# Ethereum Nodes on `ecp-forge` This runbook covers the dual-network Ethereum full-node surface introduced by [ECP-0104](/Users/conradev/Projects/every.channel/evolution/proposals/ECP-0104-ecp-forge-dual-ethereum-full-nodes-on-dedicated-nvme-zfs.md). ## Scope - `ecp-forge` owns a dedicated NVMe-backed ZFS pool for Ethereum state. - Ethereum mainnet and Sepolia both run as full nodes. - Execution uses Reth and consensus uses Lighthouse. - Public HTTPS on `eth.every.channel` exposes sync and finality status only. - Raw execution RPC, Engine API, and Beacon API stay bound to `127.0.0.1` on `ecp-forge`. ## Deploy ```sh ./scripts/deploy-ecp-forge.sh ``` ## Verify Storage: ```sh ssh -o BatchMode=yes -o IdentityAgent=none -o IdentitiesOnly=yes -i ~/.ssh/id_ed25519 root@git.every.channel \ 'zpool list eth && zfs list -r eth' ``` Core services: ```sh ssh -o BatchMode=yes -o IdentityAgent=none -o IdentitiesOnly=yes -i ~/.ssh/id_ed25519 root@git.every.channel \ 'systemctl is-active every-channel-ethereum-storage podman-every-channel-ethereum-mainnet-reth podman-every-channel-ethereum-mainnet-lighthouse podman-every-channel-ethereum-sepolia-reth podman-every-channel-ethereum-sepolia-lighthouse' ``` Public sync status: ```sh curl -fsS https://eth.every.channel/mainnet/sync | jq . curl -fsS https://eth.every.channel/sepolia/sync | jq . ``` ## Local-only endpoints on `ecp-forge` Mainnet: - execution HTTP: `127.0.0.1:8545` - execution WS: `127.0.0.1:8546` - execution Engine API: `127.0.0.1:8551` - beacon API: `127.0.0.1:5052` Sepolia: - execution HTTP: `127.0.0.1:18545` - execution WS: `127.0.0.1:18546` - execution Engine API: `127.0.0.1:18551` - beacon API: `127.0.0.1:15052` ## Notes - The dedicated Ethereum pool is `eth`, not `tank`. - Both networks are configured for full sync, not archive mode. - Lighthouse is configured to permit full beacon sync from genesis via `--allow-insecure-genesis-sync` instead of checkpoint bootstrap. - The first public host surface is intentionally sync and finality only; extend `eth.every.channel` later if authenticated RPC is required.