Install Prysm client

One-page interactive guide to install Prysm client and configurate it for running on supported chain.

Disclaimer

This guide is for informational purposes only. The author nor website owner does not guarantee accuracy of the information in this guide and is not responsible for any damages or losses incurred by following the guide.

Prysm client can be used for staking on various supported chains. Client installation is always only one, used by services with an individual configuration (different service name, data path and ports in use).

Install Prysm client

  1. Find the latest stable version of Prysm on Github

  2. Download Prysm clients to your node

    cd ~/downloads && curl -LO https://github.com/prysmaticlabs/prysm/releases/download/v5.2.0/beacon-chain-v5.2.0-modern-linux-amd64
    cd ~/downloads && curl -LO https://github.com/prysmaticlabs/prysm/releases/download/v5.2.0/validator-v5.2.0-linux-amd64

  3. Rename downloaded files

    mv beacon-chain-v5.2.0-modern-linux-amd64 beacon-chain && mv validator-v5.2.0-linux-amd64 validator

  4. Set files permissions

    chmod +x beacon-chain && chmod +x validator

  5. Copy clients to /usr/local/bin

    sudo cp ~/downloads/beacon-chain /usr/local/bin
    sudo cp ~/downloads/validator /usr/local/bin

  6. Start services using Prysm clients

    // Start all validator instances using Prysm clients on all chains
// sudo systemctl start prysmvalidator1
// sudo systemctl start prysmvalidator2
// sudo systemctl start prysmRocketpoolValidator
// sudo systemctl start prysmStakewiseValidator
// ...
// Start beaconchain clients using PrysmBeacon client on all chains
sudo systemctl start prysmbeacon
    /usr/local/bin/staking.sh start consensus

    Check the services status

    /usr/local/bin/staking.sh check

  7. Monitor

    journalctl -fu prysmbeacon.service
    journalctl -f -u prysmvalidator.service -u prysmvalidator2.service
    ...
    /usr/local/bin/staking.sh check consensus
    /usr/local/bin/staking.sh monitor consensus

  8. Remove downloaded files

    cd ~/downloads && rm beacon-chain && rm validator

Configurate the service

  • Create a user

    : 
    sudo useradd --system --no-create-home --shell /bin/false prysmbeacon

  • Create a folder for Prysmbeacon data

    : 
    sudo mkdir -p /var/lib/prysm/beacon

  • Set access permission and ownership for the Prysm data folder

    sudo chown -R prysmbeacon:prysmbeacon /var/lib/prysm/beacon

Configurate & Run PrysmBeacon service

  • Communication ports selection

    Each service on the server needs a custom port for communication. Through ports, consensus client communicates with other peers in the network as well as other services running on the server, such as validator clients. There is an IPv4 and IPv6 variant, depending on the ISP support / preference. Each protocol version needs custom port. If you are not sure what to select, continue with default IPv4 port.

    1. Configurate public IPv4 port for P2P communication with other peers

      • :
      • Verify availability of selected port 9000 
        ss -tuln | grep ':9000'

        If it returns empty response, the port 9000 is free and can be used.

      • Enable traffic on the port through UFW 
        $ sudo ufw allow 9000
      • Disable IPv6 traffic on the port
        • List allowed ports 
          sudo ufw status numbered
        • Find order number for V6, see 9000 (V6) and remove it with the following line 
          sudo ufw delete <Number>

    2. QUIC IPv4 port

      • :
      • Verify availability of selected port 9001 
        ss -tuln | grep ':9001'

        If it returns empty response, the port 9001 is free and can be used.

    3. Beacon API port for internal communication

      • :
      • Verify availability of selected port 5052 
        ss -tuln | grep ':5052'

        If it returns empty response, the port 5052 is free and can be used.

    1. Configurate public IPv6 port for P2P communication with other peers

      • :
      • Verify availability of selected port 9090 
        ss -tuln | grep ':9090'

        If it returns empty response, the port 9090 is free and can be used.

      • Enable traffic on the port through UFW 
        $ sudo ufw allow 9090
      • Disable IPv6 traffic on the port
        • List allowed ports 
          sudo ufw status numbered
        • Find order number for V6, see 9090 and remove it with the following line 
          sudo ufw delete <Number>

    2. QUIC IPv6 port

      • :
      • Verify availability of selected port 9091 
        ss -tuln | grep ':9091'

        If it returns empty response, the port 9091 is free and can be used.

  • Create configuration file for Tekubeacon service

    1. Open PrysmBeacon configuration file

      sudo nano /etc/systemd/system/prysmbeacon.service

    2. Copy configuration

      [Unit]
Description=Prysm Consensus Client BN (Mainnet)
Wants=network-online.target
After=network-online.target

[Service]
User=prysmbeacon
Group=prysmbeacon
Type=simple
Restart=always
RestartSec=5
ExecStart=/usr/local/bin/beacon-chain \
  --mainnet \
  --datadir=/var/lib/prysm/beacon \
  --execution-endpoint=http://127.0.0.1:8551 \
  --jwt-secret=/var/lib/jwtsecret/ethereum.hex \
  --suggested-fee-recipient=FeeRecipientAddress \
  --checkpoint-sync-url=CheckpointSyncURL \
  --genesis-beacon-api-url=CheckpointSyncURL \
  --accept-terms-of-use

[Install]
WantedBy=multi-user.target

      NOTE: Be sure to set the FeeRecipientAddress above to a valid Ethereum address within your control to receive the validator fees. For example: --suggested-fee-recipient=0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045

      NOTE: Be sure to set the CheckpointSyncURL above (both occurrences) to a valid checkpoint sync URL. --checkpoint-sync-url and --genesis-beacon-api-url Enables the Checkpoint Sync feature to greatly speed up the Beacon Chain Node sync. More information here. Provide a URL to a synced Beacon Chain Node for the sync. You can get one here.

