Validator SOP Part 2: Upkeep, Updates, & Ongoing Management
Table of Contents
- Appendix A Package Management Updates
- Appendix B Updating Geth
- Appendix C Updating Prysm
- Appendix D Exiting a Validator
- Appendix E Checking Sync Committee Duties
- Appendix F MEV-Boost
Appendix A Package Management Updates
To maintain optimal performance and security of your Node, it is crucial to regularly execute the following command:
This will:
-
Update the package list for all configured repositories
-
Upgrade all packages to their latest versions and install all new dependencies required by updated packages
-
Remove any packages that were installed as dependencies that are no longer needed
-
Clean up the package cache
-
Not require your input (the -y flag prevents certain commands from being confirmed by you, you can feel free to remove if you’d like to see what will update and then permit that update in separate steps)
Note that because it’s a sudo command, you’ll need to enter your password.
It is not irregular for your Node to prompt you to restart it after some particular updates are made. Sometimes this is requested after packages are updated, other times it’s requested and shown to you upon your next login.
Appendix B Updating Geth
First, go to the Geth Repository here and right-click on the Geth for Linux button and then click copy link. Be sure to copy the correct link. It should look something like https://gethstore.blob.core.windows.net/builds/geth-linux-amd64-1.14.12-293a300d.tar.gz
. Modify the URL in the instructions below to match the download link for the latest version (x5), which is v1.14.12 in this example (current as of 11.19.24).
Then stop the Geth service
Note that stopping Geth always takes a moment and is not expected to complete immediately, don’t stress, just be patient.
Now extract the files from the archive and copy to the /usr/local/bin directory. Modify the file name to match the downloaded version:
Next, restart the services and check for errors:
Finally, clean up the files, modifying the file name to match the downloaded version. Then check the Geth version to verify that all was installed correctly. This should match the Geth version shown on the repo site:
Appendix C Updating Prysm
In order to update Prysm, we’ll need to update both the validator and beacon-chain software.
First, let’s check the latest version of Prysm available on their GitHub repo, which can be accessed here. Be sure to copy the correct link, it should look something like https://github.com/prysmaticlabs/prysm/releases/download/v5.2.0/beacon-chain-v5.2.0-darwin-amd64.sha256
. We will need to modify the commands below to match the latest version number, which is v5.2.0 in this example (current as of 12.16.24).
Curl the latest software and rename:
Then stop the Prysm services:
Then make the software executable, copy into the bin folder, and re-secure permissions:
Next, restart services and check for errors, then clean up the files:
Finally, check that you installed the right version. Note that this command may show you both the previous version and the current version. As long as both commands show the same data for the validator and beacon-chain software, you’re all set:
Appendix D Exiting a Validator
To exit Validator(s), you’ll need to know which ones! To check your accounts, you can use this command:
Followed by typing in your wallet password. You’ll see a list of your account(s) returned that looks something like the below:
Make sure to keep note of this data for the validator you’d like to exit.
Before we get started, we’ll need bazel, set to v7.1.0:
Now, we’ll need to use prysmctl (note that this command is not setting up a service, but instead running prysmctl directory and one time). Use the following commands to install and build the latest version:
This will take some time.
Armed with the required information and software, issue the following command and use the arrow keys to select the validator(s) you’d like to exit, and continue to follow the instructions presented (including entering your wallet password):
It may take some time for the validators to exit - issuing this command simply adds your validator to the exit queue. After a few minutes you should be able to to check the status of the voluntary exit by searching for the validator on Beaconcha.in.
Note that even if there is no exit queue, this process will still take non insiginificant time. Exiting requires at least ~30 minutes to show on Beaconchain, plus exit queue time, and then a variable amount of time depending on the sweep timing, which is impacted by the number of active validators that have either full or partial withdrawals.
Once the exit succeeds and you confirm receipt of the 32 (* the number of exited validators) ETH, you can stop all services on your Node and permanently shut down if you wish.
If you are only exiting temporarily and are going to use this same confirmation (or are using it) for other validators, you should remove the directory you created here so that you can repeat this process in the future, rebuilding the latest version of prysmctl:
Appendix E Checking Sync Committee Duties
Before performing maintenance (like pruning Geth, or updating Geth or Prysm), it is prudent to check upcoming sync committee duties (described up to ~27 hours in advance) so as not to be offline when you would otherwise be part of a committee.
