CoinCashew
English
Search…
⌃K
Links

Ethereum Merge Upgrade Checklist for Home Stakers and Validators

Quick to-do list before the merge arrives.
🎊
Support us on Gitcoin Grants: We improve this guide with your support!🙏
The following steps align with our mainnet guide. You may need to adjust file names and directory locations where appropriate. The core concepts remain the same.

Wen merge?

All stakers must upgrade to EL+CL Merge-ready nodes before September 6th!

What's merge?

Enough said

How to merge?

Prerequisite: Before beginning, there is a mandatory requirement to run your own Execution Layer (EL) client (i.e. besu, geth, nethermind, erigon).
Outsourcing EL/eth1 to Infura is no longer possible post merge. Run your own.

In order to transition through the merge successfully, your validator node must:

1) Update to latest EL / CL node software
2) Create a jwtsecret file
3) Update startup commands with the following:
  • Set your suggested fee recipient address
  • Enable the authenticated port to the new Engine API

1) Update to latest EL / CL node software

First start by updating your system.
sudo apt -y update && sudo apt -y upgrade
Next, follow the instructions for updating EL or updating CL, or your node's official documentation.
Here are the Merge-Ready versions you require:
Consensus Layer
Name
Version
Link
Lighthouse
v3.1.0
Download
Lodestar
v1.0.0
Download
Nimbus
v22.9.0
Download
Prysm
v3.1.0
Download
Teku
22.9.0
Download
Execution Layer
Name
Version
Link
Besu
22.7.2
Download
Erigon
v2022.09.01-alpha
Download
go-ethereum (geth)
v1.10.23
Download
Nethermind
v1.14.1
Download

2) Create a jwtsecret file

This new jwtsecret file contains a hexadecimal string that is passed to both Execution Layer client and Consensus Layer clients, and is used to ensure authenticated communications between both clients.
#store the jwtsecret file at /secrets
sudo mkdir -p /secrets
#create the jwtsecret file
openssl rand -hex 32 | tr -d "\n" | sudo tee /secrets/jwtsecret
#enable read access
sudo chmod 644 /secrets/jwtsecret

3) Update startup commands

Updates to your systemd file for the consensus layer, execution layer, or validator will be required to support the following new merge options:
  • Set your suggested fee recipient address
  • Enable the authenticated port to the new Engine API
Ensure you add/append the changes to the END of the ExecStart line.
To exit and save from the nano editor, press Ctrl + X, then Y, thenEnter.
The fee recipient address receives block proposal priority fees (aka mining tips) and is an ETH address you designate as your rewards address. These rewards are immediately spendable, unlike the validator's attestation and block proposal rewards.
Change 0x_CHANGE_THIS_TO_MY_ETH_FEE_RECIPIENT_ADDRESS, your fee recipient address to an ETH address you control.
For advanced fee recipient configurations, i.e. you want a unique ETH address per validator for privacy reasons, refer to the official documents at: Teku | Lighthouse | Nimbus | Prysm | Lodestar

