Step by Step – ETH Solo Staking Guide

Staking, Ethereum & Stereum

& that sweet passive income they are all talking about

The first question we always hear is how the hell does that actually work? Well, if you’ve read about staking before, you know how: You act as a Validator for the network – the equivalent to a Bank in traditional finance – and get rewareded for playing an important role in the network – Ethereum and its PoS system make it possible. A kind off savings product that can run in your home or on the cloud. 
What you absolutely need to be able to use Ethereum to its full potential? 32 ETH. Even with less you can stack, but then you have to rely on other entities – which means in the worst case (like with Staking options of exchanges) you don’t own your keys and if something happens to them, your ETH is at risk.  

Why you shouldn’t SOLO stake ETH!

This might seem like a counterproductive measure for us to partake in this guide, but we personally believe that our goal isn’t to sell you on anything (which is hard anyway, because our SOFTWARE is completely free) – we want to convince of the possibility, we are offering to you and we believe to do that, you should also know of the disadvantages of Ethereum staking:

DISCORD

"STEREUM" Server

-) THE MAJOR DISADVANTAGE

Currently, because the system is still in its building up phase and the validators are needed to contribute to the development of the change to “Proof of Stake” – it is NOT POSSIBLE to WITHDRAW the stacked ETH or the rewards from staking. Which means if you would like to take some profits from your ETH investment the staked amount will be locked in the Beacon Chain, preventing you from quickly reacting to price changes. ONLY STAKE if you treat your ETH as a LONG TERM ASSET and have the CONVICTION to let your investment work on the BEACON CHAIN until the withdrawal is possible.

-) Beware of the returns, time & cost of running a validator

Becoming an Ethereum validator requires you to run a node, which requires you to run dedicated hardware, electricity & maintenance. While our Setup main goal is to reduce the technical burden of setting up your node and maintaining it, you should also try to learn as much as possible about what the validator actually does, when you use it. This is especially necessary, if you should run into individual problems you are having with your hardware. The risk is, if your validator goes offline unexpectedly and you aren’t completely on top of things, to get penalized & lose your investment partly or even completely! 

-) Internet Connection

The one factor that is mostly out of your control is how good your Internet performs on average. A connection that tends to disconnect that could easily cost you your investment and a backup internet connection is something most people aren’t reliant upon. ONLY stake if you are convinced that your connection is stable enough to keep your node online 24/7 – to maximize your profits and reduce the chance of getting slashed. To further clarify, you will not get slashed if your node is not online. What happens is just that you lose ETH at about the same rate you would earn it if you were online, therefore it is less of a problem than it may seem. Still, if you want to turn a profit you should try to have a high up time.

-) Security

If your Node gets hacked, you will probably lose all your money. If someone gets access to the machine your computer runs onto, then they could very easily compromise your funds. We recommend taking extra measures to ensure that this can’t happen: Don’t run anything but the validator software on your machine. Don’t open any unnecessary ports or play around with the system.

Advantages of solo staking ETH using our STEREUM Ethereum Node Setup!

Our Setup is developed with core principles in mind:
1) Confidence in the safety of our setup is our the priority when it comes to dealing with financial decision of our users.
2) It should be possible for the average person to set up & maintain a node without having deeper technical knowledge.
3) The installation & other processes our Setup is working on should be completely transparent & visible.
4) Decentralization (regarding for example production client diversity) should be promoted, without forcing the users into a choice, he doesn’t want to take. 

Our setup currently supports all major clients, and even the option to run them simultaneously & with Vouch and Dirk. We provide our Open Source code on Github, which makes it therefore modifiable to your personal needs. We are active developing with a 2 weeks release cycle. , have exciting features planned for the future to make it our Setup the end all and be all of node installation & maintenance. We love to listen to our User, if you have an idea for a feature or QoL implementations you are missing, let us know. 

Installer

A wizard designed to create an easy and convenient way to install the Stereum Ethereum Node Setup will guide through the process. No need to mess with command lines, just point the launcher to an Ubuntu 20.04 server of your choice! We are planing to completely trivialize setting up a node & much more. Our Installer makes it possible for you to trace what tasks the setup is working on in the background and what changes it’s implementing to make the configuration process as transparent as possible. 

