Lido CSM+SSV+Obol (Testnet)
Overall Workflow
SSV: Set up
SSV node+SSV DKGservices &Execution + Consensus Clientsusing Eth DockerObol: Set up
Obol Charonservice &Validator Clientusing Eth Docker to import Obol-compatible validator keysharesLido CSM: Set up a second and
Dedicated Validator Clientusing EthPillar to import Lido CSM-compatible validator keys
Hardware Setup (Testnet)
Spin up a virtual machine on a cloud service with the following specifications using the reference page below.
CPU: 4 cores
RAM: 8GB
SSD: 250GB
OS: Ubuntu 24.04
Example:
Google CloudTip: Open these reference pages in a new tab/window so that you can switch between them easily
Installing ETH Docker
Go to the ETH Docker repository and to get and run the installation commands. Run the next 2 commands in sequence.
Exit your virtual machine/hardware and re-login to add your host user into the sudo & docker user group.
Enable ethd to be called from anywhere on your terminal.
SSV Setup
Follow along the prompts in the terminal UI (TUI) to:
Choose
Hoodi Testnet>>SSV node - consensus, execution and ssv-nodeSelect
yesfor Do you want to participate in DKG ceremonies as an operator?Once you see the screen below, select
<Cancel>as we don't have our Operator ID yet.
Then copy your SSV node public key from your terminal output and save it on a text editor
ETH Docker TUI Navigation
Arrow keys & Tab key: Cycle optionsSpace bar: Select optionEnter: Confirm optionCTRL+C: Exit individual screen monitoring viewESC: Quit
Register SSV Operator
Go to the SSV webapp, connect your wallet, and set the network to Hoodi.
Select
Join as Operator>>Register OperatorPaste your SSV node public key into the
Operator Public Keyfield. Make sure there are no whitespaces in your pasted string.Keep
Operator Statusto PublicSet the annual fee to 1.5 SSV per validator key, representing ~1.5% staking rewards fee at current $ETH and $SSV prices ($2650 & $23).
Register operator and sign the transaction on your wallet
Your SSV Operator ID will then be generated. Copy it and save it in a text editor file.
Setting your Operator Status to Public allows other stakers to select your SSV node as one of their DV operators, allowing them to pay you for your service. You can also easily net off the fees among your own DVT cluster members if you wish.
Complete ETH Docker Setup
Go back to the terminal of your VM.
Choose
Hoodi Testnet>>SSV node - consensus, execution and ssv-nodeSelect
yesfor Do you want to participate in DKG ceremonies as an operator?Because you now have your
SSV Operator ID, you can paste it in the requested fieldSelect the consensus and execution client of your choice
Use the
provided URLfor Checkpoint Sync, selectyesfor MEV Boost,yesfor Grafana dashboardsSet
Rewards Addressto an ERC-20 wallet address that you control (e.g., Metamask, hardware wallet)use defaultGraffiti,yesfor generate validator keys
Start ETH Docker
Configure DKG endpoint
Find the external IP address of your VM on your Cloud account >> Console >> Compute Engine >> Look under "External IP".
Your DKG endpoint will be <EXTERNAL_IP_ADDRESS>:3030,without the pointy brackets. Note that down and save it in a text editor file.
Verify that your DKG endpoint is accessible from external sources.
Expected output:
View logs
Complete SSV Operator Metadata
Complete SSV Operator Metadata
Go back to the SSV webapp >> Connect your wallet >> Switch to Holesky network >> go to My Account and click on your SSV Operator.
Select the ... drop down at the top right >> Edit Details
Select all options under MEV Relays.
The MEV Relays are actually set in your ETH Docker config and this step is just to signal the relays that you are using.
All cluster members must use the same relays to avoid missing block proposals due to a lack of consensus!
Use all available MEV Relays so that it's easier for stakers to choose your SSV Node.
Input your DKG endpoint and append :443 at the end if you are using a Tailscale funnel.
The other fields are optional but fill them up to attract stakers to select your SSV Operator!
Obol Setup
Go back to your Home folder.
Cluster Creation
Go to the Obol Hoodi Launchpad, scroll down and select "Create a distributed validator alone"
Read and click through the Advisories
Input your cluster details as follows
Cluster Name: Any
Cluster Size: 4
Validators: 1
Withdrawal & Fee Recipient Address: Your own wallet address
Create your cluster by signing an onchain transaction on your wallet
Copy the resulting "Create Cluster" command generated on the Obol Launchpad and run it on your terminal.
