Command Line Interface#

This document is a prettier output of the documentation produced by the command man of the different Octez binaries. You can obtain similar pages using shell commands such as:

octez-admin-client man -verbosity 3

Note

The rest of this page documents the protocol-independent tools, whose features do not vary with each protocol. The protocol-dependent tools are documented here.

Admin-client manual#

This is the manual page of the command line tool octez-admin-client. See Admin Client for a general description of this tool.

Usage

octez-admin-client [global options] command [command options]
octez-admin-client --help (for global options)
octez-admin-client [global options] command --help (for command options)
octez-admin-client --version (for version information)

To browse the documentation

octez-admin-client [global options] man (for a list of commands)
octez-admin-client [global options] man -v 3 (for the full manual)

Global options (must come before the command)

-d --base-dir <path>: client data directory (absent: TEZOS_CLIENT_DIR env) The directory where the Tezos client will store all its data. If absent, its value is the value of the TEZOS_CLIENT_DIR environment variable. If TEZOS_CLIENT_DIR is itself not specified, defaults to $HOME/.tezos-client -n --no-base-dir-warnings: silence warnings about client data directory -c --config-file <path>: configuration file -t --timings: show RPC request times --chain <hash|tag>: chain on which to apply contextual commands (commands dependent on the context associated with the specified chain). Possible tags are 'main' and 'test'. Defaults to `main`. -b --block <hash|level|tag>: block on which to apply contextual commands (commands dependent on the context associated with the specified block). Possible tags include 'head' and 'genesis' +/- an optional offset (e.g. "octez-client -b head-1 get timestamp"). Note that block queried must exist in node's storage. Defaults to `head`. -w --wait <none|<int>>: how many confirmation blocks are needed before an operation is considered included -p --protocol <hash>: use commands of a specific protocol -l --log-requests: log all requests to the node --better-errors: Error reporting is more detailed. Can be used if a call to an RPC fails or if you don't know the input accepted by the RPC. It may happen that the RPC calls take more time however. -A --addr <IP addr|host>: [DEPRECATED: use --endpoint instead] IP address of the node -P --port <number>: [DEPRECATED: use --endpoint instead] RPC port of the node -S --tls: [DEPRECATED: use --endpoint instead] use TLS to connect to node. -m --media-type <json, binary, any or default>: Sets the "media-type" value for the "accept" header for RPC requests to the node. The media accept header indicates to the node which format of data serialisation is supported. Use the value "json" for serialisation to the JSON format. Use the value "binary" for faster but less human-readable binary serialisation format. -E --endpoint <uri>: HTTP(S) endpoint of the node RPC interface; e.g. 'http://localhost:8732' -s --sources <path>: path to JSON file containing sources for --mode light. Example file content: {"min_agreement": 1.0, "uris": ["http://localhost:8732", "https://localhost:8733"]} -R --remote-signer <uri>: URI of the remote signer -f --password-filename <filename>: path to the password filename -M --mode <client|light|mockup|proxy>: how to interact with the node Defaults to `client`. --log-coloring <true|false>: Enable or disable light coloring in default stdout logs. Coloring is enabled by default. --allow-fixed-random-seed: Allow the use of a fixed random seed specified with TEZOS_CLIENT_FIXED_RANDOM_SEED for testing purposes. This is insecure and should never be used in production.

Access the documentation

octez-admin-client
man [keyword...] [-v --verbosity <0|1|2|3>] [--format <plain|colors|html>]

Print documentation of commands. Add search keywords to narrow list. Will display only the commands by default, unless [-verbosity <2|3>] is passed or the list of matching commands if less than 3. keyword: keyword to search for If several are given they must all appear in the command. -v --verbosity <0|1|2|3>: level of details 0. Only shows command mnemonics, without documentation. 1. Shows command mnemonics with short descriptions. 2. Show commands and arguments with short descriptions 3. Show everything --format <plain|colors|html>: the manual's output format Defaults to `plain`.

Commands for editing and viewing the client's config file

octez-admin-client
config show

Show the current config (config file content + command line arguments) or the mockup config files if `--mode mockup` is specified.
octez-admin-client
config reset

Reset the config file to the factory defaults.
octez-admin-client
config update

Update the config based on the current cli values. Loads the current configuration (default or as specified with `-config-file`), applies alterations from other command line arguments (such as the node's address, etc.), and overwrites the updated configuration file.
octez-admin-client
config init [-o --output <path>] [--bootstrap-accounts <path>] [--protocol-constants <path>]

Create config file(s) based on the current CLI values. If the `-file` option is not passed, this will initialize the default config file, based on default parameters, altered by other command line options (such as the node's address, etc.). Otherwise, it will create a new config file, based on the default parameters (or the the ones specified with `-config-file`), altered by other command line options. If `-mode mockup` is specified, this will initialize the mockup's default files instead of the config file. Use `-bootstrap-accounts` and `-protocol-constants` to specify custom paths. The command will always fail if file(s) to create exist already -o --output <path>: path at which to create the file Defaults to `$HOME/.tezos-client/config`. --bootstrap-accounts <path>: path at which to create the file Defaults to `$HOME/.tezos-client/bootstrap-accounts.json`. --protocol-constants <path>: path at which to create the file Defaults to `$HOME/.tezos-client/protocol-constants.json`.

Commands to report the node's status

octez-admin-client
list heads [-o --output <path>]

The last heads that have been considered by the node. -o --output <path>: write to a file Defaults to `-`.
octez-admin-client
list rejected blocks [-o --output <path>]

The blocks that have been marked invalid by the node. -o --output <path>: write to a file Defaults to `-`.

Commands to perform privileged operations on the node

octez-admin-client
unmark invalid [block...]

Make the node forget its decision of rejecting blocks. block: blocks to remove from invalid list
octez-admin-client
unmark all invalid blocks

Make the node forget every decision of rejecting blocks.
octez-admin-client
show current checkpoint

Retrieve the current checkpoint and display it in a format compatible with node argument `--checkpoint`.
octez-admin-client
ban operation operation

Remove an operation from the mempool if present, reverting its effect if it was applied. Add it to the set of banned operations to prevent it from being fetched/processed/injected in the future. Note: If the baker has already received the operation, then it's necessary to restart it to flush the operation from it. operation: hash of operation to ban
octez-admin-client
unban operation operation

Remove an operation from the set of banned operations (nothing happens if it was not banned). operation: hash of operation to unban
octez-admin-client
unban all operations

Clear the set of banned operations.

Commands for monitoring and controlling p2p-layer state

octez-admin-client
p2p stat [--no-color]

show global network status --no-color: Don't colorize the output
octez-admin-client
connect address address

Connect to a new point. address: <IPv4>:PORT or <IPV6>:PORT address (PORT defaults to 9732).
octez-admin-client
kick peer peer

Kick a peer. peer: peer network identity
octez-admin-client
ban address address

Add an IP address and all its ports to the blacklist and kicks it. Remove the address from the whitelist if it was previously in it. address: <IPv4>:PORT or <IPV6>:PORT address (PORT defaults to 9732).
octez-admin-client
unban address address

Remove an IP address and all its ports from the blacklist. address: <IPv4>:PORT or <IPV6>:PORT address (PORT defaults to 9732).
octez-admin-client
trust address address

Add an IP address to the whitelist. Remove the address from the blacklist if it was previously in it. address: <IPv4>:PORT or <IPV6>:PORT address (PORT defaults to 9732).
octez-admin-client
untrust address address

Removes an IP address from the whitelist. address: <IPv4>:PORT or <IPV6>:PORT address (PORT defaults to 9732).
octez-admin-client
is address banned address

Check if an IP address is banned. address: <IPv4>:PORT or <IPV6>:PORT address (PORT defaults to 9732).
octez-admin-client
is peer banned peer

Check if a peer ID is banned. peer: peer network identity
octez-admin-client
ban peer peer

Add a peer ID to the blacklist and kicks it. Remove the peer ID from the blacklist if was previously in it. peer: peer network identity
octez-admin-client
unban peer peer

Removes a peer ID from the blacklist. peer: peer network identity
octez-admin-client
trust peer peer

Add a peer ID to the whitelist. Remove the peer ID from the blacklist if it was previously in it. peer: peer network identity
octez-admin-client
untrust peer peer

Remove a peer ID from the whitelist. peer: peer network identity
octez-admin-client
clear acls

Clear all access control rules.

Commands for managing protocols

octez-admin-client
list protocols

List protocols known by the node.
octez-admin-client
inject protocol dir

Inject a new protocol into the node. dir: directory containing the sources of a protocol
octez-admin-client
dump protocol protocol hash

Dump a protocol from the node's record of protocol. protocol hash:
octez-admin-client
protocol environment protocol hash

Show the environment version used by a protocol. protocol hash:
octez-admin-client
fetch protocol protocol hash

Fetch a protocol from the network. protocol hash:

Commands for the low level RPC layer

octez-admin-client
rpc list url

List RPCs under a given URL prefix. Some parts of the RPC service hierarchy depend on parameters, they are marked by a suffix `<dynamic>`. You can list these sub-hierarchies by providing a concrete URL prefix whose arguments are set to a valid value. url: the URL prefix
octez-admin-client
rpc list

Alias to `rpc list /`.
octez-admin-client
rpc schema HTTP method url

Get the input and output JSON schemas of an RPC. HTTP method: url: the RPC url
octez-admin-client
rpc format HTTP method url [-b --binary]

Get the humanoid readable input and output formats of an RPC. HTTP method: url: the RPC URL -b --binary: Binary format
octez-admin-client
rpc get url

Call an RPC with the GET method. url: the RPC URL
octez-admin-client
rpc post url

Call an RPC with the POST method. It invokes $EDITOR if input data is needed. url: the RPC URL
octez-admin-client
rpc post url with input

Call an RPC with the POST method, providing input data via the command line. url: the RPC URL input: the raw JSON input to the RPC For instance, use `{}` to send the empty document. Alternatively, use `file:path` to read the JSON data from a file.
octez-admin-client
rpc patch url

Call an RPC with the PATCH method. It invokes $EDITOR if input data is needed. url: the RPC URL
octez-admin-client
rpc patch url with input

Call an RPC with the PATCH method, providing input data via the command line. url: the RPC URL input: the raw JSON input to the RPC For instance, use `{}` to send the empty document. Alternatively, use `file:path` to read the JSON data from a file.
octez-admin-client
rpc put url

Call an RPC with the PUT method. It invokes $EDITOR if input data is needed. url: the RPC URL
octez-admin-client
rpc put url with input

Call an RPC with the PUT method, providing input data via the command line. url: the RPC URL input: the raw JSON input to the RPC For instance, use `{}` to send the empty document. Alternatively, use `file:path` to read the JSON data from a file.
octez-admin-client
rpc delete url

Call an RPC with the DELETE method. url: the RPC URL

Commands to inspect the event-logging framework

octez-admin-client
query events from Sink-Name [--names <LIST>] [--sections <LIST>] [--since <DATE>] [--until <DATE>] [--as-json] [--dump-unknown] [--for-script <FORMAT>]

Query the events from an event sink. Sink-Name: The URI of the SINK to query --names <LIST>: Filter on event names --sections <LIST>: Filter on event sections (use '_' for no-section) --since <DATE>: Filter out events before DATE --until <DATE>: Filter out events after DATE --as-json: Display events as JSON instead of pretty-printing them --dump-unknown: Try to display unknown events --for-script <FORMAT>: Make the output script-friendly. Possible values are 'TSV' and 'CSV'.
octez-admin-client
show event-logging

Display configuration/state information about the internal-event logging framework.
octez-admin-client
output schema of Event-Name to File-path

Output the JSON schema of an internal-event. Event-Name: Name of the event File-path: Path to a JSON file

Miscellaneous commands

octez-admin-client
list understood protocols

List the protocol versions that this client understands.