SOLO STAKING with STEREUM ETHEREUM NODE SETUP

REQUIREMENTS:

A device with the following MINIMAL specifications:

  • 4 (v)CPU cores/threads
  • 8 GB Memory (RAM)
  • 150GB Storage + 600 GB for Eth1 node (optional)

If you are considering the first time to run a node we recommend to get hardware with the following specs to ensure a smooth validation process and minimize your own risk: 

  • 4 (v)CPU cores/threads
  • 8 GB Memory (RAM)
  • 150GB Storage + 600 GB for Eth1 node (optional)
 
AND
  • Broadband internet connectivity, that is stable & fast to reduce your risk of getting slashed
  • patiences to synchronize your node with the chain.

To STAKE you will also need to get a hold of 32 ETH and send them to the deposit contract. For further instruction go to the STAKING MENU in the Stereum Web Client. 

You have the hardware, no idea and want to STAKE? 

There are several steps to complete a Ethereum Node staking setup on your machibne. This guide uses our Stereum Ethereum Node Setup to orchestrate the services. Some (not all) software used in this particular guide:

Step 1 – Prepare Server

1.1 Connect to the Server

Using a SSH client, connect to your ubuntu server. In this guide putty installed on windows OS will be used to connect to ubuntu server. Obviously, you can use another SSH client tool installed on various operating system.  

If you don’t already use putty, download it and follow the installation guide. After successfully installation navigate to the directory where you have installed the application and run the .exe file:

 

Connection to the server with Putty

Put your server IP-address in Host Name (or IP Address) bar and give your session name in Saved session bar then click Save to save the configuration for next time to connect to your server.

Click Open then put your user name and password in terminal to log in to your server. That’s it, you are in!

Next time you can choose your session from Saved session bar, then click Open to connect to your server.

1.2 Change your authentication method from password to key (optional – SSH only)

Passwords are somewhat easy to guess or bruteforce, ensuring you are using authentication by key when you access your node via SSH is therefore a recommended and easy way to enhance security of your server. However, this is not mandatory if you either don’t expose the SSH port to the internet or don’t use SSH at all (e. g. having physical access only).

Generate SSH authentication keys

Execute puttygen.exe which is already installed previously with putty.

Now lets generate a keypair by klicking on the Generate button and move your mouse on the “PuTTY Key Generator” window until the progress bar is full.

After successful creation of your SSH key, save the public key as well as the private key

Keep the private key safe, don’t expose it to other users or unsafe storage (unencrypted usb stick). Also copy the text in the locked textbox (usually starts with ssh-rsa…) and safe it too. 

Now you can close the application. 

Connect to your server with your regular user, edit the file
~/.ssh/authorized_keys by executing nano ~/.ssh/authorized_keys and add the text you copied previously in a new line, looking like this:

ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAxdmaA0w//jS56ZpX+Oxv7pmq58+PrKGYAoKeXm3Z5wdw/MrdFwdNf3rKVyv6GX0RXt2xLhqoPlxrW9YRjwsRIYUTh/XQN7/i/kYewtb/hoJZ2I0U2YbutpqBPdSuMbJZY5lSTx2IH/0AOLG2K4w3W+SYhX4pDuAABzzdBg+W+pmI5nJBdk1YheLKYJVtab1VWK0pX8QfdDDo7qwCoSRlFDOzoNNvvTUVvXmRe+Qy6Sr8WT9LN2d/BDm95DzXzXWzs7SsEKP6MbXCpAp25zBzV3Z+Ltu9uws798IE5/kwQtTTe6geC/g6m15TW8nakgX1Yjff6C1P1P89dTsrfUyhdQ== rsa-key-20201118

Exit and save the file <Ctrl+X> and execute following command to make this file only accessible by your user

chmod 600 ~/.ssh/authorized_keys

Use SSH authentication keys

Putty

After that try to connect to your server using putty with key authentication. Use the setting Private key file for authentication and Browse... your previously generated and saved private key file. Don’t forget to enter an IP in the Session and click Open

Putty will ask you for your username – as usual – after you enter your username you should immediately login without the need of entering a password.

