Public Integration Surface

Use Talero public-safe RPC without touching private operator paths

This guide documents the Talero JSON-RPC surface that is suitable for public builders, wallets, explorers, light clients, and hardened public gateways. It is based on the node codebase, not on private runbooks, and it stays deliberately inside the public-safe boundary.

Public-safe RPC JSON-RPC 2.0 Ethereum-compatible reads Talero-specific status No sensitive material

Public endpoint

POST https://rpc.talero.info/rpc
The public entry point is a JSON-RPC endpoint. Treat it as a constrained, rate-limited surface.

Important boundary

This is not the operator channel.
Admin overrides, trusted-only simulation flows, private proof bundles, and signer controls stay outside the public docs.

Public-safe does not mean unlimited. Talero can mask values, deny expensive methods, tighten quotas, or temporarily restrict parts of the public surface when privacy or safe-mode policy requires it.

Scope and boundary

Talero exposes Ethereum-style JSON-RPC plus Talero-specific methods for health, finality, checkpoints, diagnostics, fee planning, transaction tooling, and observer-facing PoS data. On a public edge, that surface is filtered through a public allowlist, privacy policy, safe-mode policy, and rate controls.

In scope here: public read methods, public-safe Talero methods, submission methods, and REST aliases that are suitable for public consumers.

Out of scope here: admin mutations, trusted-only state overrides, signer backends, operator-only metrics, private proof-bundle workflows, and any environment values that should stay in private ops material.

The page is written for two audiences at once:

Consumers of the shared public RPC at rpc.talero.info.
Operators who want to expose a hardened public edge from a self-hosted Talero fullnode.

Endpoint contract

The public JSON-RPC surface is exposed over POST /rpc. On mainnet and testnet, self-hosted Talero nodes bind RPC to 127.0.0.1:8547 by default. Binding a public interface requires an explicit operator acknowledgement, and a publicly bound RPC automatically enables public-mode restrictions.

Property	Behavior	Practical note
Transport	`POST /rpc` over HTTP or HTTPS	Public consumers should prefer HTTPS endpoints.
Envelope	JSON-RPC 2.0 single request object	Do not rely on batch-array requests on the public edge.
Body size	Server-side limited	Self-hosted defaults are conservative; public gateways may be stricter.
Method name	Validated and length-capped	Malformed or oversized method names are rejected early.
Params	Validated per method family	Deep or malformed parameter shapes return invalid-params errors.

For public deployments, Talero does not treat RPC as a trusted operator lane. Public mode, privacy mode, and safe mode are part of the contract that clients must tolerate.

Request model

Send a single JSON object with jsonrpc, id, method, and params. Methods accept either positional arrays or object-style params depending on the method. Talero returns a normal JSON-RPC success object with result or an error object with code and message.

curl -sS -X POST https://rpc.talero.info/rpc \
  -H 'content-type: application/json' \
  -d '{
    "jsonrpc": "2.0",
    "id": 1,
    "method": "eth_chainId",
    "params": []
  }'

When you build client code, assume that public nodes may rate-limit, mask some values, or reject expensive calls that would work on a private trusted node.

Quick examples

Best head height

curl -sS -X POST https://rpc.talero.info/rpc \
  -H 'content-type: application/json' \
  -d '{"jsonrpc":"2.0","id":2,"method":"eth_blockNumber","params":[]}'

Safe-mode status

curl -sS -X POST https://rpc.talero.info/rpc \
  -H 'content-type: application/json' \
  -d '{"jsonrpc":"2.0","id":3,"method":"talero_safeModeStatus","params":{}}'

Finality estimate for a transaction hash

curl -sS -X POST https://rpc.talero.info/rpc \
  -H 'content-type: application/json' \
  -d '{
    "jsonrpc":"2.0",
    "id":4,
    "method":"talero_finalityEstimate",
    "params":{"txHash":"0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"}
  }'

Hybrid transaction signing hash

curl -sS -X POST https://rpc.talero.info/rpc \
  -H 'content-type: application/json' \
  -d '{
    "jsonrpc":"2.0",
    "id":5,
    "method":"talero_txSigningHash",
    "params":{
      "from":"0x1111111111111111111111111111111111111111",
      "to":"0x2222222222222222222222222222222222222222",
      "nonce":1,
      "gas_limit":21000,
      "max_fee_per_gas":"1000000000",
      "max_priority_fee_per_gas":"100000000"
    }
  }'

Ethereum-compatible read methods

These methods give Talero an Ethereum-shaped consumer surface for wallets, explorers, bridges, and general EVM tooling. Public edges can still apply privacy masking, method quotas, and safe-mode restrictions.

