Eth 2.0 Key Generation: Ubuntu Live USB

This guide demonstrates how to safely generate Eth 2.0 validator keys using Ubuntu live boot from USB.

The process to create mainnet and testnet keys is identical, but the keys are NOT interchangeable. Be sure to practice everything on testnet prior to depositing on mainnet.

DISCLAIMER - FOR EDUCATIONAL PURPOSES ONLY

Ethereum 2.0 is experimental software. Staking is inherently risky. Generating keys is risky. I am not an expert. I am documenting my process in order to learn and hopefully help others.

There is no guarantee this guide will function for mainnet deposits

Summary

You will need 2 USB sticks and a PC running either Linux, Windows, or macOS.

Step 1 - Download eth2.0-deposit-cli Key Generator

Please be sure you are using the official Ethereum Foundation GitHub account.

Select the file ending in linux-amd64.tar.gz , then choose "Save". Once complete, the file (aka tarball) should appear in your Downloads folder.

Copy the eth2deposit-cli tarball to the USB:

Eject the USB with the tarball and insert the 2nd USB to be used for Ubuntu.

Step 2 - Download Ubuntu

Visit http://www.releases.ubuntu.com/20.04/ and download the desktop image:

Step 3 - Burn Ubuntu ISO image to USB

If you're running Windows or Mac, you can follow the guides found here: Windows || Mac

Ubuntu Desktop - Click theicon and search "startup disk creator" :

Choose the Ubuntu ISO and Make Startup Disk:

The USB will be completely wiped, be sure to back up any important data!

Installation Complete:

Step 4 - Disconnect Internet

DISCONNECT INTERNET || aka AIR-GAP

Physically unplug all modems, routers, and Ethernet cables. Make sure you never turn on WIFI or any networking capabilities. It should be impossible to connect to the internet.

Step 5 - Boot into Ubuntu Live USB

Ubuntu USB Startup Process:

  1. Begin with the computer powered down

  2. Plug the Ubuntu live USB into the computer

  3. Start the computer and continually press F-12 to enter one-time boot menu

  4. Choose the Ubuntu live USB from the boot menu

Tapping F-12 or F-10 at computer startup is the standard method to enter the one-time boot menu. If that doesn't work you can search "one-time boot menu" for your computer model.

If nothing is working, you may need to use F-2 and enter the BIOS to allow booting from USB.

If successful, the Ubuntu live USB will pull up the GRUB menu. It may automatically continue, otherwise select the first option by hitting ENTER

Select Try Ubuntu:

Once you click Try Ubuntu, the Ubuntu 20.04 desktop will begin to load.

Turn Off WiFi and Bluetooth:

Plug in 2nd USB and double click the eth2deposit-cli tarball:

Click Extract in the upper left corner:

Click Home towards the upper left, then click the green Extract

Rename the folder to eth2.0-deposit-cli

Step 6 - Eth 2.0 Key Generation

Open new terminal window using Ctrl + Alt + T

Change directory to eth2.0-deposit-cli folder:

cd eth2.0-deposit-cli

Run ./deposit new-mnemonic:

./deposit new-mnemonic

You will be asked to provide the following responses:

  1. Please choose your mnemonic language:

  2. Please choose how many validators you wish to run:

  3. Please choose mainnet or testnet:

  4. Type a password to secure your validator

  5. Repeat password for confirmation

Step 7 - Mnemonic Seed

If you lose the mnemonic seed, your stake is lost forever.

The 24 word mnemonic seed is necessary to withdraw your staked Eth. Without the seed, you will be unable to transfer/withdraw and your Eth will be lost forever.

After confirming the password, you'll be given a mnemonic seed phrase:

Write down the mnemonic, then reenter it to ensure it's correct:

A few things to keep in mind regarding the 24-word mnemonic phrase:

  • Make sure you use durable paper and permanent pen

  • Store in a waterproof, fireproof bag inside a safe

  • A bank security box is helpful in preventing the $5 wrench attack

  • Minimum of 2 copies in 2 different locations

  • You can split a copy 12/12 and give to trusted family/friends

Once you correctly re-enter the mnemonic, your validator_keys will be created.

Step 8 - deposit_data and keystore files

Files can be found at:/home/YOURUSERNAME/eth2.0-deposit-cli/validator_keys

  • deposit_data-[timestamp].json

    • contains data used to register your validator on the Eth2 launchpad

  • keystore -[timestamp].json

    • validator keystore file protected by password (aka validator signing key)

If you lose the mnemonic seed, your stake is lost forever.

The "pubkey" is the validator public key and should be the same in both files.

Deposit_data file contents:

Keystore file contents:

Copy deposit_data and keystore files to external USB:

You can always use your mnemonic seed to generate a new keystore file if necessary.

Congratulations, you successfully created your Eth 2.0 validator keys!

Close Ubuntu, store the seed, and transfer deposit_data and keystore to your main PC.

Learn how to run a testnet validator: Pyrmont || Lighthouse Eth2 Staking Guide