English

Ethereum Merge Upgrade Checklist for Home Stakers and Validators

Quick to-do list before the merge arrives.

🎊 Support us on Gitcoin Grants: We improve this guide with your support!🙏

The following steps align with our mainnet guide. You may need to adjust file names and directory locations where appropriate. The core concepts remain the same.

Wen merge?

All stakers must upgrade to EL+CL Merge-ready nodes before September 6th!

What's merge?

How to merge?

Prerequisite: Before beginning, there is a mandatory requirement to run your own Execution Layer (EL) client (i.e. besu, geth, nethermind, erigon).

Outsourcing EL/eth1 to Infura is no longer possible post merge. Run your own.

In order to transition through the merge successfully, your validator node must:

1) Update to latest EL / CL node software

2) Create a jwtsecret file

3) Update startup commands with the following:

  • Set your suggested fee recipient address

  • Enable the authenticated port to the new Engine API

1) Update to latest EL / CL node software

First start by updating your system.

sudo apt -y update && sudo apt -y upgrade

Next, follow the instructions for updating EL or updating CL, or your node's official documentation.

Here are the Merge-Ready versions you require:

Consensus Layer

NameVersionLink

Lighthouse

v3.1.0

Download

Lodestar

v1.0.0

Download

Nimbus

v22.9.0

Download

Prysm

v3.1.0

Download

Teku

22.9.0

Download

Execution Layer

NameVersionLink

Besu

22.7.2

Download

Erigon

v2022.09.01-alpha

Download

go-ethereum (geth)

v1.10.23

Download

Nethermind

v1.14.1

Download

2) Create a jwtsecret file

This new jwtsecret file contains a hexadecimal string that is passed to both Execution Layer client and Consensus Layer clients, and is used to ensure authenticated communications between both clients.

#store the jwtsecret file at /secrets
sudo mkdir -p /secrets

#create the jwtsecret file
openssl rand -hex 32 | tr -d "\n" | sudo tee /secrets/jwtsecret

#enable read access
sudo chmod 644 /secrets/jwtsecret

3) Update startup commands

Updates to your systemd file for the consensus layer, execution layer, or validator will be required to support the following new merge options:

  • Set your suggested fee recipient address

  • Enable the authenticated port to the new Engine API

Ensure you add/append the changes to the END of the ExecStart line.

To exit and save from the nano editor, press Ctrl + X, then Y, thenEnter.

The fee recipient address receives block proposal priority fees (aka mining tips) and is an ETH address you designate as your rewards address. These rewards are immediately spendable, unlike the validator's attestation and block proposal rewards.

Change 0x_CHANGE_THIS_TO_MY_ETH_FEE_RECIPIENT_ADDRESS, your fee recipient address to an ETH address you control.

For advanced fee recipient configurations, i.e. you want a unique ETH address per validator for privacy reasons, refer to the official documents at: Teku | Lighthouse | Nimbus | Prysm | Lodestar

Location of system service files to update

# Consensus Client:
sudo nano /etc/systemd/system/beacon-chain.service

# Validator Client:
sudo nano /etc/systemd/system/validator.service

# Execution Client:
sudo nano /etc/systemd/system/eth1.service

Consensus Client Layer Changes (beacon chain)

--execution-endpoint http://127.0.0.1:8551 --execution-jwt /secrets/jwtsecret

Validator Client Changes

--suggested-fee-recipient 0x_CHANGE_THIS_TO_MY_ETH_FEE_RECIPIENT_ADDRESS

Execution Client Layer Changes (eth1)

If your Besu client is configured by --parameters in the systemd service file, add the following changes.

--engine-jwt-secret=/secrets/jwtsecret

Alternatively, if your Besu client is configured by passing a TOML file (i.e. besu.yaml), edit besu.yaml with nano.

sudo nano /etc/besu/besu.yaml

Add the following line:

engine-jwt-secret="/secrets/jwtsecret"

Use one configuration or the other, but not both!

After adding the above startup commands, reload and restart your services.

sudo systemctl daemon-reload
sudo systemctl restart eth1 beacon-chain validator

Verify your logs look error-free and show use of the new configurations.

journalctl -fu eth1
journalctl -fu beacon-chain
journalctl -fu validator

Verify your validator is still attesting properly by checking an public block explorer such as beaconcha.in

Congrats! Your node should be merge ready now. Stay tuned to the latest news.

Post-Merge Cleanup and To-Dos

We've made it to a post-merge era! Consider the following changes to your startup commands.

  • Remove --eth1-endpoints , as the execution engine endpoint is now in use. Not removing this may cause extra chatter in logs.

  • Remove any Infura or backup beacon-chain CL references.

  • If your EL and CL are on separate machines, update your firewall. Port 8551 is now used instead of 8545.

Optional - Extra #TestingTheMerge

Can't get your mind off the merge? Here's some additional ideas and nice to haves.

[] Test your merge configurations on Goerli testnet

[] Improve Client Diversity

  • Switch to a minority EL - suggestion: Use besu as "minority client". Besu features auto pruning.

  • Switch to a minority CL

[] Configure MetaMask to use your own node. Bye Infura outages.

[] Upgrade node storage to 2TB+

[] Prune your EL node

[] Upgrade Grafana reporting with samc's ethereum metrics exporter

[] Test / dev / deploy code on the testnets

[] Learn and earn more rewards with MEV-boost

PreviousGuide | How to setup a validator for Ethereum staking on Pithos testnet in 10 minutes or lessNextGuide | Operation Client Diversity: Migrate Prysm to Teku

Last updated