This guide will walk you through the process of setting up and running a Neutron node. You can use this setup to operate a standard RPC node for network access or as the foundation for becoming a validator.

RPC Node

Access the Neutron network, run applications, or provide RPC services to others

Validator Node

Participate in consensus, earn rewards, and help secure the Neutron network
This guide covers the basic node setup that serves both purposes. If you want to become a validator, refer to our becoming a validator section.

System Requirements

CPU

Minimum: 4 or more cores
Recommended: 8 or more cores

RAM

Minimum: 16GB
Recommended: 32GB or more

Storage

Minimum: 500GB SSD
Recommended: 1TB or more NVMe SSD

Network

Minimum: 100Mbps
Recommended: 1Gbps or more with low latency

Installation Process

1

Install Dependencies

# Update and install required packages
sudo apt update && sudo apt upgrade -y
sudo apt install build-essential jq wget git curl -y
2

Install Go

# Install Go 1.21 or higher
wget https://go.dev/dl/go1.21.0.linux-amd64.tar.gz
sudo rm -rf /usr/local/go && sudo tar -C /usr/local -xzf go1.21.0.linux-amd64.tar.gz
rm go1.21.0.linux-amd64.tar.gz
Add Go to your PATH:
echo 'export PATH=$PATH:/usr/local/go/bin:$HOME/go/bin' >> ~/.profile
source ~/.profile
3

Build or Download Neutron

git clone https://github.com/neutron-org/neutron.git
cd neutron
git checkout v6.0.2 # replace with the current version
make install
4

Initialize the Node

neutrond init [your-moniker] --chain-id neutron-1

Configuration

Download Genesis and Address Book

# Download genesis file
wget -O $HOME/.neutrond/config/genesis.json https://snapshots.kjnodes.com/neutron/genesis.json

# Download address book
wget -O $HOME/.neutrond/config/addrbook.json https://snapshots.kjnodes.com/neutron/addrbook.json

RPC and API Endpoints

For connecting to the Neutron network, you can use the following official endpoints:

Official Neutron RPC

RPC: https://rpc-lb.neutron.org
Load-balanced RPC endpoint maintained by Neutron

Official Neutron REST APIs

Solara: https://rest-solara.neutron-1.neutron.org
Vertexa: https://rest-vertexa.neutron-1.neutron.org
High-availability REST API endpoints
For a comprehensive list of community-maintained endpoints, visit Cosmos Directory which provides real-time status and performance metrics for various RPC and API providers.

Configure Your Node

Edit app.toml to set minimum gas prices: 
sed -i 's/minimum-gas-prices = ""/minimum-gas-prices = "0.025untrn"/' $HOME/.neutrond/config/app.toml
Add seeds and peers to config.toml: 
# Set up seeds
SEEDS="24f609fb5946ca3a979f40b7f54132c00104433e@p2p-erheim.neutron-1.neutron.org:26656,[email protected]:19156"
sed -i 's/seeds = ""/seeds = "'"$SEEDS"'"/' $HOME/.neutrond/config/config.toml

# Set up persistent peers
PEERS="e5d2743d9a3de514e4f7b9461bf3f0c1500c58d9@neutron.peer.stakewith.us:39956,[email protected]:15600"
sed -i 's/persistent_peers = ""/persistent_peers = "'"$PEERS"'"/' $HOME/.neutrond/config/config.toml
For a complete list of available seeds and peers, check the Peers page.

State Sync or Snapshot (Optional)

To speed up the initial sync process, you can use state sync or a snapshot. 
# Get latest block height and hash
LATEST_HEIGHT=$(curl -s https://rpc-lb.neutron.org/status | jq -r .result.sync_info.latest_block_height)
BLOCK_HEIGHT=$((LATEST_HEIGHT - 2000))
TRUST_HASH=$(curl -s "https://rpc-lb.neutron.org/block?height=$BLOCK_HEIGHT" | jq -r .result.block_id.hash)

# Configure state sync in config.toml
sed -i \
-e "s|^enable *=.*|enable = true|" \
-e "s|^rpc_servers *=.*|rpc_servers = \"https://rpc-lb.neutron.org:443,https://rest-solara.neutron-1.neutron.org:443\"|" \
-e "s|^trust_height *=.*|trust_height = $BLOCK_HEIGHT|" \
-e "s|^trust_hash *=.*|trust_hash = \"$TRUST_HASH\"|" \
$HOME/.neutrond/config/config.toml

