🦏
ETH Home Staking Collection
DVT Home Staking Curriculum
DVT Home Staking Curriculum
  • The DVT Home Staking Curriculum
  • Curriculum breakdown & timeline
  • Understanding ETH validators
    • Introduction to ETH Validators
    • Roles & Responsibilities of a node operator
    • Rewards and penalties
    • Importance of client diversity
    • Distributed Validator Technologies (DVTs)
    • Economics of using DVTs (WIP)
      • Diva Staking (WIP)
      • Obol (WIP)
      • SSV (WIP)
    • Bonded Validators
    • Economics of bonded validators (WIP)
  • Hardware & systems setup
    • Setup Overview
    • Hardware & system requirements
    • Procuring your hardware
    • Assemble your hardware
    • Practicing for free on Cloud VMs
      • Google Cloud
      • Alibaba Cloud
  • Linux OS, Networking, & Security
    • Install and prepare the OS
    • Networking & network security
    • Device level security setup
    • Verifying checksums
  • Installing & configuring your EL+CL clients
    • Set up and configure execution layer client
      • Nethermind
      • Besu
      • Geth
      • Erigon
      • Reth
    • Set up and configure consensus layer client
      • Teku BN
      • Nimbus BN
      • Lodestar BN
      • Lighthouse BN
      • Prysm BN
  • Keystore generation & MEV-Boost
    • Validator key generation
    • Set up and configure MEV-boost
  • Native Solo Staking Setup
    • Validator client setup
      • Teku VC
      • Nimbus VC
      • Lodestar VC
      • Lighthouse VC
      • Prysm VC
    • Depositing 32 ETH into your validator
    • Exiting your validator
  • Monitoring, Maintenance, and Updates
    • Set up monitoring suite
      • Installing & configuring Prometheus
      • Installing & configuring Node Exporter
      • Installing & configuring Grafana
      • Beaconcha.in App API
      • Client Uptime Check
    • Maintenance & Updates
      • Nethermind
      • Besu
      • Teku
      • Nimbus
      • Lodestar
      • Updating the monitoring suite
      • Preparing for Pectra
  • DVT Setup
    • Diva Staking
      • Diva Staking client setup
        • Default - All-in-one setup
        • Advanced - with standalone Lodestar VC
      • Registering your Diva node
      • Updating your Diva client
      • Monitoring your Diva Node
    • Obol
      • Techne Bronze Speedrun (Launchpad)
      • Obol + Bonded Validators (Techne Silver)
        • Obol + Lido CSM
    • SSV
      • SSV + Lido CSM (WIP)
      • SSV Operator
      • SSV Staker
  • Bonded Validators Setup
    • Lido CSM
      • Generating CSM keystores
      • Set Fee Recipient Address
        • Method 1: Configure on validator keys
        • Method 2: Configure on separate validator client
        • Verifying Fee Recipient Registered on MEV Relays
      • Upload/Remove/View validator keys
      • Rewards & bonds
      • Exiting CSM validators
        • "Lazy" exits (TESTNET ONLY)
        • Proper Exits
      • Role/Address management
      • Monitoring
      • Automations
        • CSM with ETHPillar
        • CSM with ETH Docker
        • CSM with Dappnode
    • Puffer
      • Non-Enclave: 2 ETH
    • Ether.fi
      • Receive distributed validator keyshares
    • Stader (WIP)
    • Rocketpool (WIP)
  • Liquid Staking Vaults
    • Stakewise V3
  • Mainnet
    • Mainnet Deployment
    • Heroglpyhs (WIP)
  • Best practices
    • Slashing prevention
    • Maximising uptime and performance
    • Optimising security
    • Managing your withdrawal wallet
  • Tips
    • Advanced networking
    • Downloading files from your node
  • Useful resources
    • General resources
    • Holesky Faucets
  • Automation/tools
    • ETHPillar
    • ETH Docker
    • Automated power on/off
      • Wake-on-LAN (WoL)
      • Network UPS Tools (NUT)
    • Validator Healthcheck Alerts
  • Solo Stakers Guild
    • Lido CSM+SSV+Obol (Testnet)
Powered by GitBook
On this page
  • Generate the JWT file
  • Download Erigon and configure the service
  • Start Erigon
  • Resources:
  1. Installing & configuring your EL+CL clients
  2. Set up and configure execution layer client

Erigon

PreviousGethNextReth

Last updated 7 months ago

You will need a 4TB NVME SSD to run the Erigon execution client.

The Erigon execution client is optimised to run as an Archival Node, which stores the full state of the Ethereum blockchain instead of just the most recent 128 blocks in Full Nodes. Running a Ethereum validator only requires a full node.

Generate the JWT file

We first need to create a JSON Web Token (JWT) that will allow the execution layer software (Erigon) and the consensus layer software to talk to each other.

Run the following commands one line at a time to create a folder on the server to store the JWT file and generate the JWT file:

sudo mkdir -p /var/lib/jwtsecret
openssl rand -hex 32 | sudo tee /var/lib/jwtsecret/jwt.hex > /dev/null

We will be pointing the configuration files of the execution and consensus clients to this JWT file later.

