Giter Site home page Giter Site logo

fabiofederici / helius-rpc-proxy Goto Github PK

View Code? Open in Web Editor NEW

This project forked from helius-labs/helius-rpc-proxy

0.0 0.0 0.0 6.29 MB

This repo hosts a one-click-deploy Cloudflare worker that proxies RPC requests to Helius.

License: MIT License

TypeScript 100.00%

helius-rpc-proxy's Introduction

Helius RPC Proxy

RPC Proxy

This repo hosts a one-click-deploy Cloudflare worker that proxies RPC requests to Helius. The proxy will allow you to keep your API key hidden from public requests made by clients. You will need both a Helius account and a Cloudflare account to deploy this. Helius offers 100k credits for free each month, and Cloudflare workers can execute 100k invocations each day for free. Most projects can easily get started within these free tiers.

Both standard JSON RPC and Websockets are supported!

Video Walkthrough

Setup

Step 1

Press the button below to deploy this to your own Cloudflare account:

Deploy to Cloudflare Workers

Step 2

Navigate to your newly deployed worker, and click "Settings" and then "Variables":

Variables

Step 3

Add a new variable with the key name HELIUS_API_KEY and your Helius API key as the value:

Add Secret

NOTE: We recommend selecting "Encrypt". This will hide your key from the UI and API responses, and redact them from logs.

Encrypt

Step 4

Refresh the page and confirm that your key is now saved and encrypted:

Confirm

You can now use your worker URL as an the RPC endpoint in all SDK and client side configurations without your API key leaking!

Additional Security Steps

This implementation is intentionally left in a less-than-ideal security state to facilitate easy deployment by anyone. If you would like to lock down your RPC proxy further, consider the following steps after you have successfully deployed the worker:

  • Update the Access-Control-Allow-Origin header by adding a new variable with the key name CORS_ALLOW_ORIGIN to contain the host that your requests are coming from (usually your client application). For example, if you wanted to allow requests from https://example.com, you would change the header to https://example.com. To support multiple domains, set CORS_ALLOW_ORIGIN to a comma separated list of domains (e.g. https://example.com,https://beta.example.com).
  • Cloudflare Web Application Firewall (WAF) - You can configure the WAF to inspect requests and allow/deny based on your own business logic.
  • Modify the IP address allow list in Helius for your API key to only accept connections from the Cloudflare ranges (https://cloudflare.com/ips-v4).

helius-rpc-proxy's People

Contributors

helius-wedtm avatar opptylabs avatar owenventer avatar wphan avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.