# Generate Validator Keys

## Offline Key Generation

{% hint style="danger" %}
If your mnemonic phrase is compromised, someone can steal your ETH, so it's very important that keys are generated using proper security procedures.

The best way to safely generate keys is using a live USB running Ubuntu on an air-gapped computer, as demonstrated in this guide:

### [Offline Validator Key Generation](https://agstakingco.gitbook.io/eth-2-0-key-generation-ubuntu-live-usb/)

{% endhint %}

The following is a simplified (and less secure) way to generate keys for testnet purposes.

### **Download `eth2.0-deposit-cli` Key Generator**

{% hint style="danger" %}
Please be sure you are using the official Ethereum Foundation GitHub account.
{% endhint %}

### Step 1 - Visit <https://github.com/ethereum/eth2.0-deposit-cli/releases/>

![](/files/caVMGwhd3lMU0NaX3Fjb)

{% hint style="info" %}
Under "Assets", click the file ending in `linux-amd64.tar.gz` , then choose "Save". Once complete, the file (aka tarball) should appear in your Downloads folder.
{% endhint %}

### Extract the Tarball to your Home folder

Find the file in your Downloads folder, double click to open this window, then click "Extract" in the upper left hand corner as shown below:

![](/files/kavG4h75JrRgL2CbHemT)

### Click `Home` in the upper left, then click the green `Extract`&#x20;

![](/files/hnKtrKXpCjqm9EVEh6p8)

### Navigate to the `Home` directory:

{% hint style="info" %}
**Note**: Clicking "Show the files" will not bring you to your home folder. You can navigate to the home folder by clicking "Home" from the panel on the left side in file viewer.
{% endhint %}

![](/files/JshroVR9IYlDaNQeThSS)

### Rename the folder to `deposit-cli`

![](/files/8GeqOLbCwT3NHZysgpQO)

## Deposit CLI - Key Generation

### Open new terminal window using `Ctrl + Alt + T`

![](/files/lt5I1ROF2NZ5xIhs9rOR)

### Change Directory to `deposit-cli`:

```
cd deposit-cli
```

![](/files/18HyUDX6DrevP978AcOk)

### Run `./deposit new-mnemonic`:

```
./deposit new-mnemonic
```

{% hint style="info" %}
Once you enter the command, you'll be asked a series of questions. Once you complete the questions, you'll be asked to enter a password and be given a mnemonic seed.

**Note**: Be sure you select Kiln when asked which network you'd like to join.
{% endhint %}

## Mnemonic Seed

{% hint style="danger" %}

### **If you lose the mnemonic seed, your stake is lost forever.** <a href="#if-you-lose-the-mnemonic-seed-your-stake-is-lost-forever." id="if-you-lose-the-mnemonic-seed-your-stake-is-lost-forever."></a>

The 24 word mnemonic seed is necessary to withdraw your staked Eth. Without the seed, you will be unable to transfer/withdraw and your Eth will be lost forever.
{% endhint %}

### After confirming the password, you'll get the mnemonic seed:

![](/files/E2gzmLMovxWHeGKlqMdZ)

### Write down the mnemonic, then reenter it to ensure it's correct: <a href="#write-down-the-mnemonic-then-reenter-it-to-ensure-its-correct" id="write-down-the-mnemonic-then-reenter-it-to-ensure-its-correct"></a>

{% hint style="info" %}
A few things to keep in mind regarding the 24-word mnemonic phrase:

**Note**: These safeguards are in reference to a mainnet mnemonic that has access to real Eth. No need to be so serious regarding the testnet mnemonic.

* Make sure you use durable paper and permanent pen
* Store in a waterproof, fireproof bag inside a safe
* A bank security box is helpful in preventing the [$5 wrench attack](https://xkcd.com/538/)
* Minimum of 2 copies in 2 different locations
* You can split a copy 12/12 and give to trusted family/friends
  {% endhint %}

### Reenter Mnemonic Phrase:

![](/files/Msx6ilrLWDqXeAl3hQf0)

{% hint style="info" %}
Once you correctly reenter the mnemonic, the `validator_keys` will be created.
{% endhint %}

![](/files/J57dWSMWYPKe7Y5Fwinb)

### `deposit_data` and `keystore` files <a href="#step-8-deposit_data-and-keystore-files" id="step-8-deposit_data-and-keystore-files"></a>

{% hint style="danger" %}
**Files can be found at:**`/home/**YOURUSERNAME**/deposit-cli/validator_keys`

* **`deposit_data-[timestamp].json`**
  * contains data used to register your validator on the launchpad
* **`keystore -[timestamp].json`**
  * validator keystore file protected by password (aka validator signing key)

### **If you lose the mnemonic seed, your stake is lost forever.** <a href="#if-you-lose-the-mnemonic-seed-your-stake-is-lost-forever.-1" id="if-you-lose-the-mnemonic-seed-your-stake-is-lost-forever.-1"></a>

{% endhint %}

### **Navigate to `/home/deposit-cli/validator_keys`:** <a href="#navigate-to-home-eth2.0-deposit-cli-validator_keys" id="navigate-to-home-eth2.0-deposit-cli-validator_keys"></a>

![](/files/i9fCfNUkQhqoVnh6ze4x)

{% hint style="info" %}
The "pubkey" is the validator public key and should be the same in both files.
{% endhint %}

### `Deposit_data` file contents: <a href="#deposit_data-file-contents" id="deposit_data-file-contents"></a>

![](/files/oLUaZ8wyXivyV4db5Crl)

### `Keystore` file contents: <a href="#keystore-file-contents" id="keystore-file-contents"></a>

![](/files/fCnrHja2FS0WJFcq40eQ)

{% hint style="success" %}
Congratulations, you successfully created your validator keys!
{% endhint %}

Now that you have the validator keys, it's time to configure Metamask for Kiln


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://agstakingco.gitbook.io/kiln-testnet-ethereum-staking-guide/generate-validator-keys.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.