Skip to content
You are reading Web3Signer development version documentation and some displayed features may not be available in the stable release. You can switch to stable version using the version box at screen bottom.

Load Launchpad keystores

The Launchpad tool is used to create validators that participate in the Ethereum 2.0 proof-of-stake network. The tool generates an encrypted keystore file containing the validator details. Load this keystore into Web3Signer to sign attestations and blocks with the validator details.

This tutorial uses Teku and Web3Signer to run validators created on the pyrmont testnet.


1. Sync the Teku beacon node

Sync the Teku beacon chain node before submitting your deposit to avoid incurring inactivity penalties if the validator is unable to perform its duties when the deposit is processed and activated.

teku --network=pyrmont --metrics-enabled --rest-api-enabled

2. Generate validators

This step generates a validator on the pyrmont testnet. Use the ETH 2.0 pyrmont launchpad and follow the step-by-step process to deposit your funds and generate the keystore.

The process includes installing the ETH 2.0 deposit CLI tool, to generate your validator keystores locally. Keystores are generated in the eth2deposit-cli-<version>/validator_keys folder. In this example we generated a keystore named keystore-m_12381_3600_0_0_0-1606109670.json


Remember the password used to create the keystore because you’ll need it later.

3. Create password file

Create a plain text file that stores the password to decrypt the keystore. In this example we create the keystore-m_12381_3600_0_0_0-1606109670.txt file in the eth2deposit-cli-<version>/validator_keys directory.




If using Linux or macOS, we recommend setting the file ownership and permission to 400 for the user running Web3Signer.

4. Create the key configuration file

Create a key configuration file for each keystore file. The key configuration file defines the type of signing key being used, and access details. Store all key configuration files in a single directory. In his example Users/me/keys


The configuration files must be YAML-formatted, and can use any naming format, but must have the .yaml extension.


type: "file-keystore"
keystoreFile: "/Users/me/eth2deposit-cli-ed5a6d3-darwin-amd64/validator_keys/validator_keys/keystore-m_12381_3600_0_0_0-1606109670.json"
keystorePasswordFile: "/Users/me/eth2deposit-cli-ed5a6d3-darwin-amd64/validator_keys/validator_keys/keystore-m_12381_3600_0_0_0-1606109670.txt"

5. Start Web3Signer

Start Web3Signer and specify the location of the key configuration files and slashing protection database.

web3signer --key-store-path=/Users/me/keys eth2 --slashing-protection-db-url="jdbc:postgresql://localhost/web3signer" --slashing-protection-db-username=postgres --slashing-protection-db-password=password


Set the --slashing-protection-enabled eth2 subcommand option to false to disable slashing protection. However, this is not recommended on Mainnet.

5. Start Teku

Start Teku and specify the public keys of the validators that Web3Signer signs attestations and block for, and specify the Web3Signer address.

teku --network=pyrmont \
--eth1-endpoint=http://localhost:8545 \
--validators-external-signer-public-keys=0xa99a...e44c,0xb89b...4a0b \
Questions or feedback? You can discuss issues and obtain free support on Web3Signer Discord channel.
For paid professional support by Consensys, contact us at