Make Caplin work with Otterscan (#9115)

* Fixed mispelling in json fields * Added CORS
2025-01-03 01:27:38 +00:00 · 2024-01-02 23:29:00 +01:00 · 2024-01-02 23:29:00 +01:00 · 3d10cee49b
commit 3d10cee49b
parent 415b17ca85
21 changed files with 92 additions and 48 deletions
--- a/cl/beacon/beacon_router_configuration/cfg.go
+++ b/cl/beacon/beacon_router_configuration/cfg.go
@ -2,11 +2,14 @@ package beacon_router_configuration

 import "time"

-// TODO(enriavil1): Make this configurable via flags
 type RouterConfiguration struct {
 	Active   bool
 	Protocol string
 	Address  string
+	// Cors data
+	AllowedOrigins   []string
+	AllowedMethods   []string
+	AllowCredentials bool

 	ReadTimeTimeout time.Duration
 	IdleTimeout     time.Duration
--- a/cl/beacon/handler/blocks_test.go
+++ b/cl/beacon/handler/blocks_test.go
--- a/cl/beacon/handler/genesis.go
+++ b/cl/beacon/handler/genesis.go
@ -10,9 +10,9 @@ import (
 )

 type genesisResponse struct {
-	GenesisTime          uint64           `json:"genesis_time,omitempty,string"`
-	GenesisValidatorRoot common.Hash      `json:"genesis_validators_root,omitempty"`
-	GenesisForkVersion   libcommon.Bytes4 `json:"genesis_fork_version,omitempty"`
+	GenesisTime          uint64           `json:"genesis_time,string"`
+	GenesisValidatorRoot common.Hash      `json:"genesis_validators_root"`
+	GenesisForkVersion   libcommon.Bytes4 `json:"genesis_fork_version"`
 }

 func (a *ApiHandler) getGenesis(w http.ResponseWriter, r *http.Request) (*beaconResponse, error) {
--- a/cl/beacon/handler/handler.go
+++ b/cl/beacon/handler/handler.go
@ -83,7 +83,6 @@ func (a *ApiHandler) init() {
 				})
 				r.Get("/node/syncing", http.NotFound)
 				r.Route("/states", func(r chi.Router) {
-					r.Get("/head/validators/{index}", http.NotFound) // otterscan
 					r.Route("/{state_id}", func(r chi.Router) {
 						r.Get("/randao", beaconhttp.HandleEndpointFunc(a.getRandao))
 						r.Get("/committees", beaconhttp.HandleEndpointFunc(a.getCommittees))
--- a/cl/beacon/handler/validators.go
+++ b/cl/beacon/handler/validators.go
@ -463,7 +463,7 @@ func responseValidators(filterIndicies []uint64, filterStatuses []validatorStatu
 			}
 		}
 		first = false
-		if _, err = b.WriteString(fmt.Sprintf(validatorJsonTemplate, i, status.String(), balances.Get(i), v.PublicKey(), v.WithdrawalCredentials().String(), v.EffectiveBalance(), v.Slashed(), v.ActivationEligibilityEpoch(), v.ActivationEpoch(), v.ExitEpoch(), v.WithdrawableEpoch())); err != nil {
+		if _, err = b.WriteString(fmt.Sprintf(validatorJsonTemplate, i, status.String(), balances.Get(i), v.PublicKey(), v.WithdrawalCredentials(), v.EffectiveBalance(), v.Slashed(), v.ActivationEligibilityEpoch(), v.ActivationEpoch(), v.ExitEpoch(), v.WithdrawableEpoch())); err != nil {
 			return false
 		}
 		return true
@ -487,7 +487,7 @@ func responseValidator(idx uint64, stateEpoch uint64, balances solid.Uint64ListS
 	v := validators.Get(int(idx))
 	status := validatorStatusFromValidator(v, stateEpoch, balances.Get(int(idx)))

