Lighthouse (pawsmenu) Mac OS

broken image


$ lighthouse -version; Now that Lighthouse is installed, reopen Launchpad. On Launchpad select the Lighthouse tile, scroll down and click continue. Generate Key Pairs. On the next page of Launchpad, where it asks how many validators would you like to run, I recommend simply starting with 1. Select Mac as your operating system. Within Mac OS X Tiger, Spotlight can be accessed from a number of places. Clicking on an icon in the top-right of the menu bar opens up a text field where a search query can be entered. Finder windows also have a text field in the top-right corner where a query can be entered, as do the standard load and save dialogue boxes.

Overview

This article is for us. The non-developers, the non-tech folk, those of us who think of Lego when we hear the word 'blockchain'.

In this article, we'll run through the steps of setting up a Lighthouse client and accessing Ethereum 2.0, aka eth2. The road might feel a little bumpy at times, but buckle up, hang tight and we'll be validating together in no time.

Buckle-up, let's do this!

Now, above I said 'in no time'. But to be honest, 'no time' means around two hours. Don't worry, it's well worth it.

In the coming steps we'll cover starting an Eth1 and Eth2 client, running a testnet, depositing gETH and becoming a testnet validator.

Yep, my brain just imploded a little as well. But we'll make sense of this right…now!

Learning to speak nerd.

Okay, slight sidetrack here, but I threw some new concepts, words and seemingly random collections of letters at you just before. I'm sorry, but let me make up for it with a geek glossary.

Below are human-friendly definitions of some new words or phrases we'll be using a lot in the coming steps. Learn them, love them, they will be your friends for the next two hours and beyond.

  • Eth1 is simply the shortened form of the first generation (aka release) of Ethereum.
  • Eth2 is simply the shortened form of the new generation of Ethereum (currently running in parallel) also known as Ethereum 2.0.
  • Ethereum is designed to offer different clients, developed by different teams using different programming languages. These clients are software applications that run the Ethereum blockchain technical specifications (or rules). The idea behind having multiple clients is so that if one fails, say due to a bug, the entire network does not crumble. Commonly used Eth1 clients include Geth, Nethermind, Besu, OpenEthereumCommonly used Eth2 clients include Lighthouse, Prysm, Teku, Nimbus
  • Nodes are hardware (aka computers) that are participating in the Ethereum network. Once we are done, the computer you are on will be a node on the Ethereum network.
  • ETH is the inbuilt native cryptocurrency of Ethereum.
  • Goerli ETH commonly tagged as GöETH or gETH is a test cryptocurrency on a test network called Goerli. It has no real value and simply facilitates experimentation without incurring real-world costs.
  • Testnets are an exact simulation of the Ethereum blockchain network for the sole purpose of practising or experimenting without incurring real-world consequences.
  • You can think of a validator as a voter for new blocks. The more votes a block gets, the more likely it is to be added to the blockchain. In exchange, honest validators receive financial rewards for helping to secure the blockchain network.
  • The only way to become a validator is through staking. And staking is currently a one-way ETH transaction into the Ethereum 2.0 network as collateral - in other words, have some skin in the game. This encourages validators to act responsibly, or they'll be financially penalised from their staking amount.

Let's jump right in!

Open Terminal

You'll need to use Terminal throughout this entire process. Terminal can be found in Finder > Applications > Utilities > Terminal.

This application provides text-based access to the operating system of your computer, from the terminal you have direct access to tweaking almost everything about your computer's software code. This will either have you feeling mad with power, or a little weezy (I was the latter surprise surprise 😅)

Tips & Tricks

  • The text written in the terminal are called commands or command-lines.
  • Commands are case sensitive.
  • To execute a command, type what you need then press the return key on your keyboard. At that point, it will either return an error if you've typed something incorrectly, or the command will execute.
  • $ will be used to signify the beginning of a command-line that you should copy-paste into the Terminal, but please DO NOT include the $ symbol when pasting the command into the terminal.
  • If you run into any download issues or you can't open something we have downloaded, head over to System Preferences > Security & Privacy > General and click Open Anyway. For more in depth information on this go here.

