Full Bitcoin Node

A full bitcoin node contains the entire bitcoin blockchain and is able to fully participate in the bitcoin network. It is able to accept transactions, validate transactions and blocks, and relay transactions and blocks to other nodes on the network. Running a full node contributes to the overall security of the bitcoin network, and gives private and direct access to the bitcoin blockchain.

Product Features

• Released weekly with a fully synchronized bitcoin blockchain
• bitcoind is running in full node mode with indexes enabled
• Optimized to run on AWS’s ARM-based Graviton instances
• Running Ubuntu 22.04 and bitcoin core 27.0
• Built, tested, and released with comprehensive automation and testing

Getting Started

To start, launch the Full Bitcoin Node AMI from AWS Marketplace.

Connecting to Instance

There are two supported ways to connect to the node: SSH and Session Manager.

SSH

To connect with SSH, follow the instructions provided when clicking on “Connect to instance” in the ec2 console. Make sure port 22 is open to your IP address. The default username is ubuntu.

Session Manager

Session Manager is a more secure option for connecting to your bitcoin node that does not require opening any network ports, but it does require additional IAM configuration to use. Specifically, you must set up and attach an instance profile to the instance that allows SSM access.

Using the Instance

Once connected, you will be either user ubuntu or ssm-user. bitcoind will be running under the bitcoin user and controlled by systemd. Common operations are summarized below.

Managing bitcoind

bitcoind is enabled by default and will start at boot automatically.

To restart bitcoind, run: sudo systemctl restart bitcoind

To stop bitcoind, run: sudo systemctl stop bitcoind

To start bitcoind, run: sudo systemctl start bitcoind

Using bitcoin-cli

At first boot, bitcoind will generate a unique and secure .cookie file which can be used to make authenticated requests using bitcoin-cli.

Basic “help” command: sudo bitcoin-cli -rpccookiefile=/var/lib/bitcoin/.cookie help

Show blockchain info: sudo bitcoin-cli -rpccookiefile=/var/lib/bitcoin/.cookie getblockchaininfo

Show network info: sudo bitcoin-cli -rpccookiefile=/var/lib/bitcoin/.cookie getnetworkinfo

Port 8333

To fully participate in the global bitcoin network, open network port TCP 8333 from 0.0.0.0/0 in your instance’s security group.

Security Notes and Shared Responsibility

Diligence and caution have been taken to build and deliver a secure-by-default bitcoin node running on the latest software and configured as designed by the bitcoin core project. However, using the bitcoin wallet features of a bitcoin node requires additional expertise to ensure safe handling of sensitive key material, and is therefore not recommended.

FAQ

What AWS EC2 instance type should I use?

The bitcoin node runs on the most recent long term supported Ubuntu version (22.04), and is built to run exclusively on AWS’s ARM-based Graviton instances.

In terms of minimal sizing, a bitcoind node requires 2GB memory and 1 dedicated vCPU. The c7g instance family is the best fit for CPU/memory, and the medium is sufficient to run a bitcoin node.

Recommended:

• c7g.medium
  • 2GB Memory
  • 1 dedicated vCPU

In terms of disk size, a 1000GB volume is provided, which provides about 950GiB of usable disk space. This disk size is chosen to keep the initial AMI disk usage under 80%, and to allow about two years of blockchain data before reaching capacity. The bitcoin blockchain is growing at a rate of about 10GB per month. If desired, a larger disk size may be allocated initially, or the volume may be grown at a later time.

The current bitcoin blockchain size can be found at blockchain.com.

The AMI uses the latest generation EBS volume type gp3 which is priced at $0.08/GB/mo.

How is bitcoind configured on the host?

Our full bitcoin node is implemented based on the recommendations and instructions at bitcoin.org. Specifically, the following non-default bitcoin settings are pre-configured in /etc/bitcoin/bitcoin.conf:

coinstatsindex=1  # Enable coinstats index used by the gettxoutsetinfo RPC
txindex=1  # Maintain a full transaction index, used by the getrawtransaction RPC
maxuploadtarget=1440M  # Limit upload bandwidth to 1440MB per day

All other options are the provided defaults from the bitcoin core project.

How do I add an RPC user to the host?

The rpcauth.py command comes with bitcoin core and is pre-installed on the host. To create a new user, connect to the host using SSH or SSM, and then run rpcauth.py followed by your desired username.

For example, to add a user named “sparrow”, run the following:

$ rpcauth.py sparrow
String to be appended to bitcoin.conf:
rpcauth=sparrow:ce2c36a20eb05f7f2992150e106f6293$c1c242013f45f313b03741b28b5cd1b7c7e2fe2f5a51c64bd9244a91f6d2bd60
Your password:
plOz_CAS-nY9FrRZzCu_4M8kRSfv0NAhdQHaCrCIr1U=

The output will provide the line that needs to be added to /etc/bitcoin/bitcoin.conf, and the securely generated password.

To add the user to bitcoin.conf, run sudo nano /etc/bitcoin/bitcoin.conf to open bitcoin.conf up in an editor. Search the file for “rpcauth” and add the “rpcauth=” line from above into the file.

After saving and exiting, restart bitcoind by running sudo systemctl restart bitcoind.

Something went wrong, what is bitcoind doing?