-	if _, err = b.WriteString(fmt.Sprintf(validatorJsonTemplate, idx, status.String(), balances.Get(int(idx)), v.PublicKey(), v.WithdrawalCredentials().String(), v.EffectiveBalance(), v.Slashed(), v.ActivationEligibilityEpoch(), v.ActivationEpoch(), v.ExitEpoch(), v.WithdrawableEpoch())); err != nil {
+	if _, err = b.WriteString(fmt.Sprintf(validatorJsonTemplate, idx, status.String(), balances.Get(int(idx)), v.PublicKey(), v.WithdrawalCredentials(), v.EffectiveBalance(), v.Slashed(), v.ActivationEligibilityEpoch(), v.ActivationEpoch(), v.ExitEpoch(), v.WithdrawableEpoch())); err != nil {
 		return nil, err
 	}

--- a/cl/beacon/handler/validators_test.go
+++ b/cl/beacon/handler/validators_test.go
@ -36,19 +36,19 @@ func TestGetAllValidators(t *testing.T) {
 			blockID:      "0x" + common.Bytes2Hex(postRoot[:]),
 			code:         http.StatusOK,
 			queryParams:  "?id=1,2,3",
-			expectedResp: `{"data":[{"index":"1","status":"withdrawal_possible","balance":"20125000000","validator":{"pubkey":"0xa572cbea904d67468808c8eb50a9450c9721db309128012543902d0ac358a62ae28f75bb8f1c7c42c39a8c5529bf0f4e","withdrawal_credentials":"0x307830303166303965643330356330373637643536663162336264623235663330313239383032376638653938613865306364326463626363363630373233643762","effective_balance":"20000000000","slashed":false,"activation_eligibility_epoch":"0","activation_epoch":"0","exit_epoch":"253","withdrawable_epoch":"257"}},{"index":"2","status":"active_slashed","balance":"25678253779","validator":{"pubkey":"0x89ece308f9d1f0131765212deca99697b112d61f9be9a5f1f3780a51335b3ff981747a0b2ca2179b96d2c0c9024e5224","withdrawal_credentials":"0x307830303661646334613165346361626133376335346435366432343131666430646633613130326638343839613463316265353335663466643566383831306339","effective_balance":"25000000000","slashed":true,"activation_eligibility_epoch":"0","activation_epoch":"0","exit_epoch":"261","withdrawable_epoch":"8448"}},{"index":"3","status":"active_slashed","balance":"35998164834","validator":{"pubkey":"0xac9b60d5afcbd5663a8a44b7c5a02f19e9a77ab0a35bd65809bb5c67ec582c897feb04decc694b13e08587f3ff9b5b60","withdrawal_credentials":"0x307830303831633835323037386132616434333064343338643765616566633339363436663533383935323932353936626265313939653264376431383834616238","effective_balance":"32000000000","slashed":true,"activation_eligibility_epoch":"0","activation_epoch":"0","exit_epoch":"261","withdrawable_epoch":"8448"}}],"finalized":true,"execution_optimistic":false}` + "\n",
+			expectedResp: `{"data":[{"index":"1","status":"withdrawal_possible","balance":"20125000000","validator":{"pubkey":"0xa572cbea904d67468808c8eb50a9450c9721db309128012543902d0ac358a62ae28f75bb8f1c7c42c39a8c5529bf0f4e","withdrawal_credentials":"0x001f09ed305c0767d56f1b3bdb25f301298027f8e98a8e0cd2dcbcc660723d7b","effective_balance":"20000000000","slashed":false,"activation_eligibility_epoch":"0","activation_epoch":"0","exit_epoch":"253","withdrawable_epoch":"257"}},{"index":"2","status":"active_slashed","balance":"25678253779","validator":{"pubkey":"0x89ece308f9d1f0131765212deca99697b112d61f9be9a5f1f3780a51335b3ff981747a0b2ca2179b96d2c0c9024e5224","withdrawal_credentials":"0x006adc4a1e4caba37c54d56d2411fd0df3a102f8489a4c1be535f4fd5f8810c9","effective_balance":"25000000000","slashed":true,"activation_eligibility_epoch":"0","activation_epoch":"0","exit_epoch":"261","withdrawable_epoch":"8448"}},{"index":"3","status":"active_slashed","balance":"35998164834","validator":{"pubkey":"0xac9b60d5afcbd5663a8a44b7c5a02f19e9a77ab0a35bd65809bb5c67ec582c897feb04decc694b13e08587f3ff9b5b60","withdrawal_credentials":"0x0081c852078a2ad430d438d7eaefc39646f53895292596bbe199e2d7d1884ab8","effective_balance":"32000000000","slashed":true,"activation_eligibility_epoch":"0","activation_epoch":"0","exit_epoch":"261","withdrawable_epoch":"8448"}}],"finalized":true,"execution_optimistic":false}` + "\n",
 		},
 		{
 			blockID:      "finalized",
 			code:         http.StatusOK,
 			queryParams:  "?status=active&id=1,2,3",
-			expectedResp: `{"data":[{"index":"2","status":"active_slashed","balance":"25678253779","validator":{"pubkey":"0x89ece308f9d1f0131765212deca99697b112d61f9be9a5f1f3780a51335b3ff981747a0b2ca2179b96d2c0c9024e5224","withdrawal_credentials":"0x307830303661646334613165346361626133376335346435366432343131666430646633613130326638343839613463316265353335663466643566383831306339","effective_balance":"25000000000","slashed":true,"activation_eligibility_epoch":"0","activation_epoch":"0","exit_epoch":"261","withdrawable_epoch":"8448"}},{"index":"3","status":"active_slashed","balance":"35998164834","validator":{"pubkey":"0xac9b60d5afcbd5663a8a44b7c5a02f19e9a77ab0a35bd65809bb5c67ec582c897feb04decc694b13e08587f3ff9b5b60","withdrawal_credentials":"0x307830303831633835323037386132616434333064343338643765616566633339363436663533383935323932353936626265313939653264376431383834616238","effective_balance":"32000000000","slashed":true,"activation_eligibility_epoch":"0","activation_epoch":"0","exit_epoch":"261","withdrawable_epoch":"8448"}}],"finalized":true,"execution_optimistic":false}` + "\n",