Location of system service files to update

CoinCashew
SomerEsat
# Consensus Client:
sudo nano /etc/systemd/system/beacon-chain.service
# Validator Client:
sudo nano /etc/systemd/system/validator.service
# Execution Client:
sudo nano /etc/systemd/system/eth1.service
For reference purposes only. Recommend refer to the official SomerEsat Merge Updates when available.
# Nimbus
sudo nano /etc/systemd/system/nimbus.service
# Prysm
sudo nano /etc/systemd/system/prysmvalidator.service
sudo nano /etc/systemd/system/prysmbeacon.service
# Lighthouse
sudo nano /etc/systemd/system/lighthousevalidator.service
sudo nano /etc/systemd/system/lighthousebeacon.service
# Teku
sudo nano /etc/systemd/system/teku.service
# Geth EL
sudo nano /etc/systemd/system/geth.service
Consensus Client Layer Changes (beacon chain)
Lighthouse
Teku
Lodestar
Nimbus
Prysm
--execution-endpoint http://127.0.0.1:8551 --execution-jwt /secrets/jwtsecret
If your Teku client is configured by passing in a TOML file (i.e. teku.yaml), edit teku.yaml with nano.
sudo nano /etc/teku/teku.yaml
Add the following lines to the yaml file:
# execution engine
ee-endpoint: http://localhost:8551
ee-jwt-secret-file: "/secrets/jwtsecret"
# fee recipient
validators-proposer-default-fee-recipient: "<0x_CHANGE_THIS_TO_MY_ETH_FEE_RECIPIENT_ADDRESS>"
Alternatively, if your Teku client is configured by --parameters in the systemd service file, add the following changes.
--ee-endpoint http://localhost:8551 --ee-jwt-secret-file "/secrets/jwtsecret" --validators-proposer-default-fee-recipient 0x_CHANGE_THIS_TO_MY_ETH_FEE_RECIPIENT_ADDRESS
Use one configuration or the other but not both!
--jwt-secret /secrets/jwtsecret --execution.urls http://127.0.0.1:8551 --suggestedFeeRecipient 0x_CHANGE_THIS_TO_MY_ETH_FEE_RECIPIENT_ADDRESS
--web3-url=ws://127.0.0.1:8551 --jwt-secret="/secrets/jwtsecret" --suggested-fee-recipient=0x_CHANGE_THIS_TO_MY_ETH_FEE_RECIPIENT_ADDRESS
--execution-endpoint=http://localhost:8551 --jwt-secret=/secrets/jwtsecret --suggested-fee-recipient=0x_CHANGE_THIS_TO_MY_ETH_FEE_RECIPIENT_ADDRESS
Validator Client Changes
Lighthouse
Teku
Lodestar
Nimbus
Prysm
--suggested-fee-recipient 0x_CHANGE_THIS_TO_MY_ETH_FEE_RECIPIENT_ADDRESS
Only if running in validator in a separate client
--validators-proposer-default-fee-recipient=0x_CHANGE_THIS_TO_MY_ETH_FEE_RECIPIENT_ADDRESS
--suggestedFeeRecipient 0x_CHANGE_THIS_TO_MY_ETH_FEE_RECIPIENT_ADDRESS
Runs in consensus client, not needed.
--suggested-fee-recipient 0x_CHANGE_THIS_TO_MY_ETH_FEE_RECIPIENT_ADDRESS
Execution Client Layer Changes (eth1)
Besu
Geth
Erigon
Nethermind
If your Besu client is configured by --parameters in the systemd service file, add the following changes.
--engine-jwt-secret=/secrets/jwtsecret
Alternatively, if your Besu client is configured by passing a TOML file (i.e. besu.yaml), edit besu.yaml with nano.
sudo nano /etc/besu/besu.yaml
Add the following line:
engine-jwt-secret="/secrets/jwtsecret"
Use one configuration or the other, but not both!
--authrpc.jwtsecret=/secrets/jwtsecret
--authrpc.jwtsecret=/secrets/jwtsecret
--JsonRpc.Host=127.0.0.1 --JsonRpc.JwtSecretFile=/secrets/jwtsecret
After adding the above startup commands, reload and restart your services.
sudo systemctl daemon-reload
sudo systemctl restart eth1 beacon-chain validator
Verify your logs look error-free and show use of the new configurations.
journalctl -fu eth1
journalctl -fu beacon-chain
journalctl -fu validator
Verify your validator is still attesting properly by checking an public block explorer such as beaconcha.in
Congrats! Your node should be merge ready now. Stay tuned to the latest news.

Post-Merge Cleanup and To-Dos

We've made it to a post-merge era! Consider the following changes to your startup commands.
  • Remove --eth1-endpoints , as the execution engine endpoint is now in use. Not removing this may cause extra chatter in logs.
  • Remove any Infura or backup beacon-chain CL references.
  • If your EL and CL are on separate machines, update your firewall. Port 8551 is now used instead of 8545.

Optional - Extra #TestingTheMerge

Can't get your mind off the merge? Here's some additional ideas and nice to haves.
[
] Test your merge configurations on Goerli testnet
[
] Improve Client Diversity
  • Switch to a minority EL - suggestion: Use besu as "minority client". Besu features auto pruning.
  • Switch to a minority CL
[
] Configure MetaMask to use your own node. Bye Infura outages.
[
] Upgrade node storage to 2TB+
[
] Prune your EL node
[
] Upgrade Grafana reporting with samc's ethereum metrics exporter
[
] Test / dev / deploy code on the testnets
[
] Learn and earn more rewards with MEV-boost