Method	Use it for	Public-edge note
`eth_chainId`	Discover the active chain ID.	Use this instead of hardcoding chain identity.
`net_version`	Ethereum-style network ID string.	Compatibility helper for generic clients.
`web3_clientVersion`	Client/version compatibility checks.	Useful for diagnostics and support tooling.
`eth_blockNumber`	Read the current best block height.	Cheap and common polling primitive.
`eth_getBlockByNumber`	Fetch a block by canonical height or tag.	Public-safe but counted as a heavy method.
`eth_getBlockByHash`	Fetch a block by hash.	Heavy method; expect normal rate control.
`eth_getBlockReceipts`	Fetch receipts for a block in one call.	Useful for explorer indexing and analytics.
`eth_getTransactionByHash`	Look up a transaction.	Stable public lookup surface.
`eth_getTransactionReceipt`	Read receipt, logs, and execution status.	Preferred over scraping explorer HTML.
`eth_getBalance`	Read an account balance.	Privacy policy can mask or deny this on some public edges.
`eth_getTransactionCount`	Read account nonce.	Public privacy mode can mask or deny nonces.
`eth_getCode`	Read contract bytecode.	Public-safe read method.
`eth_getStorageAt`	Read a storage slot.	Can be denied by public privacy policy.
`eth_getProof`	Read account and storage proofs.	Public edges can deny it, and it only works on compatible state-root heights.
`eth_getLogs`	Filter logs by selector, range, address, and topics.	Public edges cap range and result count; always paginate responsibly.

Talero-specific read methods

These methods expose Talero-native status and compatibility information that does not fit cleanly into the Ethereum namespace. They are often the best first stop when you need network identity, policy state, or operator-facing summaries without private detail.

Method	Use it for	Notes
`talero_health`	Node health and service status.	JSON-RPC twin of the public health surface.
`talero_epoch`	Epoch and height context.	Compact chain-status helper.
`talero_genesisHash`	Read the active genesis hash.	Useful for network identity checks.
`talero_getHardforkSchedule`	Read the protocol schedule.	Good for tooling that needs upgrade awareness.
`talero_getConsensusConfig`	Read the consensus manifest and hash.	Public-safe consensus metadata only.
`talero_getRpcCompat`	Read RPC alias and compatibility metadata.	Includes legacy alias information.
`talero_getNetworkInfo`	Read network identity, head, base fee, and service-level summary.	Heavy read method with short-lived public caching.
`talero_getPrivacyConfig`	Read the effective public privacy policy.	Tells clients whether masking or denial is active.
`talero_safeModeStatus`	Read the current safe-mode level and policy.	Best way to explain sudden public-surface restrictions.
`talero_networkHealth`	Read an anonymized network health summary.	Aggregated view only; no private peer coordinates.
`talero_networkRisk`	Read public-safe risk aggregation.	Combines confidence, finality, and safe-mode signals.
`talero_watchtowerStatus`	Read watchtower service status.	Signal-only status; no private control path is documented here.
`talero_getNodeDiagnostics`	Read aggregate node diagnostics.	Public-safe diagnostic summary, not admin debug.
`talero_getModuleStatus`	Read module-level service status.	Useful for status dashboards.
`talero_getActivityHints`	Read recent activity hints.	Built for public UX surfaces.
`talero_getRecentOperationalEvents`	Read recent operational event summaries.	Public-safe activity stream summary.

Fees and execution methods

Public consumers often need fee guidance and read-only execution simulation. These methods are allowed on the public-safe surface, but several of them are considered heavy and can be throttled or denied when the public edge is under stress.

Method	Use it for	Public-edge note
`eth_gasPrice`	Read a simple gas price suggestion.	Compatibility helper for broad tooling.
`eth_maxPriorityFeePerGas`	Read a priority-fee suggestion.	Suitable for wallet defaults.
`eth_feeHistory`	Read fee history data for estimation models.	Heavy method with per-method quota on public edges.
`talero_getBasefee` `talero_get_basefee`	Read Talero base-fee details.	Prefer camelCase in new integrations.
`talero_feeForecast`	Read Talero fee forecast output.	Heavy method; supports lookback, horizon, and forecast mode.
`eth_call`	Run a read-only contract call.	Heavy method; public nodes may tighten quotas in safe mode.
`eth_estimateGas`	Estimate gas for a transaction plan.	Heavy method with dedicated quota controls.
`talero_simulateTx`	Run Talero's public-safe transaction simulation path.	Read-only simulation; good for builders that want extra Talero semantics.