+			expectedResp: `{"data":[{"index":"2","status":"active_slashed","balance":"25678253779","validator":{"pubkey":"0x89ece308f9d1f0131765212deca99697b112d61f9be9a5f1f3780a51335b3ff981747a0b2ca2179b96d2c0c9024e5224","withdrawal_credentials":"0x006adc4a1e4caba37c54d56d2411fd0df3a102f8489a4c1be535f4fd5f8810c9","effective_balance":"25000000000","slashed":true,"activation_eligibility_epoch":"0","activation_epoch":"0","exit_epoch":"261","withdrawable_epoch":"8448"}},{"index":"3","status":"active_slashed","balance":"35998164834","validator":{"pubkey":"0xac9b60d5afcbd5663a8a44b7c5a02f19e9a77ab0a35bd65809bb5c67ec582c897feb04decc694b13e08587f3ff9b5b60","withdrawal_credentials":"0x0081c852078a2ad430d438d7eaefc39646f53895292596bbe199e2d7d1884ab8","effective_balance":"32000000000","slashed":true,"activation_eligibility_epoch":"0","activation_epoch":"0","exit_epoch":"261","withdrawable_epoch":"8448"}}],"finalized":true,"execution_optimistic":false}` + "\n",
 		},
 		{
 			blockID:      "finalized",
 			code:         http.StatusOK,
 			queryParams:  "?id=0xa572cbea904d67468808c8eb50a9450c9721db309128012543902d0ac358a62ae28f75bb8f1c7c42c39a8c5529bf0f4e",
-			expectedResp: `{"data":[{"index":"1","status":"withdrawal_possible","balance":"20125000000","validator":{"pubkey":"0xa572cbea904d67468808c8eb50a9450c9721db309128012543902d0ac358a62ae28f75bb8f1c7c42c39a8c5529bf0f4e","withdrawal_credentials":"0x307830303166303965643330356330373637643536663162336264623235663330313239383032376638653938613865306364326463626363363630373233643762","effective_balance":"20000000000","slashed":false,"activation_eligibility_epoch":"0","activation_epoch":"0","exit_epoch":"253","withdrawable_epoch":"257"}}],"finalized":true,"execution_optimistic":false}` + "\n",
+			expectedResp: `{"data":[{"index":"1","status":"withdrawal_possible","balance":"20125000000","validator":{"pubkey":"0xa572cbea904d67468808c8eb50a9450c9721db309128012543902d0ac358a62ae28f75bb8f1c7c42c39a8c5529bf0f4e","withdrawal_credentials":"0x001f09ed305c0767d56f1b3bdb25f301298027f8e98a8e0cd2dcbcc660723d7b","effective_balance":"20000000000","slashed":false,"activation_eligibility_epoch":"0","activation_epoch":"0","exit_epoch":"253","withdrawable_epoch":"257"}}],"finalized":true,"execution_optimistic":false}` + "\n",
 		},
 		{
 			blockID: "alabama",
@ -68,6 +68,7 @@ func TestGetAllValidators(t *testing.T) {
 			if resp.StatusCode != http.StatusOK {
 				return
 			}
+
 			// unmarshal the json
 			out, err := io.ReadAll(resp.Body)
 			require.NoError(t, err)
@ -160,13 +161,13 @@ func TestGetSingleValidator(t *testing.T) {
 			blockID:      "0x" + common.Bytes2Hex(postRoot[:]),
 			code:         http.StatusOK,
 			validatorIdx: "1",
-			expectedResp: `{"data":{"index":"1","status":"withdrawal_possible","balance":"20125000000","validator":{"pubkey":"0xa572cbea904d67468808c8eb50a9450c9721db309128012543902d0ac358a62ae28f75bb8f1c7c42c39a8c5529bf0f4e","withdrawal_credentials":"0x307830303166303965643330356330373637643536663162336264623235663330313239383032376638653938613865306364326463626363363630373233643762","effective_balance":"20000000000","slashed":false,"activation_eligibility_epoch":"0","activation_epoch":"0","exit_epoch":"253","withdrawable_epoch":"257"}},"finalized":true,"execution_optimistic":false}` + "\n",
+			expectedResp: `{"data":{"index":"1","status":"withdrawal_possible","balance":"20125000000","validator":{"pubkey":"0xa572cbea904d67468808c8eb50a9450c9721db309128012543902d0ac358a62ae28f75bb8f1c7c42c39a8c5529bf0f4e","withdrawal_credentials":"0x001f09ed305c0767d56f1b3bdb25f301298027f8e98a8e0cd2dcbcc660723d7b","effective_balance":"20000000000","slashed":false,"activation_eligibility_epoch":"0","activation_epoch":"0","exit_epoch":"253","withdrawable_epoch":"257"}},"finalized":true,"execution_optimistic":false}` + "\n",
 		},
 		{
 			blockID:      "finalized",
 			code:         http.StatusOK,
 			validatorIdx: "0xa572cbea904d67468808c8eb50a9450c9721db309128012543902d0ac358a62ae28f75bb8f1c7c42c39a8c5529bf0f4e",
-			expectedResp: `{"data":{"index":"1","status":"withdrawal_possible","balance":"20125000000","validator":{"pubkey":"0xa572cbea904d67468808c8eb50a9450c9721db309128012543902d0ac358a62ae28f75bb8f1c7c42c39a8c5529bf0f4e","withdrawal_credentials":"0x307830303166303965643330356330373637643536663162336264623235663330313239383032376638653938613865306364326463626363363630373233643762","effective_balance":"20000000000","slashed":false,"activation_eligibility_epoch":"0","activation_epoch":"0","exit_epoch":"253","withdrawable_epoch":"257"}},"finalized":true,"execution_optimistic":false}` + "\n",
+			expectedResp: `{"data":{"index":"1","status":"withdrawal_possible","balance":"20125000000","validator":{"pubkey":"0xa572cbea904d67468808c8eb50a9450c9721db309128012543902d0ac358a62ae28f75bb8f1c7c42c39a8c5529bf0f4e","withdrawal_credentials":"0x001f09ed305c0767d56f1b3bdb25f301298027f8e98a8e0cd2dcbcc660723d7b","effective_balance":"20000000000","slashed":false,"activation_eligibility_epoch":"0","activation_epoch":"0","exit_epoch":"253","withdrawable_epoch":"257"}},"finalized":true,"execution_optimistic":false}` + "\n",
 		},
 		{
 			blockID:      "alabama",
--- a/cl/beacon/router.go
+++ b/cl/beacon/router.go
@ -7,6 +7,7 @@ import (
 	"strings"

