Running a Public Remote Node

Once you can run your own node, the next step in giving back to Monero is running a public remote node — one that other people's wallets can connect to. Public nodes are what let someone on a phone, or a newcomer who hasn't synced a chain yet, use Monero at all. Run one well and you add real capacity and decentralization to the network. This lesson shows how to do it safely, including over Tor, without exposing yourself.

What a Public Node Is (and Why Run One)

A private node only answers your own wallet. A public node accepts RPC connections from anyone, so other wallets can use it to broadcast transactions and read the blockchain. Why volunteer for that?

• Decentralization. More independent public nodes means fewer people funnel through a handful of big ones.
• Onboarding. Light/mobile wallets and brand-new users rely on remote nodes until they can run their own.
• Censorship resistance. A diverse, global set of nodes is much harder to block than a few.

Crucially, a node only ever sees public network data. Even as a public node operator you cannot see users' balances, keys, or decode their private transactions — Monero's stealth addresses and RingCT keep that hidden. What a public node can see is the IP address of whoever connects — which is exactly why offering a Tor endpoint matters (below).

Step 1 — Run monerod as a Public Node

The key is to bind the RPC port to all interfaces and use restricted RPC so remote users only get safe, public methods. A typical command:

./monerod \
  --rpc-bind-ip 0.0.0.0 \
  --rpc-bind-port 18089 \
  --confirm-external-bind \
  --restricted-rpc \
  --public-node \
  --no-igd \
  --enable-dns-blocklist

• --rpc-bind-ip 0.0.0.0 + --confirm-external-bind — listen for connections from outside, not just localhost.
• --restricted-rpc — exposes only the safe public subset of RPC (no admin commands). Always use this on a public node.
• --public-node — advertises your restricted RPC port to peers so wallets can discover it.
• 18089 is the community convention for a restricted/public RPC port (keep your private, unrestricted 18081 bound to localhost only).
• --enable-dns-blocklist drops known-bad peers; --no-igd disables UPnP port-mapping on servers.

Open the ports on your firewall: the P2P port 18080 (to relay for the network) and your public RPC port 18089. Leave the unrestricted RPC port 18081 closed to the internet.

Step 2 — Offer It Over Tor (Maximum Privacy & Utility)

Exposing your node only on a clear-net IP means every connecting wallet reveals its IP to you, and your server's IP is public. Adding a Tor onion endpoint fixes both: users connect through Tor without revealing their IP, and privacy-conscious users can reach you anonymously. Add a hidden service in your torrc:

HiddenServiceDir /var/lib/tor/monero-node/
HiddenServicePort 18089 127.0.0.1:18089

Restart Tor and read your onion hostname from /var/lib/tor/monero-node/hostname — that's the address you can share. For best results, also let your node make outbound connections over Tor and accept anonymous inbound, so it relays transactions privately:

./monerod --tx-proxy tor,127.0.0.1:9050 \
  --anonymous-inbound YOURONION.onion:18083,127.0.0.1:18083

See Connecting Over Tor for the wallet side of this.

Step 3 — Keep It Healthy and Get It Listed

• Run it on hardware that's always on — a home server or VPS — and keep it synced. Use a systemd service so it restarts automatically.
• Watch bandwidth. A busy public node moves real data; set --out-peers/--in-peers if you need to cap it.
• Advertise it. Submit your node (clearnet and onion) to community node lists like monero.fail so wallets can find it. This is where your node delivers maximum public utility.
• Stay current. Update monerod around network upgrades so you keep validating and serving correctly.

The Privacy Bargain — Stay Safe

Running a public node is generous, but go in with eyes open: your server IP is exposed, and you'll see connecting IPs (offer Tor so users don't have to reveal theirs). Always run --restricted-rpc, never expose port 18081, and don't run a wallet's spend keys on the same exposed machine. Done right, a public node leaks nothing about your money while quietly strengthening everyone else's access to Monero.

Next, learn to read what your node can tell you about the live network in Checking Network Stats, and how to shrink its disk footprint in Node Pruning Explained.