As of August 20 2024, this guide is updated for mainnet. 😁
✨ For the testnet guide, .
🏁 0. Prerequisites
👩💻Skills for operating a eth2 validator and beacon node
As a validator for eth2, you will typically have the following abilities:
operational knowledge of how to set up, run and maintain a eth2 beacon node and validator continuously
a long term commitment to maintain your validator 24/7/365
basic operating system skills
have learned the essentials by watching
have passed or is actively enrolled in the
and have read the
🎗 Minimum Setup Requirements
Operating system: 64-bit Linux (i.e. Ubuntu 20.04 LTS Server or Desktop)
Processor: Dual core CPU, Intel Core i5–760 or AMD FX-8100 or better
Memory: 8GB RAM
Storage: 20GB SSD
Internet: Broadband internet connection with speeds at least 1 Mbps.
Power: Reliable electrical power.
ETH balance: at least 32 ETH and some ETH for deposit transaction fees
Wallet: Metamask installed
🏋♂ Recommended Hardware Setup
Operating system: 64-bit Linux (i.e. Ubuntu 20.04 LTS Server or Desktop)
Processor: Quad core CPU, Intel Core i7–4770 or AMD FX-8310 or better
Memory: 16GB RAM or more
Storage: 1TB SSD or more
Internet: Broadband internet connections with speeds at least 10 Mbps without data limit.
Power: Reliable electrical power with uninterruptible power supply (UPS)
ETH balance: at least 32 ETH and some ETH for deposit transaction fees
Wallet: Metamask installed
✨ Pro Validator Tip: Highly recommend you begin with a brand new instance of an OS, VM, and/or machine. Avoid headaches by NOT reusing testnet keys, wallets, or databases for your validator.
🔓 Recommended eth2 validator Security Best Practices
If you need ideas or a reminder on how to secure your validator, refer to
🛠 Setup Ubuntu
If you need to install Ubuntu Server, refer to
🎭 Setup Metamask
🌱 1. Buy/exchange or consolidate ETH
Every 32 ETH you own allows you to make 1 validator. You can run thousands of validators with your beacon node.
Your ETH (or multiples of 32 ETH) should be consolidated into a single address accessible with Metamask.
👩💻 2. Signup to be a validator at the Launchpad
Install dependencies, the ethereum foundation deposit tool and generate your two sets of key pairs.
cd $HOME
git clone https://github.com/ethereum/eth2.0-deposit-cli.git eth2deposit-cli
cd eth2deposit-cli
sudo ./deposit.sh install
Make a new mnemonic.
./deposit.sh new-mnemonic --chain mainnet
Download eth2deposit-cli.
cd $HOME
wget https://github.com/ethereum/eth2.0-deposit-cli/releases/download/v1.1.0/eth2deposit-cli-ed5a6d3-linux-amd64.tar.gz
sha256sum eth2deposit-cli-ed5a6d3-linux-amd64.tar.gz
# SHA256 should be
# 2107f26f954545f423530e3501ae616c222b6bf77774a4f2743effb8fe4bcbe7
Extract the archive.
tar -xvf eth2deposit-cli-ed5a6d3-linux-amd64.tar.gz
mv eth2deposit-cli-ed5a6d3-linux-amd64 eth2deposit-cli
rm eth2deposit-cli-ed5a6d3-linux-amd64.tar.gz
cd eth2deposit-cli
Make a new mnemonic.
./deposit new-mnemonic --chain mainnet
🔥**[ Optional ] Pro Security Tip**: Run the eth2deposit-cli tool and generate your mnemonic seed for your validator keys on an air-gapped offline machine booted from usb.
The Tails OS is an amnesic operating system, meaning it will save nothing and leave no tracks behind each time you boot it.
Part 0 - Prerequisites
You need:
2 storage mediums (can be USB stick, SD cards or external hard drives)
One of them must be > 8GB
Windows or Mac computer
30 minutes or longer depending on your download speed
Part 1 - Download Tails OS
Make sure you follow the guide on the Tails website to verify your download of Tails.
Part 2 - Download and install the software to transfer your Tails image on your USB stick
For Windows:
Part 3 - Making your bootable USB stick
Run the above software. This is an example how it looks like on Mac OS with etcher. But other software should be similar.
Select the Tails OS image that you downloaded as the image. Then select the USB stick (the larger one).
Then flash the image to the larger USB stick.
Part 4 - Download and verify the eth2-deposit-cli
You can refer to the other tab on this guide on how to download and verify the eth2-deposit-cli.
Copy the file to the other USB stick.
Part 5 - Reboot your computer and into Tails OS
After you have done all the above, you can reboot. If you are connected by a LAN cable to the internet, you can disconnect it manually.
Plug in the USB stick that has your Tails OS.
On Mac, press and hold the Option key immediately upon hearing the startup chime. Release the key after Startup Manager appears.
On Windows, it depends on your computer manufacturer. Usually it is by pressing F1 or F12. If it doesn't work, try googling "Enter boot options menu on [Insert your PC brand]"
Choose the USB stick that you loaded up with Tails OS to boot into Tails.
Part 6 - Welcome to Tails OS
You can boot with all the default settings.
Part 7 - Run the eth2-deposit-cli
Plug in your other USB stick with the eth2-deposit-cli file.
