c5786a8821
## Issue Addressed Resolves #2069 ## Proposed Changes - Adds a `--doppelganger-detection` flag - Adds a `lighthouse/seen_validators` endpoint, which will make it so the lighthouse VC is not interopable with other client beacon nodes if the `--doppelganger-detection` flag is used, but hopefully this will become standardized. Relevant Eth2 API repo issue: https://github.com/ethereum/eth2.0-APIs/issues/64 - If the `--doppelganger-detection` flag is used, the VC will wait until the beacon node is synced, and then wait an additional 2 epochs. The reason for this is to make sure the beacon node is able to subscribe to the subnets our validators should be attesting on. I think an alternative would be to have the beacon node subscribe to all subnets for 2+ epochs on startup by default. ## Additional Info I'd like to add tests and would appreciate feedback. TODO: handle validators started via the API, potentially make this default behavior Co-authored-by: realbigsean <seananderson33@gmail.com> Co-authored-by: Michael Sproul <michael@sigmaprime.io> Co-authored-by: Paul Hauner <paul@paulhauner.com>
235 lines
11 KiB
Rust
235 lines
11 KiB
Rust
use clap::{App, Arg};
|
|
|
|
pub fn cli_app<'a, 'b>() -> App<'a, 'b> {
|
|
App::new("validator_client")
|
|
.visible_aliases(&["v", "vc", "validator"])
|
|
.setting(clap::AppSettings::ColoredHelp)
|
|
.about(
|
|
"When connected to a beacon node, performs the duties of a staked \
|
|
validator (e.g., proposing blocks and attestations).",
|
|
)
|
|
// This argument is deprecated, use `--beacon-nodes` instead.
|
|
.arg(
|
|
Arg::with_name("beacon-node")
|
|
.long("beacon-node")
|
|
.value_name("NETWORK_ADDRESS")
|
|
.help("Deprecated. Use --beacon-nodes.")
|
|
.takes_value(true)
|
|
.conflicts_with("beacon-nodes"),
|
|
)
|
|
.arg(
|
|
Arg::with_name("beacon-nodes")
|
|
.long("beacon-nodes")
|
|
.value_name("NETWORK_ADDRESSES")
|
|
.help("Comma-separated addresses to one or more beacon node HTTP APIs. \
|
|
Default is http://localhost:5052."
|
|
)
|
|
.takes_value(true),
|
|
)
|
|
// This argument is deprecated, use `--beacon-nodes` instead.
|
|
.arg(
|
|
Arg::with_name("server")
|
|
.long("server")
|
|
.value_name("NETWORK_ADDRESS")
|
|
.help("Deprecated. Use --beacon-nodes.")
|
|
.takes_value(true)
|
|
.conflicts_with_all(&["beacon-node", "beacon-nodes"]),
|
|
)
|
|
.arg(
|
|
Arg::with_name("validators-dir")
|
|
.long("validators-dir")
|
|
.value_name("VALIDATORS_DIR")
|
|
.help(
|
|
"The directory which contains the validator keystores, deposit data for \
|
|
each validator along with the common slashing protection database \
|
|
and the validator_definitions.yml"
|
|
)
|
|
.takes_value(true)
|
|
.conflicts_with("datadir")
|
|
)
|
|
.arg(
|
|
Arg::with_name("secrets-dir")
|
|
.long("secrets-dir")
|
|
.value_name("SECRETS_DIRECTORY")
|
|
.help(
|
|
"The directory which contains the password to unlock the validator \
|
|
voting keypairs. Each password should be contained in a file where the \
|
|
name is the 0x-prefixed hex representation of the validators voting public \
|
|
key. Defaults to ~/.lighthouse/{network}/secrets.",
|
|
)
|
|
.takes_value(true)
|
|
.conflicts_with("datadir")
|
|
)
|
|
.arg(
|
|
Arg::with_name("delete-lockfiles")
|
|
.long("delete-lockfiles")
|
|
.help(
|
|
"DEPRECATED. This flag does nothing and will be removed in a future release."
|
|
)
|
|
)
|
|
.arg(
|
|
Arg::with_name("init-slashing-protection")
|
|
.long("init-slashing-protection")
|
|
.help(
|
|
"If present, do not require the slashing protection database to exist before \
|
|
running. You SHOULD NOT use this flag unless you're certain that a new \
|
|
slashing protection database is required. Usually, your database \
|
|
will have been initialized when you imported your validator keys. If you \
|
|
misplace your database and then run with this flag you risk being slashed."
|
|
)
|
|
)
|
|
.arg(
|
|
Arg::with_name("disable-auto-discover")
|
|
.long("disable-auto-discover")
|
|
.help(
|
|
"If present, do not attempt to discover new validators in the validators-dir. Validators \
|
|
will need to be manually added to the validator_definitions.yml file."
|
|
)
|
|
)
|
|
.arg(
|
|
Arg::with_name("allow-unsynced")
|
|
.long("allow-unsynced")
|
|
.help(
|
|
"If present, the validator client will still poll for duties if the beacon
|
|
node is not synced.",
|
|
),
|
|
)
|
|
.arg(
|
|
Arg::with_name("use-long-timeouts")
|
|
.long("use-long-timeouts")
|
|
.help("If present, the validator client will use longer timeouts for requests \
|
|
made to the beacon node. This flag is generally not recommended, \
|
|
longer timeouts can cause missed duties when fallbacks are used.")
|
|
)
|
|
// This overwrites the graffiti configured in the beacon node.
|
|
.arg(
|
|
Arg::with_name("graffiti")
|
|
.long("graffiti")
|
|
.help("Specify your custom graffiti to be included in blocks.")
