All systems operational 21 cryptocurrencies accepted · Monero welcome No-KYC policy
ChainVPS

Crypto · no KYC

Host Monero Node (monerod) on an Offshore VPS

Run your own Monero full node on an offshore, no-KYC VPS so your wallet talks to a daemon you control instead of trusting a stranger's public node with your transaction queries.

What it is

monerod is the Monero reference daemon: it downloads and verifies the entire Monero blockchain, relays transactions across the peer-to-peer network, and answers wallet RPC queries. Running your own node means your wallet software (Feather, Cake, Monero GUI/CLI, merchant tools) never leaks your addresses or IP to a third-party public node.

Why host it offshore

A node you rent with identity documents defeats the point — it links your infrastructure to your name. On a no-KYC, crypto-paid offshore VPS you get a daemon under your sole control, in a privacy-friendly jurisdiction, with unmetered bandwidth so relaying blocks and serving RPC never triggers overage bills or throttling.

The deploy

A working reference setup

Copy this onto a fresh ChainVPS instance. Replace the placeholders, then bring it up.

docker-compose.yml
Steps for Ubuntu 24.04 (after installing Docker Engine + compose plugin):

# 1. Save this as docker-compose.yml
services:
  monerod:
    image: sethsimmons/simple-monerod:latest
    container_name: monerod
    restart: unless-stopped
    volumes:
      - monero-data:/home/monero/.bitmonero
    ports:
      - "18080:18080"   # P2P — must be reachable for a public node
      - "18089:18089"   # restricted public RPC (safe to expose)
    command:
      - "--rpc-restricted-bind-ip=0.0.0.0"
      - "--rpc-restricted-bind-port=18089"
      - "--public-node"
      - "--no-igd"
      - "--confirm-external-bind"
      - "--enable-dns-blocklist"
      - "--out-peers=32"
      - "--in-peers=48"
      - "--prune-blockchain"          # remove this line for a full/unpruned node
      - "--max-log-file-size=1048576"
volumes:
  monero-data:

# 2. Start it
docker compose up -d

# 3. Watch initial sync (first sync can take several hours to a day)
docker compose logs -f monerod

# 4. Point a wallet at it:  http://YOUR_SERVER_IP:18089
# The image's data path is /home/monero/.bitmonero; the named volume
# persists the blockchain across container restarts and image upgrades.

Firewall

Ports to open

PortProtocolPurpose
18080TCPP2P network — inbound/outbound peer connections; open for a public node
18089TCPRestricted public RPC for wallets (safe methods only); expose this, not 18081
18081TCPUnrestricted RPC / admin — keep bound to localhost only, NEVER expose publicly
18083TCPZMQ pub interface (optional, for merchant/indexer tooling); keep local

Right-sizing

Which plan you need

Light

VPS Small (2 vCPU / 4 GB RAM)

Pruned node with --prune-blockchain for a personal wallet backend. Pruned chain is roughly 100-120 GB; provision 200 GB disk to leave headroom for growth.

Medium

Storage VPS / VPS Pro (4 vCPU / 8 GB RAM)

Full unpruned public node serving multiple wallets or a small merchant setup. Full chain is ~230 GB and grows; budget 400 GB+ disk. Unmetered bandwidth carries P2P relay comfortably.

Heavy

Dedicated or large Storage plan (8+ vCPU / 16+ GB RAM, NVMe)

High-peer public node, ZMQ indexer, or backend for many wallets/payment processing. NVMe keeps verification and RPC latency low under load; 500 GB+ storage for years of chain growth.

Best locations: The 6 privacy-tier locations (NL, CH, RO, IS, MD, LU) are the best fit — Switzerland and Iceland in particular sit in strong data-protection jurisdictions with no mandatory data-retention overreach, which matters for a node that fields wallet RPC. Unmetered bandwidth in these regions lets you run a truly public, peer-serving node without overage risk, and included DDoS protection keeps the P2P port stable when your node becomes a well-connected relay.

Lock it down

Hardening checklist

  • Never expose the unrestricted RPC port 18081 to the internet — only publish the restricted port 18089 (--rpc-restricted-bind). The restricted interface disables admin/dangerous methods like set_bans, stop_daemon, and sync-info leakage.
  • Lock the firewall down with UFW: allow only 18080 (P2P) and 18089 (restricted RPC), deny everything else. Keep 18081 and 18083 reachable only from localhost / the Docker bridge.
  • For maximum privacy, run monerod over Tor: add a Tor hidden service for inbound P2P and use --tx-proxy tor,127.0.0.1:9050 plus --offshore-inbound so your node's clearnet IP isn't tied to the transactions it originates.
  • Keep --enable-dns-blocklist on and cap peers (--out-peers/--in-peers) to blunt eclipse and spam-peer attacks; add --ban-list with the community ban list to drop known malicious/spy nodes.
  • Track Monero releases and rebuild the image promptly — network upgrades (hard forks) require an up-to-date monerod or your node stops syncing. Pin a tagged version in production rather than :latest so upgrades are deliberate.

Questions

Hosting Monero Node (monerod) — FAQ

How much disk space does a Monero node need?

A full unpruned node is around 230 GB in 2026 and grows steadily, so plan for 400 GB or more. A pruned node (--prune-blockchain) cuts that to roughly 100-120 GB while still fully verifying the chain — ideal for a personal wallet backend on a smaller plan.

Pruned or full node — which should I run?

A pruned node validates every block and is fine for serving your own wallets on cheaper storage. Run a full unpruned node if you want to be a good public relay, serve historical data, or run merchant/indexer tooling that needs full transaction data.

Is it safe to make my node public?

Yes, as long as you only expose the restricted RPC (18089) and P2P (18080) ports and keep 18081 on localhost. The restricted interface blocks admin commands, so a public node can serve wallets without exposing control over the daemon.

How long does the initial sync take?

Expect several hours to about a day for a first sync, depending on CPU, disk speed, and peers. NVMe storage and more vCPU speed up block verification significantly, which is why the medium/heavy tiers use NVMe-backed plans.

Can I run this alongside a wallet RPC for payments?

Yes. Run monero-wallet-rpc in a separate container bound to localhost, pointed at monerod's local RPC. Keep the wallet RPC off the public internet entirely and reach it through an SSH tunnel or the Docker network only.

Why offshore instead of a mainstream cloud provider?

Mainstream providers require identity verification and can freeze infrastructure tied to crypto activity. A no-KYC, crypto-paid offshore VPS in a privacy-tier location keeps the node under your control with no name attached, and unmetered bandwidth means public relaying never costs extra.

Spin up Monero Node (monerod)
in the next 60 seconds.

Unmetered bandwidth · DDoS included · 21 cryptocurrencies · no KYC.