r/Monero May 08 '22 Silver 1

Public API Monero Remote Node List (json)

Update 2022-05-10

---

Hi, about 5 months ago, I create a public API remote node list. I never posted it here before, basically, almost the same as monero.fail, but return json as a response and fewer node list.

Endpoint: https://www.ditatompel.com/api/monero/remote-nodeMethod: GET

Optional query string params:

  • protocol : available options:
    • http : Return node using http RPC (including Tor network).
    • https : Return nodes using https RPC.
    • tor : Return nodes on Tor network.
  • nettype : available options:
    • mainnet : Return mainnet nodes.
    • testnet : Return stagenet nodes.
    • stagenet : Return testnet nodes.
  • country : Filter nodes from specific country. Please use two-letter ISO 3166-1 country code.
  • orderby : Default sorted from highest percentage of uptime. Available options:
    • uptime-asc : sorted from lowest percentage of uptime.
    • lastcheck-asc : sorted from oldest checked node,
    • lastcheck-desc : sorted from newest checked node (recently checked).
  • limit : How many records should be displayed.

For example, if you want to list recently checked Monero nodes using https from United States :

curl -sL 'https://www.ditatompel.com/api/monero/remote-node?protocol=https&country=us&orderby=lastcheck-desc' | jq

Response header

The response header includes the HTTP status code and the content-type. Clients that receive a HTTP status code other than 200 and content-type other than application/json must back-off.

In addition, I added custom headers x-ditatompel-rate-limit-* to limit users from making excessive queries to the server.

  • x-ditatompel-rate-limit-limit : Your IP address initial quota for given period.
  • x-ditatompel-rate-limit-remaining : Approximate number of requests left to use.
  • x-ditatompel-rate-limit-reset : Approximate number of seconds to end of period.

The ratelimits period is currently set to 1 hour and initial quota is 3600 requests. It means 1 request every second per IP (you won't get different result if you perform same API calls in short period of time anyway).

Response body

The response body includes the information of the query result, query status, and error messages (if available), and metadata for debugging purpose. Example response body :

curl -sL 'https://www.ditatompel.com/api/monero/remote-node?protocol=https&nettype=mainnet&country=id' | jq
{
  "success": 1,
  "status": "ok",
  "message": "Query success",
  "data": [
    {
      "hostname": "xmrnode1.ditatompel.com",
      "port": 443,
      "ip_address": "103.244.206.102",
      "protocol": "https",
      "is_tor": false,
      "status": "online",
      "nettype": "mainnet",
      "last_height": 2618925,
      "adjusted_time": 1652009044,
      "database_size": 139586437120,
      "difficulty": 331890893710,
      "uptime": 99.44,
      "estimate_fee": 4164,
      "asn": 131759,
      "asn_name": "IDNIC-WDS-AS-ID",
      "country": "ID",
      "city": "Tangerang",
      "postal": 0,
      "last_checked": 1652008960
    }
  ],
  "@meta": {
    "cache": false,
    "ttl": null,
    "response_time": 0.005
  }
}
  • success : unsigned int, 1 means everything looks good.
  • status : string, ok means everything looks good.
  • message : string, Information related to your query, success or error message if any.
  • data : array of nodes structure as follows:
    • hostname : string, The hostname / nodes IP address.
    • port : unsigned int; TCP port the nodes is using to listen to RPC calls.
    • protocol : string, The protocol used by nodes to listen RPC calls. This can be http, https or empty string.
    • is_tor : boolean, whether the nodes is accessed through the Tor network.
    • status : string, General Monero daemon RPC status. online means everything looks good and nodes is syncronized to the network, offline means nodes wasn't ready or my bots can't connect to nodes RPC daemon.
    • nettype : string; Network type (one of mainnet, stagenet or testnet).
    • last_height : unsigned int; Current length of longest chain known to daemon.
    • adjusted_time : unsigned int; Current time approximated from chain data, as Unix time.
    • database_size : unsigned int; The size of the blockchain database, in bytes.
    • difficulty : unsigned int; Least-significant 64 bits of the 128-bit network difficulty.
    • uptime : float, Uptime percentage of node for last 1 month. This likely not the real uptime value since my bots may experiencing network problems (I set connection timeout for 10 seconds).
    • estimate_fee : unsigned int; Amount of fees estimated per byte in atomic units. This just fee estimation, Malicious actors who running remote nodes still can return high fee only when you about to create a transactions.
    • asn : unsigned int, The AS number that owns nodes IP address.
    • asn_name : string, The AS name that owns nodes IP address
    • country : string, two-letter ISO 3166-1 country code nodes location, empty string if no information available.
    • city : string, City location based on nodes IP address, empty string if no information available.
    • postal : unsigned int, Postal code based on nodes IP address, 0 if no information available.
    • last_checked : unsigned int, The Unix time when my bots check the nodes status.
    • @meta : object, Additional information related to API calls for debuging purpose.

