Skip to main content
Version: stable (24.6.0)

Load Launchpad keystores

The Staking Launchpad tool is used to create validators that participate in the consensus layer proof-of-stake network. The tool generates an encrypted keystore file containing the validator details. Load this keystore into Web3Signer to sign attestations and blocks with the validator details.

This tutorial uses Teku and Web3Signer to run validators created on the holesky testnet.


1. Sync the Teku beacon node

Sync the Teku beacon chain node before submitting your deposit to avoid incurring inactivity penalties if the validator is unable to perform its duties when the deposit is processed and activated.

teku --network=holesky --metrics-enabled --rest-api-enabled

2. Generate validators

This step generates a validator on the holesky testnet. Use the Holesky Staking Launchpad and follow the step-by-step process to deposit your funds and generate the keystore.

The process includes installing the consensus layer deposit CLI tool, to generate your validator keystores locally. Keystores are generated in the eth2deposit-cli-<version>/validator_keys folder. In this example we generated a keystore named keystore-m_12381_3600_0_0_0-1606109670.json


Remember the password used to create the keystore because you'll need it later.

3. Create password file

Create a plain text file that stores the password to decrypt the keystore. In this example we create the keystore-m_12381_3600_0_0_0-1606109670.txt file in the eth2deposit-cli-<version>/validator_keys directory:


If using Linux or macOS, we recommend setting the file ownership and permission to 400 for the user running Web3Signer.

4. Create the key configuration file

Create a key configuration file for each keystore file. The key configuration file defines the type of signing key being used, and access details. Store all key configuration files in a single directory. In this example, the files are stored in Users/me/keys:

type: "file-keystore"
keystoreFile: "/Users/me/eth2deposit-cli-ed5a6d3-darwin-amd64/validator_keys/validator_keys/keystore-m_12381_3600_0_0_0-1606109670.json"
keystorePasswordFile: "/Users/me/eth2deposit-cli-ed5a6d3-darwin-amd64/validator_keys/validator_keys/keystore-m_12381_3600_0_0_0-1606109670.txt"

The configuration files must be YAML-formatted. You can use any naming format, but it must have the .yaml extension.

5. Start Web3Signer

Start Web3Signer and specify the location of the key configuration files and slashing protection database.

web3signer --key-store-path=/Users/me/keys eth2 --network=holesky --slashing-protection-db-url="jdbc:postgresql://localhost/web3signer" --slashing-protection-db-username=postgres --slashing-protection-db-password=password

Set the --slashing-protection-enabled eth2 subcommand option to false to disable slashing protection. However, we don't recommend this on Mainnet.

5. Start Teku

Start Teku and specify the public keys of the validators that Web3Signer signs attestations and blocks for, and specify the Web3Signer address.

teku --network=holesky \
--eth1-endpoint=http://localhost:8545 \
--validators-external-signer-public-keys=0xa99a...e44c,0xb89b...4a0b \