 	"github.com/go-chi/chi/v5"
+	"github.com/go-chi/cors"
 	"github.com/ledgerwatch/erigon/cl/beacon/beacon_router_configuration"
 	"github.com/ledgerwatch/erigon/cl/beacon/handler"
 	"github.com/ledgerwatch/erigon/cl/beacon/validatorapi"
@ -25,6 +26,14 @@ func ListenAndServe(beaconHandler *LayeredBeaconHandler, routerCfg beacon_router
 	}
 	defer listener.Close()
 	mux := chi.NewRouter()
+
+	mux.Use(cors.Handler(
+		cors.Options{
+			AllowedOrigins:   routerCfg.AllowedOrigins,
+			AllowedMethods:   routerCfg.AllowedMethods,
+			AllowCredentials: routerCfg.AllowCredentials,
+			MaxAge:           4,
+		}))
 	// enforce json content type
 	mux.Use(func(h http.Handler) http.Handler {
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
--- a/cl/beacon/validatorapi/get.go
+++ b/cl/beacon/validatorapi/get.go
@ -93,6 +93,7 @@ func (v *ValidatorApiHandler) GetEthV1BeaconStatesStateIdFork(w http.ResponseWri
 		},
 	}, nil
 }
+
 func (v *ValidatorApiHandler) GetEthV1BeaconStatesStateIdValidatorsValidatorId(w http.ResponseWriter, r *http.Request) (any, error) {
 	stateId := chi.URLParam(r, "state_id")
 	// grab the correct state for the given state id
--- a/cl/beacon/validatorapi/handler.go
+++ b/cl/beacon/validatorapi/handler.go
@ -36,11 +36,10 @@ func (v *ValidatorApiHandler) Route(r chi.Router) {
 	r.Route("/eth", func(r chi.Router) {
 		r.Route("/v1", func(r chi.Router) {
 			r.Route("/beacon", func(r chi.Router) {
-				r.Get("/genesis", beaconhttp.HandleEndpointFunc(v.GetEthV1BeaconGenesis))
 				r.Route("/states", func(r chi.Router) {
 					r.Route("/{state_id}", func(r chi.Router) {
 						r.Get("/fork", beaconhttp.HandleEndpointFunc(v.GetEthV1BeaconStatesStateIdFork))
-						r.Get("/validators/{validator_id}", beaconhttp.HandleEndpointFunc(v.GetEthV1BeaconStatesStateIdValidatorsValidatorId))
+						// r.Get("/validators/{validator_id}", beaconhttp.HandleEndpointFunc(v.GetEthV1BeaconStatesStateIdValidatorsValidatorId))
 					})
 				})
 				r.Post("/blocks", beaconhttp.HandleEndpointFunc(v.PostEthV1BeaconBlocks))
@ -51,7 +50,6 @@ func (v *ValidatorApiHandler) Route(r chi.Router) {
 				})
 				r.Get("/node/syncing", beaconhttp.HandleEndpointFunc(v.GetEthV1NodeSyncing))
 			})
-			r.Get("/config/spec", beaconhttp.HandleEndpointFunc(v.GetEthV1ConfigSpec))
 			r.Get("/events", v.EventSourceGetV1Events)
 			r.Route("/validator", func(r chi.Router) {
 				// implemented by archive api (for now)
--- a/cl/cltypes/aggregate.go
+++ b/cl/cltypes/aggregate.go
@ -65,7 +65,7 @@ func (a *SignedAggregateAndProof) HashSSZ() ([32]byte, error) {
 * and signature is the aggregate BLS signature of the committee.
 */
 type SyncAggregate struct {
-	SyncCommiteeBits      libcommon.Bytes64 `json:"sync_commitee_bits"`
+	SyncCommiteeBits      libcommon.Bytes64 `json:"sync_committee_bits"`
 	SyncCommiteeSignature libcommon.Bytes96 `json:"signature"`
 }

