Security Precautions

What are the basic precautionary measures an Indexer should take?

Staying Safe as an Indexer

Precautionary measures

Indexers that are actively indexing on The Graph Network should take basic security precautions to keep their operations safe and secure. Let’s have a look how these precautions look like.

The two essential security measures

Operator Wallet

Setting up an operator wallet

The first step as an Indexer towards safeguarding against risks is to set up an operator wallet. Doing so will enable the Indexer to keep their keys for managing their day-to-day operations and for controlling their stake separate.

Here’s how to approve another address so that it becomes the operator for your Indexer infrastructure. Set the operator address by calling: setOperator(<OperatorAddress>)

Firewall

Securing ports

The second security measure an Indexer should take is to make sure that only the indexer service is exposed publicly. Especially the admin ports and the database access should be locked down. The following ports should not be exposed:

• Graph Node JSON-RPC endpoint

  • (default port: 8030)

• Indexer management API endpoint

  • (default port: 18000)

• Postgres database endpoint

  • (default port: 5432)

Check this page for more information: https://thegraph.academy/indexers/security-precautions/