Download Erigon and configure the service

the latest version of Erigon and run the checksum verification process to ensure that the downloaded file has not been tampered with.

cd
curl -LO https://github.com/erigontech/erigon/releases/download/2.60.7/erigon_2.60.7_linux_amd64.tar.gz
echo "ab3ed8a91a11958df1a6ee56c03acac71a1aa7beb19e271b9c5e2e639159f125  erigon_2.60.7_linux_amd64.tar.gz" | sha256sum --check

Each downloadable file comes with it's own checksum (see below). Replace the actual checksum and URL of the download link in the code block above.

Make sure to choose the amd64 version. Right click on the linked text and select "copy link address" to get the URL of the download link to curl.

Expected output: Verify output of the checksum verification

erigon_2.60.7_linux_amd64.tar.gz: OK

If checksum is verified, extract the files and move them into the (/usr/local/bin) directory for neatness and best practice. Then, clean up the duplicated copies.

tar xvf erigon_2.60.7_linux_amd64.tar.gz
sudo cp erigon /usr/local/bin
rm -r erigon* README.md

Create an account (erigon) without server access for Erigon to run as a background service. This type of user account will not have root access so it restricts potential attackers to only the Geth service in the unlikely event that they manage to infiltrate via a compromised client update.

sudo useradd --no-create-home --shell /bin/false erigon

Create a directory for Erigon to store the blockchain data of the execution layer. Then set the owner of this directory to erigon so that this user can read and write to the directory.

sudo mkdir -p /var/lib/erigon
sudo chown -R erigon:erigon /var/lib/erigon

Create a systemd configuration file for the Erigon service to run in the background.

sudo nano /etc/systemd/system/erigon.service

Paste the configuration parameters below into the file:

[Unit]
Description=Erigon Execution Client (Holesky)
After=network.target
Wants=network.target

[Service]
User=erigon
Group=erigon
Type=simple
Restart=on-failure
RestartSec=5
ExecStart=/usr/local/bin/erigon \
  --chain holesky \
  --datadir /var/lib/erigon \
  --authrpc.jwtsecret=/var/lib/jwtsecret/jwt.hex \
  --port 30303 \
  --http \
  --http.addr value <Internal_IP_address> \
  --http.port 8547 \
  --pprof \
  --prune htc \
  --private.api.addr "" \
  --metrics
  
[Install]
WantedBy=default.target

Once you're done, save with Ctrl+O and Enter, then exit with Ctrl+X. Understand and review your configuration summary below, and amend if needed.

Erigon configuration summary:

  1. --chain holesky: Run the on the Holesky testnet

  2. --datadir: The directory for Erigon to store the blockchain data of the execution layer

  3. --authrpc.jwtsecret: The directory pointing to the JWT secret we generated earlier

  4. --port: Sets the port used for peer-to-peer communication. Defaults to 30303.

  5. --http: Enables the HTTP-RPC service on http and websocket. This is so that DVT clients such as the Diva service can connect to your execution client

  6. --http.addr: Sets the IP address to connect to the JSON RPC service. Use the internal IP address of your device here (check by running ip a) - e.g. 192.168.x.x. Defaults to 127.0.0.1 otherwise

  7. --http.port: Sets the port to connect to the HTTP-RPC service that will be used by the DVT services. You may choose any unused port number but remember to allow incoming connections into your chosen port in your firewall (ufw) rules. Defaults to 8545.

  8. --pprof: Enables the pprof HTTP server, providing profiling data about the Erigon process. Includes CPU usage, memory allocation, blocking profiles, etc. Useful for debugging and optimizing performance.

  9. --prune htc: Chooses which ancient data delete from DB. h=history, t=transaction, c=call traces

  10. --private.api.addr: Disables the private API typically used by developers (txpool, rpcdaemon, sentry, downloader data). Defaults to 127.0.0.1:9090, which conflicts with Prometheus Node Exporter is not disabled

  11. --metrics: Enable monitoring metrics on the Erigon service.

Start Erigon

Reload the systemd daemon to register the changes made, start Erigon, and check its status to make sure its running.

sudo systemctl daemon-reload
sudo systemctl start erigon.service
sudo systemctl status erigon.service

Expected output: The output should say Erigon is “active (running)”. Press CTRL-C to exit and Erigon will continue to run. It should take around 6 hours for Erigon to sync on the Holesky testnet.

Use the following command to check the logs of Erigon’s syncing process. Watch out for any warnings or errors.

sudo apt install ccze -y
sudo journalctl -fu erigon -o cat | ccze -A

Expected output:

Press CTRL-C to exit.

If the Erigon service is running smoothly, we can now enable it to fire up automatically when rebooting the system.

sudo systemctl enable erigon.service

Expected output:

Created symlink /etc/systemd/system/default.target.wants/erigon.service → /etc/systemd/system/erigon.service.

Resources:

Releases:

Documentation:

Discord: Request access via their website

https://github.com/ledgerwatch/erigon/releases
https://github.com/ledgerwatch/erigon#documentation
here
Download