--- a/cl/cltypes/beacon_block.go
+++ b/cl/cltypes/beacon_block.go
@ -41,7 +41,7 @@ type BeaconBody struct {
 	// Data related to the Ethereum 1.0 chain
 	Eth1Data *Eth1Data `json:"eth1_data"`
 	// A byte array used to customize validators' behavior
-	Graffiti libcommon.Hash `json:"graffit"`
+	Graffiti libcommon.Hash `json:"graffiti"`
 	// A list of slashing events for validators who included invalid blocks in the chain
 	ProposerSlashings *solid.ListSSZ[*ProposerSlashing] `json:"proposer_slashings"`
 	// A list of slashing events for validators who included invalid attestations in the chain
--- a/cl/cltypes/blinded_beacon_block.go
+++ b/cl/cltypes/blinded_beacon_block.go
@ -32,7 +32,7 @@ type BlindedBeaconBody struct {
 	// Data related to the Ethereum 1.0 chain
 	Eth1Data *Eth1Data `json:"eth1_data"`
 	// A byte array used to customize validators' behavior
-	Graffiti libcommon.Hash `json:"graffit"`
+	Graffiti libcommon.Hash `json:"graffiti"`
 	// A list of slashing events for validators who included invalid blocks in the chain
 	ProposerSlashings *solid.ListSSZ[*ProposerSlashing] `json:"proposer_slashings"`
 	// A list of slashing events for validators who included invalid attestations in the chain
--- a/cl/cltypes/contribution.go
+++ b/cl/cltypes/contribution.go
@ -65,7 +65,7 @@ func (a *SignedContributionAndProof) HashSSZ() ([32]byte, error) {
 * and signature is the aggregate BLS signature of the committee.
 */
 type SyncContribution struct {
-	SyncCommiteeBits      libcommon.Bytes64 `json:"sync_commitee_bits"`
+	SyncCommiteeBits      libcommon.Bytes64 `json:"sync_committee_bits"`
 	SyncCommiteeSignature libcommon.Bytes96 `json:"signature"`
 }