You can then open your command line and navigate into the directory containing the file. Then you can continue the guide from the other tab.
Make a new mnemonic.
./deposit.sh new-mnemonic --chain mainnet
If you ran this command directly from your non-Tails USB stick, the validator keys should stay on it. If it hasn't, copy the directory over to your non-Tails USB stick.
🔥Make sure you have saved your validator keys directory in your other USB stick (non Tails OS) before you shutdown Tails. Tails will delete everything saved on it after you shutdown..
🎉Congrats on learning how to use Tails OS to make an airgapped system. As a bonus, you can reboot into Tails OS again and connect to internet to surf the dark web or clear net safely!
🔥**[ Optional ] Pro Security Tip**: Run the eth2deposit-cli tool and generate your mnemonic seed for your validator keys on an air-gapped offline machine booted from usb.
Part 1 - Create a Ubuntu 20.04 USB Bootable Drive
Part 2 - Install Ubuntu 20.04 from the USB Drive
You can copy via USB key the pre-built eth2deposit-cli binaries from an online machine to an air-gapped offline machine booted from usb. Make sure to disconnect the ethernet cable and/or WIFI.
Follow the prompts and pick a password. Write down your mnemonic and keep this safe and offline.
Back on the launchpad website, upload yourdeposit_data-#########.json found in the validator_keys directory.
Connect to the launchpad with your Metamask wallet, review and accept terms.
Confirm the transaction(s). There's one deposit transaction of 32 ETH for each validator.
****🔥 Critical Crypto Reminder:Keep your mnemonic, keep your ETH. 🚀
Write down your mnemonic seed offline. Not email. Not cloud.
The withdrawal keys will be generated from this mnemonic in the future.
Make offline backups, such as to a USB key, of your validator_keys directory.
🛸 3. Install a ETH1 node
Ethereum 2.0 requires a connection to Ethereum 1.0 in order to monitor for 32 ETH validator deposits. Hosting your own Ethereum 1.0 node is the best way to maximize decentralization and minimize dependency on third parties such as Infura.
🛑 Do not run your processes as ROOT user. 😱
OpenEthereum - It's ****goal is to be the fastest, lightest, and most secure Ethereum client using the Rust programming language. OpenEthereum is licensed under the GPLv3 and can be used for all your Ethereum needs.
Geth - Go Ethereum is one of the three original implementations (along with C++ and Python) of the Ethereum protocol. It is written in Go, fully open source and licensed under the GNU LGPL v3.
Hyperledger Besu is an open-source Ethereum client designed for demanding enterprise applications requiring secure, high-performance transaction processing in a private network. It's developed under the Apache 2.0 license and written in Java.
Nethermind is a flagship Ethereum client all about performance and flexibility. Built on .NET core, a widespread, enterprise-friendly platform, Nethermind makes integration with existing infrastructures simple, without losing sight of stability, reliability, data integrity, and security.
Maximize your beacon chain up-time and performance.
🛠 Setup Instructions for Systemd
Run the following to create a unit file to define yourbeacon-chain.service configuration. Simply copy and paste.
cat > $HOME/beacon-chain.service << EOF
# The eth2 beacon chain service (part of systemd)
# file: /etc/systemd/system/beacon-chain.service
[Unit]
Description = eth2 beacon chain service
Wants = network-online.target
After = network-online.target
[Service]
User = $(whoami)
ExecStart = $(which lighthouse) bn --staking --metrics --network mainnet
Restart = on-failure
[Install]
WantedBy = multi-user.target
EOF
****🔥 Lighthouse Pro Tip: On the ExecStart line, adding the --eth1-endpoints flag allows for redundant eth1 nodes. Separate with comma. Make sure the endpoint does not end with a trailing slash or/ Remove it.
The beacon chain couldn't connect to the :8545 service?
In the beacon chain unit file under [Service], add, "ExecStartPre = /bin/sleep 30" so that it waits 30 seconds for eth1 node to startup before connecting.
Nice work. Your beacon chain is now managed by the reliability and robustness of systemd. Below are some commands for using systemd.
🛠 Some helpful systemd commands
✅ Check whether the beacon chain is active
sudo systemctl is-active beacon-chain
🔎 View the status of the beacon chain
sudo systemctl status beacon-chain
🔄 Restarting the beacon chain
sudo systemctl reload-or-restart beacon-chain
🛑 Stopping the beacon chain
sudo systemctl stop beacon-chain
🗄 Viewing and filtering logs
#view and follow the log
journalctl --unit=beacon-chain -f
#view log since yesterday
journalctl --unit=beacon-chain --since=yesterday
#view log since today
journalctl --unit=beacon-chain --since=today
#view log between a date
journalctl --unit=beacon-chain --since='2020-12-01 00:00:00' --until='2020-12-02 12:00:00'
🧬 4.6. Start the validator
🚀 Setup Graffiti and POAP
Run the following command to set the MY_GRAFFITI variable. Replace <my POAP string or message> between the single quotes.
Nice work. Your validator is now managed by the reliability and robustness of systemd. Below are some commands for using systemd.