Set Up SystemD Service

Create a systemd service file for Neutron: 
sudo tee /etc/systemd/system/neutrond.service > /dev/null <<EOF
[Unit]
Description=Neutron Node
After=network-online.target

[Service]
User=$USER
ExecStart=$(which neutrond) start
Restart=always
RestartSec=3
LimitNOFILE=65535

[Install]
WantedBy=multi-user.target
EOF
Start the service: 
sudo systemctl daemon-reload
sudo systemctl enable neutrond
sudo systemctl start neutrond

Monitor Node Status

sudo journalctl -u neutrond -f

Performance Monitoring

Set up comprehensive monitoring to ensure your validator meets performance requirements:

Essential Monitoring Stack

Metrics Collection

Prometheus: Collect system and validator metrics
Node Exporter: System resource monitoring
Cosmos Exporter: Neutron-specific metrics

Visualization & Alerts

Grafana: Create dashboards for metrics visualization
Alertmanager: Configure alerts for critical issues
TenderDuty: Validator-specific monitoring tool

Key Metrics to Monitor

Configure alerts for these critical metrics:
  • Block Signing: Track missed blocks and signing percentage
  • Oracle Performance: Monitor oracle price update success rate
  • System Resources: CPU, memory, disk usage, and network connectivity
  • Node Health: Sync status, peer count, and consensus participation

Alert Configuration

Set up alerts for:
  • Validator jailed or tombstoned
  • Node not signing blocks (greater than 5 missed blocks)
  • Node falling behind sync (greater than 10 blocks)
  • Oracle service failures

Security Recommendations

Configure your firewall to only allow necessary ports:
# Install ufw
sudo apt install ufw -y

# Configure ufw
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow ssh
sudo ufw allow 26656/tcp # P2P
sudo ufw allow 26657/tcp # RPC (restrict to specific IPs if needed)
sudo ufw allow 1317/tcp  # API (restrict to specific IPs if needed)
sudo ufw allow 9090/tcp  # gRPC (restrict to specific IPs if needed)

# Enable ufw
sudo ufw enable
Improve SSH security with these steps:
# Edit SSH config
sudo nano /etc/ssh/sshd_config
Make these changes:
PermitRootLogin no
PasswordAuthentication no
PubkeyAuthentication yes
Restart SSH:
sudo systemctl restart sshd
For production validators, consider implementing a sentry node architecture:
  1. Set up separate sentry nodes that connect to the public network
  2. Configure your validator to only connect to your sentry nodes
  3. This protects your validator from DDoS attacks
Architecture: Internet <-> Sentry Nodes <-> Private Network <-> Validator
Secure your validator keys:
  • Store validator keys on hardware security modules (HSM) when possible
  • Use separate signing keys and never expose private keys
  • Implement proper backup and recovery procedures
  • Consider multi-signature setups for additional security

Best Practices

Infrastructure Redundancy

Implement redundant systems, backup power, and multiple network providers to avoid single points of failure.

Upgrade Preparation

Maintain testing infrastructure and participate in testnet upgrades to ensure smooth mainnet transitions.

Performance Optimization

Regularly monitor and optimize system performance to maintain greater than 99.5% uptime and greater than 98% oracle success rates.

Documentation

Maintain detailed operational procedures, incident response plans, and recovery documentation.

Next Steps

Choose your path based on your intended use:

RPC Node Operation

You’re Ready! Your node can now serve RPC requests, sync with the network, and support applications. Consider configuring:
  • API endpoints for application access
  • Monitoring for node health
  • Backup and recovery procedures

Validator Path

To become a validator, continue with these additional steps:
  1. Set up the Slinky Oracle Service
  2. Review validator requirements
  3. Complete validator registration

Additional Configuration for RPC Nodes

If you’re running an RPC node for public or application use, consider these additional configurations: 
# Enable API and configure CORS (in app.toml)
sed -i 's/enable = false/enable = true/' $HOME/.neutrond/config/app.toml
sed -i 's/enabled-unsafe-cors = false/enabled-unsafe-cors = true/' $HOME/.neutrond/config/app.toml

# Configure RPC settings (in config.toml)
sed -i 's/laddr = "tcp:\/\/127.0.0.1:26657"/laddr = "tcp:\/\/0.0.0.0:26657"/' $HOME/.neutrond/config/config.toml
Only enable external access if you understand the security implications and have proper firewall rules in place.