--- a/cl/persistence/state/historical_states_reader/historical_states_reader_test.go
+++ b/cl/persistence/state/historical_states_reader/historical_states_reader_test.go
@ -47,19 +47,19 @@ func runTest(t *testing.T, blocks []*cltypes.SignedBeaconBlock, preState, postSt
 }

 func TestStateAntiquaryCapella(t *testing.T) {
-	t.Skip()
+	//t.Skip()
 	blocks, preState, postState := tests.GetCapellaRandom()
 	runTest(t, blocks, preState, postState)
 }

 func TestStateAntiquaryPhase0(t *testing.T) {
-	t.Skip()
+	//t.Skip()
 	blocks, preState, postState := tests.GetPhase0Random()
 	runTest(t, blocks, preState, postState)
 }

 func TestStateAntiquaryBellatrix(t *testing.T) {
-	t.Skip()
+	//t.Skip()
 	blocks, preState, postState := tests.GetBellatrixRandom()
 	runTest(t, blocks, preState, postState)
 }
--- a/cmd/caplin/caplincli/config.go
+++ b/cmd/caplin/caplincli/config.go
@ -40,6 +40,10 @@ type CaplinCliCfg struct {
 	EngineAPIPort         int           `json:"engine_api_port"`
 	JwtSecret             []byte