Signer manual#

This is the manual page of the command line tool octez-signer. See Signer for a general description of this tool.

Usage

octez-signer [global options] command [command options]
octez-signer --help (for global options)
octez-signer [global options] command --help (for command options)
octez-signer --version (for version information)

To browse the documentation

octez-signer [global options] man (for a list of commands)
octez-signer [global options] man -v 3 (for the full manual)

Global options (must come before the command)

-d --base-dir <path>: signer data directory The directory where the Tezos client will store all its data. By default: '$HOME/.tezos-signer'. -A --require-authentication: Require a signature from the caller to sign. -f --password-filename <filename>: path to the password filename

Access the documentation

octez-signer
man [keyword...] [-v --verbosity <0|1|2|3>] [--format <plain|colors|html>]

Print documentation of commands. Add search keywords to narrow list. Will display only the commands by default, unless [-verbosity <2|3>] is passed or the list of matching commands if less than 3. keyword: keyword to search for If several are given they must all appear in the command. -v --verbosity <0|1|2|3>: level of details 0. Only shows command mnemonics, without documentation. 1. Shows command mnemonics with short descriptions. 2. Show commands and arguments with short descriptions 3. Show everything --format <plain|colors|html>: the manual's output format Defaults to `plain`.

Commands for managing the connected Ledger Nano devices

octez-signer
list connected ledgers

List supported Ledger Nano devices connected.
octez-signer
show ledger account-alias-or-ledger-uri [--test-sign]

Display version/public-key/address information for a Ledger URI account-alias-or-ledger-uri: An imported ledger alias or a ledger URI (e.g. "ledger://animal/curve/path"). --test-sign: Test signing operation
octez-signer
get ledger authorized path for account-alias-or-ledger-uri

Query the path of the authorized key account-alias-or-ledger-uri: An imported ledger alias or a ledger URI (e.g. "ledger://animal/curve/path").
octez-signer
authorize ledger to bake for account-alias-or-ledger-uri

Authorize a Ledger to bake for a key (deprecated, use `setup ledger ...` with recent versions of the Baking app) account-alias-or-ledger-uri: An imported ledger alias or a ledger URI (e.g. "ledger://animal/curve/path").
octez-signer
setup ledger to bake for account-alias-or-ledger-uri [--main-chain-id <ID>] [--main-hwm <HWM>] [--test-hwm <HWM>]

Setup a Ledger to bake for a key account-alias-or-ledger-uri: An imported ledger alias or a ledger URI (e.g. "ledger://animal/curve/path"). --main-chain-id <ID>: Use <ID> as main chain-id instead of asking the node. Defaults to `ASK-NODE`. --main-hwm <HWM>: Use <HWM> as main chain high watermark instead of asking the ledger. Defaults to `ASK-LEDGER`. --test-hwm <HWM>: Use <HWM> as test chain high watermark instead of asking the ledger. Defaults to `ASK-LEDGER`.
octez-signer
deauthorize ledger baking for account-alias-or-ledger-uri

Deauthorize Ledger from baking account-alias-or-ledger-uri: An imported ledger alias or a ledger URI (e.g. "ledger://animal/curve/path").
octez-signer
get ledger high water mark for account-alias-or-ledger-uri [--no-legacy-instructions]

Get high water mark of a Ledger account-alias-or-ledger-uri: An imported ledger alias or a ledger URI (e.g. "ledger://animal/curve/path"). --no-legacy-instructions: Prevent the fallback to the (deprecated) Ledger instructions (for 1.x.y versions of the Baking app)
octez-signer
set ledger high water mark for account-alias-or-ledger-uri to high watermark

Set high water mark of a Ledger account-alias-or-ledger-uri: An imported ledger alias or a ledger URI (e.g. "ledger://animal/curve/path"). high watermark: High watermark
octez-signer
get ledger high watermark for account-alias-or-ledger-uri [--no-legacy-instructions]

Get high water mark of a Ledger (legacy/deprecated spelling) account-alias-or-ledger-uri: An imported ledger alias or a ledger URI (e.g. "ledger://animal/curve/path"). --no-legacy-instructions: Prevent the fallback to the (deprecated) Ledger instructions (for 1.x.y versions of the Baking app)
octez-signer
set ledger high watermark for account-alias-or-ledger-uri to high watermark

Set high water mark of a Ledger (legacy/deprecated spelling) account-alias-or-ledger-uri: An imported ledger alias or a ledger URI (e.g. "ledger://animal/curve/path"). high watermark: High watermark

Commands for managing the wallet of cryptographic keys

octez-signer
stresstest gen keys keys_count [--alias-prefix <PREFIX>] [-s --sig <ed25519|secp256k1|p256|bls>]

Generate an array of accounts for testing purposes. keys_count: How many keys to generate --alias-prefix <PREFIX>: use a custom alias prefix (default: bootstrap). Keys will be generated with alias "PREFIX<ID>" where ID is unique for all key -s --sig <ed25519|secp256k1|p256|bls>: use custom signature algorithm Defaults to `ed25519`.
octez-signer
list signing schemes

List supported signing schemes. Signing schemes are identifiers for signer modules: the built-in signing routines, a hardware wallet, an external agent, etc. Each signer has its own format for describing secret keys, such a raw secret key for the default `unencrypted` scheme, the path on a hardware security module, an alias for an external agent, etc. This command gives the list of signer modules that this version of the tezos client supports.
octez-signer
gen keys new [-f --force] [-s --sig <ed25519|secp256k1|p256|bls>] [--encrypted]

Generate a pair of keys. new: new secret_key alias -f --force: overwrite existing secret_key -s --sig <ed25519|secp256k1|p256|bls>: use custom signature algorithm Defaults to `ed25519`. --encrypted: Encrypt the key on-disk
octez-signer
gen vanity keys new matching [words...] [-P --prefix] [-I --ignore-case] [-f --force] [--encrypted] [-s --sig <ed25519|secp256k1|p256|bls>]

Generate keys including the given string. new: new public key hash alias words: string key must contain one of these words -P --prefix: the key must begin with tz1[word] -I --ignore-case: make the pattern case-insensitive -f --force: overwrite existing keys --encrypted: Encrypt the key on-disk -s --sig <ed25519|secp256k1|p256|bls>: use custom signature algorithm Defaults to `ed25519`.
octez-signer
encrypt secret key

Encrypt an unencrypted secret key.
octez-signer
import secret key new uri [-f --force]

Add a secret key to the wallet. new: new secret_key alias uri: secret key Varies from one scheme to the other. Use command `list signing schemes` for more information. -f --force: overwrite existing secret_key
octez-signer
import public key new uri [-f --force]

Add a public key to the wallet. new: new public_key alias uri: public key Varies from one scheme to the other. Use command `list signing schemes` for more information. -f --force: overwrite existing public_key
octez-signer
add address new src [-f --force]

Add an address to the wallet. new: new public key hash alias src: source public key hash Can be a public key hash name, a file or a raw public key hash literal. If the parameter is not the name of an existing public key hash, the client will look for a file containing a public key hash, and if it does not exist, the argument will be read as a raw public key hash. Use 'alias:<name>', 'file:<path>' or 'text:<literal>' to disable autodetect. -f --force: overwrite existing public_key
octez-signer
list known addresses

List all addresses and associated keys.
octez-signer
list known remote keys uri

List the keys known by the remote wallet. uri: remote signer Varies from one scheme to the other. Use command `list signing schemes` for more information.
octez-signer
show address name [-S --show-secret]

Show the keys associated with an implicit account. name: existing public key hash alias -S --show-secret: show the private key
octez-signer
forget address name [-f --force]

Forget one address. name: existing public key hash alias -f --force: delete associated keys when present
octez-signer
forget all keys [-f --force]

Forget the entire wallet of keys. -f --force: you got to use the force for that
octez-signer
generate nonce for name from data

Compute deterministic nonce. name: existing public key hash alias data: string from which to deterministically generate the nonce
octez-signer
generate nonce hash for name from data

Compute deterministic nonce hash. name: existing public key hash alias data: string from which to deterministically generate the nonce hash
octez-signer
import keys from mnemonic new [-f --force] [--encrypt]

Import a pair of keys to the wallet from a mnemonic phrase. This command uses the BIP39 algorithm, and therefore imports public/secret keys that may be different from a Ledger application, depending on the BIP32 derivation path used in the Ledger. This command also uses the Ed25519 algorithm, which means it generates tz1 public key hashes. new: new secret_key alias -f --force: overwrite existing secret_key --encrypt: encrypt the secret key

Commands specific to the signing daemon

octez-signer
launch socket signer [-P --pidfile <filename>] [-M --magic-bytes <0xHH,0xHH,...>] [-W --check-high-watermark] [--allow-list-known-keys] [--allow-to-prove-possession] [-a --address <host|address>] [-p --port <port number>] [-t --timeout <timeout>]

Launch a signer daemon over a TCP socket. -P --pidfile <filename>: write process id in file -M --magic-bytes <0xHH,0xHH,...>: values allowed for the magic bytes, defaults to any -W --check-high-watermark: high watermark restriction Stores the highest level signed for blocks and attestations for each address, and forbids to sign a level and round that are inferior or equal afterwards, except for the exact same input data. --allow-list-known-keys: allow remote request for the list of known public key hash in the wallet --allow-to-prove-possession: allow remote request for the proof of possession of a known public key hash -a --address <host|address>: listening address or host name Defaults to `localhost`. -p --port <port number>: listening TCP port or service name Defaults to `7732`. -t --timeout <timeout>: timeout before the signer closes client connection (in seconds) Defaults to `8`.
octez-signer
launch local signer [-P --pidfile <filename>] [-M --magic-bytes <0xHH,0xHH,...>] [-W --check-high-watermark] [--allow-list-known-keys] [--allow-to-prove-possession] [-s --socket <path>]

Launch a signer daemon over a local Unix socket. -P --pidfile <filename>: write process id in file -M --magic-bytes <0xHH,0xHH,...>: values allowed for the magic bytes, defaults to any -W --check-high-watermark: high watermark restriction Stores the highest level signed for blocks and attestations for each address, and forbids to sign a level and round that are inferior or equal afterwards, except for the exact same input data. --allow-list-known-keys: allow remote request for the list of known public key hash in the wallet --allow-to-prove-possession: allow remote request for the proof of possession of a known public key hash -s --socket <path>: path to the local socket file Defaults to `$HOME/.tezos-signer/socket`.
octez-signer
launch http signer [-P --pidfile <filename>] [-M --magic-bytes <0xHH,0xHH,...>] [-W --check-high-watermark] [--allow-list-known-keys] [--allow-to-prove-possession] [-a --address <host|address>] [-p --port <port number>]

Launch a signer daemon over HTTP. -P --pidfile <filename>: write process id in file -M --magic-bytes <0xHH,0xHH,...>: values allowed for the magic bytes, defaults to any -W --check-high-watermark: high watermark restriction Stores the highest level signed for blocks and attestations for each address, and forbids to sign a level and round that are inferior or equal afterwards, except for the exact same input data. --allow-list-known-keys: allow remote request for the list of known public key hash in the wallet --allow-to-prove-possession: allow remote request for the proof of possession of a known public key hash -a --address <host|address>: listening address or host name Defaults to `localhost`. -p --port <port number>: listening HTTP port Defaults to `6732`.
octez-signer
launch https signer cert key [-P --pidfile <filename>] [-M --magic-bytes <0xHH,0xHH,...>] [-W --check-high-watermark] [--allow-list-known-keys] [--allow-to-prove-possession] [-a --address <host|address>] [-p --port <port number>]

Launch a signer daemon over HTTPS. cert: path to the TLS certificate key: path to the TLS key -P --pidfile <filename>: write process id in file -M --magic-bytes <0xHH,0xHH,...>: values allowed for the magic bytes, defaults to any -W --check-high-watermark: high watermark restriction Stores the highest level signed for blocks and attestations for each address, and forbids to sign a level and round that are inferior or equal afterwards, except for the exact same input data. --allow-list-known-keys: allow remote request for the list of known public key hash in the wallet --allow-to-prove-possession: allow remote request for the proof of possession of a known public key hash -a --address <host|address>: listening address or host name Defaults to `localhost`. -p --port <port number>: listening HTTPS port Defaults to `443`.
octez-signer
add authorized key pk [-N --name <name>]

Authorize a given public key to perform signing requests. pk: full public key (Base58 encoded) -N --name <name>: an optional name for the key (defaults to the hash)

Node manual#

The command line of the Octez node is documented in Unix man format, as shown below. You can also obtain this manual by running octez-node --help.