|
|
.value_name("GRAFFITI")
|
|
.takes_value(true)
|
|
)
|
|
.arg(
|
|
Arg::with_name("graffiti-file")
|
|
.long("graffiti-file")
|
|
.help("Specify a graffiti file to load validator graffitis from.")
|
|
.value_name("GRAFFITI-FILE")
|
|
.takes_value(true)
|
|
.conflicts_with("graffiti")
|
|
)
|
|
/* REST API related arguments */
|
|
.arg(
|
|
Arg::with_name("http")
|
|
.long("http")
|
|
.help("Enable the RESTful HTTP API server. Disabled by default.")
|
|
.takes_value(false),
|
|
)
|
|
/*
|
|
* Note: The HTTP server is **not** encrypted (i.e., not HTTPS) and therefore it is
|
|
* unsafe to publish on a public network.
|
|
*
|
|
* If the `--http-address` flag is used, the `--unencrypted-http-transport` flag
|
|
* must also be used in order to make it clear to the user that this is unsafe.
|
|
*/
|
|
.arg(
|
|
Arg::with_name("http-address")
|
|
.long("http-address")
|
|
.value_name("ADDRESS")
|
|
.help("Set the address for the HTTP address. The HTTP server is not encrypted \
|
|
and therefore it is unsafe to publish on a public network. When this \
|
|
flag is used, it additionally requires the explicit use of the \
|
|
`--unencrypted-http-transport` flag to ensure the user is aware of the \
|
|
risks involved. For access via the Internet, users should apply \
|
|
transport-layer security like a HTTPS reverse-proxy or SSH tunnelling.")
|
|
.requires("unencrypted-http-transport"),
|
|
)
|
|
.arg(
|
|
Arg::with_name("unencrypted-http-transport")
|
|
.long("unencrypted-http-transport")
|
|
.help("This is a safety flag to ensure that the user is aware that the http \
|
|
transport is unencrypted and using a custom HTTP address is unsafe.")
|
|
.requires("http-address"),
|
|
)
|
|
.arg(
|
|
Arg::with_name("http-port")
|
|
.long("http-port")
|
|
.value_name("PORT")
|
|
.help("Set the listen TCP port for the RESTful HTTP API server.")
|
|
.default_value("5062")
|
|
.takes_value(true),
|
|
)
|
|
.arg(
|
|
Arg::with_name("http-allow-origin")
|
|
.long("http-allow-origin")
|
|
.value_name("ORIGIN")
|
|
.help("Set the value of the Access-Control-Allow-Origin response HTTP header. \
|
|
Use * to allow any origin (not recommended in production). \
|
|
If no value is supplied, the CORS allowed origin is set to the listen \
|
|
address of this server (e.g., http://localhost:5062).")
|
|
.takes_value(true),
|
|
)
|
|
/* Prometheus metrics HTTP server related arguments */
|
|
.arg(
|
|
Arg::with_name("metrics")
|
|
.long("metrics")
|
|
.help("Enable the Prometheus metrics HTTP server. Disabled by default.")
|
|
.takes_value(false),
|
|
)
|
|
.arg(
|
|
Arg::with_name("metrics-address")
|
|
.long("metrics-address")
|
|
.value_name("ADDRESS")
|
|
.help("Set the listen address for the Prometheus metrics HTTP server.")
|
|
.default_value("127.0.0.1")
|
|
.takes_value(true),
|
|
)
|
|
.arg(
|
|
Arg::with_name("metrics-port")
|
|
.long("metrics-port")
|
|
.value_name("PORT")
|
|
.help("Set the listen TCP port for the Prometheus metrics HTTP server.")
|
|
.default_value("5064")
|
|
.takes_value(true),
|
|
)
|
|
.arg(
|
|
Arg::with_name("metrics-allow-origin")
|
|
.long("metrics-allow-origin")
|
|
.value_name("ORIGIN")
|
|
.help("Set the value of the Access-Control-Allow-Origin response HTTP header. \
|
|
Use * to allow any origin (not recommended in production). \
|
|
If no value is supplied, the CORS allowed origin is set to the listen \
|
|
address of this server (e.g., http://localhost:5064).")
|
|
.takes_value(true),
|
|
)
|
|
/*
|
|
* Explorer metrics
|
|
*/
|
|
.arg(
|
|
Arg::with_name("monitoring-endpoint")
|
|
.long("monitoring-endpoint")
|
|
.value_name("ADDRESS")
|
|
.help("Enables the monitoring service for sending system metrics to a remote endpoint. \
|
|
This can be used to monitor your setup on certain services (e.g. beaconcha.in). \
|
|
This flag sets the endpoint where the beacon node metrics will be sent. \
|
|
Note: This will send information to a remote sever which may identify and associate your \
|
|
validators, IP address and other personal information. Always use a HTTPS connection \
|
|
and never provide an untrusted URL.")
|
|
.takes_value(true),
|
|
)
|
|
.arg(
|
|
Arg::with_name("enable-doppelganger-protection")
|
|
.long("enable-doppelganger-protection")
|
|
.value_name("ENABLE_DOPPELGANGER_PROTECTION")
|
|
.help("If this flag is set, Lighthouse will delay startup for three epochs and \
|
|
monitor for messages on the network by any of the validators managed by this \
|
|
client. This will result in three (possibly four) epochs worth of missed \
|
|
attestations. If an attestation is detected during this period, it means it is \
|
|
very likely that you are running a second validator client with the same keys. \
|
|
This validator client will immediately shutdown if this is detected in order \
|
|
to avoid potentially committing a slashable offense. Use this flag in order to \
|
|
ENABLE this functionality, without this flag Lighthouse will begin attesting \
|
|
immediately.")
|
|
.takes_value(false),
|
|
)
|
|
}
|