backarrow

Our RPC Logging Practices

Pokt Logo
POKT Network
Nov 19, 2023
POKT DAO
Our RPC Logging Practices

Given the recent announcements by many actors in the blockchain infrastructure industry, we believe it’s prudent to be transparent about our logging practices. Before getting into the details, we would like to briefly recap the various entities that have been referred to as Pocket Network in our various official and unofficial communication channels.

For the sake of this specific blog post, we will be discussing the logging practices of the Pocket Portal, which is the API gateway that accesses our decentralized network and is wholly owned by PNI. There are a few points to keep in mind as you read through this article.

  • We have a decentralized network of independent node runners running 25,000 nodes.
  • Due to limitations in our current version of the protocol, PNI owns the only gateway that can access this network.
  • When we release the next version of our protocol, v1, in the latter half of 2023, the gateway layer will be decentralized, enabling other entities to run their own direct access points to the network.

With this background in place, we’d like to discuss what we do and don’t collect on our private and public endpoints.

What We Do Not Collect

  • User’s IP address
  • User’s request origin
  • User’s request data

What We Do Collect

The information listed below is collected to ensure quality of service across our gateways and network. The data is strictly for internal use only and we will never sell this information to third parties. We may use this data to, for example, quickly debug issues with a given node in our network, a given chain we support, or given methods we see users attempting to use that our network may/may not support.

Logging for All (Public & Private) Endpoints

For a given relay request (e.g., API Request + Metadata), we collect the following information:

  • AWS region for the API Gateway where the request originated from
  • Pocket blockchain application public key that was used to facilitate the relay into our network
  • Node in the decentralized network that serviced the relay
  • Blockchain to which the request was sent
  • HTTP response status code of the request after it was processed
  • Blockchain method called by the request

Specific for Private Endpoints

For the private RPC endpoints, which are vendored directly through the Portal, we use Auth0 as our identity-broker for our app/account-owners, and Stripe for payments. In this manner, we can tie an endpoint to an app/account-owner, meter them for relay usage of their dApp(s), and charge them appropriately.As always, the Pocket core team is available on our official Discord should you have any further questions on our logging practices.

Subscribe to the POKT Blog for Web3 Infrastructure updates.

Thank you! Your submission has been received!
Oops something went wrong.....