- Set signing keys:
RECEIPT_SIGNING_PRIVATE_KEY_PEM_B64RECEIPT_SIGNING_PUBLIC_KEY
- Set identity metadata:
RECEIPT_SIGNER_IDSERVICE_NAME,SERVICE_VERSION
- If using ENS verification:
ETH_RPC_URLVERIFIER_ENS_NAMEENS_SIGNER_TEXT_KEYENS_SIG_PUB_TEXT_KEYENS_SIG_KID_TEXT_KEY
- Set safety limits (
FETCH_TIMEOUT_MS,FETCH_MAX_BYTES,VERIFY_MAX_MS). - Restrict outbound domains with
ALLOW_FETCH_HOSTSwhere possible.
curl -s "$BASE_URL/health" | jq .
curl -s "$BASE_URL/debug/env" | jq .Expected:
ok=truesigner_ok=true- expected
enabled_verbs - expected timeouts/cache settings
curl -s -X POST "$BASE_URL/debug/prewarm" \
-H 'content-type: application/json' \
-d '{"verbs":["fetch","parse","summarize","classify"]}' | jq .
curl -s "$BASE_URL/debug/validators" | jq .Repeat validator polling until required verbs appear under cached.
- Set
RECEIPT_SIGNING_PUBLIC_KEY(ed25519:<base64>) or use ENS verification with:ETH_RPC_URLVERIFIER_ENS_NAME- valid
cl.sig.pubandcl.sig.kidTXT values on signer ENS name.
- Expected when
VERIFY_SCHEMA_CACHED_ONLY=1and schema validator is cold. - Trigger
/debug/prewarmand retry/verify?schema=1.
- Confirm schema host reachability from runtime environment.
- Check
SCHEMA_HOST,SCHEMA_FETCH_TIMEOUT_MS, outbound egress rules.
At minimum, capture and alert on:
- HTTP 5xx rate by endpoint and verb.
/verifylatency and timeout count.fetchtimeout/error rates.- cold-validator 202 rate after deploy.
- cache sizes from
/debug/validators.
- Keep CORS policy constrained if this service is not intended for broad browser access.
- If internet fetch is not required, disable
fetchverb viaENABLED_VERBS. - Consider process isolation or egress proxy for stricter SSRF containment.