The Nym gateway was built in the building nym section. If you haven’t yet built Nym and want to run the code, go there first.

Any syntax in <> brackets is a user’s unique variable. Exchange with a corresponding name without the <> brackets.

Current version


Preliminary steps

Make sure you do the preparation listed in the preliminary steps page before setting up your gateway.

Gateway setup

Now that you have built the codebase, set up your wallet, and have a VPS with the nym-gateway binary, you can set up your gateway with the instructions below.

To begin, move to /target/release directory from which you run the node commands:

cd target/release

Viewing command help

You can check that your binaries are properly compiled with:

./nym-gateway --help

Console output

Implementation of the Nym Mixnet Gateway

Usage: nym-gateway [OPTIONS] <COMMAND>

  init               Initialise the gateway
  node-details       Show details of this gateway
  run                Starts the gateway
  sign               Sign text to prove ownership of this mixnode
  build-info         Show build information of this binary
  completions        Generate shell completions
  generate-fig-spec  Generate Fig specification
  help               Print this message or the help of the given subcommand(s)

  -c, --config-env-file <CONFIG_ENV_FILE>  Path pointing to an env file that configures the gateway
      --no-banner                          Flag used for disabling the printed banner in tty
  -h, --help                               Print help
  -V, --version                            Print version

You can also check the various arguments required for individual commands with:

./nym-gateway <COMMAND> --help

Adding --no-banner startup flag will prevent Nym banner being printed even if run in tty environment.

Initialising your gateway

To check available configuration options use:

 ./nym-gateway init --help

Console output

Initialise the gateway

Usage: nym-gateway init [OPTIONS] --id <ID> --host <HOST>

      --id <ID>
          Id of the gateway we want to create config for
      --host <HOST>
          The custom host on which the gateway will be running for receiving sphinx packets
      --mix-port <MIX_PORT>
          The port on which the gateway will be listening for sphinx packets
      --clients-port <CLIENTS_PORT>
          The port on which the gateway will be listening for clients gateway-requests
      --datastore <DATASTORE>
          Path to sqlite database containing all gateway persistent data
      --nym-apis <NYM_APIS>
          Comma separated list of endpoints of nym APIs
      --mnemonic <MNEMONIC>
          Cosmos wallet mnemonic needed for double spending protection
      --enabled-statistics <ENABLED_STATISTICS>
          Enable/disable gateway anonymized statistics that get sent to a statistics aggregator
          server [possible values: true, false]
      --statistics-service-url <STATISTICS_SERVICE_URL>
          URL where a statistics aggregator is running. The default value is a Nym aggregator server
  -o, --output <OUTPUT>
          [default: text] [possible values: text, json]
  -h, --help
          Print help

The following command returns a gateway on your current IP with the id of supergateway:

./nym-gateway init --id supergateway --host $(curl --wallet-address n1eufxdlgt0puwrwptgjfqne8pj4nhy2u5ft62uq

Console output

The $(curl command above returns your IP automatically using an external service. Alternatively, you can enter your IP manually if you wish. If you do this, remember to enter your IP without any port information.

Bonding your gateway

Via the Desktop wallet

You can bond your gateway via the Desktop wallet.

  1. Open your wallet, and head to the Bonding page, then select the node type Gateway and input your node details (Location format is , ). Press Next

  2. Enter the Amount, Operating cost and press Next.

  3. You will be asked to run a the sign command with your gateway - copy and paste the long signature as the value of --contract-msg and run it.

./nym-mixnode sign --id <YOUR_ID> --contract-msg <PAYLOAD_GENERATED_BY_THE_WALLET>

It will look something like this:

Console output

./nym-gateway sign --id upgrade_test --contract-msg 2Mf8xYytgEeyJke9LA7TjhHoGQWNBEfgHZtTyy2krFJfGHSiqy7FLgTnauSkQepCZTqKN5Yfi34JQCuog9k6FGA2EjsdpNGAWHZiuUGDipyJ6UksNKRxnFKhYW7ri4MRduyZwbR98y5fQMLAwHne1Tjm9cXYCn8McfigNt77WAYwBk5bRRKmC34BJMmWcAxphcLES2v9RdSR68tkHSpy2C8STfdmAQs3tZg8bJS5Qa8pQdqx14TnfQAPLk3QYCynfUJvgcQTrg29aqCasceGRpKdQ3Tbn81MLXAGAs7JLBbiMEAhCezAr2kEN8kET1q54zXtKz6znTPgeTZoSbP8rzf4k2JKHZYWrHYF9JriXepuZTnyxAKAxvGFPBk8Z6KAQi33NRQkwd7MPyttatHna6kG9x7knffV6ebGzgRBf7NV27LurH8x4L1uUXwm1v1UYCA1WSBQ9Pp2JW69k5v5v7G9gBy8RUcZnMbeL26Qqb8WkuGcmuHhaFfoqSfV7PRHPpPT4M8uRqUyR4bjUtSJJM1yh6QSeZk9BEazzoJqPeYeGoiFDZ3LMj2jesbJweQR4caaYuRczK92UGSSqu9zBKmE45a

      _ __  _   _ _ __ ___
     | '_ \| | | | '_ \ _ \
     | | | | |_| | | | | | |
     |_| |_|\__, |_| |_| |_|

             (nym-gateway - version v1.1.29)  

>>> attempting to sign 2Mf8xYytgEeyJke9LA7TjhHoGQWNBEfgHZtTyy2krFJfGHSiqy7FLgTnauSkQepCZTqKN5Yfi34JQCuog9k6FGA2EjsdpNGAWHZiuUGDipyJ6UksNKRxnFKhYW7ri4MRduyZwbR98y5fQMLAwHne1Tjm9cXYCn8McfigNt77WAYwBk5bRRKmC34BJMmWcAxphcLES2v9RdSR68tkHSpy2C8STfdmAQs3tZg8bJS5Qa8pQdqx14TnfQAPLk3QYCynfUJvgcQTrg29aqCasceGRpKdQ3Tbn81MLXAGAs7JLBbiMEAhCezAr2kEN8kET1q54zXtKz6znTPgeTZoSbP8rzf4k2JKHZYWrHYF9JriXepuZTnyxAKAxvGFPBk8Z6KAQi33NRQkwd7MPyttatHna6kG9x7knffV6ebGzgRBf7NV27LurH8x4L1uUXwm1v1UYCA1WSBQ9Pp2JW69k5v5v7G9gBy8RUcZnMbeL26Qqb8WkuGcmuHhaFfoqSfV7PRHPpPT4M8uRqUyR4bjUtSJJM1yh6QSeZk9BEazzoJqPeYeGoiFDZ3LMj2jesbJweQR4caaYuRczK92UGSSqu9zBKmE45a
>>> decoding the message...
>>> message to sign: {"nonce":0,"algorithm":"ed25519","message_type":"gateway-bonding","content":{"sender":"n1ewmme88q22l8syvgshqma02jv0vqrug9zq9dy8","proxy":null,"funds":[{"denom":"unym","amount":"100000000"}],"data":{"gateway":{"host":"","mix_port":1789,"clients_port":9000,"location":"","sphinx_key":"FKbuN7mPdoCG9jA3CkAfXxC5X4rHhqeMVtmfRtJ3cFZd","identity_key":"3RoAhR8gEdfBETMjm2vbMFzKddxXDdE9ygBAnJHWqSzD","version":"1.1.13"}}}}
  • Copy the resulting signature:
>>> The base58-encoded signature is:
  • And paste it into the wallet nodal, press Next and confirm the transaction.

Paste Signature

  • Your gateway is now bonded.

You are asked to sign a transaction on bonding so that the mixnet smart contract is able to map your nym address to your node. This allows us to create a nonce for each account and defend against replay attacks.

Via the CLI (power users)

If you want to bond your mix node via the CLI, then check out the relevant section in the Nym CLI docs.

Running your gateway

The run command starts the gateway:

./nym-gateway run --id <YOUR_ID>


For gateway upgrade, firewall setup, port configuration, API endpoints, VPS suggestions, automation and more, see the maintenance page

Last change: 2023-09-19, commit: 8aa8f07c