SSH command

If you don’t want to use putty but instead the SSH command of Windows 10, create a directory in your home folder with the name .ssh and copy your private key there, don’t forget to rename the private key file to id_rsa. This also works on linux and mac.

Disable password authentication for SSH

We already managed to login via keys. Now we can disable password authentication for SSH. To do this, run the following command to edit the necessary file

sudo nano /etc/ssh/sshd_config

Then edit the following lines as below:

  • Uncomment (remove the # in front of the line): PubkeyAuthentication yes
  • Find the line with “PasswordAuthentication” and change it to: PasswordAuthentication no

Exit and save the config file <Ctrl+X> and restart SSH by entering:

sudo systemctl restart sshd

Check it out by reconnecting your SSH session!

1.3 Create new user

By default the root user account on Ubuntu server is disabled, however it’s enabled by some cloud providers. It is risky to utilize the root user account to log in to the server. If the root user is utilized to log in then create a new user-level account with admin privileges instead using the root user to log in to your server.

Let’s create a new user-level account on ubuntu server as following

adduser 

You will be asked to create a password and some other information. At the end of the account creation process write “y” or “Y” to confirm that you filled out correctly.

That’s it! we’ve just created new user on your ubuntu server! Next we going to give the admin rights to the new user.

In order to give grant admin rights to the new user-level account execute following

usermod -aG sudo <your-username>

When you log in as <your-username> you can type sudo before execute the commands to perform actions with superuser privileges

Optional

If you used SSH keys to connect to your ubuntu server via the root user you will need to associate the new user with the root user’s SSH key data executing following command

rsync --archive --chown=<yourusername>:<your-username> ~/.ssh /home/<your-username>

Then log out of root and log in as <your-username>. 

Now you can proceed further with your new user account. Congratulation!

1.4 Keep your Ubuntu up-to-date!

Most security vulnerabilities get fixed fast by the maintainers, therefore it`s important to keep your Ubuntu server updated by running:

sudo apt update && sudo apt upgrade -y

It’s not recommended to do this automatically because there are updates which need guidance in the update process (e. g. which config file to take, etc.)

However, running an update once a week isn’t much work and keeps your system safe and stable

1.5 Configure the firewall

Commonly used firewall is named “ufw“.  It’s used to restrict inbound traffic to the server. Before we enable it, SSH inbound traffic should be allowed

Allow SSH

Allows connection to the server over SSH. We are going to change the default port of 22 for security reasons as following

Choose a port number between 1024–49151 and run the following command to make sure your selection is not already in use on the server. If your chosen port number is in use you will get red text, then choose a different port number

sudo ss -tulpn | grep ':'

Update the firewall to allow inbound traffic on . SSH requires TCP

sudo ufw allow /tcp

Next change the default SSH port

sudo nano /etc/ssh/sshd_config

Find the line with # Port 22 and change it to Port . Remove the # in front of the line if it was present.

changing SSH port

Exit and save the config file <Ctrl+X> and restart SSH by following command

sudo systemctl restart ssh

and check to verify the rules have been correctly configured. In this guide port number 1234 is utilized as SSH port.

sudo ufw status numbered

 

 

ufw status

Then reconnect with your server using <your-port-number> instead SSH default port 22. Select your saved session from previous step and put your chosen SSH port number in <your-port-number>. Using putty should looks like this

Step 2 – Prepare Validator 

You can do this step before or after you have set up your node! 
Firstly we need to sign up validator account(s) to run validator(s) on a Ethereum 2.0 network. We will show you the steps for the testnet. 

To sign up we will go through following steps:

  • Get goerli Ether (ETH) for testnet
  • Generate the validator key(s)
  • Stock the validator account(s)
  • Check validator’s status

2.0.5 Create a wallet & get Ether (ETH) / (for testnet) goerli ETH

Obviously you can use another wallet if you already have one.

