Quickstart: Run a node and (optionally) stake ETH using Prysm
Select a configuration
If you're looking for the simplest configuration, select Geth
and IPC
:
- Operating system:
- Linux, MacOS, Arm64
- Windows
- Network:
- Mainnet
- Goerli-Prater
- Sepolia
- Holesky
- Execution client:
- Geth
- Nethermind
- Besu
- EN-BN connection:
- HTTP-JWT
- IPC
Introduction
Prysm is an implementation of the Ethereum proof-of-stake consensus specification. In this quickstart, you’ll use Prysm to run an Ethereum node and optionally a validator. This will let you stake 32 ETH using hardware that you manage.
This is a beginner-friendly guide. Familiarity with the command line is expected, but otherwise this guide makes no assumptions about your technical skills or prior knowledge.
At a high level, we'll walk through the following flow:
- Configure an execution node using an execution-layer client.
- Configure a beacon node using Prysm, a consensus-layer client.
- Configure a validator and stake ETH using Prysm (optional).
Not familiar with nodes, networks, and related terminology? Consider reading Nodes and networks before proceeding.
Step 1: Review prerequisites and best practices
Node type | Benefits | Requirements |
---|
Execution + beacon | - Contributes to the security of Ethereum's ecosystem.
- Lets you access the Ethereum network directly without having to trust a third party service.
- Lets you run a validator post-Merge.
| - Software: Execution client, beacon node client (instructions for clients below), curl
- OS: 64-bit Linux, Mac OS X 10.14+, Windows 10+ 64-bit
- CPU: 4+ cores @ 2.8+ GHz
- Memory: 16GB+ RAM
- Storage: SSD with at least 2TB free space
- Network: 8 MBit/sec broadband
|
Validator | Lets you stake ETH, propose + validate blocks, earn staking rewards + transaction fee tips. | - Everything above, plus...
- Software: Validator client, browser-based crypto wallet (instructions below)
- Hardware: (Recommended) A new machine that has never been connected to the internet that you can use to securely generate your mnemonic phrase and keypair
- 32 ETH (Mainnet)
- 32 testnet ETH (Testnets)
|
Step 2: Install Prysm
Create a folder called ethereum
on your SSD, and then two subfolders within it: consensus
and execution
:
📂ethereum
┣ 📂consensus
┣ 📂execution
- Windows
- Linux, MacOS, Arm64
Navigate to your consensus
directory and run the following commands:
mkdir prysm && cd prysm
curl https://raw.githubusercontent.com/prysmaticlabs/prysm/master/prysm.bat --output prysm.bat
reg add HKCU\Console /v VirtualTerminalLevel /t REG_DWORD /d 1
This will download the Prysm client and update your registry to enable verbose logging.
Navigate to your consensus
directory and run the following commands:
mkdir prysm && cd prysm
curl https://raw.githubusercontent.com/prysmaticlabs/prysm/master/prysm.sh --output prysm.sh && chmod +x prysm.sh
This will download the Prysm client and make it executable.
Generate JWT Secret
The HTTP connection between your beacon node and execution node needs to be authenticated using a JWT token. There are several ways to generate this JWT token:
- Use a utility like OpenSSL to create the token via command:
openssl rand -hex 32 | tr -d "\n" > "jwt.hex"
. - Use an execution client to generate the
jwt.hex
file. - Use Prysm to generate the
jwt.hex
file:
- Operating system:
- Linux, MacOS, Arm64
- Windows
## Optional. This command is necessary only if you've previously configured USE_PRYSM_VERSION
SET USE_PRYSM_VERSION=v4.0.0
## Required.
prysm.bat beacon-chain generate-auth-secret
## Optional. This command is necessary only if you've previously configured USE_PRYSM_VERSION
USE_PRYSM_VERSION=v4.0.0
## Required.
./prysm.sh beacon-chain generate-auth-secret
Prysm will output a jwt.hex
file path.