+	AllowedMethods   []string `json:"allowed_methods"`
+	AllowedOrigins   []string `json:"allowed_origins"`
+	AllowCredentials bool     `json:"allow_credentials"`
+
 	InitalState *state.CachingBeaconState
 	Dirs        datadir.Dirs
 }
@ -72,6 +76,9 @@ func SetupCaplinCli(ctx *cli.Context) (cfg *CaplinCliCfg, err error) {
 	cfg.BeaconApiReadTimeout = time.Duration(ctx.Uint64(caplinflags.BeaconApiReadTimeout.Name)) * time.Second
 	cfg.BeaconApiWriteTimeout = time.Duration(ctx.Uint(caplinflags.BeaconApiWriteTimeout.Name)) * time.Second
 	cfg.BeaconAddr = fmt.Sprintf("%s:%d", ctx.String(caplinflags.BeaconApiAddr.Name), ctx.Int(caplinflags.BeaconApiPort.Name))
+	cfg.AllowCredentials = ctx.Bool(utils.BeaconApiAllowCredentialsFlag.Name)
+	cfg.AllowedMethods = ctx.StringSlice(utils.BeaconApiAllowMethodsFlag.Name)
+	cfg.AllowedOrigins = ctx.StringSlice(utils.BeaconApiAllowOriginsFlag.Name)
 	cfg.BeaconProtocol = "tcp"
 	cfg.RecordMode = ctx.Bool(caplinflags.RecordModeFlag.Name)
 	cfg.RecordDir = ctx.String(caplinflags.RecordModeDir.Name)
--- a/cmd/caplin/caplinflags/flags.go
+++ b/cmd/caplin/caplinflags/flags.go
@ -23,6 +23,9 @@ var CliFlags = []cli.Flag{
 	&EngineApiPortFlag,
 	&JwtSecret,
 	&utils.DataDirFlag,
+	&utils.BeaconApiAllowCredentialsFlag,
+	&utils.BeaconApiAllowMethodsFlag,
+	&utils.BeaconApiAllowOriginsFlag,
 }

 var (
@ -56,7 +59,6 @@ var (
 		Usage: "sets the port to listen for beacon api requests",
 		Value: 5555,
 	}
-
 	BeaconDBModeFlag = cli.StringFlag{
 		Name:  "beacon-db-mode",
 		Usage: "level of storing on beacon chain, minimal(only 500k blocks stored), full (all blocks stored), light (no blocks stored)",
--- a/cmd/caplin/main.go
+++ b/cmd/caplin/main.go
@ -132,11 +132,14 @@ func runCaplinNode(cliCtx *cli.Context) error {
 	snapshotVersion := snapcfg.KnownCfg(cliCtx.String(utils.ChainFlag.Name), 0).Version

 	return caplin1.RunCaplinPhase1(ctx, sentinel, executionEngine, cfg.BeaconCfg, cfg.GenesisCfg, state, caplinFreezer, cfg.Dirs, snapshotVersion, beacon_router_configuration.RouterConfiguration{
-		Protocol:        cfg.BeaconProtocol,
-		Address:         cfg.BeaconAddr,
-		ReadTimeTimeout: cfg.BeaconApiReadTimeout,
-		WriteTimeout:    cfg.BeaconApiWriteTimeout,
-		IdleTimeout:     cfg.BeaconApiWriteTimeout,
-		Active:          !cfg.NoBeaconApi,
+		Protocol:         cfg.BeaconProtocol,
+		Address:          cfg.BeaconAddr,
+		ReadTimeTimeout:  cfg.BeaconApiReadTimeout,
+		WriteTimeout:     cfg.BeaconApiWriteTimeout,
+		IdleTimeout:      cfg.BeaconApiWriteTimeout,
+		Active:           !cfg.NoBeaconApi,
+		AllowedOrigins:   cfg.AllowedOrigins,
+		AllowedMethods:   cfg.AllowedMethods,
+		AllowCredentials: cfg.AllowCredentials,
 	}, nil, nil, false, false, historyDB, indiciesDB)
 }
--- a/cmd/utils/flags.go
+++ b/cmd/utils/flags.go
@ -916,6 +916,21 @@ var (
 		Usage: "enables archival node in caplin (Experimental, does not work)",
 		Value: false,
 	}
+	BeaconApiAllowCredentialsFlag = cli.BoolFlag{
+		Name:  "beacon.api.cors.allow-credentials",
+		Usage: "set the cors' allow credentials",
+		Value: false,
+	}
+	BeaconApiAllowMethodsFlag = cli.StringSliceFlag{
+		Name:  "beacon.api.cors.allow-methods",
+		Usage: "set the cors' allow methods",
+		Value: cli.NewStringSlice("GET", "POST", "PUT", "DELETE", "OPTIONS"),
+	}
+	BeaconApiAllowOriginsFlag = cli.StringSliceFlag{
+		Name:  "beacon.api.cors.allow-origins",
+		Usage: "set the cors' allow origins",
+		Value: cli.NewStringSlice(),
+	}
 )