Open your favorite browser, in this guide we will use “Google Chrome” and navigate to “More tools -> Extensions” then click “Chrome Web Store

Search “Metamask” in search bar and click on it. MetaMask is a software cryptocurrency wallet used to interact with the Ethereum blockchain. It allows users to access their Ethereum wallet through a browser extension or mobile app, which can then be used to interact with decentralized applications.

On the next window click on “Add to Chrome” then “Add Extension”. It usually takes a few seconds.

Now metamask extension is intalled on your browser. Next click on “Metamask” icon then “Get started” to sign up

We choose “Create a Wallet” option since we want to create a new wallet for Göerli Ethereum (GöETH), for our testnet run. 

 

Choose “Import wallet” option to import an existing wallet using 12 word seed phrase

You will be asked to create password. Put your metamask wallet password and click on “Create”. On the next window read “Tips” before you save “Secret backup phrase” then click “Next”

Next window you have to put your backup phrase to to make sure it is saved correctly.

If you did everything right then you should see “Congratulations”!

 

Congratulation! 🙂

Your Metamask wallet is now on your web browser and it is ready to use!

Afterwards log in to your wallet and using the drop-down at the top – for our test, we select the “Goerli Test Network”

Then click on “Account” to copy your “Göerli Test Network” wallet address

Tip for testing:

 You can get Göerli ETH from the #request-goerli-eth channel on the ethstaker Discord!

2.1 Generate validator keys

The validator client supports multiple validator keys. Each validator key is basically a “validator account”. For this guide we will generate the validator keys using Eth2 launch pad for prater testnet. Go here and click “GET STARTED”

go through the warning steps and click “continue” bottom of the page

on the next page select “Geth”, we will use geth as Eth1 client and click “Continue”

Ethereum Client Choice

In the next step you are able to choose a Eth2 client. This step is just there to tell you something about the clients. The deposit data/keystore is client agnostic, so no matter what you choose any client will work

LIGHTHOUSE

LOADSTAR

PRYSM

NIMBUS

TEKU

Next put your validator number and choose your OS on which the validator(s) key will be generated. In this guide we will use Windows as OS and number of validator is 2

then select “Download CLI app” and click “Download from Github”

In the assets section download “Latest release” of the deposit CLI app for your operating system. 

Extract the .zip where you want and navigate to deposit.exe then copy the path of deposit.exe

Open windows command prompt (cmd) to execute deposit.exe. Navigate to deposit.exe using windows command prompt like shown below

 

navigate to deposit.exe using CMD

Then execute following command to generate validator key(s). The --num-validator is the number of validator(s) you want to generate

Choose mnemonic language and type your chosen language. In this guide English is chosen as mnemonic language then press

Type validator keystore(s) password and repeat it then press

 

validator keystore(s) password

After that you will see like this

 

validator keystore(s) seed phrase

Write it down and save it. Next you have to type your mnemonic to confirm that you’ve written it down, then press

 

confirm mnemonic

After you’ve written mnemonic correctly, you should see something like this

 

generate validator keystore(s)

The newly created validator keys and deposit data file are at the specified location. See above!

The keystore-m_123...json files contain the encrypted signing key. There is one keystore-m per validator. These will be used to create the client validator wallet.

The deposit_data-123….json file contains the public keys for the validators and information about the deposit. This file will be used to complete the deposit process in the next step.

Go back to the web browser, scroll down to bottom of the page then click “Continue”

 

Since the validator keystore(s) are generated on the windows machine, we have to transfer them into ubuntu server.

From the windows machine, right-click on the network connections icon in the right bottom of the taskbar

Choose “Open Network & Internet settings”

Next choose “Sharing options”

Now from your current network profile, choose the following options then press “Save changes”

Open your file explorer and go to the validator key(s) directory then right-click on the folder and select “Properties”

After openning the folder properties, let’s choose the “Sharing” tab and select “Advanced Sharing”

Mark “Share this folder” then press “Apply” and press “OK” to continue

Open windows command prompt and execute following

Only keystore-m_123...json files needed to be transferred to the server, not a deposit_data-123….json file. Now your validator keystores are on the server and they will be imported in next step

2.3 Stock the validator account(s)

This step involves depositing the required amount of ETH to the staking contract.