🛠 Some helpful systemd commands
✅ Check whether the validator is active
sudo systemctl is-active validator
🔎 View the status of the validator
sudo systemctl status validator
🔄 Restarting the validator
sudo systemctl reload-or-restart validator
🛑 Stopping the validator
sudo systemctl stop validator
🗄 Viewing and filtering logs
#view and follow the log
journalctl --unit=validator -f
#view log since yesterday
journalctl --unit=validator --since=yesterday
#view log since today
journalctl --unit=validator --since=today
#view log between a date
journalctl --unit=validator --since='2020-12-01 00:00:00' --until='2020-12-02 12:00:00'
Maximize your beacon chain up-time and performance.
🛠 Setup Instructions
Run the following to create a unit file to define yourbeacon-chain.service configuration. Simply copy and paste.
cat > $HOME/beacon-chain.service << EOF
# The eth2 beacon chain service (part of systemd)
# file: /etc/systemd/system/beacon-chain.service
[Unit]
Description = eth2 beacon chain service
Wants = network-online.target
After = network-online.target
[Service]
Type = simple
User = $(whoami)
WorkingDirectory= /var/lib/nimbus
ExecStart = /bin/bash -c '/usr/bin/nimbus_beacon_node --network=mainnet --graffiti="${MY_GRAFFITI}" --data-dir=/var/lib/nimbus --web3-url=ws://127.0.0.1:8546 --metrics --metrics-port=8008 --rpc --rpc-port=9091 --validators-dir=/var/lib/nimbus/validators --secrets-dir=/var/lib/nimbus/secrets --log-file=/var/lib/nimbus/beacon.log'
Restart = on-failure
[Install]
WantedBy = multi-user.target
EOF
Nimbus only supports websocket connections ("ws://" and "wss://") for the ETH1 node. Geth, OpenEthereum, Infura and Chainstack ETH1 nodes are verified compatible.
Nice work. Your beacon chain is now managed by the reliability and robustness of systemd. Below are some commands for using systemd.
🛠 Some helpful systemd commands
✅ Check whether the beacon chain is active
sudo systemctl is-active beacon-chain
🔎 View the status of the beacon chain
sudo systemctl status beacon-chain
🔄 Restarting the beacon chain
sudo systemctl reload-or-restart beacon-chain
🛑 Stopping the beacon chain
sudo systemctl stop beacon-chain
🗄 Viewing and filtering logs
#view and follow the log
journalctl --unit=beacon-chain -f
#view log since yesterday
journalctl --unit=beacon-chain --since=yesterday
#view log since today
journalctl --unit=beacon-chain --since=today
#view log between a date
journalctl --unit=beacon-chain --since='2020-12-01 00:00:00' --until='2020-12-02 12:00:00'
When specifying directories for your validator-keys, Teku expects to find identically named keystore and password files.
For example keystore-m_12221_3600_1_0_0-11222333.json and keystore-m_12221_3600_1_0_0-11222333.txt
Create a corresponding password file for every one of your validators.
for f in /var/lib/teku/validator_keys/keystore*.json; do cp /etc/teku/validators-password.txt /var/lib/teku/validator_keys/$(basename $f .json).txt; done
Verify that your validator's keystore and validator's passwords are present by checking the following directory.
ll /var/lib/teku/validator_keys
🏁 4.5. Start the beacon chain and validator
Use systemd to manage starting and stopping teku.
🍰 Benefits of using systemd for your beacon chain and validator
Auto-start your beacon chain when the computer reboots due to maintenance, power outage, etc.
Nice work. Your beacon chain is now managed by the reliability and robustness of systemd. Below are some commands for using systemd.
🛠 Some helpful systemd commands
✅ Check whether the beacon chain is active
sudo systemctl is-active beacon-chain
🔎 View the status of the beacon chain
sudo systemctl status beacon-chain
🔄 Restarting the beacon chain
sudo systemctl reload-or-restart beacon-chain
🛑 Stopping the beacon chain
sudo systemctl stop beacon-chain
🗄 Viewing and filtering logs
#view and follow the log
journalctl --unit=beacon-chain -f
#view log since yesterday
journalctl --unit=beacon-chain --since=yesterday
#view log since today
journalctl --unit=beacon-chain --since=today
#view log between a date
journalctl --unit=beacon-chain --since='2020-12-01 00:00:00' --until='2020-12-02 12:00:00'
Nice work. Your beacon chain is now managed by the reliability and robustness of systemd. Below are some commands for using systemd.
🛠 Some helpful systemd commands
✅ Check whether the beacon chain is active
sudo systemctl is-active beacon-chain
🔎 View the status of the beacon chain
sudo systemctl status beacon-chain
🔄 Restarting the beacon chain
sudo systemctl reload-or-restart beacon-chain
🛑 Stopping the beacon chain
sudo systemctl stop beacon-chain
🗒 Viewing and filtering logs
#view and follow the log
journalctl --unit=beacon-chain -f
#view log since yesterday
journalctl --unit=beacon-chain --since=yesterday
#view log since today
journalctl --unit=beacon-chain --since=today
#view log between a date
journalctl --unit=beacon-chain --since='2020-12-01 00:00:00' --until='2020-12-02 12:00:00'
🧬 4.5. Start the validator
Store your validator's password in a file and make it read-only.
