Enabling DKG
The ssv-dkg
tool enable operators to participate in ceremonies to generate distributed validator keys for Ethereum stakers.
The ssv-dkg
tool is separate from the ssv-node
, and could be running on a different machine, but the two are heavily correlated, as the keyshare generated by the ssv-dkg
tool, will ultimately be used by the Node itself to manage the related validator.
If you wish to take part in DKG ceremonies initiated by stakers and increase your opportunity to run their validators, it is crucial to have your ssv-dkg client online at all times.
Also, in order to access logs it is necessary to utilize permanent storage when running this software.
Prerequisites
In order to successfully participate in DKG ceremonies initiated by stakers, you will need to possess and/or provide this information:
Operator ID - the ID of your operator within the SSV network.
Operator Key Pair
Public Key - the public key of the operator
Private Key - the private key of the operator as an password-encrypted file (if you are in possession of raw text private key, follow this migration guide to encrypt your existing operator keys)
Machine Endpoint - the endpoint (
protocol:ip:port
) of the machine intended to run thessv-dkg
client (if you have a domain name, instead of anip
that works as well)
You must use the same key of your SSV operator when running ssv-dkg
node. Using a different key will result in the inability to successfully complete the DKG ceremony.
Start SSV-DKG
It is advised launching the tool as a Docker image as it is the most convenient way and only requires to have Docker installed. The team builds a Docker image with every release of the tool.
All of the necessary configuration information can be provided in a YAML file.
A good way to manage all the necessary files (encrypted_private_key.json
, password
) is to store them in a single folder (in this case operator-config
), together with the operator.yaml
configuration file, like so:
With this configuration, a typical configuration file would look like this:
In the config file above, /data/
represents the container's shared volume created by the docker
command itself with the -v
option.
Under the assumption that all the necessary files (encrypted_private_key.json
, operator.yaml
, password
) are under the same folder (represented below with <PATH_TO_FOLDER_WITH_CONFIG_FILES>
), here is an example of a docker-compose file:
A quick explanation of the command flags is due:
user
flag makes sure the container will write any output as the current userrestart: "unless-stopped"
makes sure that, in case of a crash, the container will automatically restart. It will only stop when manually stoppedcontainer_name
provisions the container with the specific name, so it's easier to find, withdocker ps
Just make sure to substitute <PATH_TO_FOLDER_WITH_CONFIG_FILES>
with the actual folder containing all the files (e.g. /home/my-user/operator-config/
).
You can, of course, change the configuration above to one that suits you better, just be mindful about changing the path references in the docker command and in the operator.yaml
file as well. The two need to be consistent with each other.
In order to launch the container, you would need to run this command:
This command will keep the terminal busy, showing the container's logs. It is useful to make sure that the tool start up sequence runs correctly.
You can detach the terminal at any time by hitting Ctrl-c
key combination, or closing the terminal itself. The tool will be stopped, but it will restart automatically, thanks to the restart: "unless-stopped"
startup parameter.
If you are sure that the tool works, and don't care about the logs, you can add the -d
parameter right after sudo docker compose up
.
When you set up your firewall on your DKG node machine, make sure to expose the port you set in the configuration (and Docker container creation command ,if running on Docker). The default is 3030.
Update Operator Metadata
To participate in DKG ceremonies without coordination and to enable others to initiate ceremonies with you via your provided endpoint, it's crucial to update your operator metadata with the correct information.
Once the DKG tool is up and running, please make sure to update your operator metadata, and provide your DKG Operator endpoint, in the form of protocol:ip:port
(if you have a domain name, instead of an ip
that works as well).
Please head over to the Operator User guide on how to update metadata and follow the instructions
Test the setup
You can test out if your DKG node is correctly setup, with these simple steps:
fetch operator metadata from SSV-API (e.g.
https://api.ssv.network/api/v4/<holesky | mainnet>/operators/<OPERATOR_ID>
choosing the right network and substituting your operator ID) and getdkg_address
from the outputrun the command:
docker run "bloxstaking/ssv-dkg:latest" ping --ip <DKG_ADDRESS>
where<DKG_ADDRESS>
is the address used in the previous step
It should tell you if the operator is online and is updated to the latest version.
Last updated