You will be asked to upload the deposit_data-123….json which is generated previously. Browse or drag the file and click “Continue”.

Choose Metamask, since we use it for this guide then click “Continue”. Obviously you can use another wallet if you already have

Your MetaMask balance will be displayed. The site will allow you to continue if you have a sufficient balance (GöETH for testnet / ETH for mainnet)

 

A summary shows the number of validators and total amount of Goerli ETH required. Check the warnings if you agree then click “Continue”

Click on “Initiate all Transactions”

This will pop open multiple instances of MetaMask, each with a 32 GöETH / ETH transaction request to the deposit contract. Click “Confirm” for each transaction.

After you click on “Confirm” for each transaction you should get the status message  “Transaction Successful”. Click “Continue”

You will get box, that tells you that you need complete to the check list next – make sure you’ve done everything correct!

Good job! We’ve prepared the validator(s)!

2.4 Check the validator's status

Newly added validators can take a while (from hours up to days) to activate. You can check the status on beaconcha.in & for test net on their dedicated testnet site. Put your wallet address in search bar then your keys will be shown like this:. 

 

3. STEREUM ETHEREUM NODE SETUP

Our short video on how to use our Setup. Most of it is customization. You choose the client you want to install & many more features needed to . Transparency & automation is key for our software. Check out the page to our SETUP for more information. If you have any questions, you can ask them on our Stereum Discord Server! 

DISCORD

"STEREUM" Server

stereum_setup_disc

DOWNLOAD

for Windows

stereum_setup_disc

DOWNLOAD

MacOS Intel

stereum_setup_disc

DOWNLOAD

MacOS Apple Silicon

STAKING GLOSSAR

Gas

Gas describes a unit of computation. The Price is expressed in Ether. Paid by the sender of the transactions.

Beacon chain

The beacon chain is a complex blockchain with no use case – yet, but the deployment of the beacon chain is necessary to create a foundation on which all other features are built on. It consists of epochs, one epoch consist of slots. Every epoch has 32 slots ready to be filled with blocks. Every block has a parent and a child. There are no transactions, no smart contracts but the beacon chain introduces a new mechanism of consensus which is called Proof of Stake (or PoS). When Ethereum 1 becomes a shard of Ethereum 2.0 it will also give up it’s current consensus mechanism Proofe of Work (or PoW) to facilitate greater security and scalability.

Epoch

When the 32nd slot of an epoch is due the epoch is finished. If two thirds of the verifiers (also known as validators) agree on two consecutive epochs then those two epochs are justified and the epoch before these two justified epochs is considere finalized.

Justified and finalized slots

Slot/Block

Slots are the smallest parts of the chain, 32 of them form an epoch. Each slot can only be part of one epoch. A slot has different stages:

  • Pending: The validator casting a block for a slot still didn’t broadcast it.
  • Proposed: Everything went well and the validator created a block and boradcasted it to enough peers to make it well known.
  • Missed: The validator didn’t broadcast the block fast enough or didn’t even create a block. The slot remains empty.
  • Orphaned: The validator didn’t broadcast the block at all or fast enough for the next block proposer to see. The block after the orphaned block will reference the parent of the orphaned block.

Each slot must be attested by other validators to be part of the consensus of the chain.

Attestation

For every slot there are random validators selected by an algorithm to attest (verify) the block in it. An attestation is a form of acknowledgement and can be included not only during the time the slot is the head of the chain, but also later on. This delay in time is measured in slots and called “inclusion distance“.

Non-finality

It’s possible more than a third of the validators are not in consensus with the other part of the network. In this case they won’t attest and propose blocks and the epochs can’t be justified and therefore not finalized. This can happen when a number of validators are offline. On such uncertain terms the network get’s unstable and forks are inevitable, however as soon as enough inactive or malicious validators exited (by force of the algorithm or by choice) the network will resume to produce first justified epochs and of course after a bit more time also finalized epochs.