The manual briefly shows the available node commands. Each command accepts its own set of options and arguments, that you can discover by running octez-node <command> --help. For more details on the node invocation and configuration, see Node Configuration.

NAME

octez-node - The Octez node

SYNOPSIS

octez-node [COMMAND] …

DESCRIPTION

Entry point for initializing, configuring and running a Tezos node.

The identity command is meant to create and manage node identities. An identity uniquely identifies a peer on the network and consists of a cryptographic key pair as well as a proof-of-work stamp that certifies that enough CPU time has been dedicated to produce the identity, to avoid sybil attacks. An identity with enough proof-of-work is required to participate in the Tezos network, therefore this command is necessary to launch Tezos the first time.

The run command is meant to run the Tezos node. Most of its command line arguments corresponds to config file entries, and will have priority over the latter if used.

The replay command is meant to replay a previously validated block for debugging purposes.

The config command is meant to inspect and amend the configuration of the Tezos node. This command is complementary to manually editing the tezos node configuration file. Its arguments are a subset of the run command ones.

The upgrade command is meant to manage upgrades of the node.

The snapshot command is meant to export and import snapshots files.

The reconstruct command is meant to reconstruct the partial storage of a node running in full mode in order to recover a complete archive mode storage.

The storage command provides tools for introspecting and debugging the storage layer.

COMMANDS

config COMMAND …: Manage node configuration
dump-metrics [OPTION]…: Show all the openmetrics collected by the Tezos node
identity COMMAND …: Manage node identities
map-port [OPTION]…: Experimental
reconstruct [OPTION]…: Manage storage reconstruction
replay [--repeat=VAL] [--strict] [OPTION]… [<level>|<block_hash>|<alias>]…: Replay a set of previously validated blocks
run [OPTION]…: Run the Tezos node
snapshot COMMAND …: Manage snapshots
storage COMMAND …: Query the storage layer (EXPERIMENTAL)
upgrade [--status] [OPTION]… UPGRADE: Manage node upgrades

COMMON OPTIONS

--help[=FMT] (default=auto): Show this help in format FMT. The value FMT must be one of auto, pager, groff or plain. With auto, the format is pager or plain whenever the TERM env var is dumb or undefined.
--version: Show version information.

EXIT STATUS

octez-node exits with:

0 on success.

123 on indiscriminate errors reported on standard error.

124 on command line parsing errors.

125 on unexpected internal errors (bugs).

EXAMPLES

Run in sandbox mode listening to RPC commands at localhost port 8732: octez-node run --sandbox=src/proto_alpha/parameters/sandbox-parameters.json --data-dir /custom/data/dir --rpc-addr localhost:8732
Run a node that accepts network connections: octez-node run

DAL node manual#

The command line of the Octez DAL node is documented in Unix man format, as shown below. You can also obtain this manual by running octez-dal-node --help.

The manual briefly shows the available DAL node commands. Each command accepts its own set of options and arguments, that you can discover by running octez-dal-node <command> --help.

NAME

octez-dal-node - The Octez DAL node

SYNOPSIS

octez-dal-node [COMMAND] …

COMMANDS

config [COMMAND] …: Manage the Octez DAL node configuration
debug [COMMAND] …: Debug commands
run [OPTION]…: Run the Octez DAL node

COMMON OPTIONS

--help[=FMT] (default=auto): Show this help in format FMT. The value FMT must be one of auto, pager, groff or plain. With auto, the format is pager or plain whenever the TERM env var is dumb or undefined.
--version: Show version information.

EXIT STATUS

octez-dal-node exits with:

0 on success.

123 on indiscriminate errors reported on standard error.

124 on command line parsing errors.

125 on unexpected internal errors (bugs).

Smart rollup node manual#

This is the manual page of the Smart rollup node.

Usage

octez-smart-rollup-node [global options] command [command options]
octez-smart-rollup-node --help (for global options)
octez-smart-rollup-node [global options] command --help (for command options)
octez-smart-rollup-node --version (for version information)

To browse the documentation

octez-smart-rollup-node [global options] man (for a list of commands)
octez-smart-rollup-node [global options] man -v 3 (for the full manual)

Global options (must come before the command)

Access the documentation

octez-smart-rollup-node
man [keyword...] [-v --verbosity <0|1|2|3>] [--format <plain|colors|html>]

Print documentation of commands. Add search keywords to narrow list. Will display only the commands by default, unless [-verbosity <2|3>] is passed or the list of matching commands if less than 3. keyword: keyword to search for If several are given they must all appear in the command. -v --verbosity <0|1|2|3>: level of details 0. Only shows command mnemonics, without documentation. 1. Shows command mnemonics with short descriptions. 2. Show commands and arguments with short descriptions 3. Show everything --format <plain|colors|html>: the manual's output format Defaults to `plain`.

Commands related to the smart rollup node.

octez-smart-rollup-node
init mode config for smart-rollup-address with operators [operator...] [--force] [--data-dir <data-dir>] [--config-file <config.json>] [--rpc-addr <rpc-address|ip>] [--rpc-port <rpc-port>] [--acl-override <kind>] [--metrics-addr <ADDR:PORT|:PORT>] [--enable-performance-metrics] [--disable-performance-metrics] [--loser-mode <mode>] [--reconnection-delay <delay>] [--dal-node <dal-node-endpoint>] [--pre-images-endpoint <url>] [--injector-retention-period <blocks>] [--injector-attempts <number>] [--injection-ttl <number>] [--index-buffer-size <<nb_entries>>] [--index-buffer-size <<nb_entries>>] [--log-kernel-debug] [--log-kernel-debug-file <file>] [--boot-sector-file <file>] [--no-degraded] [--gc-frequency <blocks>] [--history-mode <history_mode>] [--cors-origins <ALLOWED_ORIGINS>] [--cors-headers <ALLOWED_HEADERS>] [--bail-on-disagree] [--unsafe-disable-wasm-kernel-checks] [--profiling <BOOL>] [--etherlink] [--l1-monitor-finalized]

Configure the smart rollup node. mode: The mode for the rollup node (observer, accuser, bailout, batcher, maintenance, operator, custom) - observer: Only follows the chain, reconstructs and interprets inboxes - accuser: Only publishes commitments for conflicts and play refutation games - bailout: Only defends and cements, does not publish any new commitments - batcher: Accepts transactions in its queue and batches them on the L1 - maintenance: Follows the chain and publishes commitments, cement and refute - operator: Equivalent to maintenance + batcher - custom: In this mode, the system handles only the specific operation kinds: [publish, add_messages, cement, timeout, refute, recover, execute_outbox_message, publish_dal_commitment]. This allows for tailored control and flexibility. smart-rollup-address: The smart rollup address Can be a literal or an alias (autodetected in order). Use 'alias:<name>' or 'text:<literal>' to force. operator: Public key hash, or alias, of a smart rollup node operator. An operator can be specialized to a particular purpose by prefixing its key or alias by said purpose, e.g. operating:<alias_of_my_operator>. The possible purposes are: operating, batching, cementing, recovering, executing_outbox. --force: Overwrites the configuration file when it exists. --data-dir <data-dir>: The path to the smart rollup node data directory. Default value is $HOME/.tezos-smart-rollup-node Defaults to `$HOME/.tezos-smart-rollup-node`. --config-file <config.json>: Location of the configuration file for the rollup node. Defaults to `<data-dir>/config.json`. --rpc-addr <rpc-address|ip>: The address the smart rollup node listens to. Default value is 127.0.0.1 --rpc-port <rpc-port>: The port the smart rollup node listens to. Default value is 8932 --acl-override <kind>: Specify a different ACL for the rpc server to override the default one. Possible values are 'secure' and 'allow-all' --metrics-addr <ADDR:PORT|:PORT>: Start the smart rollup node metrics server at the specified address ADDR:PORT. Default value is localhost:9933 --enable-performance-metrics: Enable performance metrics when the metrics server is started and the system supports it. DEPRECATED (enabled by default when the system supports it). --disable-performance-metrics: Disable performance metrics when the metrics server is started (enabled by default when system supports it). --loser-mode <mode>: Set the rollup node failure points (for test only!). --reconnection-delay <delay>: The first reconnection delay, in seconds, to wait before reconnecting to the Tezos node. The default delay is 2.0. The actual delay varies to follow a randomized exponential backoff (capped to 1.5h): [1.5^reconnection_attempt * delay ± 50%]. --dal-node <dal-node-endpoint>: The address of the dal node from which the smart rollup node downloads slots. When not provided, the rollup node will not support the DAL. In production, a DAL node must be provided if DAL is enabled and used in the rollup. --pre-images-endpoint <url>: The address of a service which provides pre-images for the rollup. Missing pre-images will be downloaded remotely if they are not already present on disk. --injector-retention-period <blocks>: The number of blocks the injector keeps in memory. Decrease to free memory, and increase to be able to query information about included messages for longer. Default value is 2048 --injector-attempts <number>: The number of attempts that the injector will make to inject an operation when it fails. Default value is 10 --injection-ttl <number>: The number of blocks after which an operation that is injected but never included is retried. Default value is 120 --index-buffer-size <<nb_entries>>: The maximum cache size in memory before it is flushed to disk, used for indexes of the store. (Deprecated) --index-buffer-size <<nb_entries>>: The maximum cache size in memory before it is flushed to disk, used for indexes of the store. (Deprecated) --log-kernel-debug: Log the kernel debug output to kernel.log in the data directory --log-kernel-debug-file <file>: --boot-sector-file <file>: Path to the boot sector. The argument is optional, if the rollup was originated via the smart rollup originate operation, the smart rollup node will fetch the boot sector itself. This argument is required only if it's a bootstrapped smart rollup. --no-degraded: Prevent the rollup node from entering degraded mode on error. The rollup node will instead stop. --gc-frequency <blocks>: The number of blocks between each launch of the garbage collection. Default is protocol constant challenge_window_in_blocks / 5. --history-mode <history_mode>: The history mode for the rollup node (archive, full) (default is full) --cors-origins <ALLOWED_ORIGINS>: List of accepted cors origins. --cors-headers <ALLOWED_HEADERS>: List of accepted cors headers. --bail-on-disagree: Make an observer rollup node bail when it sees a commitment it disagree with on L1. --unsafe-disable-wasm-kernel-checks: Allow to run the kernel without checking for its validity. Only for debug, do not use in production! --profiling <BOOL>: Enable or disable profiling with opentelemetry --etherlink: Force this rollup to be detected as an Etherlink rollup --l1-monitor-finalized: The rollup node will only monitor finalized blocks of the L1 node
octez-smart-rollup-node
run mode for smart-rollup-address with operators [operator...] [--data-dir <data-dir>] [--config-file <config.json>] [--rpc-addr <rpc-address|ip>] [--rpc-port <rpc-port>] [--acl-override <kind>] [--etherlink] [--metrics-addr <ADDR:PORT|:PORT>] [--enable-performance-metrics] [--disable-performance-metrics] [--loser-mode <mode>] [--l1-monitor-finalized] [--reconnection-delay <delay>] [--dal-node <dal-node-endpoint>] [--pre-images-endpoint <url>] [--injector-retention-period <blocks>] [--injector-attempts <number>] [--injection-ttl <number>] [--index-buffer-size <<nb_entries>>] [--irmin-cache-size <<nb_entries>>] [--log-kernel-debug] [--log-kernel-debug-file <file>] [--boot-sector-file <file>] [--no-degraded] [--gc-frequency <blocks>] [--history-mode <history_mode>] [--cors-origins <ALLOWED_ORIGINS>] [--cors-headers <ALLOWED_HEADERS>] [--apply-unsafe-patches] [--bail-on-disagree] [--unsafe-disable-wasm-kernel-checks] [--profiling <BOOL>]