If bitcoind is not working as expected, take a look at its log file at /var/lib/bitcoin/debug.log.

sudo less /var/lib/bitcoin/debug.log

How can I ensure the version of bitcoin has not been modified?

Care is taken to ensure that the bitcoin binaries on the system are identical to the cryptographically verified binaries distributed and signed by the bitcoin core team.

To verify the integrity of the bitcoin binaries on the system, download and verify the pre-built binaries from bitcoin core.

Then, on the bitcoin instance, compare the sha256 sums of the installed binaries to those distributed by bitcoincore.org. (Be sure to download the “64 bit ARM Linux” binaries).

For example, the following commands will compare the files from bitcoincore.org with the files on the instance. Note that bitcoin-qt is excluded because it is not installed on the system.

# Set the bitcoin version
BITCOIN_VERSION=25.0

# Download the aarch64 (arm64) tar file from bitcoincore.org
$ curl -O https://bitcoincore.org/bin/bitcoin-core-${BITCOIN_VERSION}/bitcoin-${BITCOIN_VERSION}-aarch64-linux-gnu.tar.gz

# Verify the download using instructions at bitcoincore.org. (not included here)

# Untar the package
$ tar xvzf bitcoin-${BITCOIN_VERSION}-aarch64-linux-gnu.tar.gz

# Display a sha256 of the contents of each of the binary files from the package
$ sha256sum bitcoin-${BITCOIN_VERSION}/bin/*bitcoin*
efabb478c1889d165b4ad0d2d440516a6f222fc4307192d338a485aa7a857380  bitcoin-25.0/bin/bitcoin-cli
66be73ceca1252f5ea74ae0bfb92b767062bf58a2f1abd055be2dab9f5de603c  bitcoin-25.0/bin/bitcoin-qt
73e453be0c3f5bcda259b505cc124dd2c094c16662fd47d5c3bcb32a9e0ba723  bitcoin-25.0/bin/bitcoin-tx
24236c3db3a06d5f5c8595fa81f892070d47552bbca2ddd0088b18d6952eea28  bitcoin-25.0/bin/bitcoin-util
35990d0473060ab65c7937458d0a6c871647b9e7145d3fee73a64eeefd61adc9  bitcoin-25.0/bin/bitcoin-wallet
cedfa65ea54d619b95bdde94049358e313d0dae84b17a1aff7be2d50ccd96e86  bitcoin-25.0/bin/bitcoind
c6ed4accb7b91f1eed7245233be14e363b439bd1e9a02813b1543fafef69a191  bitcoin-25.0/bin/test_bitcoin

# Verify the version of bitcoin installed on the host matches BITCOIN_VERSION
$ bitcoind --version | head -1
Bitcoin Core version v25.0.0

# Display a sha256 of the contents of each of the binary files installed on the ec2 instance
$ sha256sum /usr/bin/*bitcoin*
efabb478c1889d165b4ad0d2d440516a6f222fc4307192d338a485aa7a857380  /usr/bin/bitcoin-cli
73e453be0c3f5bcda259b505cc124dd2c094c16662fd47d5c3bcb32a9e0ba723  /usr/bin/bitcoin-tx
24236c3db3a06d5f5c8595fa81f892070d47552bbca2ddd0088b18d6952eea28  /usr/bin/bitcoin-util
35990d0473060ab65c7937458d0a6c871647b9e7145d3fee73a64eeefd61adc9  /usr/bin/bitcoin-wallet
cedfa65ea54d619b95bdde94049358e313d0dae84b17a1aff7be2d50ccd96e86  /usr/bin/bitcoind
c6ed4accb7b91f1eed7245233be14e363b439bd1e9a02813b1543fafef69a191  /usr/bin/test_bitcoin

Change Log

The full node AMI is released every week with the latest version of the bitcoin blockchain and the latest Ubuntu packages and kernel. When something changes related to the bitcoin version or configuration, it is noted here and in the AWS release notes.

2024-05-06

Bitcoin Core has been upgraded to version 27.0.

2024-04-22

Bitcoin Core has been upgraded to version 26.1.

2024-01-15

A default configuration change has been made to reduce the cost of running a full node in AWS by hundreds of dollars per month.

Due to bandwidth costs in AWS, the default config has been updated to limit the amount of upload bandwidth that may be used per day. Specifically, the following setting is now enabled in /etc/bitcoin/bitcoin.conf.

maxuploadtarget=1440M # Limit upload bandwidth to 1440MB per day

2024-01-08

Bitcoin Core has been upgraded to version 26.0.

2023-12-04

Bitcoin Core has been upgraded to version 25.1.

2023-10-30

Increased AMI disk size to 1000GB now that the blockchain data is over 600GB on disk.

2023-06-19

Bitcoin Core has been upgraded to version 25.0.

2023-05-01

• Enabled txindex and coinstatsindex
• Increased AMI disk size to 800GB to accomodate additional index storage requirements (~40GB)

Today we enabled txindex and coinstatsindex in the default configuration.

The txindex, or “transaction index”, maintains a complete index of all transactions. This provides quick access to information about any transaction, and is needed for many wallet and block explorer use-cases.

The coinstatsindex provides coin statistics for each block, and is useful for data analytics and block explorer use-cases.

These indexes use about 40GB of disk space (txindex uses most of the space), so the default AMI disk size has been increased from 750GB to 800GB.