Non-finality epochs on the beacon chain

Sharding

Ethereum 2.0 will introduce 64 shards, each of them can be seen as a separate blockchain which reports back to the beacon chain for consensus on actions (e. g. transactions) that are spreading over or influence multiple shards.

Staking

In general there are two ways to stake on Ethereum 2.0:

  1. Create validator accounts, send 32 Ether for each of them to the deposit contract and run an Ethereum 2.0 beacon chain client capable of staking
  2. Use one of the staking services available, sometimes there are even less than 32 Ether needed to participate

Wallet/seed/passphrase 

A wallet is a collection of (validator) accounts, most commonly used are hierarchical deterministic wallets which can be easily restored by knowing the seed/passphrase (list of words). After restoring the wallet with the seed it always produces the same accounts in the same order, making it possible to keep the seed safely and restore thousands of accounts with only a couple of words. In turn this also means that anybody else who discovers the phrase can steal your currency tokens, so it must be kept safe like jewels or cash.

There are also non-hierarchical deterministic wallets, the accounts of those wallets are always random and can’t be restored once lost.

keyphrases_example_picture
This is an example of a typical seed/passphrase word list. NEVER GIVE UP YOUR OWN PASSPHRASE.

Withdrawal

After exiting either by choice or by force the balance of the validator account can be withdrawn when the feature will be added later on. At the moment there is no way to transfer the Ether locked on a validator account because there are simply no transactions on the beacon chain whatsoever.

Validator

A validator has multiple meanings although they are somehow linked together.

  • Software: A software to run your validator accounts with
  • Validator account: An account of a wallet/seed/passphrase used by a client to stake with

Validator account

The validator software reads this account, which is only composed of a private key and a public key, and fulfills the duties of the validator account, such as:

  • Proposing blocks (is rewarded)
  • Attesting on blocks (is rewarded)
  • Attestation aggregation: Aggregating attestation for a block (is not rewarded, implicit interest of validator to aggregate its own attestation for a block)

Deposit/Activation

Before a validator can start on the network a deposit of 32 Ether must be executed on Ethereum 1 to the deposit contract. After the deposit is noted and verified by the Ethereum 2.0 beacon chain it enters an activation queue. Each day roughly 900 new validators can be activated on the beacon chain.

Earnings/Losses

The gains of a validator account are payed to the validator account on each block for fulfilling its duties. It gains Ether by supporting the network and although it’s possible to deposit more Ether on one validator account there is only earning for 32 Ether, this is called effective balance. However, if the account balance decreases below 32 Ether so does the effective balance and therefore the rewards.

Loosing Ether balance on a validator account is a result of poor execution of duties. There are a number of reason this can happen, e. g. the validator software lost connection to the network or simply has a bug.

Rewards are very small for attestations, but since a validator account has to attest a lot it is a big part of an account’s earning. Proposing valid blocks gives a dump to the balance and is higher the more attestations are included. Also included in blocks are slashings, which are even more rare than blocks (at least should be) and increase the reward gained by proposing a block significantly. However, during a phase of non-finality the account’s don’t get any rewards at all.

https://launchpad.ethereum.org/ has a neat graph to find out easy what interest to expect for running a validator account.

Exit/Slashing

There are a number of ways to exit the validator account and making it unable to participate actively on the network:

  • Exit by choice: The owner of the validator account can choose to exit the validator. After it gracefully waited in the queue to be relieved of the duties it can’t start again.
  • Exit by loosing too much Ether: After decreasing a validator account’s balance to 16 Ether the validator is exited too.
  • Exit by slashing: To prevent attacks on the network malicious behaviour is punished strictly. This happens when a validator account proposes two different blocks for the same slot or attests two times for the same block. The exit is immediately included into the blockchain after discovery of the violation resulting in loss of Ether (up to 1) and sudden exit of the validator account.
Scroll to top