Ensure that the script, user, or terminal window used to create and access your JWT token has the permissions it needs. Windows users may need to run command windows as Administrator.
This guide assumes that you've placed your jwt.hex
file in your consensus
directory, but you can place it anywhere and revise the below commands as needed.
Step 3: Run an execution client
In this step, you'll install an execution-layer client that Prysm's beacon node will connect to.
- Execution client:
- Nethermind
- Besu
- Geth
Download the latest stable release of Nethermind for your operating system from the Nethermind downloads page. Extract the contents into your execution
folder. Run the following command to start your execution node:
- Mainnet
- Goerli-Prater
- Sepolia
- Holesky
Nethermind.Runner --JsonRpc.Enabled true --HealthChecks.Enabled true --HealthChecks.UIEnabled true --JsonRpc.JwtSecretFile=/path/to/jwt.hex
Nethermind.Runner --JsonRpc.Enabled true --HealthChecks.Enabled true --HealthChecks.UIEnabled true --JsonRpc.IpcUnixDomainSocketPath=/path/to/<your.ipc>
Nethermind.Runner --config goerli --JsonRpc.Enabled true --HealthChecks.Enabled true --HealthChecks.UIEnabled true --JsonRpc.JwtSecretFile=/path/to/jwt.hex
Nethermind.Runner --config goerli --JsonRpc.Enabled true --HealthChecks.Enabled true --HealthChecks.UIEnabled true --JsonRpc.IpcUnixDomainSocketPath=/path/to/<your.ipc>
Nethermind.Runner --config sepolia --JsonRpc.Enabled true --HealthChecks.Enabled true --HealthChecks.UIEnabled true --JsonRpc.JwtSecretFile=/path/to/jwt.hex --Merge.TerminalTotalDifficulty 17000000000000000
Nethermind.Runner --config sepolia --JsonRpc.Enabled true --HealthChecks.Enabled true --HealthChecks.UIEnabled true --JsonRpc.IpcUnixDomainSocketPath=/path/to/<your.ipc> --Merge.TerminalTotalDifficulty 17000000000000000
Nethermind.Runner --config holesky --JsonRpc.Enabled true --HealthChecks.Enabled true --HealthChecks.UIEnabled true --JsonRpc.JwtSecretFile=/path/to/jwt.hex
Nethermind.Runner --config holesky --JsonRpc.Enabled true --HealthChecks.Enabled true --HealthChecks.UIEnabled true --JsonRpc.IpcUnixDomainSocketPath=/path/to/<your.ipc>
See Nethermind's command-line options for parameter definitions.
Ensure that the latest 64-bit version of the Java JDK is installed. Download the latest stable release of Besu from the Besu releases page. OS-specific instructions are available on Besu's binary installation page. Run the following command to start your execution node:
- Mainnet
- Goerli-Prater
- Sepolia
- Holesky
besu --rpc-http-enabled --engine-jwt-enabled=true --engine-jwt-secret=path/to/jwt.hex --engine-host-allowlist="*"
Content under construction.
besu --network=goerli --rpc-http-enabled --engine-jwt-enabled=true --engine-jwt-secret=path/to/jwt.hex --engine-host-allowlist="*"
Content under construction.
besu --network=sepolia --rpc-http-enabled --engine-jwt-enabled=true --engine-jwt-secret=/path/to/jwt.hex --engine-host-allowlist="*" --override-genesis-config="terminalTotalDifficulty=17000000000000000"
Content under construction.
besu --network=holesky --rpc-http-enabled --engine-jwt-enabled=true --engine-jwt-secret=/path/to/jwt.hex --engine-host-allowlist="*"
Content under construction.
See Besu's command-line options for parameter definitions.
Download and run the latest 64-bit stable release of the Geth installer for your operating system from the Geth downloads page.
