How to Set Up a FUND Validator Node for $5

0
208

Launch a FUND Validator Node on a Digital Ocean Droplet with this step-by-step guide

So, you’ve decided you want to become a FUND Validator. Congratulations! You’re early to the game and great rewards are coming your way. Why? There are only 23 validator nodes currently receiving rewards and delegation commissions. The top 96 Validators on the Unification MainNet are eligible to receive rewards. This means you can receive rewards with any amount of FUND you wish to self-stake.

So, if you want to make some passive income on your FUND holdings, read on and get your node running!

Disclaimer:
As the Unification blockchain grows, the apparent load on the validator may also grow. At the time of launching your node, its system requirements may exceed those used in this guide.
This guide is not intended to give you an out-of-the-box validator node that you can leave to its own devices. Yes, it will work and participate in the network. But, there are many ways to improve your system’s security, redundancy,and reliability. This is the beginning of your journey if you wish to do this long-term. Research and strive to improve.

About Me

I've been an active member (under the tag NLHybrid) in the FUND community (general and trading) for several months now. You'll see me helping others and taking part in some great discussions about Unification.

I also run a FUND validator, FUNDThailand. Since the FUND TestNet, I have been running validator nodes and helping others get their nodes up and running as well. Lately, More and more individuals have been showing interest in launching a node of their own. Herein lies the motivation for my writing this guide.

If you have any questions or comments about this guide, feel free to reach out to me via twitter @NLHybrid. You can also contact me through Keybase.

Before you start….

You must understand that a validator requires regular monitoring and maintenance. Consider your node a living and breathing organism that you need to keep alive!

If this isn’t for you, fret not! You can always delegate your FUND to an existing validator such as mine. Unification offers guides on how to do so:

Part 1: Launching your Droplet

Droplets are what Digital Ocean calls their virtual servers.

Part 1.1: Register with a VPS provider

The best course of action is to run a node through a VPS from a provider such as Digital Ocean, Amazon Web Services, Microsoft Azure, Google Cloud, and many more. These providers offer very affordable (some are free for a limited-time) options for entry-level servers. I went with Digital Ocean because of its:

  • pleasant and intuitive UX/UI for quick setup
  • ease of use
  • affordable droplets (min. 5$ USD/month for the basic)
  • excellent referral program: you will get $100USD free credit in your account if you register through my referral link. This was very useful for me as I am also running multiple droplets for testing purposes.

DigitalOcean - The developer cloud

Sign up with your e-mail, g-mail account, or GitHub account. To get the free credit, you must provide some payment information in the registration process.

Part 1.2: Create an SSH key pair

Connecting to the Droplet for Unification software setup requires the Secure Shell (SSH) protocol.

Create your SSH Key pair using:

  • OpenSSH for Linux, macOS, and Windows(natively supported on Windows 10, only). How-to guide here.
  • PuTTY, a GUI-based option for Windows Users without Bash. How-to guide here

You will need to add your [id_rsa].pub key to your Droplet later so take note of where it is located.

For macOS and Linux, it’s typically found at /Users/your_username/.ssh/[id_rsa].pub

**Your private/public key file name will be referred to as [id_rsa] or [id_rsa].pub throughout this guide.

PuTTY users can refer to this guide for viewing the public key.

NOTE:
When creating your key pair in PuTTY, copy the content of the public key box to a text file. You will use it later in this guide.

Part 1.3: Create a VPC

Before you create your Droplet, you need to create a Virtual Private Cloud (VPC).

In your Digital Ocean dashboard:

  1. Click Networking in the left sidebar, under the manage drop-down menu.
  2. Click the VPC tab
  3. Click the Create VPC Network button
  4. Choose a Datacenter region for your VPC and name it.

Part 1.4: Create a New Project

Click +New Project in the left sidebar.

Name your project and select a reason in the drop-down box.

Since you haven’t made a Droplet yet, you can skip the Move Resources menu.

In your new project dashboard, click the big blue button in the center of the screen, Get Started with a Droplet.

Part 1.5: Configuring your Droplet

Choose CentOS 7.6 x64 as your image.

Select the $5/mo plan. As network usage increases, upgrading your Droplet may be necessary.

**Optional but recommended: Add Block Storage, at least 25GB is recommended during writing this guide.

Pick the Datacenter region that you selected in Step 1.3 for your VPC.

Part 1.6: Add Droplet to VPC

Click the drop-down menu under VPC Network and select the VPC that you created and named.

