REST API /sequencer/txs not reachable on mainnet — sovereign module calls impossible for community operators

[Marcolist]

Summary

The REST API endpoints (e.g. /sequencer/txs, /sequencer/ready,
/rollup/sync-status) on mainnet.rpc.solaxy.io are unreachable. All HTTP
requests — regardless of path — are routed to the JSON-RPC handler, making it
impossible for community node operators to submit sovereign module calls (such
as sequencer or prover registration).

Background

In the Sovereign SDK, the HTTP server serves both:

• JSON-RPC (nested under /rpc via router.nest("/rpc", rpc_router) in
  sov-stf-runner/src/http.rs:37)
• REST API (on the root router: /sequencer/txs, /ledger/slots/latest, etc.)

The sendTransaction JSON-RPC method wraps transactions as Auth::Svm (regular
Solana VM transactions). Sovereign module calls (like
sequencer_registry::register) require Auth::Mod wrapping, which is only done
by the REST endpoint POST /sequencer/txs.

Current behavior

JSON-RPC works fine

curl -X POST https://mainnet.rpc.solaxy.io
-H "Content-Type: application/json"
-d '{"jsonrpc":"2.0","id":1,"method":"getSlot","params":[]}'

→ {"jsonrpc":"2.0","id":1,"result":21106547}

REST endpoint gets intercepted by JSON-RPC handler

curl -X POST https://mainnet.rpc.solaxy.io/sequencer/txs
-H "Content-Type: application/json"
-d '{"body":"AAAA"}'

→ {"jsonrpc":"2.0","id":null,"error":{"code":-32700,"message":"Parse

error"}}

Even GET requests to REST paths hit JSON-RPC

curl https://mainnet.rpc.solaxy.io/sequencer/ready

→ "Used HTTP Method is not allowed. POST is required"

All paths return JSON-RPC responses. The reverse proxy in front of the node
appears to rewrite all request paths to /rpc, effectively shadowing the entire
REST API.

Additionally, port 8899 (the direct HTTP port) is firewalled — only ports
80/443 are open on the mainnet servers.

Impact

Community node operators cannot:

1. Register as sequencer — requires POST /sequencer/txs with a sovereign
   module TX
2. Register as prover — same mechanism
3. Query sequencer readiness — GET /sequencer/ready
4. Access the OpenAPI spec — GET /openapi-v3.json
5. Use the Swagger UI — GET /swagger-ui/

The only alternative is submitting blobs directly to Celestia DA
(forced/emergency registration), but this path has its own limitations with
multi-blob processing per DA height.

Suggested fix

Either:

1. Fix the reverse proxy to pass paths through to the backend instead of
   rewriting everything to /rpc
2. Expose port 8899 directly (or a separate port for REST)
3. Add a JSON-RPC method for sovereign module call submission (e.g.
   sequencer_submitModuleCall) that wraps with Auth::Mod internally

Option 1 is likely the simplest — the backend already serves both REST and
JSON-RPC correctly on port 8899. The proxy just needs to stop rewriting paths.

Environment

• Mainnet RPC: mainnet.rpc.solaxy.io
• Resolves to: 16.59.168.245, 3.136.1.175
• Open ports: 80, 443 only
• Backend: Sovereign SDK with SVM authenticator on port 8899

[Yiwen-Gao]

Hi @Marcolist, thanks for raising! We pushed an update to the binary, so can you pull down the latest version from the URL and retry? Let me know if you run into other issues.

[Marcolist]

Hi @Yiwen-Gao, thanks for the quick fix!
Pulled the new binary, bond transaction went through successfully.

One additional issue I noticed: explorer.solaxy.io is currently not displaying any data. This is likely related to the same proxy change -> the explorer probably hits mainnet.rpc.solaxy.io without the /rpc path suffix and now gets 404. Any integration that doesn't explicitly use /rpc will be broken by this change.