Navigate to your execution
directory and run the following command to start your execution node:
- Mainnet
- Goerli-Prater
- Sepolia
- Holesky
geth --http --http.api eth,net,engine,admin --authrpc.jwtsecret /path/to/jwt.hex
geth --http --http.api eth,net,engine,admin
geth --goerli --http --http.api eth,net,engine,admin --authrpc.jwtsecret /path/to/jwt.hex
geth --goerli --http --http.api eth,net,engine,admin
geth --sepolia --http --http.api eth,net,engine,admin --authrpc.jwtsecret /path/to/jwt.hex
geth --sepolia --http --http.api eth,net,engine,admin
geth --holesky --http --http.api eth,net,engine,admin --authrpc.jwtsecret /path/to/jwt.hex
geth --holesky --http --http.api eth,net,engine,admin
See Geth's command-line options for parameter definitions.
Syncing can take a long time - from hours to days. You can proceed to the next step while your execution node syncs.
Congratulations - you’re now running an execution node in Ethereum’s execution layer.
Step 4: Run a beacon node using Prysm
In this step, you'll run a beacon node using Prysm.
- Windows
- Linux, MacOS, Arm64
- Mainnet
- Goerli-Prater
- Sepolia
- Holesky
Use the following command to start a beacon node that connects to your local execution node:
prysm.bat beacon-chain --execution-endpoint=http://localhost:8551 --jwt-secret=path/to/jwt.hex --suggested-fee-recipient=0x01234567722E6b0000012BFEBf6177F1D2e9758D9
--http-web3provider
is deprecated and has been replaced with --execution-endpoint
, but IPC currently only works through --http-web3provider
on Windows. This will be fixed in our next release. You can safely ignore any related "deprecated flag" warnings you see in the meantime.
prysm.bat beacon-chain --http-web3provider=//./pipe/<your.ipc> --suggested-fee-recipient=0x01234567722E6b0000012BFEBf6177F1D2e9758D9
Download the Prater genesis state from Github into your consensus/prysm
directory. Then use the following command to start a beacon node that connects to your local execution node:
prysm.bat beacon-chain --execution-endpoint=http://localhost:8551 --prater --jwt-secret=path/to/jwt.hex --genesis-state=genesis.ssz --suggested-fee-recipient=0x01234567722E6b0000012BFEBf6177F1D2e9758D9
--http-web3provider
is deprecated and has been replaced with --execution-endpoint
, but IPC currently only works through --http-web3provider
on Windows. This will be fixed in our next release. You can safely ignore any related "deprecated flag" warnings you see in the meantime.
prysm.bat beacon-chain --http-web3provider=//./pipe/<your.ipc> --prater --genesis-state=genesis.ssz --suggested-fee-recipient=0x01234567722E6b0000012BFEBf6177F1D2e9758D9
Download the Sepolia genesis state from Github into your consensus/prysm
directory. Then use the following command to start a beacon node that connects to your local execution node:
prysm.bat beacon-chain --execution-endpoint=http://localhost:8551 --sepolia --suggested-fee-recipient=0x01234567722E6b0000012BFEBf6177F1D2e9758D9 --jwt-secret=jwt.hex --genesis-state=genesis.ssz
--http-web3provider
is deprecated and has been replaced with --execution-endpoint
, but IPC currently only works through --http-web3provider
on Windows. This will be fixed in our next release. You can safely ignore any related "deprecated flag" warnings you see in the meantime.
