OperateBlueprint ManagerSetup

Blueprint Manager Setup

SDK source (GitHub): https://github.com/tangle-network/blueprint/tree/main/crates/manager

This page covers the operator flow for configuring and running the Blueprint Manager against Tangle’s EVM protocol.

1) Create a settings file

The manager reads protocol addresses (and optional service scope) from settings.env:

cat > settings.env <<'EOF'
BLUEPRINT_ID=123
TANGLE_CONTRACT=0x...
RESTAKING_CONTRACT=0x...
STATUS_REGISTRY_CONTRACT=0x...
# SERVICE_ID=456 # optional; omit to follow all activations
EOF

The settings key is RESTAKING_CONTRACT for compatibility; it points to the staking contract.

2) Start the manager

cargo tangle blueprint run \
  --protocol tangle-evm \
  --http-rpc-url "$RPC_URL" \
  --ws-rpc-url "$WS_RPC_URL" \
  --keystore-path ./keystore \
  --settings-file ./settings.env

This process should run continuously. Use a process supervisor (systemd, docker, or Kubernetes) for restarts and health checks.

3) Choose runtime preferences

You can control how services are executed:

  • --spawn-method selects the preferred runtime (native, vm, container).
  • --vm or --no-vm force or disable the VM sandbox.
  • --preferred-source lets you override the blueprint’s preferred source type.
  • --save-runtime-prefs persists PREFERRED_SOURCE and USE_VM into settings.env.

Example:

cargo tangle blueprint run \
  --protocol tangle-evm \
  --http-rpc-url "$RPC_URL" \
  --ws-rpc-url "$WS_RPC_URL" \
  --keystore-path ./keystore \
  --settings-file ./settings.env \
  --spawn-method vm \
  --save-runtime-prefs

4) Data and cache directories

  • --data-dir controls the per-service working directory (defaults to ./data).
  • The manager maintains a cache for downloaded artifacts (defaults to ./cache).

Plan capacity based on the number of services you expect to host. See Sizing and Capacity.

5) Remote TEE preflight

If you want to satisfy remote tee_required workloads, validate your cloud and attestation configuration before starting the manager:

cargo tangle cloud configure aws --region us-east-1 --set-default
cargo tangle cloud preflight --tee-required --bootstrap-env

The preflight flow prints the bootstrap environment expected by the manager, including:

  • BLUEPRINT_REMOTE_TEE_REQUIRED=true
  • BLUEPRINT_REMOTE_TEE_ATTESTATION_POLICY
  • BLUEPRINT_REMOTE_TEE_ATTESTATION_VERIFY_CMD for cryptographic verification
  • TEE_BACKEND

Use --write-env-file if you want to materialize that output into an env file for your supervisor.

For local container TEE execution instead of remote provisioning, configure Kubernetes with the kata runtime class. See Confidential Compute.

RequirementsConfidential Compute