#view and follow the log
journalctl --unit=validator -f
#view log since yesterday
journalctl --unit=validator --since=yesterday
#view log since today
journalctl --unit=validator --since=today
#view log between a date
journalctl --unit=validator --since='2020-12-01 00:00:00' --until='2020-12-02 12:00:00'
Verify that your validator public key appears in the logs.
journalctl --unit=validator --since=today
# Example below
# INFO Enabled validator voting_pubkey: 0x2374.....7121
Lodestar may not be fully functional and stable yet.
Nice work. Your beacon chain is now managed by the reliability and robustness of systemd. Below are some commands for using systemd.
🛠 Some helpful systemd commands
✅ Check whether the beacon chain is active
sudo systemctl is-active beacon-chain
🔎 View the status of the beacon chain
sudo systemctl status beacon-chain
🔄 Restarting the beacon chain
sudo systemctl reload-or-restart beacon-chain
🛑 Stopping the beacon chain
sudo systemctl stop beacon-chain
🗄 Viewing and filtering logs
#view and follow the log
journalctl --unit=beacon-chain -f
#view log since yesterday
journalctl --unit=beacon-chain --since=yesterday
#view log since today
journalctl --unit=beacon-chain --since=today
#view log between a date
journalctl --unit=beacon-chain --since='2020-12-01 00:00:00' --until='2020-12-02 12:00:00'
🧬 4.5. Start the validator
🚀 Setup Graffiti and POAP
Run the following command to set the MY_GRAFFITI variable. Replace <my POAP string or message> between the single quotes.
Nice work. Your validator is now managed by the reliability and robustness of systemd. Below are some commands for using systemd.
🛠 Some helpful systemd commands
✅ Check whether the validator is active
sudo systemctl is-active validator
🔎 View the status of the validator
sudo systemctl status validator
🔄 Restarting the validator
sudo systemctl reload-or-restart validator
🛑 Stopping the validator
sudo systemctl stop validator
🗄 Viewing and filtering logs
#view and follow the log
journalctl --unit=validator -f
#view log since yesterday
journalctl --unit=validator --since=yesterday
#view log since today
journalctl --unit=validator --since=today
#view log between a date
journalctl --unit=validator --since='2020-12-01 00:00:00' --until='2020-12-02 12:00:00'
Validator client - Responsible for producing new blocks and attestations in the beacon chain and shard chains.
Beacon chain client - Responsible for managing the state of the beacon chain, validator shuffling, and more.
Remember, Teku and Nimbus combines both clients into one process.
Congratulations. Once your beacon chain is sync'd, validator up and running, you just wait for activation. This process can take 24+ hours. Only 900 new validators can join per day. When you're assigned, your validator will begin creating and voting on blocks while earning staking rewards.
🕒5. Time Synchronization
Because beacon chain relies on accurate times to perform attestations and produce blocks, your computer's time must be accurate to real NTP or NTS time within 0.5 seconds.
chrony is an implementation of the Network Time Protocol and helps to keep your computer's time synchronized with NTP.
🔎6. Monitoring your validator with Grafana and Prometheus
Create the prometheus.yml config file. Choose the tab for your eth2 client. Simply copy and paste.
cat > $HOME/prometheus.yml << EOF
global:
scrape_interval: 15s # By default, scrape targets every 15 seconds.
# Attach these labels to any time series or alerts when communicating with
# external systems (federation, remote storage, Alertmanager).
external_labels:
monitor: 'codelab-monitor'
# A scrape configuration containing exactly one endpoint to scrape:
# Here it's Prometheus itself.
scrape_configs:
- job_name: 'node_exporter'
static_configs:
- targets: ['localhost:9100']
- job_name: 'nodes'
metrics_path: /metrics
static_configs:
- targets: ['localhost:5054']
- job_name: 'validators'
metrics_path: /metrics
static_configs:
- targets: ['localhost:5064']
EOF
cat > $HOME/prometheus.yml << EOF
global:
scrape_interval: 15s # By default, scrape targets every 15 seconds.
# Attach these labels to any time series or alerts when communicating with
# external systems (federation, remote storage, Alertmanager).
external_labels:
monitor: 'codelab-monitor'
# A scrape configuration containing exactly one endpoint to scrape:
# Here it's Prometheus itself.
scrape_configs:
- job_name: 'node_exporter'
static_configs:
- targets: ['localhost:9100']
- job_name: 'nodes'
metrics_path: /metrics
static_configs:
- targets: ['localhost:8008']
EOF
cat > $HOME/prometheus.yml << EOF
global:
scrape_interval: 15s # By default, scrape targets every 15 seconds.
# Attach these labels to any time series or alerts when communicating with
# external systems (federation, remote storage, Alertmanager).
external_labels:
monitor: 'codelab-monitor'
# A scrape configuration containing exactly one endpoint to scrape:
# Here it's Prometheus itself.
scrape_configs:
- job_name: 'node_exporter'
static_configs:
- targets: ['localhost:9100']
- job_name: 'nodes'
metrics_path: /metrics
static_configs:
- targets: ['localhost:8008']
EOF
cat > $HOME/prometheus.yml << EOF
global:
scrape_interval: 15s # By default, scrape targets every 15 seconds.