On public edges, eth_getLogs, eth_feeHistory, eth_estimateGas, and other heavy methods are the first places where you should expect visible rate limiting when the service is under load.

Finality and checkpoint methods

Talero exposes public-safe finality helpers that go beyond standard Ethereum semantics. They are designed to help wallets, explorers, and bridges distinguish best head from finalized state and reason about risk without pulling private operator data.

Method	Use it for	Notes
`talero_finalizedHead`	Read finalized height, hash, and lag.	Public-safe distinction between best head and finalized head.
`talero_confidenceScore`	Read a confidence score for recent chain conditions.	UX-oriented confidence signal, not a finality guarantee.
`talero_finalityEstimate`	Estimate finality for latest head, tx hash, block hash, or block number.	Accepts object params such as `{ "txHash": "0x..." }`.
`talero_getCheckpoint`	Read the latest checkpoint bundle.	Feature-gated by build; method may be absent on some binaries.
`talero_getCheckpointHistory`	Read historical checkpoints.	Public-safe historical listing when checkpoint support is compiled in.
`talero_getFinalityReceiptBundle`	Read a compact public-safe receipt/finality bundle.	Preferred public finality bundle surface for transaction consumers.

If you need a compact public-safe finality answer for a transaction, start with talero_getFinalityReceiptBundle and fall back to talero_finalityEstimate for higher-level UX.

Transaction tooling methods

Talero publishes helper methods for transaction construction and validation. These are especially useful when you need Talero's hybrid transaction-signing policy without embedding private signing logic into the node documentation.

Method	Use it for	Notes
`talero_txCapabilities`	Read active transaction capability and signing-policy metadata.	Includes PQ-related capability hints and schema versioning.
`talero_txSchema`	Read the accepted transaction object schema.	Good for validators in external client libraries.
`talero_txSigningHash` `talero_txSignHash`	Generate the canonical signing message and hash.	Use camelCase going forward; alias remains wire-compatible.
`talero_txVerifyPreview`	Preview signature-verification outcome without broadcasting.	Useful for wallet UX and preflight checks.
`talero_validateIntent`	Validate a higher-level transaction intent.	Also exposed through a public REST alias.
`talero_routeHints`	Read route hints for transaction handling.	Useful for wallets and orchestrators.

Submission methods

Talero keeps transaction submission available on the public-safe surface unless a node is operating in read-only mode. This means public builders can broadcast signed transactions without being handed any private operator privilege.

Method	What it expects	Public-edge note
`eth_sendRawTransaction`	A raw signed transaction as hex.	Preferred public submission method for standard clients.
`eth_sendTransaction`	A transaction object.	Accepted by Talero's normalized submission pipeline.
`talero_sendTransaction`	A Talero transaction object.	Useful when you need Talero-specific fields explicitly.

Submission methods are still subject to anti-spam rate limiting and to a node's read-only policy. A public-safe surface can accept broadcasts without being a trusted admin endpoint.

PoS observer methods

Talero also exposes observer-facing PoS and BFT methods that help consumers inspect validator sets, active sets, slashing rules, and BFT runtime status. These are public-safe reads, not validator-control methods.

Method	Use it for	Notes
`talero_posGetValidatorSet`	Read the current validator set.	Observer method only.
`talero_posGetActiveSet`	Read the active validator subset.	Supports a bounded `limit` parameter.
`talero_posSlashingPolicy`	Read public slashing and validator policy metadata.	Consensus policy view, not a mutation endpoint.
`talero_posGetEpochSnapshot`	Read PoS epoch snapshot data.	Public-safe observer surface.
`talero_posGetEpochRewards`	Read PoS reward information for an epoch.	Useful for dashboards and reward analysis.
`talero_posGetDelegations`	Read delegation data.	Public-safe read path.
`talero_posBftStatus`	Read PoS/BFT runtime status and latest QC summary.	Feature-gated by build; absent when pos-bft is not compiled in.
`talero_posBftGetQc`	Read the latest QC summary.	Public-safe observer path.
`talero_posBftListQcs`	List recent quorum certificates.	Useful for BFT observers and auditors.

