Skip to content
This repository has been archived by the owner on Jan 19, 2022. It is now read-only.

Eth2 Staker Checklist for launchpad #6

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Eth2 Staker Checklist for launchpad #6

wants to merge 3 commits into from

Conversation

hwwhww
Copy link

@hwwhww hwwhww commented Oct 7, 2020
edited
Loading

Hi! I'm working on adding an Eth2 Staker Checklist page on the launchpad so that the user can come back to check if they have set it well before the launch date. The target audience is amateur staker.

The document is the latest draft. Thanks to @CarlBeek and @sachayves for the early reviews! Please let me know if there are some important client-specific items or other recommendations for the users. 🙂

/cc @paulhauner @mratsim @rauljordan @ajsutton @cemozerr @q9f @protolambda @djrtwo

hwwhww
hwwhww commented Oct 7, 2020
View reviewed changes
eth2-staker-checklist.md
3. - [ ] I have set a strong password for my keystore(s)
4. - [ ] I have backed up my password.

## Security
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@sachayves suggested recommending VPN, but I have some concerns about that the latency may deteriorate the performance. Any thoughts?

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A VPN would go in a "Privacy" section because using a VPN means trusting your VPN provider instead of trusting your ISP. There are shady VPNs that might sell your data.

But being DOS-ed out of validation might be an issue without keeping your IP private.

unixpi
unixpi reviewed Oct 7, 2020
View reviewed changes
eth2-staker-checklist.md Outdated Show resolved Hide resolved
@superphiz
Copy link

I question the recommendation to run the beacon node and validator on separate machines as a recommendation rather than a footnote suggestion. The 2019 article post describing this article is outdated with this item "Each validator needs to be initiated with a deposit of exactly 32 Ether and therefore people who wish to stake more ETH will need to run multiple validator instances. The node-client separation allows such users to only run a single beacon node with multiple validators connected to it thereby reducing computation, memory, and storage requirements."

I believe this architecture doesn't add significant security but it will be a deterrent to regular users as solo stakers because many are already talking about the beefy hardware requirements and nearly everyone has already purchased their hardware setup. Including this as a recommendation rather than an option will confuse a lot of people.

@hwwhww
Copy link
Author

hwwhww commented Oct 12, 2020

@superphiz

Thanks for the feedback, good points!

Two topics here:

1. Does putting VC/BN on the separate machines make the system more secure?

Ideally, we want to use advanced staking tools to manage the keys, e.g., having a remote signer, having a secret single leader election mechanism. IMHO, separate machines is an easier way to reduce some risks now. Users may also consider having sentry nodes architecture for better privacy + mitigate DDoS threat.

2. Is it needed for the solo staker?

I feel neutral to de-emphasize this option here. This document currently only has two levels of suggestions: "Required" and "Recommended" (which basically means "optional" here). I can move it to a new appendix section, so we can add other advanced solutions in the future. 🙂

@djrtwo
Copy link

djrtwo commented Oct 12, 2020

Yeah, I had the same reaction on my first read.
I think that it's worthwhile to explore, but I don't expect most hobbyist (especially out the gate) to have multi-machine setups.

@hwwhww hwwhww mentioned this pull request Oct 12, 2020
Closed
@superphiz
Copy link

I'm not completely sure how it fits into this checklist for launchpad, but a reddit user /u/Electracomplex, developed a launch preparedness checklist that is skill based rather than activity based. As I said, I don't know if it fits into this picture, but it's worth thinking about: https://github.com/eth2-educators/launch_checklist/blob/main/README.md

@superphiz @hwwhww @djrtwo
Improved security section (#7)
9cc6f73 
* Improved security section

Included ssh hardening, port forwarding, included a timesync step.

* Update eth2-staker-checklist.md

Co-authored-by: Danny Ryan <[email protected]>

Co-authored-by: Hsiao-Wei Wang <[email protected]>
Co-authored-by: Danny Ryan <[email protected]>
hwwhww
hwwhww commented Oct 23, 2020
View reviewed changes
eth2-staker-checklist.md
Comment on lines +29 to +30
- [ ] Port 19000 TCP/UDP for Nimbus
- [ ] Port 9001 TCP/UDP for Teku
Copy link
Author

@hwwhww hwwhww Oct 23, 2020
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- [ ] Port 19000 TCP/UDP for Nimbus
- [ ] Port 9001 TCP/UDP for Teku
- [ ] Port 9000 TCP/UDP for Nimbus
- [ ] Port 9000 TCP/UDP for Teku

@superphiz
I think 19000 and 9001 are the recommended setting in Somer Esat's great guides. But they are actually 9000 by default in Nimbus and Teku.

https://status-im.github.io/nimbus-eth2/medalla-troubleshooting.html?highlight=9000#address-already-in-use-error
https://docs.teku.consensys.net/en/latest/Reference/CLI/CLI-Syntax/#p2p-port

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@mratsim mratsim mratsim left review comments

@unixpi unixpi unixpi left review comments

@arnetheduck arnetheduck arnetheduck left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@hwwhww @superphiz @djrtwo @arnetheduck @unixpi @mratsim