If any of the validators (as identified by the validator index numbers in the command) have upcoming duties, there will be additional output that says “validator: 123511 found in next sync committee”. If no such text is present, the validators in question do not have upcoming sync duties.
Note that this requires the following script be set up and made executable:
You can get this set up easily via:
Then paste in the text of the script above, save and exit, followed by:
to make the script executable.
Also, run the following commpand to ensure you have prerequisite software set up:
Run the following command, it will show something like the below:
Appendix F MEV-Boost
MEV-boost (Maximal Extractable Value) is software that allows stakers to access MEV, earning them higher block rewards by using opensource middleware (MEV-boost by Flashbots) that allows access to the competitive block-building market. See more information about proposer-builder separation here.
There are trade-offs and choices to make in terms of which block-builders are used here, namely, is the relay censoring aka OFAC compliant and is the relay ethical aka does it employ frontrunning and sandwich attack methods to increase MEV. Endaoment and this guide do not support or otherwise condone the use of unethical or illegal MEV-boost practices.
While Endaoment will be using this software to increase staking rewards, we are of the opinion that MEV-burn is a preferable system where MEV-boost is rendered useless (in this system, any and all MEV is automatically burnt, as opposed to being rewarded to randomly chosen proposer based on their willingness to run ethical or unethical MEV).
MEV Boost Set Up
Let’s get to installing! All commands below are based on the current version of MEV-boost as of 8.30.24, v1.8, but should be adjusted based on whatever the latest version of MEV-boost is here. Simply scroll to the bottom of the linked releases page, and right click the .tar.gz file that contains linux_amd64
. Copy that link and replace all file names and links below.
Create mevboost service account:
Curl the MEV-boost build from the aforementioned link:
For additional security, you can verify the checksum against the checksum found on the releases link above:
Extract the files from the archive, copy to the /usr/local/bin directory, modify file names, and remove downloaded leftovers:
Next, create and configure the service file:
And then paste the following data into the file:
Make sure to replace {MinBid}
with the minimum MEV bid required to use the block builder (else, you will build the block locally). Format this value like 0.05
.
Make sure to replace {RelayAddress}
with the relay you would like to use to build your blocks for MEV. You can remove or add additional relay lines as needed - any listed relays will compete for the best MEV.
Press CTRL + X then Y then ENTER to save and exit.
Reload systemd to reflect the changes and start the service. Check the status to make sure it’s running correctly:
If it says “active (running)” in green text, you’ve done it! Press Q to quit (this will not effect the mevboost service).
Use the journal output to follow the progress or check for errors by running the following command:
Finally, enable the service to automatically start on reboot:
Update BeaconChain and Validator Software
In order to get the mevboost service to properly communicate with Prysm, we’ll need to adjust both service files.
Open the prysmbeacon service file:
Add the following ExecStart command, depending on how you’ve formatted this file, you may need to add a backslash to delineate the lines:
Press CTRL + X then Y then ENTER to save and exit.
Open the prysmvalidator service file:
Add the following ExecStart command, depending on how you’ve formatted this file, you may need to add a backslash to delineate the lines:
Press CTRL + X then Y then ENTER to save and exit.
Finally, reload and restart your services:
Verify your logs look error-free and show use of the new MEV configurations.
MEV-boost is now configured and set up!
Update MEV Boost
Before updating, always review the latest MEV-boost release notes for new requirements and any breaking changes. Typically, you need to ensure that you have the latest execution and consensus client versions installed in order for MEV-boost to work properly.
First, stop the service:
The latest version of MEV-boost can be found here. Simply scroll to the bottom of the linked releases page, and right click the .tar.gz file that contains linux_amd64
. Copy that link and replace all file names and links below, which uses v1.8, latest as of 8.30.24.
Curl the MEV-boost build from the aforementioned link:
Extract the files from the archive, copy to the /usr/local/bin directory, modify file names, remove downloaded leftovers, and start the service back up:
Now, verify the service is running correctly and verify the correct version was installed:
Now you’re really cooking.