# Attach these labels to any time series or alerts when communicating with
# external systems (federation, remote storage, Alertmanager).
external_labels:
monitor: 'codelab-monitor'
# A scrape configuration containing exactly one endpoint to scrape:
# Here it's Prometheus itself.
scrape_configs:
- job_name: 'node_exporter'
static_configs:
- targets: ['localhost:9100']
- job_name: 'validator'
static_configs:
- targets: ['localhost:8081']
- job_name: 'beacon node'
static_configs:
- targets: ['localhost:8080']
- job_name: 'slasher'
static_configs:
- targets: ['localhost:8082']
EOF
sudo systemctl status grafana-server.service prometheus.service prometheus-node-exporter.service
💡 Reminder: Ensure port 3000 is open on the firewall and/or port forwarded if you intend to view monitoring info from a different machine.
📶 6.2 Setting up Grafana Dashboards
Login with admin / admin
Change password
Click the configuration gear icon, then Add data Source
Select Prometheus
Set Name to "Prometheus"
Click Save & Test
Click Create + icon > Import
Add the ETH2 client dashboard via Upload JSON file
If needed, select Prometheus as Data Source.
Click the Import button.
Repeat steps 11-14 for the ETH1 client dashboard.
****🔥 Troubleshooting common Grafana issues:
The dashboards do not display eth1 node data.
In the eth1 unit file under located at /etc/systemd/system/eth1.service, make sure your eth1 node/geth is started with the correct parameters so that reporting metrics and pprof http server are enabled.
Example of Grafana Dashboards for each ETH2 client.
Example of Grafana Dashboards for each ETH1 node.
⚠ 6.3 Setup Alert Notifications
Setup alerts to get notified if your validators go offline.
Get notified of problems with your validators. Choose between email, telegram, discord or slack.
Sign up for an account.
Verify your email
Search for your validator's public address
Add validators to your watchlist by clicking the bookmark symbol.
On the menu of Grafana, select Notification channels under the bell icon.
Click on Add channel.
Give the notification channel a name.
Select Telegram from the Type list.
Create a new telegram group.
Invite the bot to your new group.
Type at least 1 message into the group to initialize it.
In the JSON response, find and copy the Chat ID. Find it between chat and title. Example of Chat ID: -1123123123
"chat":{"id":-123123123,"title":
Paste the Chat ID into the corresponding field in Grafana.
Save and test the notification channel for your alerts.
On the menu of Grafana, select Notification channels under the bell icon.
Click on Add channel.
Add a name to the notification channel.
Select Discord from the Type list.
Enter the Webhook URL in the Discord notification settings panel.
Click Send Test, which will push a confirmation message to the Discord channel.
On the menu of Grafana, select Notification channels under the bell icon.
Click on Add channel.
Add a name to the notification channel.
Select Slack from the Type list.
Enter the Slack Incoming Webhook URL in the URL field.
Click Send Test, which will push a confirmation message to the Slack channel.
🌊 6.4 Monitoring with Uptime Check by Google Cloud
Who watches the watcher? With an external 3rd party tool like Uptime Check, you can have greater reassurance your validator is functioning in case of disasters such as power failure, hardware failure or internet outage. In these scenarios, the previously mentioned monitoring by Prometheus and Grafana would likely cease to function as well.
Here's how to setup a no-cost monitoring service called Uptime Check by Google.
Search for Monitoring in the search field.
Click Select a Project to Start Monitoring.
Click New Project.
Name your project and click Create.
From the notifications menu, select your new project.
On the right column, there's a Monitoring Card. Click Go to Monitoring.
On the left menu, click Uptime checks and then CREATE UPTIME CHECK.
Type in a title i.e. Geth node
Select protocol as TCP
Enter your public IP address and port number. i.e. ip=7.55.6.3 and port=30303
Select your desired frequency to check i.e. 5 minutes.
Choose the region closest to you to check from. Click Next.
Create a Notification Channel. Click Manage Notification Channels.
Choose your desired settings. Pick from any or all of Slack, Webhook, Email or SMS.
Go back to Create Uptime Check window.
Within the notifications field, click the refresh button to load your new notification channels.
Select desired notifications.
Click TEST to verify your notifications are setup correctly.
Click CREATE to finish.
🎉Congrats on setting up your validator! You're good to go on eth2.0.
🧙♂7. Update a ETH2 client
When a new release is cut, you will want to update to the latest stable release. The following shows you how to update your eth2 beacon chain and validator.
Always review the git logs with commandgit log or release notes before updating. There may be changes requiring your attention.
Select your ETH2 client.
Review release notes and check for breaking changes/features.
Pull the latest source and build it.
cd $HOME/git/lighthouse
git fetch --all && git checkout stable && git pull
make
Verify the build completed by checking the new version number.
lighthouse --version
Restart beacon chain and validator as per normal operating procedures.
Check the logs to verify the services are working properly and ensure there are no errors.
sudo systemctl status beacon-chain validator
sudo systemctl status beacon-chain
🔥8. Additional Useful Tips
🛑 8.1 Voluntary exit a validator
Use this command to signal your intentions to stop validating with your validator. This means you no longer want to stake with your validator and want to turn off your node.
Voluntary exiting takes a minimum of 2048 epochs (or ~9days). There is a queue to exit and a delay before your validator is finally exited.
Once a validator is exited in phase 0, this is non-reversible and you can no longer restart validating again.
Your funds will not be available for withdrawal until phase 1.5 or later.
