Getting Started

Getting Seth

Seth is packaged separately from the rest of the Sawtooth project. Currently the best way to run Seth is to use the provided docker-compose file. Building Seth requires an environment that has the Docker Engine installed.

To get Seth, clone the sawtooth-seth GitHub repository:

$ git clone
$ cd sawtooth-seth

Starting Up Seth

The repo includes a Dockerfile for each of the Seth components, and a docker-compose file for building Docker images and starting containers for each component. To start the environment, do:

$ docker-compose up --build

This starts up all the components necessary to begin interacting with Seth. The following ports are exposed on the host for interacting with the containers once startup is complete:

Host Port Service
8080 Sawtooth REST API Server
3030 Seth-RPC Server

You can verify that these services are working by submitting an HTTP request to them. For the REST API, do:

$ curl

You should receive a JSON object containing a list of blocks. For the Seth-RPC server, do:

$ curl -d '{"jsonrpc": "2.0", "id": 1, "method": "eth_blockNumber"}' -H "Content-Type: application/json"

You should receive a JSON object with the number of the current block, in hex, in the “result” key.

Creating an Account

Generating a Key Pair

In order to interact with Seth, we need to create an external account on the network. Creating an account is equivalent to generating a new private key that Seth can understand. Seth accepts secp256k1 private keys in one of two formats:

  • A plaintext hex encoded private key, such as those generated by sawtooth keygen.
  • A PEM encoded private key with or without a password, such as those generated with the openssl command.

The following shows you how to generate a PEM encoded key that has been encrypted with a password.

OpenSSL is already installed in the seth-cli-go Docker container, so we can just connect to the container and run the command from there. Do the following to start up a shell in that container:

$ docker exec -it seth-cli-go bash

You should now be logged in as root in the container. From this shell, you can generate a new, password-encrypted key with the following:

$ openssl ecparam -genkey -name secp256k1 | openssl ec -out key-file.pem -aes128

You can use any encryption cipher by changing the final -aes128 flag or omit the flag and to generate a key without it being encrypted.

Now we are ready to set up the account on the network. To do this, we need to use the seth command. From the prompt where you generated the key, run:

$ seth account import key-file.pem myalias

This will copy your key to an internal directory and create an alias for the key which you will use to reference the key in future commands. Finally, to submit a transaction to the network to create your account, do:

$ seth account create --nonce=0 --wait myalias

The command should print the address of your newly created account upon success. This will be a (40 character) hex string. You can verify that the account has been created by running:

$ seth show account {address}

This will print out some information stored in state about your account. Since this is not a contract account, there won’t be a lot there but the address of the account and the nonce of the account should be displayed.