xmr daemons config unlceaer against xmr caveat. Please advise.

[bdk773]

Hi,

Hope somebody can clarify this piece for me.

In monero_pool.json line 102-114 mentions daemons configuration for both monerod (port 18081) and rpc wallet (port 18082).

Confusion that I have is that xmr node does not come with username. Yes there is password for the local wallet but that's all.

1. For line 104-107 (monerod) its asking to define user:password but its unclear where this should be coming from. Additionally according to Monero caveat its being asked to use --disable-rpc-login since Monero's Wallet Daemon (monero-wallet-rpc) relies on HTTP digest authentication for authentication which is currently not supported by Miningcore

If that is the case I'm confused on how can we fulfill this segment?!

2. Line 110-114 points to monero-wallet-rpc which does come with wallet password so that should satisfy line 113 but as previously mentioned there is no username defined so how can username be fulfilled for this segment?

I have checked on monerodocs.org and other resources and nothing mentions username in order to run a node. Can someone elaborate this for me?

Please advise and thank You in advance!

[oliverw]

monero_pool.json is simply oudated. As a matter of fact, thanks to the missing digest auth support in HttpClient, it is currently not possible to run either monerod or monero-wallet-rpc with authentication enabled. Which is a big bummer. A workaround is to put both daemons behind a reverse proxy such as nginx and secure the location using basic-authentication. Preferably over https (using self-signed certificates).

[bdk773]

@oliverw thank you very much for response. In regards to "it is currently not possible to run either monerod or monero-wallet-rpc with authentication enabled. Which is a big bummer. " - what should we use for those lines then ? I understand the workaround is to use reverse proxy but that doesn't explain how to fulfill the config.. Should it we just leave it at default since --disable-rpc-login is bypassing? Again thank you!

"daemons": [
{
"host": "127.0.0.1",
"port": 18081,
"user": "user",
"password": "password"
},
{
"host": "127.0.0.1",
"port": 18082,
"user": "user",
"password": "password",
"category": "wallet"
}

[oliverw]

If you are reverse proxying then put the basic auth credentials for the reverse proxy in the user and password fields. Otherwise leave them blank.

[bdk773]

@oliverw but we are talking about authentication between miningcore and monerod correct (since its a config for the mc engine)? Or I missed the point and if yes please drop a knowledge on me. I mean wouldn't be safe to say that the communication between these services should be considered safe as what I like to call it green zone?! Where i.e yellow = dmz, red = outside. Regards.

[bdk773]

@oliverw have you ever encountered following error when running MC? Any advise on what to look at?

System.NullReferenceException: Object reference not set to an instance of an object.

Followed the guide to the dot, error is definitely related to the pool config:

[2021-07-20 15:26:13.5322] [I] [xmr1] Starting Pool ...
[2021-07-20 15:26:13.5515] [E] [xmr1] System.NullReferenceException: Object reference not set to an instance of an object.

Only null I've used was for the bypass we discussed:
"daemons": [
{
"host": "127.0.0.1",
"port": 18081,
"user": "null",
"password": "null"
},
{
"host": "127.0.0.1",
"port": 18082,
"user": "null",
"password": "password123",
"category": "wallet"
}
],