After your validator leaves the exit queue and is truely exited, it is safe to turn off your beacon node and validator.
teku voluntary-exit \
--epoch=<epoch number to exit> \
--beacon-node-api-endpoint=http://127.0.0.1:5051 \
--validator-keys=<path to keystore.json>:<path to password.txt file>
Using the eth2deposit-cli tool, ensure you can regenerate the same eth2 key pairs by restoring your validator_keys
cd $HOME/eth2deposit-cli
./deposit.sh existing-mnemonic --chain mainnet
When the pubkey in both keystore files are identical, this means your mnemonic phrase is veritably correct. Other fields will be different because of salting.
🤖8.3 Add additional validators
Using the eth2deposit-cli tool, you can add more validators by creating a new deposit data file and validator_keys
First, backup and move your existing validator_key directory and append the date to the end.
cd $HOME/eth2deposit-cli
mv validator_key validator_key_$(date +"%Y%d%m-%H%M%S")
For example, in case we originally created 3 validators but now wish to add 5 more validators, we could use the following command.
cd $HOME/eth2deposit-cli
./deposit.sh existing-mnemonic --validator_start_index 3 --num_validators 5 --chain mainnet
Complete the steps of uploading the deposit_data-#########.json to the launch pad site and making your corresponding 32 ETH deposit transactions.
Finish by stopping your validator, importing the new validator key(s), restarting your validator and verifying the logs ensuring everything still works without error.
💸 8.4 Switch / migrate Eth2 clients with slash protection
The key takeaway in this process is to avoid running two eth2 clients simultaneously. You want to avoid being punished by a slashing penalty, which causes a loss of ether.
🛑 8.4.1 Stop old beacon chain and old validator.
In order to export the slashing database, the validator needs to be stopped.
🚧 8.4.3 Setup and install new validator / beacon chain
****✨ Pro Tip: During the process of re-importing validator keys, wait at least 13 minutes or two epochs to prevent slashing penalties. You must avoid running two eth2 clients with same validator keys at the same time.
🛑 Critical Step: Do not start any systemd processes until either you have imported the slashing database or you have waited at least 13 minutes or two epochs.
📂 8.4.4 Import slashing database (Optional)
Using your new eth2 client, run the following command and update the relevant path to import your slashing database from 2 steps ago.
Check the logs to verify the services are working properly and ensure there are no errors.
sudo systemctl status beacon-chain validator
sudo systemctl status beacon-chain
Finally, verify your validator's attestations are working with public block explorer such as
Enter your validator's pubkey to view its status.
🧯 8.4.7 Update Monitoring with Prometheus and Grafana
🖥 8.5 Use all available LVM disk space
During installation of Ubuntu Server, a common issue arises where your hard drive's space is not fully available for use.
# View your disk drives
df
# Change the logical volume filesystem path if required
lvextend -l +100%FREE /dev/ubuntu-vg/ubuntu-lv
exit
# Resize file system to use the new available space in the logical volume
resize2fs /dev/ubuntu-vg/ubuntu-lv
## Verify new available space
df -h
Source reference:
🚦 8.6 Reduce network bandwidth usage
Hosting your own ETH1 node can consume hundreds of gigabytes of data per day. Because data plans can be limited or costly, you might desire to slow down data usage but still maintain good connectivity to the network.
Edit your eth1.service unit file.
sudo nano /etc/systemd/system/eth1.service
Add the following flag to limit the number of peers on the ExecStart line.
In case you need to locate your validator keys, database directories or other important files.
Eth2 Client files and locations
# Validator Keys
~/.lighthouse/mainnet/validators
# Beacon Chain Data
~/.lighthouse/mainnet/beacon
# List of all validators and passwords
~/.lighthouse/mainnet/validators/validator_definitions.yml
#Slash protection db
~/.lighthouse/mainnet/validators/slashing_protection.sqlite
# Validator Keys
/var/lib/nimbus/validators
# Beacon Chain Data
/var/lib/nimbus/db
#Slash protection db
/var/lib/nimbus/validators/slashing_protection.sqlite3
#Logs
/var/lib/nimbus/beacon.log
# Validator Keys
/var/lib/teku
# Beacon Chain Data
~/tekudata/beacon
#Slash protection db
~/tekudata/validator/slashprotection
# Validator Keys
~/.eth2validators/prysm-wallet-v2/direct
# Beacon Chain Data
~/.eth2/beaconchaindata
Run the following to re-create a unit file to define yourbeacon-chain.service configuration. Simply copy and paste.
cat > $HOME/beacon-chain.service << EOF
# The eth2 beacon chain service (part of systemd)
# file: /etc/systemd/system/beacon-chain.service
[Unit]
Description = eth2 beacon chain service
Wants = network-online.target
After = network-online.target
[Service]
Type = simple
User = $(whoami)
WorkingDirectory= /var/lib/nimbus
Environment = "ClientIP=\$(curl -s ident.me)"
ExecStart = /bin/bash -c '/usr/bin/nimbus_beacon_node --network=mainnet --graffiti="${MY_GRAFFITI}" --data-dir=/var/lib/nimbus --nat=extip:\${ClientIP} --web3-url=ws://127.0.0.1:8546 --metrics --metrics-port=8008 --rpc --rpc-port=9091 --validators-dir=/var/lib/nimbus/validators --secrets-dir=/var/lib/nimbus/secrets --log-file=/var/lib/nimbus/beacon.log --max-peers=100'
Restart = on-failure
[Install]
WantedBy = multi-user.target
EOF
Nimbus only supports websocket connections ("ws://" and "wss://") for the ETH1 node. Geth, OpenEthereum, Infura and Chainstack ETH1 nodes are verified compatible.