Run the rollup node daemon. Arguments overwrite values provided in the configuration file. mode: The mode for the rollup node (observer, accuser, bailout, batcher, maintenance, operator, custom) - observer: Only follows the chain, reconstructs and interprets inboxes - accuser: Only publishes commitments for conflicts and play refutation games - bailout: Only defends and cements, does not publish any new commitments - batcher: Accepts transactions in its queue and batches them on the L1 - maintenance: Follows the chain and publishes commitments, cement and refute - operator: Equivalent to maintenance + batcher - custom: In this mode, the system handles only the specific operation kinds: [publish, add_messages, cement, timeout, refute, recover, execute_outbox_message, publish_dal_commitment]. This allows for tailored control and flexibility. smart-rollup-address: The smart rollup address Can be a literal or an alias (autodetected in order). Use 'alias:<name>' or 'text:<literal>' to force. operator: Public key hash, or alias, of a smart rollup node operator. An operator can be specialized to a particular purpose by prefixing its key or alias by said purpose, e.g. operating:<alias_of_my_operator>. The possible purposes are: operating, batching, cementing, recovering, executing_outbox. --data-dir <data-dir>: The path to the smart rollup node data directory. Default value is $HOME/.tezos-smart-rollup-node Defaults to `$HOME/.tezos-smart-rollup-node`. --config-file <config.json>: Location of the configuration file for the rollup node. Defaults to `<data-dir>/config.json`. --rpc-addr <rpc-address|ip>: The address the smart rollup node listens to. Default value is 127.0.0.1 --rpc-port <rpc-port>: The port the smart rollup node listens to. Default value is 8932 --acl-override <kind>: Specify a different ACL for the rpc server to override the default one. Possible values are 'secure' and 'allow-all' --etherlink: Force this rollup to be detected as an Etherlink rollup --metrics-addr <ADDR:PORT|:PORT>: Start the smart rollup node metrics server at the specified address ADDR:PORT. Default value is localhost:9933 --enable-performance-metrics: Enable performance metrics when the metrics server is started and the system supports it. DEPRECATED (enabled by default when the system supports it). --disable-performance-metrics: Disable performance metrics when the metrics server is started (enabled by default when system supports it). --loser-mode <mode>: Set the rollup node failure points (for test only!). --l1-monitor-finalized: The rollup node will only monitor finalized blocks of the L1 node --reconnection-delay <delay>: The first reconnection delay, in seconds, to wait before reconnecting to the Tezos node. The default delay is 2.0. The actual delay varies to follow a randomized exponential backoff (capped to 1.5h): [1.5^reconnection_attempt * delay ± 50%]. --dal-node <dal-node-endpoint>: The address of the dal node from which the smart rollup node downloads slots. When not provided, the rollup node will not support the DAL. In production, a DAL node must be provided if DAL is enabled and used in the rollup. --pre-images-endpoint <url>: The address of a service which provides pre-images for the rollup. Missing pre-images will be downloaded remotely if they are not already present on disk. --injector-retention-period <blocks>: The number of blocks the injector keeps in memory. Decrease to free memory, and increase to be able to query information about included messages for longer. Default value is 2048 --injector-attempts <number>: The number of attempts that the injector will make to inject an operation when it fails. Default value is 10 --injection-ttl <number>: The number of blocks after which an operation that is injected but never included is retried. Default value is 120 --index-buffer-size <<nb_entries>>: The maximum cache size in memory before it is flushed to disk, used for indexes of the store. (Deprecated) --irmin-cache-size <<nb_entries>>: Size of Irmin cache in number of entries --log-kernel-debug: Log the kernel debug output to kernel.log in the data directory --log-kernel-debug-file <file>: --boot-sector-file <file>: Path to the boot sector. The argument is optional, if the rollup was originated via the smart rollup originate operation, the smart rollup node will fetch the boot sector itself. This argument is required only if it's a bootstrapped smart rollup. --no-degraded: Prevent the rollup node from entering degraded mode on error. The rollup node will instead stop. --gc-frequency <blocks>: The number of blocks between each launch of the garbage collection. Default is protocol constant challenge_window_in_blocks / 5. --history-mode <history_mode>: The history mode for the rollup node (archive, full) (default is full) --cors-origins <ALLOWED_ORIGINS>: List of accepted cors origins. --cors-headers <ALLOWED_HEADERS>: List of accepted cors headers. --apply-unsafe-patches: Apply unsafe PVM patches in the configuration or hardcoded by the node. --bail-on-disagree: Make an observer rollup node bail when it sees a commitment it disagree with on L1. --unsafe-disable-wasm-kernel-checks: Allow to run the kernel without checking for its validity. Only for debug, do not use in production! --profiling <BOOL>: Enable or disable profiling with opentelemetry
octez-smart-rollup-node
run [--data-dir <data-dir>] [--config-file <config.json>] [--mode <mode>] [--rollup <smart-rollup-address>] [--etherlink] [--rpc-addr <rpc-address|ip>] [--rpc-port <rpc-port>] [--acl-override <kind>] [--metrics-addr <ADDR:PORT|:PORT>] [--enable-performance-metrics] [--disable-performance-metrics] [--l1-monitor-finalized] [--loser-mode <mode>] [--reconnection-delay <delay>] [--dal-node <dal-node-endpoint>] [--pre-images-endpoint <url>] [--injector-retention-period <blocks>] [--injector-attempts <number>] [--injection-ttl <number>] [--index-buffer-size <<nb_entries>>] [--index-buffer-size <<nb_entries>>] [--log-kernel-debug] [--log-kernel-debug-file <file>] [--boot-sector-file <file>] [--no-degraded] [--gc-frequency <blocks>] [--history-mode <history_mode>] [--cors-origins <ALLOWED_ORIGINS>] [--cors-headers <ALLOWED_HEADERS>] [--apply-unsafe-patches] [--bail-on-disagree] [--unsafe-disable-wasm-kernel-checks] [--profiling <BOOL>]

Run the rollup node daemon (deprecated). --data-dir <data-dir>: The path to the smart rollup node data directory. Default value is $HOME/.tezos-smart-rollup-node Defaults to `$HOME/.tezos-smart-rollup-node`. --config-file <config.json>: Location of the configuration file for the rollup node. Defaults to `<data-dir>/config.json`. --mode <mode>: The mode for the rollup node (observer, accuser, bailout, batcher, maintenance, operator, custom) - observer: Only follows the chain, reconstructs and interprets inboxes - accuser: Only publishes commitments for conflicts and play refutation games - bailout: Only defends and cements, does not publish any new commitments - batcher: Accepts transactions in its queue and batches them on the L1 - maintenance: Follows the chain and publishes commitments, cement and refute - operator: Equivalent to maintenance + batcher - custom: In this mode, the system handles only the specific operation kinds: [publish, add_messages, cement, timeout, refute, recover, execute_outbox_message, publish_dal_commitment]. This allows for tailored control and flexibility. (required when no configuration file exists) --rollup <smart-rollup-address>: The smart rollup address (required when no configuration file exists) --etherlink: Force this rollup to be detected as an Etherlink rollup --rpc-addr <rpc-address|ip>: The address the smart rollup node listens to. Default value is 127.0.0.1 --rpc-port <rpc-port>: The port the smart rollup node listens to. Default value is 8932 --acl-override <kind>: Specify a different ACL for the rpc server to override the default one. Possible values are 'secure' and 'allow-all' --metrics-addr <ADDR:PORT|:PORT>: Start the smart rollup node metrics server at the specified address ADDR:PORT. Default value is localhost:9933 --enable-performance-metrics: Enable performance metrics when the metrics server is started and the system supports it. DEPRECATED (enabled by default when the system supports it). --disable-performance-metrics: Disable performance metrics when the metrics server is started (enabled by default when system supports it). --l1-monitor-finalized: The rollup node will only monitor finalized blocks of the L1 node --loser-mode <mode>: Set the rollup node failure points (for test only!). --reconnection-delay <delay>: The first reconnection delay, in seconds, to wait before reconnecting to the Tezos node. The default delay is 2.0. The actual delay varies to follow a randomized exponential backoff (capped to 1.5h): [1.5^reconnection_attempt * delay ± 50%]. --dal-node <dal-node-endpoint>: The address of the dal node from which the smart rollup node downloads slots. When not provided, the rollup node will not support the DAL. In production, a DAL node must be provided if DAL is enabled and used in the rollup. --pre-images-endpoint <url>: The address of a service which provides pre-images for the rollup. Missing pre-images will be downloaded remotely if they are not already present on disk. --injector-retention-period <blocks>: The number of blocks the injector keeps in memory. Decrease to free memory, and increase to be able to query information about included messages for longer. Default value is 2048 --injector-attempts <number>: The number of attempts that the injector will make to inject an operation when it fails. Default value is 10 --injection-ttl <number>: The number of blocks after which an operation that is injected but never included is retried. Default value is 120 --index-buffer-size <<nb_entries>>: The maximum cache size in memory before it is flushed to disk, used for indexes of the store. (Deprecated) --index-buffer-size <<nb_entries>>: The maximum cache size in memory before it is flushed to disk, used for indexes of the store. (Deprecated) --log-kernel-debug: Log the kernel debug output to kernel.log in the data directory --log-kernel-debug-file <file>: --boot-sector-file <file>: Path to the boot sector. The argument is optional, if the rollup was originated via the smart rollup originate operation, the smart rollup node will fetch the boot sector itself. This argument is required only if it's a bootstrapped smart rollup. --no-degraded: Prevent the rollup node from entering degraded mode on error. The rollup node will instead stop. --gc-frequency <blocks>: The number of blocks between each launch of the garbage collection. Default is protocol constant challenge_window_in_blocks / 5. --history-mode <history_mode>: The history mode for the rollup node (archive, full) (default is full) --cors-origins <ALLOWED_ORIGINS>: List of accepted cors origins. --cors-headers <ALLOWED_HEADERS>: List of accepted cors headers. --apply-unsafe-patches: Apply unsafe PVM patches in the configuration or hardcoded by the node. --bail-on-disagree: Make an observer rollup node bail when it sees a commitment it disagree with on L1. --unsafe-disable-wasm-kernel-checks: Allow to run the kernel without checking for its validity. Only for debug, do not use in production! --profiling <BOOL>: Enable or disable profiling with opentelemetry
octez-smart-rollup-node
show supported protocols