 var MetricFlags = []cli.Flag{&MetricsEnabledFlag, &MetricsHTTPFlag, &MetricsPortFlag}
@ -1543,6 +1558,9 @@ func setBeaconAPI(ctx *cli.Context, cfg *ethconfig.Config) {
 	cfg.BeaconRouter.ReadTimeTimeout = time.Duration(ctx.Uint64(BeaconApiReadTimeoutFlag.Name)) * time.Second
 	cfg.BeaconRouter.WriteTimeout = time.Duration(ctx.Uint64(BeaconApiWriteTimeoutFlag.Name)) * time.Second
 	cfg.BeaconRouter.IdleTimeout = time.Duration(ctx.Uint64(BeaconApiIdleTimeoutFlag.Name)) * time.Second
+	cfg.BeaconRouter.AllowedMethods = ctx.StringSlice(BeaconApiAllowMethodsFlag.Name)
+	cfg.BeaconRouter.AllowedOrigins = ctx.StringSlice(BeaconApiAllowOriginsFlag.Name)
+	cfg.BeaconRouter.AllowCredentials = ctx.Bool(BeaconApiAllowCredentialsFlag.Name)
 }

 func setCaplin(ctx *cli.Context, cfg *ethconfig.Config) {
--- a/go.mod
+++ b/go.mod
@ -38,6 +38,7 @@ require (
 	github.com/gballet/go-verkle v0.0.0-20221121182333-31427a1f2d35
 	github.com/gfx-labs/sse v0.0.0-20231226060816-f747e26a9baa
 	github.com/go-chi/chi/v5 v5.0.10
+	github.com/go-chi/cors v1.2.1
 	github.com/goccy/go-json v0.9.11
 	github.com/gofrs/flock v0.8.1
 	github.com/golang-jwt/jwt/v4 v4.5.0
--- a/go.sum
+++ b/go.sum
@ -321,6 +321,8 @@ github.com/glycerine/goconvey v0.0.0-20190315024820-982ee783a72e/go.mod h1:Ogl1T
 github.com/glycerine/goconvey v0.0.0-20190410193231-58a59202ab31/go.mod h1:Ogl1Tioa0aV7gstGFO7KhffUsb9M4ydbEbbxpcEDc24=
 github.com/go-chi/chi/v5 v5.0.10 h1:rLz5avzKpjqxrYwXNfmjkrYYXOyLJd37pz53UFHC6vk=
 github.com/go-chi/chi/v5 v5.0.10/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8=
+github.com/go-chi/cors v1.2.1 h1:xEC8UT3Rlp2QuWNEr4Fs/c2EAGVKBwy/1vHx3bppil4=
+github.com/go-chi/cors v1.2.1/go.mod h1:sSbTewc+6wYHBBCW7ytsFSn836hqM7JxpglAy2Vzc58=
 github.com/go-errors/errors v1.0.1/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q=
 github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
 github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
--- a/turbo/cli/default_flags.go
+++ b/turbo/cli/default_flags.go
@ -170,6 +170,9 @@ var DefaultFlags = []cli.Flag{

 	&utils.BeaconAPIFlag,
 	&utils.BeaconApiAddrFlag,
+	&utils.BeaconApiAllowMethodsFlag,
+	&utils.BeaconApiAllowOriginsFlag,
+	&utils.BeaconApiAllowCredentialsFlag,
 	&utils.BeaconApiPortFlag,
 	&utils.BeaconApiReadTimeoutFlag,
 	&utils.BeaconApiWriteTimeoutFlag,