From time to time, be sure to update to the latest ETH1 releases to enjoy new improvements and features.
Stop your eth2 beacon chain, validator, and eth1 node processes.
# This can take some time.
sudo systemctl stop validator beacon-chain eth1
# This can take some time.
sudo systemctl stop beacon-chain eth1
Update the eth1 node package or binaries.
sudo apt update
sudo apt upgrade -y
Automatically download the latest linux release, un-zip, add execute permissions and cleanup.
cd $HOME
# backup previous openethereum version in case of rollback
mv openethereum openethereum_backup_$(date +"%Y%d%m-%H%M%S")
# store new version in openethreum directory
mkdir openethereum && cd openethereum
# download latest version
curl -s https://api.github.com/repos/openethereum/openethereum/releases/latest | jq -r ".assets[] | select(.name) | .browser_download_url" | grep linux | xargs wget -q --show-progress
# unzip
unzip openethereum*.zip
# add execute permission
chmod +x openethereum
# cleanup
rm openethereum*.zip
Manually find the desired file from above repo and modify the wget command with the URL.
Example:
cd $HOME
# backup previous besu version in case of rollback
mv besu besu_backup_$(date +"%Y%d%m-%H%M%S")
# download latest besu
wget -O besu.tar.gz <https URL to latest tax.gz linux file>
# untar
tar -xvf besu.tar.gz
# cleanup
rm besu.tar.gz
# rename besu to standard folder location
mv besu* besu
Automatically download the latest linux release, un-zip and cleanup.
cd $HOME
# backup previous nethermind version in case of rollback
mv nethermind nethermind_backup_$(date +"%Y%d%m-%H%M%S")
# store new version in nethermind directory
mkdir nethermind && cd nethermind
# download latest version
curl -s https://api.github.com/repos/NethermindEth/nethermind/releases/latest | jq -r ".assets[] | select(.name) | .browser_download_url" | grep linux | xargs wget -q --show-progress
# unzip
unzip -o nethermind*.zip
# cleanup
rm nethermind*linux*.zip
Start your eth2 beacon chain, validator, and eth1 node processes.
sudo systemctl start eth1 beacon-chain validator
sudo systemctl start eth1 beacon-chain
Check the logs to verify the services are working properly and ensure there are no errors.
sudo systemctl status eth1 status beacon-chain validator
sudo systemctl status eth1 beacon-chain
Finally, verify your validator's attestations are working with public block explorer such as
Enter your validator's pubkey to view its status.
🖴 8.13 Dealing with storage issues on the Eth1 node
It is currently recommended to use a minimum 1TB hard disk.
After running the Eth1 node for a while, you will notice that it will start to fill up the hard disk. The following steps might be helpful for you.
Firstly make sure you have a fallback Eth1 node.
Since Geth 1.10x version, the blockchain data can be regularly pruned to reduce it's size.
You will need to upgrade Geth to at least 1.10x. Other prerequisites are a fully synced Eth1 node and that a snapshot has been created.
Stop your Eth1 node
sudo systemctl stop eth1
Prune the blockchain data
geth --datadir ~/.ethereum snapshot prune-state
Restart the Eth1 node
sudo systemctl start eth1
After you have installed your hard disk, you will need to properly format it and automount it. Consult the ubuntu guides on this.
I will assume that the new disk has been mounted onto /mnt/eth1-data. (The name of the mount point is up to you)
Handling file permissions.
You need to change ownership of the folder to be accessible by your eth1 service. If your folder is a different name, please change the /mnt/eth1-data accordingly.
sudo chown $whoami:$whoami /mnt/eth1-data
sudo chmod 755 /mnt/eth1-data
Stop your Eth1 node.
sudo systemctl stop eth1
Edit the system service file to point to a new data directory.
sudo nano /etc/systemd/system/eth1.service
At the end of this command starting with /usr/bin/geth --http --metrics .... add a space and the following flag --datadir "/mnt/eth1-data".
Ctrl-X to save your settings.
Refresh the system service daemon to load the new configurations.
sudo systemctl daemon-reload
Restart the Eth1 node.
sudo systemctl start eth1
Make sure it is up and running by viewing the running logs.
journalctl -u eth1 -f
(Optional) Delete original data directory
rm -r ~/.ethereum
🌇 9. Join the community on Discord and Reddit
📱 Discord
🌍 Reddit r/ethStaker
🧩10. Reference Material
Appreciate the hard work done by the fine folks at the following links which served as a foundation for creating this guide.
🎉11. Bonus links
🧱 ETH2 Block Explorers
🗒 Latest Eth2 Info
👨👩👧👦 Additional ETH2 Community Guides
If you need to install Metamask,
Each validator will have two sets of key pairs. A signing key and a withdrawal key. These keys are derived from a single mnemonic phrase.