Shows the protocols supported by this rollup node.
octez-smart-rollup-node
dump-metrics

dump the rollup node available metrics in CSV format.
octez-smart-rollup-node
dump durable storage into dump.<json|yaml> [--data-dir <data-dir>] [-b --block <hash|level|tag>]

dump the durable_storage. dump.<json|yaml>: YAML or JSON file containing the dumped durable storage --data-dir <data-dir>: The path to the smart rollup node data directory. Default value is $HOME/.tezos-smart-rollup-node Defaults to `$HOME/.tezos-smart-rollup-node`. -b --block <hash|level|tag>: block on which to apply contextual commands (commands dependent on the context associated with the specified block). Possible tags include 'head' and 'genesis' +/- an optional offset (e.g. "octez-client -b head-1 get timestamp"). Note that block queried must exist in node's storage. Defaults to `head`.
octez-smart-rollup-node
patch durable storage at path with value [--data-dir <data-dir>] [-f --force]

Patches the durable storage with an arbitrary value. This is an unsafe command, it should be used for debugging only. Patched durable storage is persisted and cannot be reverted. path: Durable storage path value: Patched value. If prefixed by `file:`, it is interpreted a path. Otherwise, it is expected to be an hexadecimal encoded value. --data-dir <data-dir>: The path to the smart rollup node data directory. Default value is $HOME/.tezos-smart-rollup-node Defaults to `$HOME/.tezos-smart-rollup-node`. -f --force: Force patching the durable storage
octez-smart-rollup-node
snapshot export [--data-dir <data-dir>] [--dest <path>] [--no-check] [--compress-on-the-fly] [--uncompressed] [--compact] [--rollup-node-endpoint <uri>]

Export a snapshot of the rollup node state. --data-dir <data-dir>: The path to the smart rollup node data directory. Default value is $HOME/.tezos-smart-rollup-node Defaults to `$HOME/.tezos-smart-rollup-node`. --dest <path>: Directory in which to export the snapshot (defaults to current directory) --no-check: Don't check integrity of the snapshot. --compress-on-the-fly: Produce a compressed snapshot on the fly. The rollup node will use less disk space to produce the snapshot but will lock the rollup node (if running) for a longer time. Without this option, producing a snaphsot requires the available disk space to be around the size of the data dir. --uncompressed: Produce an uncompressed snapshot. --compact: Produce a compact snapshot with a single commit for the context. --rollup-node-endpoint <uri>: The address of the running rollup node.
octez-smart-rollup-node
snapshot export snapshot_file [--data-dir <data-dir>] [--no-check] [--compress-on-the-fly] [--uncompressed] [--compact] [--rollup-node-endpoint <uri>]

Export a snapshot of the rollup node state to a given file. snapshot_file: Snapshot archive file --data-dir <data-dir>: The path to the smart rollup node data directory. Default value is $HOME/.tezos-smart-rollup-node Defaults to `$HOME/.tezos-smart-rollup-node`. --no-check: Don't check integrity of the snapshot. --compress-on-the-fly: Produce a compressed snapshot on the fly. The rollup node will use less disk space to produce the snapshot but will lock the rollup node (if running) for a longer time. Without this option, producing a snaphsot requires the available disk space to be around the size of the data dir. --uncompressed: Produce an uncompressed snapshot. --compact: Produce a compact snapshot with a single commit for the context. --rollup-node-endpoint <uri>: The address of the running rollup node.
octez-smart-rollup-node
snapshot import snapshot_file_or_url [--data-dir <data-dir>] [--no-check] [--force] [--apply-unsafe-patches]

Import a snapshot file in a rollup node. snapshot_file_or_url: Snapshot archive file name, URL to download the snapshot or stdin (when given `-`) --data-dir <data-dir>: The path to the smart rollup node data directory. Default value is $HOME/.tezos-smart-rollup-node Defaults to `$HOME/.tezos-smart-rollup-node`. --no-check: Don't check integrity of the snapshot. --force: Import into an already populated data dir. --apply-unsafe-patches: Apply unsafe PVM patches in the configuration or hardcoded by the node.
octez-smart-rollup-node
snapshot info snapshot_file_or_url

Display information about a snapshot file. snapshot_file_or_url: Snapshot archive file name, URL to download the snapshot or stdin (when given `-`)
octez-smart-rollup-node
generate openapi [-P --protocol <Proto>]

Generate OpenAPI specification. -P --protocol <Proto>: Protocol hash in base58-check. If not provided, the export will be for the last registered protocol in the rollup node which may be different between different versions of the node.
octez-smart-rollup-node
list metrics [--disable-performance-metrics]

List the metrics exported by the smart rollup node. --disable-performance-metrics: Disable performance metrics when the metrics server is started (enabled by default when system supports it).
octez-smart-rollup-node
replay block block_or_level [--data-dir <data-dir>] [--profiling <BOOL>]

Replay a given L1 block. block_or_level: An L1 block hash or a level --data-dir <data-dir>: The path to the smart rollup node data directory. Default value is $HOME/.tezos-smart-rollup-node Defaults to `$HOME/.tezos-smart-rollup-node`. --profiling <BOOL>: Enable or disable profiling with opentelemetry
octez-smart-rollup-node
replay blocks from level to level [--data-dir <data-dir>] [--profiling <BOOL>]

Replay a sequence of L1 blocks. level: Level level: Level --data-dir <data-dir>: The path to the smart rollup node data directory. Default value is $HOME/.tezos-smart-rollup-node Defaults to `$HOME/.tezos-smart-rollup-node`. --profiling <BOOL>: Enable or disable profiling with opentelemetry

Commands to repair the smart rollup node.

octez-smart-rollup-node
repair commitments for protocol [--data-dir <data-dir>]

Repair commitments of L2 chain for a given protocol. protocol: Protocol hash --data-dir <data-dir>: The path to the smart rollup node data directory. Default value is $HOME/.tezos-smart-rollup-node Defaults to `$HOME/.tezos-smart-rollup-node`.
octez-smart-rollup-node
recompute outbox messages from level [--data-dir <data-dir>]

Recompute outbox messages from a given level up to the current head. It does not overwrite already stored outbox messages. level: Level --data-dir <data-dir>: The path to the smart rollup node data directory. Default value is $HOME/.tezos-smart-rollup-node Defaults to `$HOME/.tezos-smart-rollup-node`.

Baker manual#

This is the manual page of the baker command line tool. See Baker for a general description of this tool.

Note

This unique baker executable is meant to replace the protocol-specific bakers for all the protocols it supports, such as octez-baker-PsRiotum and octez-baker-alpha.

Usage

octez-baker [global options] command [command options]
octez-baker --help (for global options)
octez-baker [global options] command --help (for command options)
octez-baker --version (for version information)

To browse the documentation

octez-baker [global options] man (for a list of commands)
octez-baker [global options] man -v 3 (for the full manual)

Global options (must come before the command)

Access the documentation

octez-baker
man [keyword...] [-v --verbosity <0|1|2|3>] [--format <plain|colors|html>]

Print documentation of commands. Add search keywords to narrow list. Will display only the commands by default, unless [-verbosity <2|3>] is passed or the list of matching commands if less than 3. keyword: keyword to search for If several are given they must all appear in the command. -v --verbosity <0|1|2|3>: level of details 0. Only shows command mnemonics, without documentation. 1. Shows command mnemonics with short descriptions. 2. Show commands and arguments with short descriptions 3. Show everything --format <plain|colors|html>: the manual's output format Defaults to `plain`.

Commands for editing and viewing the client's config file

octez-baker
config show

Show the current config (config file content + command line arguments) or the mockup config files if `--mode mockup` is specified.
octez-baker
config reset

Reset the config file to the factory defaults.
octez-baker
config update

Update the config based on the current cli values. Loads the current configuration (default or as specified with `-config-file`), applies alterations from other command line arguments (such as the node's address, etc.), and overwrites the updated configuration file.
octez-baker
config init [-o --output <path>] [--bootstrap-accounts <path>] [--protocol-constants <path>]

Create config file(s) based on the current CLI values. If the `-file` option is not passed, this will initialize the default config file, based on default parameters, altered by other command line options (such as the node's address, etc.). Otherwise, it will create a new config file, based on the default parameters (or the the ones specified with `-config-file`), altered by other command line options. If `-mode mockup` is specified, this will initialize the mockup's default files instead of the config file. Use `-bootstrap-accounts` and `-protocol-constants` to specify custom paths. The command will always fail if file(s) to create exist already -o --output <path>: path at which to create the file Defaults to `$HOME/.tezos-client/config`. --bootstrap-accounts <path>: path at which to create the file Defaults to `$HOME/.tezos-client/bootstrap-accounts.json`. --protocol-constants <path>: path at which to create the file Defaults to `$HOME/.tezos-client/protocol-constants.json`.

Commands related to the agnostic baker daemon.

octez-baker
run with local node node_data_path [baker...] [-P --pidfile <filename>] [--node-version-check-bypass] [--node-version-allowed <<product>-[v]<major>.<minor>[.0]<info>[:<commit>]>] [--minimal-fees <amount>] [--minimal-nanotez-per-gas-unit <amount>] [--minimal-nanotez-per-byte <amount>] [--force-apply-from-round <round>] [-K --keep-alive] [--liquidity-baking-toggle-vote <vote>] [--adaptive-issuance-vote <vote>] [-V --votefile <filename>] [--operations-pool <file|uri>] [--dal-node <uri>] [--without-dal] [--record-state] [--pre-emptive-forge-time <seconds>] [--remote-calls-timeout <seconds>] [--allow-signing-delay]

Launch the baker daemon node_data_path: Path to the node data directory (e.g. $HOME/.tezos-node) baker: name of the delegate owning the attestation/baking right or name of the consensus key signing on the delegate's behalf Can be a public key hash name, a file or a raw public key hash literal. If the parameter is not the name of an existing public key hash, the client will look for a file containing a public key hash, and if it does not exist, the argument will be read as a raw public key hash. Use 'alias:<name>', 'file:<path>' or 'text:<literal>' to disable autodetect. -P --pidfile <filename>: write process id in file --node-version-check-bypass: If node-version-check-bypass flag is set, the baker will not check its compatibility with the version of the node to which it is connected. --node-version-allowed <<product>-[v]<major>.<minor>[.0]<info>[:<commit>]>: When specified the baker will accept to run with a node of this version. The specified version is composed of the product, for example 'octez'; the major and the minor versions that are positive integers; the info, for example '-rc', '-beta1+dev' or realese if none is provided; optionally the commit that is the hash of the last git commit or a prefix of at least 8 characters long. --minimal-fees <amount>: exclude operations with fees lower than this threshold (in tez) Defaults to `100`. --minimal-nanotez-per-gas-unit <amount>: exclude operations with fees per gas lower than this threshold (in nanotez) Defaults to `100`. --minimal-nanotez-per-byte <amount>: exclude operations with fees per byte lower than this threshold (in nanotez) Defaults to `1000`. --force-apply-from-round <round>: Force the baker to not only validate but also apply operations starting from the specified round. -K --keep-alive: Keep the daemon process alive: when the connection with the node is lost, the daemon periodically tries to reach it. --liquidity-baking-toggle-vote <vote>: Vote to continue or end the liquidity baking subsidy. The possible values for this option are: "off" to request ending the subsidy, "on" to request continuing or restarting the subsidy, and "pass" to abstain. Note that this "option" is mandatory! --adaptive-issuance-vote <vote>: DEPRECATED: This argument is ignored by the baker and will be removed in the next major version of Octez. -V --votefile <filename>: read per block votes as json file --operations-pool <file|uri>: When specified, the baker will try to fetch operations from this file (or uri) and to include retrieved operations in the block. The expected format of the contents is a list of operations [ alpha.operation ]. Environment variable 'TEZOS_CLIENT_REMOTE_OPERATIONS_POOL_HTTP_HEADERS' may also be specified to add headers to the requests (only 'host' headers are supported). If the resource cannot be retrieved, e.g., if the file is absent, unreadable, or the web service returns a 404 error, the resource is simply ignored. --dal-node <uri>: endpoint of the DAL node, e.g. 'http://localhost:8933' --without-dal: If without-dal flag is set, the daemon will not try to connect to a DAL node. --record-state: If record-state flag is set, the baker saves all its internal consensus state in the filesystem, otherwise just in memory. --pre-emptive-forge-time <seconds>: Sets the pre-emptive forge time optimization, in seconds. When set, the baker, if it is the next level round 0 proposer, will start forging after quorum has been reached in the current level while idly waiting for it to end. When it is its time to propose, the baker will inject the pre-emptively forged block immediately, allowing more time for the network to reach quorum on it. Operators should note that the higher this value `t`, the lower the operation inclusion window (specifically `block_time - t`) which may lead to lower baking rewards. Defaults to 15/% of block time. Set to 0 to ignore pre-emptive forging. --remote-calls-timeout <seconds>: Sets a timeout for client calls such as signing block header or attestation and for the creation of deterministic nonce. Use only if your remote signer can handle concurrent requests. --allow-signing-delay: Allow the use of a signing delay specified with the environment variable TEZOS_SIGN_DELAY_I_KNOW_WHAT_I_AM_DOING for testing purposes. This is insecure and should never be used in production.
octez-baker
run remotely [baker...] [-P --pidfile <filename>] [--node-version-check-bypass] [--node-version-allowed <<product>-[v]<major>.<minor>[.0]<info>[:<commit>]>] [--minimal-fees <amount>] [--minimal-nanotez-per-gas-unit <amount>] [--minimal-nanotez-per-byte <amount>] [--force-apply-from-round <round>] [-K --keep-alive] [--liquidity-baking-toggle-vote <vote>] [--adaptive-issuance-vote <vote>] [-V --votefile <filename>] [--operations-pool <file|uri>] [--dal-node <uri>] [--without-dal] [--record-state] [--pre-emptive-forge-time <seconds>] [--remote-calls-timeout <seconds>] [--allow-signing-delay]

