MetaMask and Helios for a trustless RPC client setup

Davide Zambiasi

November 26, 2022 in Tech, Tutorials

Data security and accuracy is always a hot topic even in the Web3 environment as it’s one of the core fundamentals. In this article, we’ll show you how you can use Chainstack and the new Helios light client to go trustless.

What is Helios

Helios is a trustless Ethereum light client written in Rust by a16z. A light client can participate in the blockchain network without having to run powerful hardware— but does not participate in the consensus and cannot be a validator.

A light node will only download block headers containing a summary of the block content and randomly verify some of them, then rely on full nodes to retrieve the rest of the data. This is an important note because many users and DApps rely on nodes provider to retrieve data from the blockchain and trust that they receive the legit information.

But now, you don’t have to trust anyone; you can go trustless with Helios.

How does Helios work

Helios is a very efficient light client; it syncs in a few seconds and does not require any storage from your machine as it uses a full node RPC endpoint to retrieve the necessary data and give you access to the blockchain.

The Helios client implements execution and consensus layers, like most Ethereum clients, but the two layers work closely together, so you only need to install and use one software.

The consensus layer

The consensus layer light client conforms to the beacon chain light client specifications and has access to the beacon chain’s sync committees. The sync committee is a group of 512 validators randomly selected every 256 epochs, which is about 27 hours. This is useful because a validator part of the sync committee will sign every beacon chain block header. So if enough validators sign a specific block header, the block is likely the correct one.

This way, Helios can track the head of the chain by asking for a sync committee signature from an untrusted RPC endpoint.

The execution layer

The purpose of the execution layer here is to use the block headers coming from the beacon chain and use them along with an untrusted execution layer RPC to deliver verified data. This is a good point to mention that Ethereum stores the entirety of its state in the form of a giant Merkle-Patricia tree (MPT). In a nutshell, a MPT gives us a way to deterministically verify the authenticity of small chunks of data.

A Merkle-Patricia tree works in such a way that if its root is publicly known and trusted, then the authenticity of any key-value pair from the database can be verified by calling a ‘Merkle proof’.
This allows us to authenticate small amounts of data at a time, which could theoretically be reproduced to authenticate much larger chunks of data through repetition and randomization.

Helios uses an authenticated state root from the consensus layer. Comparing it to the untrusted execution layer RPC, Helios can locally verify the data.

So why would you use Helios? In theory, a node provider with malicious intent could send you the wrong data, compromising your transactions and experience; note that there is no record of such actions by node providers, but it is possible.

Using Helios as a proxy between you and your node provider can reassure you that you are receiving accurate data.

Note that the Helios software is still experimental, and you should be careful using it as your primary method of communicating with the blockchain or for large transactions, as they mention on the Helios Github repository.

Use Chainstack with Helios

So now it’s time for the practical part, we’ll show you how you can use Helios with a Chainstack node and implement it on MetaMask to only use verified data for your transactions.

Install Helios:

Download the Helios installer.

curl https://raw.githubusercontent.com/a16z/helios/master/heliosup/install | bash

Then run the installer.

heliosup

When the process is complete, Helios will be installed, and you can verify it by running the -h command.

helios -h

This command will display the options available, how to use them, and how to create environment variables.

cli 
USAGE:
    helios [OPTIONS]
OPTIONS:
    -c, --consensus-rpc <CONSENSUS_RPC>    [env: CONSENSUS_RPC=]
    -d, --data-dir <DATA_DIR>              [env: DATA_DIR=]
    -e, --execution-rpc <EXECUTION_RPC>    [env: EXECUTION_RPC=]
    -h, --help                             Print help information
    -n, --network <NETWORK>                [default: mainnet]
    -p, --rpc-port <RPC_PORT>              [env: RPC_PORT=]
    -w, --checkpoint <CHECKPOINT>          [env: CHECKPOINT=]

Set up your Chainstack node

Now that we have Helios installed, we need a Chainstack Ethereum node to run it. You can deploy one for free on the developer plan.

Follow these simple steps.

Once you have access to your Chainstack’s Execution client HTTPS endpoint and Consensus client HTTPS endpoint you are ready to start the Helios client and set it up in MetaMask.

Start the Helios light client

You can start the Helios client with the following command.

helios --execution-rpc EXECUTION_CLIENT_HTTPS_URL --consensus-rpc CONSENSUS_CLIENT_HTTPS_URL

This will start the Helios client and make its RPC endpoint available on http://127.0.0.1:8545.