You have the choice of downloading the pre-built or building it from source.
Verify the SHA256 Checksum matches the checksum on the .
You will learn how to boot up a windows PC into an airgapped .
Download the official image from the . Might take a while, go grab a coffee.
For Mac download
Follow this exclusive for the low down on making a bootable usb.
Follow the steps at while skipping over the steps you already just completed. Study the eth2 phase 0 overview material. Understanding eth2 is the key to success!
Your transaction is sending and depositing your ETH to the
Check, double-check, triple-check that the official Eth2 deposit contract address is correct.
Multiple copies are better. Best stored in a
The subsequent steps assume you have completed the
Your choice of either ,,, , or.
Review the latest release at
Review the latest release notes at
Review the latest release at
File can be downloaded from
Review the latest release at
Sign up for an API access key at
Visit your dashboard
Alternatively use a free Ethereum node at
is an Eth2.0 client with a heavy focus on speed and security. The team behind it, , is an information security and software engineering firm who have funded Lighthouse along with the Ethereum Foundation, Consensys, and private individuals. Lighthouse is built in Rust and offered under an Apache 2.0 License.
Specific to your networking setup or cloud provider settings,
✨ Port Forwarding Tip: You'll need to forward and open ports to your validator. Verify it's working with or .
Setup your graffiti, a custom message included in blocks your validator successfully proposes, and earn a POAP token.
Learn more about
is a research project and a client implementation for Ethereum 2.0 designed to perform well on embedded systems and personal mobile devices, including older smartphones with resource-restricted hardware. The Nimbus team are from the company best known for by the same name. Nimbus (Apache 2) is written in Nim, a language with Python-like syntax that compiles to C.
For more on keys and keystores, see .
Specific to your networking setup or cloud provider settings,
✨ Port Forwarding Tip: You'll need to forward and open ports to your validator. Verify it's working with or .
Setup your graffiti, a custom message included in blocks your validator successfully proposes, and earn a POAP token.
Learn more about
(formerly known as Artemis) is a Java-based Ethereum 2.0 client designed & built to meet institutional needs and security requirements. PegaSys is an arm of dedicated to building enterprise-ready clients and tools for interacting with the core Ethereum platform. Teku is Apache 2 licensed and written in Java, a language notable for its materity & ubiquity.
Specific to your networking setup or cloud provider settings,
****✨ Port Forwarding Tip: You'll need to forward and open ports to your validator. Verify it's working with or .
Setup your graffiti, a custom message included in blocks your validator successfully proposes, and earn a POAP token.
Learn more about
is a Go implementation of Ethereum 2.0 protocol with a focus on usability, security, and reliability. Prysm is developed by , a company with the sole focus on the development of their client. Prysm is written in Go and released under a GPL-3.0 license.
Specific to your networking setup or cloud provider settings,
✨ Port Forwarding Tip: You'll need to forward and open ports to your validator. Verify it's working with or .
Setup your graffiti, a custom message included in blocks your validator successfully proposes, and earn a POAP token.
Learn more about
Lodestar is a Typescript implementation of the official by the team. In addition to the beacon chain client, the team is also working on 22 packages and libraries. A complete list can be found . Finally, the Lodestar team is leading the Eth2 space in light client research and development and has received funding from the EF and Moloch DAO for this purpose.
Specific to your networking setup or cloud provider settings,
****✨ Port Forwarding Tip: You'll need to forward and open ports to your validator. Verify it's working with or .
Setup your graffiti, a custom message included in blocks your validator successfully proposes, and earn a POAP token.
Learn more about
Use to create alerts and track your validator's performance.
Setup Chrony with .
Prometheus is a monitoring platform that collects metrics from monitored targets by scraping metrics HTTP endpoints on these targets. Grafana is a dashboard used to visualize the collected data.
Nethermind monitoring requires . Install with the following command.
Open or http://<your validator's ip address>:3000 in your local browser.
Set URL to
Download and save your ETH2 Client's json file. [ | | | | | | Lodestar ]
Download and save your ETH1 Client's json file [ | | | OpenEthereum ]
Credits:
Credits:
Credits:
Credits:
Credits:
Credits:
Credits:
Visit
To complete the Telegram API settings, a Telegram channel and bot are required. For instructions on setting up a bot with @Botfather, see of the Telegram documentation. You need to create a BOT API token.
Visit where XXX:YYY is your BOT API Token.
Now you can create custom alerts from your dashboards.
To complete the set up, a Discord server (and a text channel available) as well as a Webhook URL are required. For instructions on setting up a Discord's Webhooks, see of their documentation.
For instructions on setting up a Slack's Incoming Webhooks, see of their documentation.
Credits to .
For a video demo, watch .
Visit
Review release notes and check for breaking changes/features.
implements a standard to safety migrate validator keys between eth2 clients. This is the exported contents of the slashing database.
Now you need to setup/install your new validator but do not start running the systemd processes. Be sure to thoroughly follow your new validator's You will need to build/install the client, configure port forwarding/firewalls, and new systemd unit files.
and change your prometheus.yml. Ensure prometheus is connected to your new eth2 client's metrics port. You will also want to import your new eth2 client's dashboard.
Setup your graffiti, a custom message included in blocks your validator successfully proposes, and earn an early beacon chain validator POAP token.