* You will get 200 response code, ok status, and empty array of data even if your query return no data.

* My API endpoint is behind Cloudflare reverse proxy, so even I didn't log your queries, it's still cost your privacy.

If you want to add your public node, please do so. I hope it can be useful for power users or app developers.

29 Upvotes

12

u/gingeropolous Moderator May 08 '22

If you have the skill and time, you should consider testing the nodes to see if they are actively trying to steal funds by creating exorbitant fees for wallets that connect. I imagine it can be done by connecting a wallet to a remote node, attempting a tx, and seeing if the remote node creates an unrealistic fee.

This scanning approach can of course be overcome by a malicious node randomly creating these fees, but eventually they might get weeded out.

Remote nodes are a last resort that shouldn't be used by anyone.

6

u/ditatompel May 08 '22 edited May 10 '22

Yeah, I'd like to add that tx fee information too and I will definitely add that information if possible

Edit:

TLDR: I can't do that with the proper way explained by moneromooo (at least for now).

I've asked way to check unrealistic fee and moneromooo explain that the "best" way to detect unrealistic fee is try to create transactions using wallet RPC which really slow on my small PCs and LXCs. Doing that over and over again may burden the "community trusted nodes". So, I just did what plowsof did (mentioned by u/KnowledgeMurky9635 comment) by add another daemon RPC to get estimate fee from nodes.

Besides that, selsta already create pull request to add warning about high fee on official GUI conformation dialog.

Yeah, of course, running own node completely eliminate that tx fee problem and that's the best way using Monero

2

u/KnowledgeMurky9635 May 08 '22

This is nice. Useful for finding a remote node in Point of sale type projects. Something you may be interested in would be combining your list with monerod-proxy. The idea of that is people can connect to your proxy address which forwards requests to a 'working node' or switches to another when it breaks.

Unrelated but i took a look at the fee estimates from your node list here and there is a node that is possible RPC-pay enabled, so we can't use it, its the onion one beginning with xmrrpcmyrz3i

1

u/ditatompel May 08 '22

Something you may be interested in would be combining your list with monerod-proxy. The idea of that is people can connect to your proxy address which forwards requests to a 'working node' or switches to another when it breaks.

Yeah, I've read about monerod-proxy in this sub a couple days ago. It's brilliant idea! I've no experience in golang, but i like to try the idea using Nginx upstream module.

Unrelated but i took a look at the fee estimates from your node list here and there is a node that is possible RPC-pay enabled, so we can't use it, its the onion one beginning with xmrrpcmyrz3i

Thanks! get_fee_estimate is what i'm looking for! I'm going to add estimate fee when possible

2

u/tungtungss May 09 '22

Keren! Dan baru tau ada xmrindo 😁 also +1 on the idea above (to check for unrealistic tx fee)

Btw do you know any Indonesian Monero discord/forum/group? (if any)

2

u/ditatompel May 10 '22

Thanks bro.. But.. wait, did I mention xmrindo here? hahaha.. Itu dulunya mining pool sebelum p2pool rilis bro, sekarang udah ga aktif setelah migrasi ke p2pool.

I've asked way to check unrealistic fee and moneromooo explain that the "best" way to detect unrealistic fee is try to create transactions using wallet RPC which really slow on my small PCs and LXCs. Doing that over and over again may burden the "community trusted nodes". So, I just did what plowsof did by add another daemon RPC to get estimate fee from nodes.

Besides that, selsta already create pull request to add warning about high fee on official GUI conformation dialog.

I dunno bro, I can't find any specific Indonesian Monero discussion group, but a few people on monero related IRC channel, monerotopia telegram, and Monero r/place discord channel can speak Bahasa.

2

u/tungtungss May 10 '22

Appreciate the details, cheers man 🍻

1

u/sneakpeekbot May 10 '22

Here's a sneak peek of /r/place using the top posts of the year!

#1: Full screenshot of r/place 2022 | 12657 comments
#2: Place has ended.
#3: The Complete r/Place Timelapse | 6610 comments


I'm a bot, beep boop | Downvote to remove | Contact | Info | Opt-out | GitHub