prysm.bat beacon-chain --http-web3provider=//./pipe/<your.ipc> --sepolia --suggested-fee-recipient=0x01234567722E6b0000012BFEBf6177F1D2e9758D9 --genesis-state=genesis.ssz
Download the Holesky genesis state from Github into your consensus/prysm
directory. Then use the following command to start a beacon node that connects to your local execution node:
prysm.bat beacon-chain --execution-endpoint=http://localhost:8551 --holesky --suggested-fee-recipient=0x01234567722E6b0000012BFEBf6177F1D2e9758D9 --jwt-secret=jwt.hex --genesis-state=genesis.ssz
prysm.bat beacon-chain --execution-endpoint=//./pipe/<your.ipc> --holesky --suggested-fee-recipient=0x01234567722E6b0000012BFEBf6177F1D2e9758D9 --genesis-state=genesis.ssz
- Mainnet
- Goerli-Prater
- Sepolia
- Holesky
Use the following command to start a beacon node that connects to your local execution node:
./prysm.sh beacon-chain --execution-endpoint=http://localhost:8551 --jwt-secret=path/to/jwt.hex --suggested-fee-recipient=0x01234567722E6b0000012BFEBf6177F1D2e9758D9
./prysm.sh beacon-chain --execution-endpoint=$HOME/.ethereum/<your.ipc> --suggested-fee-recipient=0x01234567722E6b0000012BFEBf6177F1D2e9758D9
Download the Prater genesis state from Github into your consensus/prysm
directory. Then use the following command to start a beacon node that connects to your local execution node:
./prysm.sh beacon-chain --execution-endpoint=http://localhost:8551 --prater --jwt-secret=path/to/jwt.hex --genesis-state=genesis.ssz --suggested-fee-recipient=0x01234567722E6b0000012BFEBf6177F1D2e9758D9
./prysm.sh beacon-chain --execution-endpoint=$HOME/.ethereum/<your.ipc> --prater --genesis-state=genesis.ssz --suggested-fee-recipient=0x01234567722E6b0000012BFEBf6177F1D2e9758D9
Download the Sepolia genesis state from Github into your consensus/prysm
directory. Then use the following command to start a beacon node that connects to your local execution node:
./prysm.sh beacon-chain --execution-endpoint=http://localhost:8551 --sepolia --suggested-fee-recipient=0x01234567722E6b0000012BFEBf6177F1D2e9758D9 --jwt-secret=jwt.hex --genesis-state=genesis.ssz
./prysm.sh beacon-chain --execution-endpoint=$HOME/.ethereum/<your.ipc> --sepolia --suggested-fee-recipient=0x01234567722E6b0000012BFEBf6177F1D2e9758D9 --genesis-state=genesis.ssz
Download the Holesky genesis state from Github into your consensus/prysm
directory. Then use the following command to start a beacon node that connects to your local execution node:
./prysm.sh beacon-chain --execution-endpoint=http://localhost:8551 --holesky --suggested-fee-recipient=0x01234567722E6b0000012BFEBf6177F1D2e9758D9 --jwt-secret=jwt.hex --genesis-state=genesis.ssz
./prysm.sh beacon-chain --execution-endpoint=$HOME/.ethereum/<your.ipc> --holesky --suggested-fee-recipient=0x01234567722E6b0000012BFEBf6177F1D2e9758D9 --genesis-state=genesis.ssz
If you're running a validator, specifying a suggested-fee-recipient
wallet address will allow you to earn what were previously miner transaction fee tips. See How to configure Fee Recipient for more information about this feature.
Your beacon node will now begin syncing. This usually takes a couple days, but it can take longer depending on your network and hardware specs.
Congratulations - you’re now running a full, Merge-ready Ethereum node. To check the status of your node, visit Check node and validator status.
Step 5: Run a validator using Prysm
Next, we'll create your validator keys with the Ethereum Staking Deposit CLI.
Download the latest stable version of the deposit CLI from the Staking Deposit CLI Releases page.
- Windows
- Linux, MacOS, Arm64
Run the following command to create your mnemonic (a unique and highly sensitive 24-word phrase) and keys:
deposit.exe new-mnemonic --num_validators=1 --mnemonic_language=english
deposit.exe new-mnemonic --num_validators=1 --mnemonic_language=english --chain=prater
Follow the CLI prompts to generate your keys. This will give you the following artifacts:
- A new mnemonic seed phrase. This is highly sensitive and should never be exposed to other people or networked hardware.