Launch the baker daemon using RPCs only. baker: name of the delegate owning the attestation/baking right or name of the consensus key signing on the delegate's behalf Can be a public key hash name, a file or a raw public key hash literal. If the parameter is not the name of an existing public key hash, the client will look for a file containing a public key hash, and if it does not exist, the argument will be read as a raw public key hash. Use 'alias:<name>', 'file:<path>' or 'text:<literal>' to disable autodetect. -P --pidfile <filename>: write process id in file --node-version-check-bypass: If node-version-check-bypass flag is set, the baker will not check its compatibility with the version of the node to which it is connected. --node-version-allowed <<product>-[v]<major>.<minor>[.0]<info>[:<commit>]>: When specified the baker will accept to run with a node of this version. The specified version is composed of the product, for example 'octez'; the major and the minor versions that are positive integers; the info, for example '-rc', '-beta1+dev' or realese if none is provided; optionally the commit that is the hash of the last git commit or a prefix of at least 8 characters long. --minimal-fees <amount>: exclude operations with fees lower than this threshold (in tez) Defaults to `100`. --minimal-nanotez-per-gas-unit <amount>: exclude operations with fees per gas lower than this threshold (in nanotez) Defaults to `100`. --minimal-nanotez-per-byte <amount>: exclude operations with fees per byte lower than this threshold (in nanotez) Defaults to `1000`. --force-apply-from-round <round>: Force the baker to not only validate but also apply operations starting from the specified round. -K --keep-alive: Keep the daemon process alive: when the connection with the node is lost, the daemon periodically tries to reach it. --liquidity-baking-toggle-vote <vote>: Vote to continue or end the liquidity baking subsidy. The possible values for this option are: "off" to request ending the subsidy, "on" to request continuing or restarting the subsidy, and "pass" to abstain. Note that this "option" is mandatory! --adaptive-issuance-vote <vote>: DEPRECATED: This argument is ignored by the baker and will be removed in the next major version of Octez. -V --votefile <filename>: read per block votes as json file --operations-pool <file|uri>: When specified, the baker will try to fetch operations from this file (or uri) and to include retrieved operations in the block. The expected format of the contents is a list of operations [ alpha.operation ]. Environment variable 'TEZOS_CLIENT_REMOTE_OPERATIONS_POOL_HTTP_HEADERS' may also be specified to add headers to the requests (only 'host' headers are supported). If the resource cannot be retrieved, e.g., if the file is absent, unreadable, or the web service returns a 404 error, the resource is simply ignored. --dal-node <uri>: endpoint of the DAL node, e.g. 'http://localhost:8933' --without-dal: If without-dal flag is set, the daemon will not try to connect to a DAL node. --record-state: If record-state flag is set, the baker saves all its internal consensus state in the filesystem, otherwise just in memory. --pre-emptive-forge-time <seconds>: Sets the pre-emptive forge time optimization, in seconds. When set, the baker, if it is the next level round 0 proposer, will start forging after quorum has been reached in the current level while idly waiting for it to end. When it is its time to propose, the baker will inject the pre-emptively forged block immediately, allowing more time for the network to reach quorum on it. Operators should note that the higher this value `t`, the lower the operation inclusion window (specifically `block_time - t`) which may lead to lower baking rewards. Defaults to 15/% of block time. Set to 0 to ignore pre-emptive forging. --remote-calls-timeout <seconds>: Sets a timeout for client calls such as signing block header or attestation and for the creation of deterministic nonce. Use only if your remote signer can handle concurrent requests. --allow-signing-delay: Allow the use of a signing delay specified with the environment variable TEZOS_SIGN_DELAY_I_KNOW_WHAT_I_AM_DOING for testing purposes. This is insecure and should never be used in production.
octez-baker
run vdf [-P --pidfile <filename>] [-K --keep-alive]

Launch the VDF daemon -P --pidfile <filename>: write process id in file -K --keep-alive: Keep the daemon process alive: when the connection with the node is lost, the daemon periodically tries to reach it.
octez-baker
run accuser [-P --pidfile <filename>] [--preserved-levels <threshold>] [-K --keep-alive]

Launch the accuser daemon -P --pidfile <filename>: write process id in file --preserved-levels <threshold>: Number of effective levels kept in the accuser's memory Defaults to `200`. -K --keep-alive: Keep the daemon process alive: when the connection with the node is lost, the daemon periodically tries to reach it.

Commands related to the DAL daemon.

octez-baker
run dal [-d --data-dir <DIR>] [--config-file <FILE>] [--rpc-addr <ADDR[:PORT]>] [--expected-pow <FLOAT>] [--net-addr <ADDR[:PORT]>] [--public-addr <ADDR[:PORT]>] [-E --endpoint <URI>] [--slots-backup-uri <URI>] [--trust-slots-backup-uris] [--metrics-addr <ADDR[:PORT]>] [--attester-profiles <PKH1,PKH2,...>] [--operator-profiles <INDEX1,INDEX2,...>] [--observer-profiles <INDEX1,INDEX2,...>] [--bootstrap-profile] [--peers <ADDR:PORT,...>] [--history-mode <VAL>] [--service-name <VAL>] [--service-namespace <VAL>] [--fetch-trusted-setup <true | false>] [--disable-shard-validation] [--verbose] [--ignore-l1-config-peers] [--disable-amplification] [--ignore-topics <PKH1,PKH2,...>] [--batching-time-interval <INT|"disabled">]

Run the Octez DAL -d --data-dir <DIR>: The directory where the Octez DAL node will store all its data. Parent directories are created if necessary. --config-file <FILE>: The configuration file of the octez DAL node. --rpc-addr <ADDR[:PORT]>: The TCP address and optionally the port at which the RPC server of this instance can be reached. The default address is 0.0.0.0. The default port is 10732. --expected-pow <FLOAT>: The expected proof-of-work difficulty level for the peers' identity. --net-addr <ADDR[:PORT]>: The TCP address and optionally the port bound by the DAL node. If --public-addr is not provided, this is also the address and port at which this instance can be reached by other P2P nodes. The default address is 0.0.0.0. The default port is 11732. --public-addr <ADDR[:PORT]>: The TCP address and optionally the port at which this instance can be reached by other P2P nodes. By default, the point is '127.0.0.1:11732'. You can override the port using the syntax ':2222'. If the IP address is detected as a special address (such as a localhost one) it won't be advertised, only the port will. -E --endpoint <URI>: The endpoint (an URI) of the Tezos node that the DAL node should connect to. The default endpoint is 'http://localhost:8732'. --slots-backup-uri <URI>: List of base URIs to fetch missing DAL slots if they are unavailable locally or cannot be reconstructed from shards. Supported URI schemes include 'http://', 'https://', and 'file://'. The option accepts a list of fallback sources separated with commas. --trust-slots-backup-uris: If set, skip cryptographic verification of slots downloaded from the backup URIs provided via --slots-backup-uri. This can speed up slot retrieval when replaying history or for debugging purposes. Use with caution during normal operation or when data integrity is critical, unless the backup source is fully trusted. --metrics-addr <ADDR[:PORT]>: The TCP address and optionally the port of the node's metrics server. The default address is 0.0.0.0. The default port is 11733. --attester-profiles <PKH1,PKH2,...>: The Octez DAL node attester profiles for given public key hashes. --operator-profiles <INDEX1,INDEX2,...>: The Octez DAL node operator profiles for given slot indexes. These were previously known as producer profiles, however this name now refers to both operator and observer profiles. --observer-profiles <INDEX1,INDEX2,...>: The Octez DAL node observer profiles for given slot indexes. --bootstrap-profile: The Octez DAL node bootstrap node profile. Note that a bootstrap node cannot also be an attester or a slot producer --peers <ADDR:PORT,...>: An additional list of peers (bootstrap or not) to connect to, expanding the one from the DAL node's configuration parameter 'peers' and the one from the Octez node's configuration parameter 'dal_config.bootstrap_peers'. --history-mode <VAL>: The duration for the shards to be kept in the node storage. Either a number, the string "full" or the string "auto". A number is interpreted as the number of blocks the shards should be kept; the string "full" means no shard deletion, the string "auto" means the default of the profile: 3 months for an operator, twice the attestation lag for an attester and other profiles. --service-name <VAL>: A name that can be used to identify this node. This name can appear in observability data such as traces. If set, defaults to the value of the environment variable `$OTEL_SERVICE_NAME`. --service-namespace <VAL>: A namespace associated with the node. This namespace can appear in observability data such as traces. If set, defaults to the value of the environment variable `$OTEL_SERVICE_NAMESPACE`. --fetch-trusted-setup <true | false>: Should the DAL node fetch the trusted setup when it needs it. By default, it does so. --disable-shard-validation: Disable the shard verification. This is used conjoyintly with the `TEZOS_DISABLE_SHARD_VERIFICATION_I_KNOW_WHAT_I_AM_DOING` environment variable. To actually disable the shard verification this option must be used and the environment variable must be set. If only the environment variable is set, the DAL node will refuse to start. --verbose: Controls the verbosity of some emitted events. Default value is false. --ignore-l1-config-peers: Ignore the boot(strap) peers provided by L1 config. --disable-amplification: Disables shard amplification. Default value is false. --ignore-topics <PKH1,PKH2,...>: The producer Octez DAL node will not publish shards for the provided pkhs. This argument is for testing purposes only. --batching-time-interval <INT|"disabled">: The time (in milliseconds) for which shards are accumulated by the gossipsub automaton before triggering the validation of the batch. "disabled" to deactivate the batching of shards.
octez-baker
config dal init [-d --data-dir <DIR>] [--config-file <FILE>] [--rpc-addr <ADDR[:PORT]>] [--expected-pow <FLOAT>] [--net-addr <ADDR[:PORT]>] [--public-addr <ADDR[:PORT]>] [-E --endpoint <URI>] [--slots-backup-uri <URI>] [--trust-slots-backup-uris] [--metrics-addr <ADDR[:PORT]>] [--attester-profiles <PKH1,PKH2,...>] [--operator-profiles <INDEX1,INDEX2,...>] [--observer-profiles <INDEX1,INDEX2,...>] [--bootstrap-profile] [--peers <ADDR:PORT,...>] [--history-mode <VAL>] [--service-name <VAL>] [--service-namespace <VAL>] [--fetch-trusted-setup <true | false>] [--disable-shard-validation] [--verbose] [--ignore-l1-config-peers] [--disable-amplification] [--ignore-topics <PKH1,PKH2,...>] [--batching-time-interval <INT|"disabled">]

