🦏
ETH Home Staking Collection
DVT Home Staking Curriculum
DVT Home Staking Curriculum
  • The DVT Home Staking Curriculum
  • Curriculum breakdown & timeline
  • Understanding ETH validators
    • Introduction to ETH Validators
    • Roles & Responsibilities of a node operator
    • Rewards and penalties
    • Importance of client diversity
    • Distributed Validator Technologies (DVTs)
    • Economics of using DVTs (WIP)
      • Diva Staking (WIP)
      • Obol (WIP)
      • SSV (WIP)
    • Bonded Validators
    • Economics of bonded validators (WIP)
  • Hardware & systems setup
    • Setup Overview
    • Hardware & system requirements
    • Procuring your hardware
    • Assemble your hardware
    • Practicing for free on Cloud VMs
      • Google Cloud
      • Alibaba Cloud
  • Linux OS, Networking, & Security
    • Install and prepare the OS
    • Networking & network security
    • Device level security setup
    • Verifying checksums
  • Installing & configuring your EL+CL clients
    • Set up and configure execution layer client
      • Nethermind
      • Besu
      • Geth
      • Erigon
      • Reth
    • Set up and configure consensus layer client
      • Teku BN
      • Nimbus BN
      • Lodestar BN
      • Lighthouse BN
      • Prysm BN
  • Keystore generation & MEV-Boost
    • Validator key generation
    • Set up and configure MEV-boost
  • Native Solo Staking Setup
    • Validator client setup
      • Teku VC
      • Nimbus VC
      • Lodestar VC
      • Lighthouse VC
      • Prysm VC
    • Depositing 32 ETH into your validator
    • Exiting your validator
  • Monitoring, Maintenance, and Updates
    • Set up monitoring suite
      • Installing & configuring Prometheus
      • Installing & configuring Node Exporter
      • Installing & configuring Grafana
      • Beaconcha.in App API
      • Client Uptime Check
    • Maintenance & Updates
      • Nethermind
      • Besu
      • Teku
      • Nimbus
      • Lodestar
      • Updating the monitoring suite
      • Preparing for Pectra
  • DVT Setup
    • Diva Staking
      • Diva Staking client setup
        • Default - All-in-one setup
        • Advanced - with standalone Lodestar VC
      • Registering your Diva node
      • Updating your Diva client
      • Monitoring your Diva Node
    • Obol
      • Techne Bronze Speedrun (Launchpad)
      • Obol + Bonded Validators (Techne Silver)
        • Obol + Lido CSM
    • SSV
      • SSV + Lido CSM (WIP)
      • SSV Operator
      • SSV Staker
  • Bonded Validators Setup
    • Lido CSM
      • Generating CSM keystores
      • Set Fee Recipient Address
        • Method 1: Configure on validator keys
        • Method 2: Configure on separate validator client
        • Verifying Fee Recipient Registered on MEV Relays
      • Upload/Remove/View validator keys
      • Rewards & bonds
      • Exiting CSM validators
        • "Lazy" exits (TESTNET ONLY)
        • Proper Exits
      • Role/Address management
      • Monitoring
      • Automations
        • CSM with ETHPillar
        • CSM with ETH Docker
        • CSM with Dappnode
    • Puffer
      • Non-Enclave: 2 ETH
    • Ether.fi
      • Receive distributed validator keyshares
    • Stader (WIP)
    • Rocketpool (WIP)
  • Liquid Staking Vaults
    • Stakewise V3
  • Mainnet
    • Mainnet Deployment
    • Heroglpyhs (WIP)
  • Best practices
    • Slashing prevention
    • Maximising uptime and performance
    • Optimising security
    • Managing your withdrawal wallet
  • Tips
    • Advanced networking
    • Downloading files from your node
  • Useful resources
    • General resources
    • Hoodi Faucets
  • Automation/tools
    • ETHPillar
    • ETH Docker
    • Automated power on/off
      • Wake-on-LAN (WoL)
      • Network UPS Tools (NUT)
    • Validator Healthcheck Alerts
  • Solo Stakers Guild
    • Lido CSM+SSV+Obol (Testnet)
Powered by GitBook
On this page
  • Download Lighthouse
  • Configure the Lighthouse Consensus Client
  • Start the Lighthouse Consensus Client
  • Verify the Initial State roots (Checkpoint Sync)
  • Resources
  1. Installing & configuring your EL+CL clients
  2. Set up and configure consensus layer client

Lighthouse BN

Download Lighthouse

Download the latest version of Lighthouse and run the checksum verification process to ensure that the downloaded file has not been tampered with.

cd
curl -LO https://github.com/sigp/lighthouse/releases/download/v5.3.0/lighthouse-v5.3.0-x86_64-unknown-linux-gnu.tar.gz
curl -LO https://github.com/sigp/lighthouse/releases/download/v5.3.0/lighthouse-v5.3.0-x86_64-unknown-linux-gnu.tar.gz.asc

Run the checksum verification process.

gpg --keyserver keyserver.ubuntu.com --recv-keys 15E66D941F697E28F49381F426416DC3F30674B0
gpg --verify lighthouse-v5.3.0-x86_64-unknown-linux-gnu.tar.gz.asc lighthouse-v5.3.0-x86_64-unknown-linux-gnu.tar.gz

Verify the release signing key (--recv-keys) in the first command above in the releases page here.

Each downloadable file comes with it's own checksum. Replace the actual checksum and URL of the download link in the code block above.

Make sure to choose the amd64 version. Right click on the linked text and select "copy link address" to get the URL of the download link to curl.