      Gnosis Chain is not supported by Prysm client
      *Note: Update jwt-secret-file, if you use different
    3. Press CTRL + X then Y then ENTER to save and exit the config file.

  • Load changes

    sudo systemctl daemon-reload

  • Start the Beacon chain service

    sudo systemctl start prysmbeacon

  • Check the service

    systemctl status prysmbeacon
journalctl -fu prysmbeacon

  • Start the service automatically on system startup

    sudo systemctl enable prysmbeacon
    • Open Delayed Start shell 
      sudo nano /usr/local/bin/delayed-start.sh

      Configurate service start inside it

      systemctl start prysmbeacon.service
    • Be sure, delayed-start.service service controlling delayed-start.sh is enabled for auto start with system startup 
      sudo systemctl enable delayed-start.service

    1. Configurate Staking Manager util

      • Open the configuration file 
        sudo nano /usr/local/etc/staking/config/clients.conf

        If the file is empty, generate it with command sudo /usr/local/bin/staking.sh init

      • Set link to proper services. It should be as follow: 
        beaconServices="prysmbeacon.service"

    2. Activate service to start automatically on OS startup

      • Open Start with delay util 
        sudo nano /usr/local/bin/delayed-start.sh
      • Place or uncomment a command to start the Beacon client(s) 
        /usr/local/bin/staking.sh start beacon
      • Verify, that a service `delayed-start.service` exists and is automatically launched on system start. 
        sudo systemctl enable delayed-start.service

Launch validator instance / validator(s)

  1. Do you want to create a new validation instance or extend exisiting instance for more validators?

    • Create a directory for validator instance data

      sudo mkdir -p /var/lib/prysm/vi1

    • Load keystores to /var/lib/prysm/vi1

      : 
      sudo /usr/local/bin/validator accounts import --mainnet --keys-dir=$HOME/keystores/ddk_i1 --wallet-dir=/var/lib/prysm/vi1
      Gnosis chain is not supported by Prysm client
      • Accept Terms of Use
      • Set a wallet password. This is different to the validator password you set during keys generation. Prysm will use this to decrypt the validator wallet. Back it up somewhere safe. You will need this later in this section and when configuring the validator.
      • Provide the validator keys password. This is the password you set when you created the keys during keys generation

      NOTE: If you have used different passwords for each of your validators you will get an error. Run the process multiple times, providing each of the different passwords until they are all imported. Use the accounts list command to verify.

    • Create a Wallet Password File

      Create a file to store the wallet password so the Prysm validator service can access the wallet without you having to supply the password.

      sudo nano /var/lib/prysm/vi1/password.txt

      Press CTRL + X then Y then ENTER to save and exit the config file.

    • Create a service user for the validator instance

      sudo useradd --system --no-create-home --shell /bin/false prysm-vi1

    • Set ownership of /var/lib/prysm/vi1 to validators-i1 user

      sudo chown -R prysm-vi1:prysm-vi1 /var/lib/prysm/vi1

    • Create configuration service file for prysm-vi1 service

      1. Open the configuration file

        sudo nano /etc/systemd/system/prysm-vi1.service

      2. Copy the configuration below into the file.

        [Unit]
Description=Prysm Consensus Client VC (Mainnet)
Wants=network-online.target
After=network-online.target

[Service]
User=prysm-vi1
Group=prysm-vi1
Type=simple
Restart=always
RestartSec=5
ExecStart=/usr/local/bin/validator \
  --datadir=/var/lib/prysm/vi1 \
  --wallet-dir=/var/lib/prysm/vi1 \
  --wallet-password-file=/var/lib/prysm/vi1/password.txt \
  --suggested-fee-recipient=0xXXXXXXXXXXXXXXXX \
  --graffiti="Nethermind+Prysm" \
  --accept-terms-of-use

[Install]
WantedBy=multi-user.target

        Gnosis chain is not supported

      3. Press CTRL + X then Y then ENTER to save and exit the config file.

    • Other configurations

      Nothing to do. You are ok.

      • Extend Staking manager clients.conf

        Insert prysm-vi1 into clients.conf file that is used by Staking Manager. 
        sudo nano /usr/local/etc/staking/config/clients.conf

    • Stop running validator instance prysm-vi1

      sudo systemctl stop prysm-vi1

    • Extend /var/lib/prysm/vi1 for new keystores

      sudo /usr/local/bin/validator accounts import --mainnet --keys-dir=$HOME/keystores/ddk_i1 --wallet-dir=/var/lib/prysm/vi1
      Gnosis chain is not supported by Prysm client
      • Accept Terms of Use
      • Set a wallet password. This is different to the validator password you set during keys generation. Prysm will use this to decrypt the validator wallet. Back it up somewhere safe. You will need this later in this section and when configuring the validator.
      • Provide the validator keys password. This is the password you set when you created the keys during keys generation

      NOTE: If you have used different passwords for each of your validators you will get an error. Run the process multiple times, providing each of the different passwords until they are all imported. Use the accounts list command to verify.

  2. Load processed changes to the system

    sudo systemctl daemon-reload

  3. Start the validator instance

    sudo systemctl start prysm-vi1

  4. Check the running validator instance

    systemctl status prysm-vi1
    journalctl -fu prysm-vi1

  5. Activate service to start automatically on OS startup

    $ sudo systemctl enable prysm-vi1

Exit validator instance / validator(s)

prysmctl validator exit --wallet-dir=<path/to/wallet> --beacon-rpc-provider=<127.0.0.1:4000>

See more at official documentation, if needed.