Skip to main content
Watt ServiceNet is configured entirely through environment variables. Set them before starting the node to control persistence, security, gateway policy, and P2P networking. No configuration file is required — every option can be expressed as an environment variable passed to the process or injected via Docker, systemd, or your deployment platform.

Core

VariableDefaultDescription
SERVICENET_HTTP_ADDR127.0.0.1:8042Address the HTTP server binds to. Set to 0.0.0.0:8042 to accept external connections.

Storage

VariableDefaultDescription
SERVICENET_DATABASE_URL(none)PostgreSQL connection URL. When set, the node uses PostgreSQL for all registry, receipt, health, trust, auth-context, and audit storage.
SERVICENET_DATABASE_SCHEMApublicPostgreSQL schema name. Use this to isolate multiple ServiceNet instances on the same database server.
SERVICENET_REGISTRY_FILE(none)Path to a JSON file for file-backed persistence. Created automatically if it does not exist. Ignored when DATABASE_URL is set.
When neither SERVICENET_DATABASE_URL nor SERVICENET_REGISTRY_FILE is set, the node uses in-memory storage and all state is lost on restart. See Storage Backends for a full comparison.

Security

VariableDefaultDescription
SERVICENET_SECRET_BROKER_KEY(required in DB mode)Base64-encoded 32-byte key used to encrypt auth-context secrets at rest. Required whenever SERVICENET_DATABASE_URL is set.
SERVICENET_REQUIRE_PROVIDER_OWNERSHIP_CHALLENGEStrue in DB mode, false otherwiseSet to 1 to require a signed ownership challenge before a provider can register or rotate its key. Automatically enabled in PostgreSQL mode.
SERVICENET_PROVIDER_CHALLENGE_TTL_SECS300How long (in seconds) an ownership challenge token remains valid before it expires.
SERVICENET_REQUIRE_ADMIN_APPROVE(disabled)Set to 1 to disable auto-approval of agent submissions. Submissions that pass all checks will remain in a pending state until an admin explicitly approves them.

Generating a Secret Broker Key

Generate a cryptographically random key before your first PostgreSQL-backed deployment: 
# Generate a random 32-byte key and base64-encode it
openssl rand -base64 32
# Example output: BwcHBwcHBwcHBwcHBwcHBwcHBwcHBwcHBwcHBwcHBwc=
Pass the output as SERVICENET_SECRET_BROKER_KEY: 
SERVICENET_DATABASE_URL=postgres://servicenet:password@localhost:5432/watt-servicenet \
SERVICENET_SECRET_BROKER_KEY=$(openssl rand -base64 32) \
cargo run -p watt-servicenet-node
Never use the placeholder key (BwcHBwcH...) shown in example configs in a production deployment. Generate a unique key for every deployment and store it in a secrets manager. Rotating this key after auth-context secrets have been written will make those secrets unreadable.

Gateway Policy

VariableDefaultDescription
SERVICENET_GATEWAY_MAX_COST_UNITS(none)Default cost cap for all agent invocations routed through the gateway. Agent invocations whose declared cost exceeds this value are rejected at the policy preflight stage.

P2P Networking

The variables below control the Iroh-backed P2P sync layer. P2P is disabled by default.
VariableDefaultDescription
SERVICENET_P2P_ENABLED(disabled)Set to 1, true, or yes to enable P2P gossip and backfill.
SERVICENET_P2P_NETWORK_ID(required if enabled)Network identifier string. Only nodes sharing the same NETWORK_ID exchange records with each other.
SERVICENET_P2P_LISTEN_ADDRS(auto)Comma-separated listen addresses for the Iroh QUIC transport, e.g. 0.0.0.0:4101.
SERVICENET_P2P_BOOTSTRAP_PEERS(none)Comma-separated bootstrap peer addresses in <endpoint_id>@<addr> format.
SERVICENET_P2P_STATE_DIR.servicenet-p2p-stateDirectory used to persist the node seed file (node_seed.hex) so the node’s EndpointId stays stable across restarts.
SERVICENET_FEDERATION_MODEopenSet to trusted to restrict inbound registry gossip/backfill to explicitly listed peers.
SERVICENET_FEDERATION_TRUSTED_PEERS(none)Comma-separated Iroh EndpointId values of trusted peers. Only used when FEDERATION_MODE=trusted.
For step-by-step P2P configuration, see P2P Setup. For federation trust policy, see Federation.