Skip to main content

πŸš€ Key Generation for Mainnet

Important​

  • It is highly recommended that you perform this step using an air-gapped machine (a device that has never connected to the public internet).
  • If this is not available, turn off all internet and wireless connections (Ethernet, WiFi, Bluetooth) before proceeding.
  • In both cases, ensure you’re in a safe environment with a trusted network and physically block all camera devices.
  • Generate the keys using 0x01 Withdrawal Credentials with deposit amount set to 32 ETH.

Creating an air-gapped machine​

  1. Buy a cheap single-board computer (e.g., Raspberry Pi).
  2. OS‑on‑a‑stick: Flash a USB drive with TailsOS and run from USBβ€”no files persist after removal.

We will cover Method 2 (executable binaries) in this guide.

What you will need​

  1. Two new, empty USB drives
  2. A paper notebook and pencil
  3. 100% FOCUS

Download the validator keystore generation file​

This GUI method generates keystores, deposit data, and mnemonic.

  1. Download the Linux executable from wagyu.gg.
  2. Copy it onto a new USB drive.

Flash and install OS​

  1. Download latest TailsOS and verify checksums.
  2. Flash a USB drive with your preferred OS using BalenaEtcher. See TailsOS on USB guide β†’
Boot menu keys for laptop models
  • Non-Apple/Mac: consult [techofide guide] for keys.
  • Apple/Mac: consult [Apple support].
  1. Boot from the USB drive; you should see β€œTails.”

Boot menu screenshot

  1. Select Try or Install Tails
  2. Click +, set an admin password, then Start Tails

Add password screenshot

Generate your validator signing keys​

Wagyu Keygen​

Before proceeding​

  1. Turn off Ethernet, WiFi, Bluetooth.
  2. Physically cover all camera devices.

Load the USB drive with Wagyu Keygen to the fresh OS. Run the GUI and:

  1. Create a secret recovery phrase.
  2. Select network (Mainnet/Hoodi).
  3. Write down and confirm the phrase.
  4. Choose number of keys.
  5. Encrypt keystores with a password.
  6. IMPORTANT: Set withdrawal address to the Lido Withdrawal Vault in Ethereum Mainnet: 0xB9D7934878B5FB9610B3fE8A5e441e8fad7E293f
  7. Confirm password.
  8. Save keystores & deposit data to a USB drive.

Import Validator Key to your Node​

Go to Stakers β†’ Ethereum in Dappnode UI, click Upload Keystores. Import your keystores and enter passwords. Tag them β€œLido”; fee recipient set to 0x388C818CA8B9251b393131C08a736A67ccB19297.

Import guide β†’