Create a Lido CSM DV
This is a guide on taking part in Lido's Community Staking Module (CSM) with a squad as part of a Distributed Validator Cluster.
To start, this guide makes a couple assumptions:
- You're running a Linux distribution and you've installed Git and Docker (as a non-root user).
- You will be deploying on Ethereum mainnet. Some screenshots in this guide are from Holesky just for demonstration purposes, so please verify you are using the correct mainnet addresses.
Getting started
This guide is broken down into 3 parts:
Part 1: Creating a shared SAFE wallet for the cluster, and a Splits.org reward splitting contract
Part 2: Using the Obol DV Launchpad + CLI to create the cluster
Part 3: Deploying the validator to Lido's CSM using their UI.
In this guide we'll be using CSM UI in advanced mode, using the extendedManagerPermissions
to set the managerAddress
to the cluster multi-sig (SAFE) and the rewardAddress
to the Splits.org splitting contract.
Part 1: Creating the Cluster SAFE + Splitter Contract
Deploy the SAFE
Detailed instructions on how to create a SAFE Wallet can be found here.
The squad leader should obtain signing addresses for all the cluster members, to create a new SAFE with the operators all as owners.
After giving the Safe a name and selecting the appropriate network, continue by clicking the Next button.
Add all the signer addresses of the cluster members, select a threshold, and proceed to the final step by clicking the Next button.
Don't require 100% of signers to approve transactions, in case someone loses access to their address. Using the same threshold as your cluster will use is a reasonable starting point.
Finally, submit the transaction to create the Safe by clicking on the Create button.
Deploy the Splitter Contract
The squad leader should obtain the reward addresses from all the cluster members (if members want to use a distinct address to the one they sign with for receiving rewards). Open https://app.splits.org and create a New contract
. Make sure to select the appropriate network.
Select Split
for the contract type.
Add the reward addresses of all cluster members. Choose whether the contract is immutable (reccommended option), whether to sponsor the maintainers of splits.org, and optionally whether to set a distribution bounty such that third parties could pay the gas costs of distributing the accrued rewards in exchange for a small fee.
Finally, click the Create Split button, execute the transaction and share the created split contract with all cluster members for review.
Part 2: Use the DV Launchpad + CLI to create the cluster keys
Charon
is the middleware client that enables validators to be run by a group of independent node operators - a cluster or squad. A complete multi-container Docker
setup including execution client, consensus client, validator client, MEV-Boost, the Charon
client and monitoring tools can be found in this repository.
Step 1: Clone the repo
git clone https://github.com/ObolNetwork/charon-distributed-validator-node.git
Step 2: Create ENR and Backup your Private Key
Enter the CDVN directory:
cd charon-distributed-validator-node
Use docker to create an ENR
docker run --rm -v "$(pwd):/opt/charon" obolnetwork/charon:v1.1.1 create enr
Back up the private key located in .charon/charon-enr-private-key
What you see in the console starting with enr:-
is the public key for your Charon node (known as an ENR). The private key is in the file .charon/charon-enr-private-key
, be sure to back it up securely.
Step 3: Create the DV cluster configuration using the Launchpad
Obol has integrated a CSM details into the DV Launchpad. Choosing the "Lido CSM" withdrawal configuration allows you to create up to 12 validator keys (CSM's Early Access limit) with Lido's required withdrawal and fee recipient addresses.
To start, the squad leader opens the DV Launchpad, then connects their wallet and chooses Create a cluster with a group.
Then click Get Started.
Accept all the necessary advisories and sign to confirm.
Cluster configuration begins next. First, select the cluster name and size, then enter all cluster members signer addresses.
- Select the number of validators to create (CSM's Early Access phase is capped at a maximum 12 validators).
- (If the cluster creator is taking part in the cluster) Enter your Charon node's ENR which was generated during step 2 above.
- In the Withdrawal Configuration field, select
LIDO CSM
. This will automatically fill the required Withdrawal Address and Fee Recipient Addresss per Lido's Documentation. - Finally, click on the Create Cluster Configuration button.
Lastly, share the cluster invite link with the other cluster members.
Step 4: Distributed Key Generation (DKG)
All squad members need to open the cluster invitation link, connect their wallet, accept all necessary advisories, and to verify the cluster configuration is correct with a signature. Each squad member will also need to upload and sign an ENR to represent their charon client, so see steps 1 and 2 above.
Once all members confirm the configuration they will see the Continue button.
On the next page, they will find a CLI command which is used to begin the Distributed Key Generation (DKG) ceremony. All members need to synchronously complete this step.
Go back to the terminal and make sure you're in the charon-distributed-validator-node
directory before running the DKG command:
pwd
If you are not, navigate to it using the cd
command.
Paste the DKG command into your terminal and wait for all the other squad members to connect and complete the DKG ceremony.
New files were generated: cluster-lock.json
, deposit-data.json
, validator_keys
are all found in the .charon
folder (hidden by default). This contains each operator's partial key signatures for the validators.
At this point, each operator must make a backup of the .charon
folder and keep it safe, as validator keys cannot be recreated if lost.
Step 5: Create a .env
file for Mainnet
Copy and rename the .env.sample.mainnet
file to .env
cp .env.sample.mainnet .env
Open the .env
file using you favourite editor:
nano .env
Uncomment and set BUILDER_API_ENABLED=true
.
Uncomment MEVBOOST_RELAYS=
and set it to the URL of at least one of Lido's approved MEV relays here. Multiple relays must be separated by a comma. Consult our deployment best practices for further info on MEV relay selection.
Step 6: Starting the Node
Each cluster member should start the node with the following command:
docker compose up -d
At this point, execution and consensus clients should start syncing. Charon and the validator client should start waiting for the consensus client to be synced and the validator to be activated.
Part 3: Upload the public keys and deposit to Lido CSM
CSM is launching with a whitelisted set of approved operators (Early Access). The squad member with EA should be the one to create the node through the CSM widget.
The EA member will head to CSM Extended Mode and connect their wallet. (Note the mode=extended
parameter.) This allows the Lido CSM reward address to be set to the split contract created earlier.
The EA member clicks on the Create Node Operator button.
-
The EA member pastes the contents of the
deposit-data.json
file into theUpload deposit data
field. The EA member should have enough ETH/stETH/wstETH to cover the bond. -
Expand the Specify custom addresses section.
-
Set the Reward Address field to the
Split
contract address and the Manager Address field to theSafe
wallet address. (These were created previously in part 1) -
Verify that the Extended box is outlined. This ensures that the
Safe
address has the ability to change the reward address if necessary.
-
-
Check that the correct addresses are set and click the Create Node Operator button.
Sign the transaction. The cluster is ready for deposit from Lido CSM.