Expected output: Verify output of the checksum verification.

gpg: Signature made Thu Mar 28 07:30:45 2024 UTC
gpg:                using RSA key 15E66D941F697E28F49381F426416DC3F30674B0
gpg: Good signature from "Sigma Prime <security@sigmaprime.io>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 15E6 6D94 1F69 7E28 F493  81F4 2641 6DC3 F306 74B0

If checksum is verified, extract the files and move them into the (/usr/local/bin) directory for neatness and best practice. Then, clean up the duplicated copies.

tar xvf lighthouse-v5.3.0-x86_64-unknown-linux-gnu.tar.gz
sudo cp lighthouse /usr/local/bin
rm -r lighthouse*

Configure the Lighthouse Consensus Client

We will be running the consensus client and validator client of Lighthouse as separate services so that there is more flexibility to configure a failover node for maximum uptime when you decide it is needed.

Create an account (lighthouse) without server access for the Lighthouse Consensus Client & Validator Client to run as a background service. This type of user account will not have root access so it restricts potential attackers to only the Lighthouse Consensus Client & Validator Client services in the unlikely event that they manage to infiltrate via a compromised client update.

sudo useradd --no-create-home --shell /bin/false lighthousebeacon

Create a directory for Lighthouse to store the blockchain and validator data of the Consensus layer. Move the validator_keys directory into this folder. Then set the owner of this directory to the lighthouse so that this user can read and write to the directory.

sudo mkdir -p /var/lib/lighthouse_beacon
sudo chown -R lighthousebeacon:lighthousebeacon /var/lib/lighthouse_beacon
sudo chmod 700 /var/lib/lighthouse_beacon

If there are no errors, create a systemd configuration file for the Lighthouse Consensus Client service to run in the background.

sudo nano /etc/systemd/system/lighthousebeacon.service

Paste the configuration parameters below into the file:

[Unit]
Description=Lighthouse Beacon Node (Holesky)
Wants=network-online.target
After=network-online.target

[Service]
User=lighthousebeacon
Group=lighthousebeacon
Type=simple
Restart=always
RestartSec=5
ExecStart=/usr/local/bin/lighthouse bn \
  --network holesky \
  --datadir /var/lib/lighthouse_beacon \
  --execution-endpoint http://127.0.0.1:8551 \
  --execution-jwt /var/lib/jwtsecret/jwt.hex \
  --checkpoint-sync-url=https://holesky.beaconstate.ethstaker.cc/ \
  --metrics \
  --metrics-port 8008 \
  --validator-monitor-auto \
  --port 9000 \
  --http \
  --http-port 5052 \
  --http-address <Internal_IP_address> \
  --builder http://127.0.0.1:18550 

[Install]
WantedBy=multi-user.target

Once you're done, save with Ctrl+O and Enter, then exit with Ctrl+X. Understand and review your configuration summary below, and amend if needed.

Lighthouse Consensus Client configuration summary:

  1. --network: Run the Consensus Client service on the ETH Holesky testnet

  2. --datadir: Specify the directory for Lighthouse to store data related to the consensus client

  3. --execution-endpoint: URL to connect to the execution layer client

  4. --execution-jwt: File path to locate the JWT secret we generated earlier

  5. --checkpoint-sync-url: Enables nearly instant syncing of the Consensus Client by pointing to one of the checkpoint sync URLs here - https://eth-clients.github.io/checkpoint-sync-endpoints/

  6. --metrics: Enable monitoring of Consensus Client metrics

  7. --metrics-port: Port to connect to the metrics server. Used by Prometheus & Grafana for monitoring.

  8. --validator-monitor-auto: Provides additional logging and metrics for locally controlled validators

  9. --port: Sets the port for peer-to-peer communication. Defaults to 9000.

  10. --http: Allows the validator client to connect to this consensus client. Also allows monitoring endpoints to pull metrics from this service

  11. --http-port: Sets the port to connect to the consensus client

  12. --http-address: Sets the IP address to connect to the REST API of the consensus client that will be used by the DVT clients. Use the internal IP address of your device here (check by running ip a) - e.g. 192.168.x.x. Defaults to 127.0.0.1 otherwise

  13. --builder: URL to connect to external builders (e.g. MEV relays)

Start the Lighthouse Consensus Client

Reload systemd to register the changes made, start the Lighthouse Consensus Client service, and check its status to make sure its running.

sudo systemctl daemon-reload
sudo systemctl start lighthousebeacon.service
sudo systemctl status lighthousebeacon.service

Expected output: The output should say Lighthouse Consensus Client is “active (running)”. Press CTRL-C to exit and Lighthouse Consensus Client will continue to run. It should take just a few minutes for Lighthouse to sync on Holesky.

Use the following command to check the logs of Lighthouse Consensus Client’s syncing process. Watch out for any warnings or errors.

sudo journalctl -fu lighthousebeacon -o cat | ccze -A

Expected output:

Press Ctrl+C to exit monitoring.

If the Lighthouse Consensus Client service is running smoothly, we can now enable it to fire up automatically when rebooting the system.

sudo systemctl enable lighthousebeacon.service

Verify the Initial State roots (Checkpoint Sync)

  1. Go to https://holesky.beaconcha.in/ on your browser and search for the slot number (slot).

  2. Verify the Block Root and State Root with your journalctl output

  3. journalctl output

Resources

  • Releases: https://github.com/sigp/lighthouse/releases

  • Documentation: https://lighthouse-book.sigmaprime.io/intro.html

  • Discord: https://discord.com/invite/TX7HKfgJN3

PreviousLodestar BNNextPrysm BN

Last updated 6 months ago

testnet example: prater.beaconcha.in