- A
validator_keys
folder. This folder will contain two files:deposit_data-*.json
- contains deposit data that you’ll later upload to the Ethereum launchpad.keystore-m_*.json
- contains your public key and encrypted private key.
Copy the validator_keys
folder to your primary machine's consensus
folder. Run the following command to import your keystores, replacing <YOUR_FOLDER_PATH>
with the full path to your consensus/validator_keys
folder:
prysm.bat validator accounts import --keys-dir=<YOUR_FOLDER_PATH>
You’ll be prompted to specify a wallet directory twice. Provide the path to your consensus
folder for both prompts. You should see Successfully imported 1 accounts, view all of them by running accounts list
when your account has been successfully imported into Prysm.
Next, go to the Mainnet Launchpad’s deposit data upload page and upload your deposit_data-*.json
file. You’ll be prompted to connect your wallet.
You can then deposit 32 ETH into the Mainnet deposit contract via the Launchpad page. Exercise extreme caution throughout this procedure.
Finally, run the following command to start your validator, replacing <YOUR_FOLDER_PATH>
with the full path to your consensus/validator_keys
folder:
prysm.bat validator --wallet-dir=<YOUR_FOLDER_PATH>
prysm.bat validator accounts import --keys-dir=<YOUR_FOLDER_PATH> --prater
You’ll be prompted to specify a wallet directory twice. Provide the path to your consensus
folder for both prompts. You should see Successfully imported 1 accounts, view all of them by running accounts list
when your account has been successfully imported into Prysm.
Next, go to the Goerli-Prater Launchpad’s deposit data upload page and upload your deposit_data-*.json
file. You’ll be prompted to connect your wallet.
If you need GöETH, head over to one of the following Discord servers:
Someone should be able to give you the GöETH you need. You can then deposit 32 GöETH into the Prater testnet’s deposit contract via the Launchpad page. Exercise extreme caution throughout this procedure - never send real ETH to the testnet deposit contract. Finally, run the following command to start your validator, replacing <YOUR_FOLDER_PATH>
with the full path to your consensus
folder:
prysm.bat validator --wallet-dir=<YOUR_FOLDER_PATH> --prater
Run the following command to create your mnemonic phrase and keys:
./deposit new-mnemonic --num_validators=1 --mnemonic_language=english
./deposit new-mnemonic --num_validators=1 --mnemonic_language=english --chain=prater
Follow the CLI prompts to generate your keys. This will give you the following artifacts:
- A new mnemonic seed phrase. This is highly sensitive and should never be exposed to other people or networked hardware.
- A
validator_keys
folder. This folder will contain two files:deposit_data-*.json
- contains deposit data that you’ll later upload to the Ethereum launchpad.keystore-m_*.json
- contains your public key and encrypted private key.
Copy the validator_keys
folder to your primary machine's consensus
folder. Run the following command to import your keystores, replacing <YOUR_FOLDER_PATH>
with the full path to your consensus/validator_keys
folder:
./prysm.sh validator accounts import --keys-dir=<YOUR_FOLDER_PATH>
You’ll be prompted to specify a wallet directory twice. Provide the path to your consensus
folder for both prompts. You should see Successfully imported 1 accounts, view all of them by running accounts list
when your account has been successfully imported into Prysm.
Next, go to the Mainnet Launchpad’s deposit data upload page and upload your deposit_data-*.json
file. You’ll be prompted to connect your wallet.
You can then deposit 32 ETH into the Mainnet deposit contract via the Launchpad page. Exercise extreme caution throughout this procedure. Finally, run the following command to start your validator, replacing <YOUR_FOLDER_PATH>
with the full path to your consensus
folder:
./prysm.sh validator --wallet-dir=<YOUR_FOLDER_PATH>
./prysm.sh validator accounts import --keys-dir=<YOUR_FOLDER_PATH> --prater
You’ll be prompted to specify a wallet directory twice. Provide the path to your consensus
folder for both prompts. You should see Successfully imported 1 accounts, view all of them by running accounts list
when your account has been successfully imported into Prysm.