Part 1.7: Add SSH key to your Droplet

Under Authentication, click the New SSH Key button.

Enter the public SSH Key from [id_rsa].pub into the SSH key content field.

PuTTY users: copy and paste from the text file made in Step 1.2

OpenSSH users: copy to clipboard with the following

Windows (in cmd prompt): CLIP < [id_rsa].pub

macOS (in terminal): pbcopy < ~/.ssh/[id_rsa].pub

or pbcopy < [id_rsa].pub **if the /.ssh folder is already added to PATH

Linux: use xclip or open with nano and copy the public key

Part 1.8: Add SSH key to your Droplet

Lastly, under Choose a hostname, give your Droplet a recognizable name.

Click the Create Droplet button. This will trigger the Droplet initialization process.

After several minutes, your new Droplet will be ready.

Part 2: Firewall Setup

Go back to Networking and select the Firewalls tab.

Click Create Firewall.

Name your firewall appropriately.

Under the Rules tab:

Set your Inbound and Outbound rules to match the following screenshots:

Inbound Rules
Outbound Rules

Under the Droplets tab:

Add a Droplet.

Add your Droplet by searching for the hostname you created in Part 1.8.

Part 3: Configure your Droplet via SSH

Digital Ocean Linux Droplets are managed using Terminal and SSH.

Before you proceed, you need the following information:

  • Droplet IP Address: identify your Droplet’s IP Public IP by viewing the Droplet table in your project dashboard. Here is an example.
  • Default username : centos
NOTE:
For the remainder of this guide, any text found with square brackets like [insert_ text_here] needs to be replaced by your own values. For example,[droplet_ip]could be 122.322.12.31.2 and [id_rsa] ,mynodekey.

Part 3.1: Log in via SSH

In the terminal of your local PC enter the following:

ssh -i ~/.ssh/[id_rsa] centos@[droplet_ip]
NOTE:
This method works for Windows 10 users in Command Prompt or PowerShell. Older Windows versions must use PuTTY to connect via SSH. Refer to this guide.

You will be logged into the Droplet. Type yes at any additional prompts to proceed.

You successfully logged into your Droplet if you see something like:

[centos@MediumExample ~]$

The following steps are performed while connected to the Droplet via SSH unless stated otherwise.

Part 3.2: Install Prerequisites

Update the instance using yum, it will take several minutes to complete.

sudo yum update -y

Install epel:

sudo yum install epel-release -y

Install the JSON processor, jq:

sudo yum install nano jq -y

Part 3.3: Install and verify the UND binary

Download and run the UND installation script from the Unification mainchain GitHub repository:

sh -c "$(curl -sfSL https://git.io/JvHZO)"

Verify where und binary is installed, using which:

which und

It should return:

/usr/local/bin/und

Verify the server and client versions:

und version --long

which returns, for example:

name: UndMainchain 
server_name: und
client_name: undcli
version: 1.4.6
commit: 13fa881563930642886cff4cd42ec0e3904087cd
build_tags: netgo
go: go version go1.13.3 linux/amd64

Part 3.4: Initialize your full node

Initialize and name theund node

und init [your_node_name]
NOTE:
Use only alphanumeric characters, hyphens, and underscores for your node name.

Part 3.5: Download the latest genesis file.

WARNING:
Before you proceed, decide if you will launch a node on the TestNet or MainNet. If you are a first-timer, it is highly recommended that you try the TestNet first. Play around, make mistakes, and see how things work before running a Full Node on the MainNet.

Download the TestNet genesis file:

curl https://raw.githubusercontent.com/unification-com/testnet/master/latest/genesis.json > $HOME/.und_mainchain/config/genesis.json

OR

Download the MainNet genesis file:

curl https://raw.githubusercontent.com/unification-com/mainnet/master/latest/genesis.json > $HOME/.und_mainchain/config/genesis.json
!!DO NOT DOWNLOAD BOTH GENESIS FILES!!

Confirm the current chain id

jq --raw-output '.chain_id' $HOME/.und_mainchain/config/genesis.json

Make note of the output, it should look like FUND-Mainchain-MainNet-v1 or UND-Mainchain-TestNet-v6

Part 3.6: Set up the node configuration file

Joining the network requires the node knowing at least one seed node to begin p2p communication with other nodes on the network.

The latest seed node info is found at the Unification TestNet and MainNet Github repositories.

Take note of the node info[node_id@ip:port] specific to the network you are launching on.

WARNING:
If you downloaded the TestNet genesis file, you must use the TestNet seed node info. The same logic applies for the MainNet genesis file.