This command creates a configuration file with the parameters provided on the command-line, if no configuration file exists already in the specified or default location. Otherwise, the command-line parameters override the existing ones, and old parameters are lost. This configuration is then used by the run command. -d --data-dir <DIR>: The directory where the Octez DAL node will store all its data. Parent directories are created if necessary. --config-file <FILE>: The configuration file of the octez DAL node. --rpc-addr <ADDR[:PORT]>: The TCP address and optionally the port at which the RPC server of this instance can be reached. The default address is 0.0.0.0. The default port is 10732. --expected-pow <FLOAT>: The expected proof-of-work difficulty level for the peers' identity. --net-addr <ADDR[:PORT]>: The TCP address and optionally the port bound by the DAL node. If --public-addr is not provided, this is also the address and port at which this instance can be reached by other P2P nodes. The default address is 0.0.0.0. The default port is 11732. --public-addr <ADDR[:PORT]>: The TCP address and optionally the port at which this instance can be reached by other P2P nodes. By default, the point is '127.0.0.1:11732'. You can override the port using the syntax ':2222'. If the IP address is detected as a special address (such as a localhost one) it won't be advertised, only the port will. -E --endpoint <URI>: The endpoint (an URI) of the Tezos node that the DAL node should connect to. The default endpoint is 'http://localhost:8732'. --slots-backup-uri <URI>: List of base URIs to fetch missing DAL slots if they are unavailable locally or cannot be reconstructed from shards. Supported URI schemes include 'http://', 'https://', and 'file://'. The option accepts a list of fallback sources separated with commas. --trust-slots-backup-uris: If set, skip cryptographic verification of slots downloaded from the backup URIs provided via --slots-backup-uri. This can speed up slot retrieval when replaying history or for debugging purposes. Use with caution during normal operation or when data integrity is critical, unless the backup source is fully trusted. --metrics-addr <ADDR[:PORT]>: The TCP address and optionally the port of the node's metrics server. The default address is 0.0.0.0. The default port is 11733. --attester-profiles <PKH1,PKH2,...>: The Octez DAL node attester profiles for given public key hashes. --operator-profiles <INDEX1,INDEX2,...>: The Octez DAL node operator profiles for given slot indexes. These were previously known as producer profiles, however this name now refers to both operator and observer profiles. --observer-profiles <INDEX1,INDEX2,...>: The Octez DAL node observer profiles for given slot indexes. --bootstrap-profile: The Octez DAL node bootstrap node profile. Note that a bootstrap node cannot also be an attester or a slot producer --peers <ADDR:PORT,...>: An additional list of peers (bootstrap or not) to connect to, expanding the one from the DAL node's configuration parameter 'peers' and the one from the Octez node's configuration parameter 'dal_config.bootstrap_peers'. --history-mode <VAL>: The duration for the shards to be kept in the node storage. Either a number, the string "full" or the string "auto". A number is interpreted as the number of blocks the shards should be kept; the string "full" means no shard deletion, the string "auto" means the default of the profile: 3 months for an operator, twice the attestation lag for an attester and other profiles. --service-name <VAL>: A name that can be used to identify this node. This name can appear in observability data such as traces. If set, defaults to the value of the environment variable `$OTEL_SERVICE_NAME`. --service-namespace <VAL>: A namespace associated with the node. This namespace can appear in observability data such as traces. If set, defaults to the value of the environment variable `$OTEL_SERVICE_NAMESPACE`. --fetch-trusted-setup <true | false>: Should the DAL node fetch the trusted setup when it needs it. By default, it does so. --disable-shard-validation: Disable the shard verification. This is used conjoyintly with the `TEZOS_DISABLE_SHARD_VERIFICATION_I_KNOW_WHAT_I_AM_DOING` environment variable. To actually disable the shard verification this option must be used and the environment variable must be set. If only the environment variable is set, the DAL node will refuse to start. --verbose: Controls the verbosity of some emitted events. Default value is false. --ignore-l1-config-peers: Ignore the boot(strap) peers provided by L1 config. --disable-amplification: Disables shard amplification. Default value is false. --ignore-topics <PKH1,PKH2,...>: The producer Octez DAL node will not publish shards for the provided pkhs. This argument is for testing purposes only. --batching-time-interval <INT|"disabled">: The time (in milliseconds) for which shards are accumulated by the gossipsub automaton before triggering the validation of the batch. "disabled" to deactivate the batching of shards.
octez-baker
config dal update [-d --data-dir <DIR>] [--config-file <FILE>] [--rpc-addr <ADDR[:PORT]>] [--expected-pow <FLOAT>] [--net-addr <ADDR[:PORT]>] [--public-addr <ADDR[:PORT]>] [-E --endpoint <URI>] [--slots-backup-uri <URI>] [--trust-slots-backup-uris] [--metrics-addr <ADDR[:PORT]>] [--attester-profiles <PKH1,PKH2,...>] [--operator-profiles <INDEX1,INDEX2,...>] [--observer-profiles <INDEX1,INDEX2,...>] [--bootstrap-profile] [--peers <ADDR:PORT,...>] [--history-mode <VAL>] [--service-name <VAL>] [--service-namespace <VAL>] [--fetch-trusted-setup <true | false>] [--disable-shard-validation] [--verbose] [--ignore-l1-config-peers] [--disable-amplification] [--ignore-topics <PKH1,PKH2,...>] [--batching-time-interval <INT|"disabled">]

This command updates the configuration file with the parameters provided on the command-line. If no configuration file exists already, the command will fail. -d --data-dir <DIR>: The directory where the Octez DAL node will store all its data. Parent directories are created if necessary. --config-file <FILE>: The configuration file of the octez DAL node. --rpc-addr <ADDR[:PORT]>: The TCP address and optionally the port at which the RPC server of this instance can be reached. The default address is 0.0.0.0. The default port is 10732. --expected-pow <FLOAT>: The expected proof-of-work difficulty level for the peers' identity. --net-addr <ADDR[:PORT]>: The TCP address and optionally the port bound by the DAL node. If --public-addr is not provided, this is also the address and port at which this instance can be reached by other P2P nodes. The default address is 0.0.0.0. The default port is 11732. --public-addr <ADDR[:PORT]>: The TCP address and optionally the port at which this instance can be reached by other P2P nodes. By default, the point is '127.0.0.1:11732'. You can override the port using the syntax ':2222'. If the IP address is detected as a special address (such as a localhost one) it won't be advertised, only the port will. -E --endpoint <URI>: The endpoint (an URI) of the Tezos node that the DAL node should connect to. The default endpoint is 'http://localhost:8732'. --slots-backup-uri <URI>: List of base URIs to fetch missing DAL slots if they are unavailable locally or cannot be reconstructed from shards. Supported URI schemes include 'http://', 'https://', and 'file://'. The option accepts a list of fallback sources separated with commas. --trust-slots-backup-uris: If set, skip cryptographic verification of slots downloaded from the backup URIs provided via --slots-backup-uri. This can speed up slot retrieval when replaying history or for debugging purposes. Use with caution during normal operation or when data integrity is critical, unless the backup source is fully trusted. --metrics-addr <ADDR[:PORT]>: The TCP address and optionally the port of the node's metrics server. The default address is 0.0.0.0. The default port is 11733. --attester-profiles <PKH1,PKH2,...>: The Octez DAL node attester profiles for given public key hashes. --operator-profiles <INDEX1,INDEX2,...>: The Octez DAL node operator profiles for given slot indexes. These were previously known as producer profiles, however this name now refers to both operator and observer profiles. --observer-profiles <INDEX1,INDEX2,...>: The Octez DAL node observer profiles for given slot indexes. --bootstrap-profile: The Octez DAL node bootstrap node profile. Note that a bootstrap node cannot also be an attester or a slot producer --peers <ADDR:PORT,...>: An additional list of peers (bootstrap or not) to connect to, expanding the one from the DAL node's configuration parameter 'peers' and the one from the Octez node's configuration parameter 'dal_config.bootstrap_peers'. --history-mode <VAL>: The duration for the shards to be kept in the node storage. Either a number, the string "full" or the string "auto". A number is interpreted as the number of blocks the shards should be kept; the string "full" means no shard deletion, the string "auto" means the default of the profile: 3 months for an operator, twice the attestation lag for an attester and other profiles. --service-name <VAL>: A name that can be used to identify this node. This name can appear in observability data such as traces. If set, defaults to the value of the environment variable `$OTEL_SERVICE_NAME`. --service-namespace <VAL>: A namespace associated with the node. This namespace can appear in observability data such as traces. If set, defaults to the value of the environment variable `$OTEL_SERVICE_NAMESPACE`. --fetch-trusted-setup <true | false>: Should the DAL node fetch the trusted setup when it needs it. By default, it does so. --disable-shard-validation: Disable the shard verification. This is used conjoyintly with the `TEZOS_DISABLE_SHARD_VERIFICATION_I_KNOW_WHAT_I_AM_DOING` environment variable. To actually disable the shard verification this option must be used and the environment variable must be set. If only the environment variable is set, the DAL node will refuse to start. --verbose: Controls the verbosity of some emitted events. Default value is false. --ignore-l1-config-peers: Ignore the boot(strap) peers provided by L1 config. --disable-amplification: Disables shard amplification. Default value is false. --ignore-topics <PKH1,PKH2,...>: The producer Octez DAL node will not publish shards for the provided pkhs. This argument is for testing purposes only. --batching-time-interval <INT|"disabled">: The time (in milliseconds) for which shards are accumulated by the gossipsub automaton before triggering the validation of the batch. "disabled" to deactivate the batching of shards.
octez-baker
debug dal print store schemas [-d --data-dir <DIR>] [--config-file <FILE>] [--rpc-addr <ADDR[:PORT]>] [--expected-pow <FLOAT>] [--net-addr <ADDR[:PORT]>] [--public-addr <ADDR[:PORT]>] [-E --endpoint <URI>] [--slots-backup-uri <URI>] [--trust-slots-backup-uris] [--metrics-addr <ADDR[:PORT]>] [--attester-profiles <PKH1,PKH2,...>] [--operator-profiles <INDEX1,INDEX2,...>] [--observer-profiles <INDEX1,INDEX2,...>] [--bootstrap-profile] [--peers <ADDR:PORT,...>] [--history-mode <VAL>] [--service-name <VAL>] [--service-namespace <VAL>] [--fetch-trusted-setup <true | false>] [--disable-shard-validation] [--verbose] [--ignore-l1-config-peers] [--disable-amplification] [--ignore-topics <PKH1,PKH2,...>] [--batching-time-interval <INT|"disabled">]

