Teatime : A Blockchain RPC Attack Framework

Teatime is an RPC attack framework aimed at making it easy to spot misconfigurations in blockchain nodes. It detects a large variety of issues, ranging from information leaks to open accounts, and configuration manipulation.

The goal is to enable tools scanning for vulnerable nodes and minimizing the risk of node-based attacks due to common vulnerabilities. Teatime uses a plugin-based architecture, so extending the library with your own checks is straightforward.

Please note that this library is still a PoC and lacks documentation. If there are plugins you would like to see, feel free to contact me on Twitter!

Installation

Teatime runs on Python 3.6+.

  • To get started, simply run

$ pip3 install teatime

  • Alternatively, clone the repository and run

$ pip3 install .

  • Or directly through Python’s setuptools:

$ python3 setup.py install

Example

To get started, simply instantiate a Scanner class and pass in the target IP, port, node type, and a list of instantiated plugins. Consider the following sample to check whether a node is synced and mining:

from teatime.scanner import Scanner
from teatime.plugins.context import NodeType
from teatime.plugins.eth1 import NodeSync, MiningStatus

TARGET_IP = "127.0.0.1"
TARGET_PORT = 8545
INFURA_URL = "Infura API Endpoint"

def get_scanner():
    return Scanner(
        ip=TARGET_IP,
        port=TARGET_PORT,
        node_type=NodeType.GETH,
        plugins=[
            NodeSync(infura_url=INFURA_URL, block_threshold=10),
            MiningStatus(should_mine=False)
        ]
    )

if __name__ == '__main__':
    scanner = get_scanner()
    report = scanner.run()
    print(report.to_dict())

Check out the examples directory for more small samples! Teatime is fully typed, so also feel free to explore options in your IDE if reading the documentation is not your preferred choice. 🙂

Future Development

The future of Teatime is uncertain, even though I would love to add broader checks that go beyond RPC interfaces, specifically for technologies such as:

  • Ethereum 2.0
  • Filecoin
  • IPFS

If you want to integrate plugins for smaller, less meaningful chains such as Bitcoin or Ethereum knock-offs, feel free to fork the project and integrate them separately.

Download
R K

Share
Published by
R K
Tags: BlockchainFrameworkRPCTeatime
5 years ago

Recent Posts

LAMP Stack Ubuntu 26.04 Installation Guide

Setting up a LAMP Stack Ubuntu server is one of the fastest ways to host…

2 hours ago

How to Change User Password in Ubuntu Quickly and Securely

Keeping your system credentials updated is one of the simplest ways to improve Linux security.…

9 hours ago

Ubuntu Server Setup Guide for Beginners in 2026

A fresh Linux VPS may look ready to use immediately, but skipping the initial security…

12 hours ago

How to Install LEMP Stack on Ubuntu 26.04 for Beginners

If you want to host dynamic PHP websites or applications like WordPress, Laravel, or Magento,…

14 hours ago

How to Install Java on Ubuntu 24.04 Easily in 2026

Java remains one of the most widely used programming platforms for servers, enterprise applications, Android…

1 week ago

How to Install DEB Files on Ubuntu in 2026 (Step-by-Step Beginner Guide)

Ubuntu users often download software directly from developer websites instead of using the default app…

1 week ago