Example command
docker run -u $(id -u):$(id -g) --rm -v "$(pwd)/:/opt/charon" obolnetwork/charon:v1.3.0-rc3 create cluster --definition-file="https://api.obol.tech/v1/definition/0xf5960ceabdb3b528e85e2e174c997e86fe48b546d2c4abbc6dfd7d00595cc72c" --network=hoodi --cluster-dir="cluster" --publish
The following folders and files will be created:
cluster
node0
charon-enr-private-keycluster-lock.jsondeposit-data.jsonvalidator_keyskeystore-0.jsonkeystore-0.txt
node1
charon-enr-private-keycluster-lock.jsondeposit-data.jsonvalidator_keyskeystore-0.jsonkeystore-0.txt
node2
charon-enr-private-keycluster-lock.jsondeposit-data.jsonvalidator_keyskeystore-0.jsonkeystore-0.txt
node3
charon-enr-private-keycluster-lock.jsondeposit-data.jsonvalidator_keyskeystore-0.jsonkeystore-0.txt
Preparing your cluster
Set the necessary permissions to your newly generated Obol ENR private key and cluster file.
Copy the following files from one of the cluster folders (e.g., node0) above into the ~/eth-docker/.eth folder and set the necessary permissions.
Edit the .env file of Eth Docker.
In the COMPOSE_FILE line:
Append
:lido-obol.ymland:cl-shared.ymlEdit the
"consensus"-cl-only.ymlfile to"consensus".yml. e.g., Fromnimbus-cl-only.ymltonimbus.yml
Example:
Press CTRL+W, type "CL_NODE" and hit ENTER.
Change the
CL_NODEline to http://charon:3600 (from http://consensus:5052)
Example:
CTRL+O, ENTER, CTRL+X to save and exit.
Restart ETH Docker
Print the generated password of your Obol validator key shard and copy the output to your clipboard.
After all your services running via Docker "warmed up" for ~5 minutes, import your validator key shard and paste the password when prompted.
Monitoring Charon
Print the logs of the Obol Charon & Validator Client.
Lido CSM Setup
Go to the Coincashew website and copy the latest 1-line installation command and paste it into your terminal.
Then, type + enter ethpillar and follow along the prompts in the terminal UI (TUI) to:
Select the
Nimbus-NethermindoptionWait for the installation to be done and then select
2 - Hoodifor your network (Press "2" &ENTER)Select the
4 - Lido CSM Validator Client onlyoptionEnter
http://127.0.0.1:5052as your Consensus Client endpointGenerate validator keys to participate in the Lido CSM
Do not choose to disable internet connection when prompted
Select Hoodi
Enter the Lido's CSM Withdrawal Vault address as the Withdrawal Address:
0x4473dCDDbf77679A643BdB654dbd86D67F8d32f2Set the password for your validator keys
Save the 24-word mnemonic securely
Import the generated validator keys onto your validator client
Verify the fee recipient and withdrawal address on the CSM Operator Portal
Copy the deposit data generated by the command below for uploading onto the Lido CSM Widget.
The links below include the referral IDs of the tools that we are using today to join Lido CSM. Your rewards will not be affected by using these.
Mainnet: https://csm.lido.fi/?ref=ethpillar
Example output:
[{"pubkey": "8b29b853aef47eb3da93287a83b4625b418bf5a785bb506086e9f315478170cdb452fb63f32f8134835fc4ebea3313a7", "withdrawal_credentials": "0100000000000000000000004473dcddbf77679a643bdb654dbd86d67f8d32f2", "amount": 32000000000, "signature": "abcff77128a76dff62529f2a081f2143f77404c29087da1f4e12a8c6e8506dfb079085fdf72da8903e9c8c63ddf04129143090e92b6a17c993919e62047880cf54160f350271dff1b70e616e4210a5521836334d1139ece549ba513d503d0d90", "deposit_message_root": "03d0eb169a3c1a5551484185163b3e409dde01ec00515b7e594a6430ff398f69", "deposit_data_root": "961113829f6537828c5f06e69df8b76cf2a6904de03c4d1a25939ab1da9b5a14", "fork_version": "10000910", "network_name": "hoodi", "deposit_cli_version": "11.1.0"}]
View logs
Run the ethpillar command and select the view logs option
ETHPillar TUI Navigation
Arrow keys & Tab key: Cycle optionsSpace bar: Select optionEnter: Confirm optionCTRL+B, thenD: Exit split-screen monitoring viewCTRL+C: Exit individual screen monitoring viewexitcommand (type "exit" andenterin terminal) : Exit current terminal
Exiting validator keys
Lido CSM
Find the file path of your validator keystores.
Copy the output file path.
Run
ethpillarand navigate tovalidator client>>20 Generate Voluntary Exit Messages (VEM)and input the file path of your validator keystore.Then, run
ethpillarand navigate tovalidator client>>21 Broadcast Voluntary Exit Messages (VEM)and input the file path of your validator keystore.
Enter the password set for your validator keystore when prompted.
You can only exit your validator keystores after they have been activated on the Ethereum beacon chain.
Securing your device
Firewall Rules
Make sure to also configure port forwarding on the ports allowed above.
Advanced networkingOther Security SOPs
Networking & network securityDevice level security setupSupport
Last updated