tor-default Configuration Edit the default tor configuration file: ```bash sudo vim /etc/tor/torrc ``` Add the following lines: ```bash SocksPort 9050 ControlPort 9051 CookieAuthentication 1 CookieAuthFileGroupReadable 1 ``` * SocksPort ⇒ SOCKS proxy, routes traffic through the Tor network * ControlPort ⇒ Allows other programs to interact with the Tor daemon * CookieAuthentication ⇒ Requires local cookie authentication to access the control port (`/run/tor/control.authcookie)` * CookieAuthFileGroupReadable ⇒ Only users in the `debian-tor` group can authenticate with the cookie {% hint style="info" %} This configuration restricts Tor's control port to only local programs launched by our user. {% endhint %} Now restart tor: ``` sudo systemctl restart tor@default ``` ### Tor-Instance Configuration {% hint style="warning" %} If you're using a different tor instance,the config above won't work because bitcoin won't be able to find the cookie auth file for the instance. So instead we will use password authentication to access the control port. {% endhint %} Choose a strong password, then generate a hash with tor: ``` tor --hash-password "YourStrongPasswordHere" ``` This will output a hash for the password specified, example: ``` 16:DCC57869A5B8899B60F099CCF421641762DDD9DEFBB385F28A2031CE3C ``` Now edit your tor instance config like `/etc/tor/instances/tor4bitcoin/torrc` to add the following: ``` SocksPort 9060 ControlPort 9061 HashedControlPassword 16:DCC57869A5B8899B60F099CCF421641762DDD9DEFBB385F28A2031CE3C ``` {% hint style="info" %} Replace ports 9060/9061 by whatever free port you want. {% endhint %} Now enable and start the tor instance: ``` sudo systemctl enable --now tor@tor4bitcoin ``` Next edit `~/.bitcoin/bitcoin.conf` and edit this line with the right tor socks port: ``` proxy=127.0.0.1:9060 ``` Next add these lines. Make sure to add the right tor control port and the password you chose before. ``` torcontrol=127.0.0.1:9061 torpassword=YourStrongPasswordHere ``` ### Hidden Onion Service for the JSON-RPC API {% hint style="danger" %} **Exposing the RPC API is not recommended unless you fully understand the risks. It is a prime target for brute-force attacks and zero-day exploits. If compromised, an attacker could steal your Bitcoin IF you enabled the node's wallet and had funds in it.** {% endhint %} As configured, the JSON-RPC API is accessible only from localhost. To expose this port externally, you can [create a Tor service for it](https://theroadtonode.com/bitcoin-core/change-tor#rpc-via-tor). ## Configure systemd service Bitcoin Core's main program is `bitcoind` (short for Bitcoin Daemon). We will configure it as a `systemd` service to simplify management: ```bash sudo vim /etc/systemd/system/bitcoind.service ``` Add the following: ``` [Unit] Description=Bitcoin Daemon After=network.target [Service] User=your_user PIDFile=/home/your_user/.bitcoin/bitcoind.pid ExecStart=/usr/local/bin/bitcoind Restart=always TimeoutSec=120 RestartSec=30 [Install] WantedBy=multi-user.target ``` * In User=, replace your\_user with your own user * Do the same in the path of PIDFile= * Verify the path of ExecStart= by running the command `which bitcoind` Finally, reload systemd: ``` sudo systemctl daemon-reload ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.money-printer-go-brrr.com/readme/bitcoin-node/setup-your-bitcoin-node-from-source/configure-bitcoin-core.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.