Teku
WARNING: Do not import your validator keys into multiple validator clients and run them at the same time, or you might get slashed. If moving validators to a new setup or different validator client, ensure deletion of the previous validator keys before continuing.
Storing your keystore password in a text file is required so that Teku can decrypt and load your validators automatically.
Create a temporary file to store your keystore password. Type your password in this file.
sudo nano $HOME/validators-password.txtTo exit and save, press Ctrl + X, then Y, then Enter.
Confirm that your keystore password is correct.
sudo cat $HOME/validators-password.txtWhen specifying directories for your validator-keys, Teku expects to find identically named keystore and password files.
For example keystore-m_12221_3600_1_0_0-11222333.json and keystore-m_12221_3600_1_0_0-11222333.txt
Run the following command to create a corresponding password file for every one of your validators.
for f in $HOME/staking-deposit-cli/validator_keys/keystore*.json; do sudo cp $HOME/validators-password.txt $HOME/staking-deposit-cli/validator_keys/$(basename $f .json).txt; doneSelect a tab for your Teku configuration, either Standalone Validator (Recommended) or Combined Beacon Node with Validator. Running a standalone validator configuration is recommended for best modularity and redundancy.
Copy your validator_keys to the data directory.
sudo mkdir -p /var/lib/teku_validator/validator_keys
sudo cp $HOME/staking-deposit-cli/validator_keys/keystore* /var/lib/teku_validator/validator_keysCreate a service user for the validator service, then create data directories and setup ownership permissions, including hardening the access to this directory.
sudo adduser --system --no-create-home --group validator
sudo chown -R validator:validator /var/lib/teku_validator
sudo chmod -R 700 /var/lib/teku_validatorVerify that your validator's keystore .json files and validator's passwords .txt files are present by checking the following directory.
sudo ls -l /var/lib/teku_validator/validator_keysExample output of two validator's keystore.json files with matching password.txt files.
-rwx------ 1 validator validator 710 Sep 19 23:39 keystore-m_12381_3600_1_0_0-1695165818.json
-rwx------ 1 validator validator 43 Sep 19 23:39 keystore-m_12381_3600_1_0_0-1695165818.txt
-rwx------ 1 validator validator 710 Sep 19 23:39 keystore-m_12381_3600_2_0_0-1695165819.json
-rwx------ 1 validator validator 43 Sep 19 23:39 keystore-m_12381_3600_2_0_0-1695165819.txtCreate a systemd unit file to define your validator.service configuration.
sudo nano /etc/systemd/system/validator.servicePaste the following configuration into the file.
[Unit]
Description=Teku Validator Client service for Mainnet
Wants=network-online.target
After=network-online.target
Documentation=https://www.coincashew.com
[Service]
Type=simple
User=validator
Group=validator
Restart=on-failure
RestartSec=3
KillSignal=SIGINT
TimeoutStopSec=900
ExecStart=/usr/local/bin/teku/bin/teku validator-client \
--network=mainnet \
--data-path=/var/lib/teku_validator \
--validator-keys=/var/lib/teku_validator/validator_keys:/var/lib/teku_validator/validator_keys \
--beacon-node-api-endpoint=http://localhost:5052 \
--validators-proposer-default-fee-recipient=<0x_CHANGE_THIS_TO_MY_ETH_FEE_RECIPIENT_ADDRESS> \
--validators-graffiti="🏠🥩🪙🛡️" \
--metrics-enabled=true \
--metrics-port=8009
[Install]
WantedBy=multi-user.targetReplace
<0x_CHANGE_THIS_TO_MY_ETH_FEE_RECIPIENT_ADDRESS>with your own Ethereum address that you control. Tips are sent to this address and are immediately spendable.If you wish to customize a short message that is included when you produce a block, add your message to the
--graffiti. Maximum length is 16 characters.
To exit and save, press Ctrl + X, then Y, then Enter.
Run the following to enable auto-start at boot time.
Finally, start your validator client and check it's status.
Check your logs to confirm that the validator clients are up and functioning.
Setup ownership permissions, including hardening the access to this directory.
Copy your validator_keys to the data directory.
Verify that your validator's keystore .json files and validator's passwords .txt files are present by checking the following directory.
Example output of two validator's keystore.json files with matching password.txt files.
Finally, restart Teku to use the new validators.
Check your logs to confirm that the validators are up and functioning.
For example when using 2 validators, logs will show the following:
Press Ctrl + C to exit the logs.
Example of Synced Teku Validator Client Logs
Once the validator is active and proceeded through the validator activation queue, attestation messages will appear indicating successful attestations.
Notice the key words "
Validator *** Published attestation".
Delete the temporary keystore password file.