Use nano to edit your node configuration file:

nano $HOME/.und_mainchain/config/config.toml

Hit CTRL+W, type external_address and hit ENTER. You should see external_address = “” enter [droplet_ip:26656] inside the double quotes e.g.:

external_address = "11.22.33.44:26656"

Three lines below, you will see seeds = "" . As you just did above, enter the node info inside the double quotes e.g.:

seeds = "node_id@ip:port"

Hit CTRL+W and search for laddr = "tcp:// this takes you to the [rpc] section of the configuration file. You should see:

laddr = "tcp://127.0.0.1:26657"

Change the value in double quotes to:

laddr = "tcp://0.0.0.0:26657"

To save the changes, hit CTRL+X and then enter y to exit nano.

Part 3.7: Setting gas prices

The official Unification guide documents currently recommend setting minimum gas prices to 0.25nund. This is intended to protect your full node from processing spam transactions (txs) as it will ignore txs paying gas fees below0.25nund.

First, using nano to open app.toml:

$HOME/.und_mainchain/config/app.toml

Add 0.25nund inside the double quotes of minimum-gas-prices = "" :

minimum-gas-prices = "0.25nund"

Hit CTRL+X and then y to save and exit the file.

Part 3.8: Confirm that node can connect

Start the node and verify that it can connect with the network:

und start

At first, you will see an error message, e.g.:

E[2020-03-19|09:42:06.072] Stopping peer for error                      module=p2p peer="Peer{MConn{1.2.3.4:26656} dcff5de69dcc170b28b6628a1336d420f7eb60c0 out}" err=EOF

This is normal. Wait. Eventually, you will see your node downloading blocks. Once you are happy seeing the blocks roll in, hit CTRL+C to stop the node.

Part 3.9: Setup und to run as a background daemon

Reminder: You should still be connected to your Droplet via SSH

Configure und to run as a background daemon using systemctl . This allows you to log out of your Droplet without shutting down und.

Create a und.service configuration file using nano :

sudo nano /etc/systemd/system/und.service

In the empty file, add:

[Unit] 
Description=Unification Mainchain Validator Node

[Service]
User=centos (required)
Group=centos
WorkingDirectory=/home/centos
ExecStart=/usr/local/bin/und start --home=/home/centos/.und_mainchain
LimitNOFILE=4096

[Install]
WantedBy=default.target

Update systemctl:

sudo systemctl daemon-reload

You can start, stop, or restart the und node using:

sudo systemctl start und
sudo systemctl stop und
sudo systemctl restart und

Node operation can be monitored using journalctl :

sudo journalctl -u und --follow

Hit CTRL+C to exitjournalctl . You won’t see the node downloading blocks but it is still working in the background.

If your Droplet reboots, sudo systemctl start und must be used.

Part 4: Become a Validator

Let your node fully sync with the network. As of June 16, 2020, this takes upwards of 2 hours to complete. Use journalctl to monitor the node’s process and verify it has reached the latest block height using the mainchain explorer.

Tip:
While waiting, backup $HOME/.und_mainchain/config/node_key.json and $HOME/.und_mainchain/config/private_validator_key.json . These files are needed to migrate your validator to a new Droplet or a different service provider.
I used scp to copy them to my local machine. I keep them on a backup drive.

Part 4.1: Obtain your validator public key

Registering your node with the Mainchain requires your validator public key. While connected via SSH to the Droplet, enter:

und tendermint show-validator

Take note of the output, [your_validator_key] , it will be used later in this guide.

Part 4.2: Create/Import your wallet

Disconnect from your Droplet. The rest of this guide requires you working from terminal/PowerShell on your local PC.

Download and extract latest undcli archive to a suitable location.

From terminal, cd to the path of the extracted archive.

cd /path/to/extracted/undcli_directory

Create a new wallet using undcli :

undcli keys add [account_name]

or import an existing wallet where you will be prompted for your mnemonic and passphrase:

undcli keys add [account_name] --recover 
NOTE:
in some cases, you need to use./undcli instead of undcli. This works for Linux users who didn’t extract the undcli archive to a location in PATH

Part 4.3: Register as a validator

From the wallet you created/imported, you must self-delegate a sufficient amount of FUND to create a validator. (With less than 96 validators on the network, any amount should theoretically be sufficient)