Mining-role RPC such as talero_getWork, eth_getWork, talero_submitWork, eth_submitWork, and hashrate submission flows are role-conditioned and belong in the miner/pool guide, not in the generic public-safe RPC guide.

Public safety model

Talero layers multiple controls on top of the public JSON-RPC surface. Client integrations should assume these controls are normal, not exceptional.

Public binding and public mode

On mainnet and testnet, a self-hosted Talero node listens on loopback by default.
Binding RPC publicly requires explicit operator acknowledgement.
When a node is publicly bound, Talero forces public-mode method restrictions for non-admin callers.

Privacy policy

Public privacy mode can mask balances or nonces instead of returning raw values.
Proof and storage reads can be denied on hardened public deployments.
talero_getPrivacyConfig is the public-safe way to detect these rules.

Safe mode

Talero safe mode can reduce public concurrency and timeout budgets.
It can deny heavy public methods when the network is under stress.
Public mining RPC can also be restricted under elevated safe-mode levels.

Rate limits and heavy methods

All public clients pass through a general RPC rate bucket.
Heavy methods use additional quotas, including per-method limits for eth_feeHistory, eth_getLogs, and eth_estimateGas.
eth_getLogs requires a valid block selector and uses bounded range/result windows on public edges.

Read-only nodes

A node can run with transaction submission disabled for untrusted callers.
In that mode, trusted/private callers may still have different behavior than the public edge.
Public docs should describe the safe public contract, not private trust tiers.

Related public-safe REST aliases

Talero also exposes REST routes that mirror or summarize parts of the public-safe RPC surface. These aliases inherit public guards such as privacy policy and general rate limiting.

Route	Purpose	Note
`GET /api/v1/health`	Detailed health summary.	Friendly for dashboards and uptime checks.
`GET /api/v1/network/health`	Network health aggregation.	Public-safe aggregation only.
`GET /api/v1/network/risk`	Network risk summary.	REST alias of the public-safe risk surface.
`GET /api/v1/confidence`	Confidence summary.	Good for front-end status panels.
`GET /api/v1/fees`	Current fee summary.	Simple wallet/explorer helper.
`GET /api/v1/fees/forecast`	Fee forecast summary.	REST view over Talero fee planning output.
`POST /api/v1/finality/estimate`	Finality estimate by JSON body.	Shares the same public-safe finality semantics.
`GET /api/v1/receipt/:hash/finality-bundle`	Receipt finality bundle by tx hash.	REST twin of `talero_getFinalityReceiptBundle`.
`POST /api/v1/route/hints`	Route-hint helper endpoint.	Public-safe wallet/integration helper.
`POST /api/v1/intents/validate`	Intent validation helper.	REST alias for validation flows.
`GET /api/v1/diagnostics/node` `GET /api/v1/diagnostics/modules`	Public-safe diagnostics.	Status-grade summaries, not private debug dumps.
`GET /api/v1/activity/hints` `GET /api/v1/activity/events`	Recent operational activity summaries.	Useful for public status UX.

The top-level GET /events SSE stream exists separately from JSON-RPC. It is an event stream, not a stable replacement for method-based RPC, and public deployments may choose to keep it narrow or internal.

Error model

Talero uses conventional JSON-RPC success/error objects on /rpc. The exact code can depend on the method family, but the following cases are the ones public clients should expect most often.

Code / status	Typical meaning	What client code should do
`-32602`	Invalid params.	Fix the request shape; do not retry blindly.
`-32004`	Target not found for finality-style queries.	Handle as a missing object, not as a transport failure.
`-32005` `HTTP 429`	Rate limit exceeded or request too large for a quota window.	Back off, reduce request size, or paginate.
`-32010` `HTTP 403`	Denied by public privacy policy or restricted trust tier.	Do not assume the method is public-safe on every deployment.
`-32050` `HTTP 403/503`	Method not allowed or temporarily restricted.	Treat as policy, not as malformed transport.
`-32000` `HTTP 500`	Internal node-side error.	Retry cautiously and log the method and params shape.

On REST aliases, you should expect the same policy outcomes rendered as HTTP status codes: 400 for invalid params, 403 for denied public policy, 404 for not-found targets, 429 for throttling, and 503 when safe mode temporarily restricts a surface.