Print SQL statements describing the tables created in the store. -d --data-dir <DIR>: The directory where the Octez DAL node will store all its data. Parent directories are created if necessary. --config-file <FILE>: The configuration file of the octez DAL node. --rpc-addr <ADDR[:PORT]>: The TCP address and optionally the port at which the RPC server of this instance can be reached. The default address is 0.0.0.0. The default port is 10732. --expected-pow <FLOAT>: The expected proof-of-work difficulty level for the peers' identity. --net-addr <ADDR[:PORT]>: The TCP address and optionally the port bound by the DAL node. If --public-addr is not provided, this is also the address and port at which this instance can be reached by other P2P nodes. The default address is 0.0.0.0. The default port is 11732. --public-addr <ADDR[:PORT]>: The TCP address and optionally the port at which this instance can be reached by other P2P nodes. By default, the point is '127.0.0.1:11732'. You can override the port using the syntax ':2222'. If the IP address is detected as a special address (such as a localhost one) it won't be advertised, only the port will. -E --endpoint <URI>: The endpoint (an URI) of the Tezos node that the DAL node should connect to. The default endpoint is 'http://localhost:8732'. --slots-backup-uri <URI>: List of base URIs to fetch missing DAL slots if they are unavailable locally or cannot be reconstructed from shards. Supported URI schemes include 'http://', 'https://', and 'file://'. The option accepts a list of fallback sources separated with commas. --trust-slots-backup-uris: If set, skip cryptographic verification of slots downloaded from the backup URIs provided via --slots-backup-uri. This can speed up slot retrieval when replaying history or for debugging purposes. Use with caution during normal operation or when data integrity is critical, unless the backup source is fully trusted. --metrics-addr <ADDR[:PORT]>: The TCP address and optionally the port of the node's metrics server. The default address is 0.0.0.0. The default port is 11733. --attester-profiles <PKH1,PKH2,...>: The Octez DAL node attester profiles for given public key hashes. --operator-profiles <INDEX1,INDEX2,...>: The Octez DAL node operator profiles for given slot indexes. These were previously known as producer profiles, however this name now refers to both operator and observer profiles. --observer-profiles <INDEX1,INDEX2,...>: The Octez DAL node observer profiles for given slot indexes. --bootstrap-profile: The Octez DAL node bootstrap node profile. Note that a bootstrap node cannot also be an attester or a slot producer --peers <ADDR:PORT,...>: An additional list of peers (bootstrap or not) to connect to, expanding the one from the DAL node's configuration parameter 'peers' and the one from the Octez node's configuration parameter 'dal_config.bootstrap_peers'. --history-mode <VAL>: The duration for the shards to be kept in the node storage. Either a number, the string "full" or the string "auto". A number is interpreted as the number of blocks the shards should be kept; the string "full" means no shard deletion, the string "auto" means the default of the profile: 3 months for an operator, twice the attestation lag for an attester and other profiles. --service-name <VAL>: A name that can be used to identify this node. This name can appear in observability data such as traces. If set, defaults to the value of the environment variable `$OTEL_SERVICE_NAME`. --service-namespace <VAL>: A namespace associated with the node. This namespace can appear in observability data such as traces. If set, defaults to the value of the environment variable `$OTEL_SERVICE_NAMESPACE`. --fetch-trusted-setup <true | false>: Should the DAL node fetch the trusted setup when it needs it. By default, it does so. --disable-shard-validation: Disable the shard verification. This is used conjoyintly with the `TEZOS_DISABLE_SHARD_VERIFICATION_I_KNOW_WHAT_I_AM_DOING` environment variable. To actually disable the shard verification this option must be used and the environment variable must be set. If only the environment variable is set, the DAL node will refuse to start. --verbose: Controls the verbosity of some emitted events. Default value is false. --ignore-l1-config-peers: Ignore the boot(strap) peers provided by L1 config. --disable-amplification: Disables shard amplification. Default value is false. --ignore-topics <PKH1,PKH2,...>: The producer Octez DAL node will not publish shards for the provided pkhs. This argument is for testing purposes only. --batching-time-interval <INT|"disabled">: The time (in milliseconds) for which shards are accumulated by the gossipsub automaton before triggering the validation of the batch. "disabled" to deactivate the batching of shards.

Miscellaneous commands

octez-baker
list understood protocols

List the protocol versions that this client understands.

Accuser manual#

This is the manual page of the accuser command line tool. See Accuser for a general description of this tool.

Note

This unique accuser executable is meant to replace the protocol-specific accusers for all the protocols it supports, such as octez-accuser-PsRiotum and octez-accuser-alpha.

Usage

octez-accuser [global options] command [command options]
octez-accuser --help (for global options)
octez-accuser [global options] command --help (for command options)
octez-accuser --version (for version information)

To browse the documentation

octez-accuser [global options] man (for a list of commands)
octez-accuser [global options] man -v 3 (for the full manual)

Global options (must come before the command)

Access the documentation

octez-accuser
man [keyword...] [-v --verbosity <0|1|2|3>] [--format <plain|colors|html>]

Print documentation of commands. Add search keywords to narrow list. Will display only the commands by default, unless [-verbosity <2|3>] is passed or the list of matching commands if less than 3. keyword: keyword to search for If several are given they must all appear in the command. -v --verbosity <0|1|2|3>: level of details 0. Only shows command mnemonics, without documentation. 1. Shows command mnemonics with short descriptions. 2. Show commands and arguments with short descriptions 3. Show everything --format <plain|colors|html>: the manual's output format Defaults to `plain`.

Commands for editing and viewing the client's config file

octez-accuser
config show

Show the current config (config file content + command line arguments) or the mockup config files if `--mode mockup` is specified.
octez-accuser
config reset

Reset the config file to the factory defaults.
octez-accuser
config update

Update the config based on the current cli values. Loads the current configuration (default or as specified with `-config-file`), applies alterations from other command line arguments (such as the node's address, etc.), and overwrites the updated configuration file.
octez-accuser
config init [-o --output <path>] [--bootstrap-accounts <path>] [--protocol-constants <path>]

Create config file(s) based on the current CLI values. If the `-file` option is not passed, this will initialize the default config file, based on default parameters, altered by other command line options (such as the node's address, etc.). Otherwise, it will create a new config file, based on the default parameters (or the the ones specified with `-config-file`), altered by other command line options. If `-mode mockup` is specified, this will initialize the mockup's default files instead of the config file. Use `-bootstrap-accounts` and `-protocol-constants` to specify custom paths. The command will always fail if file(s) to create exist already -o --output <path>: path at which to create the file Defaults to `$HOME/.tezos-client/config`. --bootstrap-accounts <path>: path at which to create the file Defaults to `$HOME/.tezos-client/bootstrap-accounts.json`. --protocol-constants <path>: path at which to create the file Defaults to `$HOME/.tezos-client/protocol-constants.json`.

Commands related to the agnostic accuser daemon.

octez-accuser
run [-P --pidfile <filename>] [--preserved-levels <threshold>] [-K --keep-alive]

Launch the accuser daemon -P --pidfile <filename>: write process id in file --preserved-levels <threshold>: Number of effective levels kept in the accuser's memory Defaults to `200`. -K --keep-alive: Keep the daemon process alive: when the connection with the node is lost, the daemon periodically tries to reach it.

Miscellaneous commands

octez-accuser
list understood protocols

List the protocol versions that this client understands.

Benchmark tool manual#

This is the manual page of the command line tool octez-snoop. See Benchmarking with Snoop for a general description of this tool.

Codec manual#

This is the manual page of the command line tool octez-codec. See Codec for a general description of this tool.

Usage

octez-codec [global options] command [command options]
octez-codec --help (for global options)
octez-codec [global options] command --help (for command options)
octez-codec --version (for version information)

To browse the documentation

octez-codec [global options] man (for a list of commands)
octez-codec [global options] man -v 3 (for the full manual)

Global options (must come before the command)

-d --base-dir <path>: data directory The directory where the Tezos codec will output logs. By default: '$HOME/.tezos-client'.

Access the documentation

octez-codec
man [keyword...] [-v --verbosity <0|1|2|3>] [--format <plain|colors|html>]

Print documentation of commands. Add search keywords to narrow list. Will display only the commands by default, unless [-verbosity <2|3>] is passed or the list of matching commands if less than 3. keyword: keyword to search for If several are given they must all appear in the command. -v --verbosity <0|1|2|3>: level of details 0. Only shows command mnemonics, without documentation. 1. Shows command mnemonics with short descriptions. 2. Show commands and arguments with short descriptions 3. Show everything --format <plain|colors|html>: the manual's output format Defaults to `plain`.

Commands to handle encodings

octez-codec
list encodings

List the registered encoding in Tezos.
octez-codec
dump encodings [--compact]

Dump a JSON description of all registered encodings. --compact: Output JSON descriptions without extraneous whitespace characters
octez-codec
dump encoding id [--compact]

Dump a JSON description of a given registered encoding. id: Encoding identifier --compact: Output JSON description without extraneous whitespace characters
octez-codec
encode id from data

Encode the given JSON data into binary using the provided encoding identifier. id: Encoding identifier data: JSON file or data
octez-codec
decode id from data

Decode the binary encoded data into JSON using the provided encoding identifier. id: Encoding identifier data: Hex-encoded binary-encoded data or name of file containing the data
octez-codec
display id from binary data

Display the binary encoded data using the provided encoding identifier. id: Encoding identifier data: Hex-encoded binary-encoded data or name of file containing the data
octez-codec
display id from json data

Display the JSON encoded data using the provided encoding identifier. id: Encoding identifier data: JSON file or data
octez-codec
describe id binary schema

Describe the binary schema associated to the provided encoding identifier. id: Encoding identifier
octez-codec
describe id json schema

Describe the JSON schema associated to the provided encoding identifier. id: Encoding identifier
octez-codec
slice data

Attempts to slice an hex-encoded binary value with all known encodings. data: Hex-encoded binary-encoded data or name of file containing the data
octez-codec
slice data with encoding id [--format <FORMAT>]

Slice an hex-encoded binary value with the specified encoding. data: Hex-encoded binary-encoded data or name of file containing the data id: Encoding identifier --format <FORMAT>: The format to print the output in: json, pretty, or waterfall. Defaults to `pretty`.

Protocol-dependent tools#

For manuals of the tools that may vary with each protocol, see here.

Command Line Interface

Contents

Command Line Interface#

Admin-client manual#

Usage

To browse the documentation

Global options (must come before the command)

Access the documentation

Commands for editing and viewing the client's config file

Commands to report the node's status

Commands to perform privileged operations on the node

Commands for monitoring and controlling p2p-layer state

Commands for managing protocols

Commands for the low level RPC layer

Commands to inspect the event-logging framework

Miscellaneous commands

Signer manual#

Usage

To browse the documentation

Global options (must come before the command)

Access the documentation

Commands for managing the connected Ledger Nano devices

Commands for managing the wallet of cryptographic keys

Commands specific to the signing daemon

Node manual#

DAL node manual#

Smart rollup node manual#

Usage

To browse the documentation

Global options (must come before the command)

Access the documentation

Commands related to the smart rollup node.

Commands to repair the smart rollup node.

Baker manual#

Usage

To browse the documentation

Global options (must come before the command)

Access the documentation

Commands for editing and viewing the client's config file

Commands related to the agnostic baker daemon.

Commands related to the DAL daemon.

Miscellaneous commands

Accuser manual#

Usage

To browse the documentation

Global options (must come before the command)

Access the documentation

Commands for editing and viewing the client's config file

Commands related to the agnostic accuser daemon.

Miscellaneous commands

Benchmark tool manual#

Codec manual#

Usage

To browse the documentation

Global options (must come before the command)

Access the documentation

Commands to handle encodings

Protocol-dependent tools#