Next, go to the Goerli-Prater Launchpad’s deposit data upload page and upload your deposit_data-*.json
file. You’ll be prompted to connect your wallet.
If you need GöETH, head over to one of the following Discord servers:
Someone should be able to give you the GöETH you need. You can then deposit 32 GöETH into the Prater testnet’s deposit contract via the Launchpad page. Exercise extreme caution throughout this procedure - never send real ETH to the testnet deposit contract. Finally, run the following command to start your validator, replacing <YOUR_FOLDER_PATH>
with the full path to your consensus
folder:
./prysm.sh validator --wallet-dir=<YOUR_FOLDER_PATH> --prater
You’re now running a full Ethereum node and a validator.
It can a long time (from days to months) for your validator to become fully activated. To learn more about the validator activation process, see Deposit Process. See Check node and validator status for detailed status monitoring guidance.
You can leave your execution client, beacon node, and validator client terminal windows open and running. Once your validator is activated, it will automatically begin proposing and validating blocks.
Frequently asked questions
How long does it take for Geth to transition from State heal in progress
to fully synced?
This usually takes a few hours if your disk I/O is relatively slow. If it remains in this state for more than a day, your disk might not be able to write data as fast as the chain head advances. The most straightforward way to resolve this is using an SSD.
Why do you recommend putting everything on a single machine?
Keeping all of your client software on a single machine keeps things simple, which aligns with our security best practices.
Can I use Prysm on a Mac M1 ARM chip?
Yes. Choose one of the following actions to ensure that Prysm can run on your M1:
- Set an environment variable:
export PRYSM_ALLOW_UNVERIFIED_BINARIES=1
. See Apple's Terminal User Guide: Use environment variables for detailed instructions. - Run Prysm through Rosetta. See our open bug for more information.
Do I need to configure JWT if I'm using IPC instead of HTTP?
No.
Do I need to configure my firewall?
We recommend closing TCP port 8545
to the internet and keeping TCP and UDP ports 30303
open to support other execution nodes.
Can you mix and match networks between execution layer and consensus layer?
No. See Nodes and networks for more information.
Can I stake with less than 32 ETH?
Yes! Pooled staking lets you stake with less than 32 ETH.
What should I do if I can't run a node using my own hardware?
You can delegate hardware management to staking as a service providers.
Can I use a light node with Prysm, or do I need to run a full execution node?
No - at this time, a full node is required.
Can I use an external SSD connected via USB?
Yes, but your USB connection introduces a possible point of failure. If you do this, avoid connecting your SSD to your computer through a USB hub - instead, connect it directly.
Can I use a light client as my local execution client so I don't have to download so much data?
No, a full execution node is needed.
Why do I need to run my own execution client?
The Merge introduced a new Engine API that allows consensus-layer clients to communicate with execution-layer clients. Teku docs contain a great explainer here: The Merge.
What happens if my execution client goes down? Will I be penalized?
Yes. Downtime penalties are minimal but we recommend having uptime and downtime alerts configured for your execution node, beacon node, and validator if possible.
My beacon node is taking a long time to sync. Is there any way I can speed it up?
Yes - you can use checkpoint sync to start your beacon node's synchronization from a checkpoint rather than from genesis. This is actually a more secure way to run your beacon node.
My proposals aren't working, but my attestations are. What's going on?
This is usually an indication that your validator isn't able to communicate with your beacon node, or your beacon node isn't able to connect to your execution node.
How long does it take for my validator to be selected to propose a new block?
At the time of this writing, a ballpark estimate is around a week. Every 12 seconds a new block is proposed, and your validator has a one in [total number of active validators] chance of being chosen, so this duration can vary significantly from one validator to the next.