Installing Prysm from source with Bazel

Prysm can be installed on GNU/Linux, MacOS, and Arm64 using our build tool, Bazel. This page includes instructions for performing this method.


NOTICE: The Prysm installation script is the easiest and most efficient way of installing the latest binaries. Instructions for using it can be found here.

Have questions? Stop by the #documentation channel on Discord and let us know.

System requirements

Minimum specifications

These specifications must be met in order to successfully run the Prysm client.

  • Operating System: 64-bit GNU/Linux, MacOS
  • Processor: Intel Core i5โ€“760 or AMD FX-8100 or better
  • Memory: 8GB RAM
  • Storage: 20GB available space SSD
  • Internet: Broadband connection

Recommended specifications

These hardware specifications are recommended, but not required to run the Prysm client.

  • Processor: Intel Core i7โ€“4770 or AMD FX-8310 or better
  • Memory: 16GB RAM
  • Storage: 100GB available space SSD


  • A modern UNIX operating system
  • Bazel version 3.7.0 installed (Ensure you are using 3.7.0)
  • The cmake package installed
  • The git package installed
  • libssl-dev installed
  • libgmp-dev installed
  • libtinfo5 installed
  • libprotoc version 3.14 installed

Why Bazel?

Instead of using the Go tool to build Prysm, our team relies on the Bazel build system used by major companies to manage monorepositories. Bazel provides reproducible builds and a sandboxed environment that ensures everyone building Prysm has the same experience and can build our entire project from a single command. For more detailed rationale on why Bazel, how it works in Prysm, and all important information about how exactly building from source works, read our rationale here.

Building Prysm from source

  1. Open a terminal window. Ensure you are running the most recent version of Bazel by issuing the command:
bazel version
  1. Clone Prysm's main repository, make sure you switch to the latest version (the latest version number can be found from the releases page), and enter the directory:
git clone
git checkout <version>
cd prysm
  1. Build both the beacon chain node and the validator client:
bazel build //beacon-chain:beacon-chain --config=release
bazel build //validator:validator --config=release

Bazel will automatically pull and install any dependencies as well, including Go and necessary compilers. Now that your installation is done, you can then read joining eth2.

Building Docker images

We use Bazel to build the Docker images for Prysm as well. This section outlines comprehensive instructions on how to build them by yourself, run them in Docker, and push to an image registry if desired. In particular, we use bazel rules docker which provides us the ability to specify a base, barebones image, and essentially builds our binary and creates a Docker container as a simple wrapper over our binaries.

We do not write our own Dockerfiles, as Bazel provides us a more sandboxed, simple experience with all of its benefits. To see an example use of bazel rules docker for how we build a particular package, see here.

Dependencies needed

  • All specified dependencies for building with Bazel here
  • Python installed and available in your computer

Build process

Regular Docker images

At the moment, Prysm docker images can only be built on Linux operating systems. The standard images are very thin wrappers around the Prysm beacon-chain and validator binaries, and do not contain any other typical components of Docker images such as a bash shell. These are the Docker images we ship to all users, and you can build them yourself as follows:

bazel build //beacon-chain:image_bundle --config=release
bazel build //validator:image_bundle --config=release

The tags for the images are specified here for the beacon-chain and here for the validator. The default image tags for these images are:

You can edit these in the links above to your liking.

Alpine images

Prysm also provides Alpine images built using:

bazel build //beacon-chain:image_bundle_alpine --config=release
bazel build //validator:image_bundle_alpine --config=release

Debug images

Prysm also provides debug images built using:

bazel build //beacon-chain:image_bundle_debug --config=release
bazel build //validator:image_bundle_debug --config=release

Running images

You can load the images into your local Docker daemon by first building a .tar file as follows for your desired image bundle:

bazel build cmd/beacon-chain:image_bundle.tar
bazel build cmd/validator:image_bundle.tar

Then, you can load it into Docker with:

docker load -i bazel-bin/my/image/helloworld.tar

For example, you may see output such as this:

docker load -i bazel-bin/cmd/beacon-chain/image_bundle.tar
fd6fa224ea91: Loading layer [==================================================>] 3.031MB/3.031MB
87c9f1582ca0: Loading layer [==================================================>] 15.44MB/15.44MB
231bdbae9aea: Loading layer [==================================================>] 1.966MB/1.966MB
a6dc470c72b7: Loading layer [==================================================>] 10.24kB/10.24kB
a0de9c673ef6: Loading layer [==================================================>] 56.37MB/56.37MB
84ff92691f90: Loading layer [==================================================>] 10.24kB/10.24kB
Loaded image:
Loaded image: prysmaticlabs/prysm-beacon-chain:latest

Pushing to a container registry


You can use these rules to access private images using standard Docker authentication methods. e.g. to utilize the Google Container Registry. See here for authentication methods.



To push the actual images, you do not need to build the image bundle beforehand. You can do a simple:

bazel run //beacon-chain:push_images --config=release
bazel run //validator:push_images --config=release

Which will deploy all images with the tags specified in here for the beacon-chain and here for the validator.

By default, this will deploy to Prysmatic Labs' Google Container Registry namespace:, which you will not have authentication access to, so make sure you edit the image tags to your appropriate registry and authenticate as needed.