Helios console — Figure 1: Helios client start with Chainstack RPC endpoint

The console shows where the RPC server is running, the status, and the confidence estimation among the information displayed.

The confidence field shows a measure of what percentage of the sync committee signed the block header. Anything below 66% is rejected, as only one validator would need to sign the header, which is relatively simple to fake. Above 66%, it becomes exponentially more complicated, so this is a good measure.

Note that at this moment, Helios requires the use of both execution and consensus RPCs. You can start it with only the --execution-rpc flag; this will use a default consensus client provided by Helios.

helios --execution-rpc EXECUTION_CLIENT_HTTPS_URL

Note that you can run Helios on Goerli as well; simply use a Chainstack’s Goerli node, and add the --network network flag at the end of the command.

helios --execution-rpc EXECUTION_CLIENT_HTTPS_URL --consensus-rpc CONSENSUS_CLIENT_HTTPS_URL --network goerli

Use Helios with MetaMask

At this point, your Helios light client is running and ready to interact with the Ethereum network thanks to the Chainstack RPC endpoint. We can now implement it into MetaMask to make sure that the data we use to send transactions is verified.

In this example I set up a Goerli network.

Click on the networks tab in MetaMask, and click Add network and then on Add a network manually.

MetaMask add network — Figure 2: Adding a network in MetaMask

Fill up the parameters:

Network name (can be any name you want): Goerli Helios Chainstack
New RPC URL: http://127.0.0.1:8545
Chain ID: 5 for Goerli and 1 for mainnet
Currency symbol: ETH
Block explorer URL (Optional): the Etherscan URL or leave it empty

New network fields MetaMask — Figure 3: details to add a network to MetaMask

Once you save the new network, you can switch to it in MetaMask and use your secure endpoint.

Not only MetaMask

MetaMask is by far the most common wallet extension, but there are other options available that you can use with Chainstack. So, now let’s see how we can use Chainstack and Helios with other wallet extensions.

Trust wallet

Trust wallet is another popular externally owned account (EOA) wallet, and you can download it from the Trust wallet website. Like MetaMask, Trust wallet allows the users to configure networks using custom RPC endpoints, so you can easily use it with Chainstack and Helios.

Follow these steps to add a new custom network to your Trust wallet.

Go in Settings
Click on the Network tab
Click Add custom network

Set up a custom network in Trust wallet — Figure 5: Trust wallet add custom network

The page with the network details will open. The fields to fill up are the same as MetaMask, so let’s set up the Helios RPC on the Trust wallet.

Network name (can be any name you want): Goerli Helios Chainstack
New RPC URL: http://127.0.0.1:8545
Chain ID: 5 for Goerli and 1 for mainnet
Currency symbol: ETH
Block explorer URL (Optional): the Etherscan URL or leave it empty

Now you are set up and ready to go using Chainstack and Helios with Trust wallet. The Trust wallet support website says they don’t keep any personal information, so this extension might be a good option if you are concerned about privacy.

Frame

Frame is a privacy-oriented Ethereum wallet; it runs as a desktop application available on macOS, Linux, and Windows and connects to the browser extension allowing you to interact with DApps. For the main part, Frame works just like any other EOA wallet. Still, it includes valuable extra features like read-only accounts and the ability to be injected as a MetaMask emulator.

Read-only accounts essentially allow you to set DApps permissions. For example, you can set up an account that can interact with a DApp but cannot sign transactions, increasing security.

The Frame extension can be injected into your browser “as MetaMask”. This means that it can emulate MetaMask, allowing you to interact with any Dapp but with the security and extra functions of the Frame wallet.

The Frame wallet gives you many tools to protect and customize your Web3 experience, including the possibility to activate/deactivate networks and set up primary and secondary RPC endpoints.

To use Frame with Helios and Chainstack, simply configure a custom network in your Frame desktop app.

After you set up your account, click on the Chains icon and click on ADD CHAIN. The fields to fill up are the same, but with the additional possibility of adding a secondary RPC endpoint for redundancy and selecting the chain type.

In the following example, I set up the Goerli testnet in Frame, using Helios as the primary endpoint and a Chainstack endpoint as a secondary.

Frame add chain UI — Figure 8: Adding new chain to Frame

Note that Frame is still in beta, so it might feel challenging to use in some situations.

Conclusion

Software like Helios has excellent potential to improve security and the overall Web3 experience as you could integrate it directly into DApps and wallets thanks to Rust’s support for WebAssembly. This allows developers to embed Helios into JavaScript applications.