From your local PC, enter the following command:

undcli tx staking create-validator \
--amount=[stake_in_nund] \
--pubkey=[your_validator_key] \
--moniker="[your_ev_moniker]" \
--identity=[your_uport/keybase_fingerprint] \
--website="[your_website]" \
--details="[description]" \
--security-contact="[security_email]" \
--chain-id=[chain_id] \
--from=[account name] \
--node=tcp://[droplet_ip]:26657 \
--commission-rate="[0.10]" \
--comission-max-rate="[0.20]" \
--commission-max-change-rate="[0.01]" \
--min-self-delegation="1" \
--gas="auto" \
--gas-prices="0.25nund" \
--gas-adjustment=1.5 \
--broadcast-mode block \
--trust-node false

** = Required

  • --amount**: amount of FUND in nund (1 fund = 1000000000 nund ). You can also use undcli convert 1000 fund nund command to convert fund to nund. e.g. --amount=100000nund
  • --pubkey**: [your_validator_key] , the public key you obtained in Part 4.1.
  • --moniker**: ID/Tag publicly visible for your validator node.
  • --website: website that will be publicly visible in your validator profile. It’s typically used to promote the node.
  • --identity: PGP Public Key fingerprint that comes from your uPort or keybase account (if you created one). Your uPort/keybase avatar will be visible in your validator profile on the explorer.
  • --details: short description of your node
  • --security-contact: e-mail address associated with the node
  • --chain-id*: network (e.g. FUND-Mainchain-MainNet-v1) you are creating a validator on. You confirmed this value in Step 3.5 with jq.
  • --from**: The name of the wallet (from Step 4.2) you are using to self-delegate FUND for creating the validator.
  • --node=tcp://[droplet_ip]:26657**: your Droplet IP running the full node with the RPC port.

Commission Rates

  • --commission-rate**: % commission you earn from delegators’ rewards.
  • --commission-max-rate**: maximum value that commission-rate can be changed to.
  • --commission-max-change-rate**: maximum amount by which you can adjust your commission rate in a 24 hour period. The smallest increment of change possible is reportedly 0.5%. (e.g. 0.05 -> 0.055)
WARNING:
The commission-max-rate and commission-max-change-rate flags cannot be changed after running the validator command.

Lastly:

--min-self-delegation**: minimum amount of nund required to keep self-delegated to the validator.

Part 4.4: Verify your validator node

Verify your node is running by checking the active validators list on he MainNet explorer. The TestNet has a separate explorer.

undcli can also be used:

undcli query staking validator \
$(undcli keys show [account_name] --bech=val -a) \
--chain-id=[chain_id] \
--node=tcp://[droplet_ip]:26657

Part 5: Final cleanup

Part 5.1: Close the RPC port

The official guidelines from Unification recommend closing your validator node’s RPC port (26657). With the P2P port (26656) open, it will only communicate with other nodes.

Remove the Custom TCP Inbound and Outbound Rules with port range=26657 in your Firewall (refer to Part 2).

You should also revert the RPC laddr configuration value in config.toml back to tcp://127.0.0.1:26657 (refer to Part 3.6). This setting adjustment will restrict the node’s RPC access to localhost.

Part 5.2: Alternate methods for broadcasting transactions

Interacting with the network is still possible via one of these three methods:

  1. Spin up a non-validator node on your local PC (skip the Droplet sections and start from Part 3.1). When you broadcast transactions, you won’t need to use the --node flag as it will default to localhost which will work in this case.
  2. Spin up a non-validator node and broadcast transactions via that node instead. Follow the guide again (up to Part 3.7) on separate Droplet and use that Droplet’s IP for your --node flag e.g. --node=tcp://[droplet2_ip]:26657 (no need to close the RPC port for this one)
  3. Broadcast transactions to the public RPC nodes:

Parting words

Your Unification Validator Node should now be collecting rewards and securing the network!

Start planning for the future of your node and research how you can increase its security, reliability, and availability. I recommend that you look into Sentry Nodes as a starting point.

Make use of the publicly available Unification documentation, Tendermint and Cosmos documentation. Cosmos has a well-established technical community. That pool of information will prove very useful when looking for answers.

I hope this guide was helpful to you and I wish you good luck with your validator.

You can also visit the Unification Telegram Chats:

Make sure you say hi and let everyone know you’re getting a validator started.

Contributors, References, and Support

I want to give thanks to those who supported me in providing technical details, proof-reading, and tips for the writing of this guide:


How to Set Up a FUND Validator Node for $5 was originally published in Coinmonks on Medium, where people are continuing the conversation by highlighting and responding to this story.