Install Homebrew

Homebrew is a package manager that makes it easy to install, update, configure, and uninstall applications on a Mac through the terminal.For more in depth information on this go here. Surface mac os.

  1. To install Homebrew run the following command in the terminal: $ /bin/bash -c '$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)'
  2. This will prompt you to enter your computer password, then to press the return key.
  3. You'll know it's finished once text stops automatically running. Then run this command to make sure it's worked: $ brew update or $ brew help

Launchpad for Pyrmont Testnet

Launchpad is an eth2 onboarding platform created by the Ethereum Foundation, that walks you through the process of staking in Eth2. You are more than welcome to follow the Launchpad instructions directly, although I will offer some additional clarifications.

The Pyrmont Testnet is the last testnet before mainnet (the real deal). Fun fact, Pyrmont is where the Sigma Prime (Lighthouse founders and maintainers) office is located!

Click Get Started

You'll be walked through an overview statement for each major step launchpad covers.Once you have read and understood, click accept and move on.

Things to remember as you move through these:

  • Signing up Overview: Remember GöETH is a test cryptocurrency, and can be used without incurring any real-world costs. Getting GöETH is extremely simple, we'll cover this shortly.
  • Backup Mnemonic Overview: A Mnemonic or Seed is a secure password, a string of 24 words that is designed to be easy to write down and remember. This will be generated for you in steps to come.
  • Signing Keys Overview: Each validator has two sets of keys: a signing key and a withdrawal key. These keys act as your digital signature or fingerprint on the system.A signing key is the key a validator needs in order to vote and propose new blocks.And a withdrawal key has the power to control a validator's staking funds (transferring, and withdrawing ETH)
  • Transfer Delay Overview: Remember at the moment we are only staking GöETH, a test cryptocurrency that holds no real value.
  • Early Adopter Risks Overview: Remember slashing means to incur a large penalty.
  • Confirmation Overview: Don't let this one intimidate you, I'll walk you through the 'be technically capable of running commands in a terminal on a computer.' part.

Eth1 Client Selection

Steps to run Go-Ethereum (commonly known as Geth) are listed below, although you are welcome to select and run any client you like:

  1. Minimise the Launchpad window for now and reopen Terminal.Remember that handy little thing, Homebrew? Well now we get to see it in action.
  2. Run the following commands separately:$ brew tap ethereum/ethereum$ brew install ethereum
  3. Install the master branch using the --devel parameter$ brew install ethereum --devel
  4. Then to make sure it worked, you can simply run$ geth --help
  5. After ensuring the install worked, run the following command to create an account$ geth account new
  6. You will now be able to run Geth. Since we want to run it on a testnet we'll need to add the --goerli flag - Görli is a permanent Eth1 Testnet that runs in parallel to the Pyrmont Eth2 Testnet$ geth --goerli --http
  7. Now just let it run until you see $ Imported new chain segment which signifies it has successfully synced
  8. Leave Geth syncing in the background and reopen Launchpad.
  9. On Launchpad select the Geth tile, scroll down and click continue.

Eth2 Client Selection

Steps to run Lighthouse are listed below, although you are welcome to select and run any client you like.

The steps below show you how to build Lighthouse from source, and are pulled from the Lighthouse Book. Building from source allows for the absolute best performance, and is a great way to get more familiar with code.

  1. Minimise Launchpad again, and open a new Terminal window.
  2. Download a building tool called cmake.$ brew install cmake
  3. Install the programming language Rust via rustup.Rust is the programming language that Lighthouse is written in, therefore in order to build the Lighthouse client from source you need to have Rust installed.$ curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
  4. Once prompted select Option 1 to proceed with installation (default)Let it run until you see 'Rust is installed now' which signifies it has been successfully installed.
  5. Update the search path in terminal$ source $HOME/.cargo/env
  6. Then to make sure it worked, you can simply run$ rustup update
  7. Clone the Lighthouse repository$ git clone https://github.com/sigp/lighthouse.git
  8. Change into the newly created directory$ cd lighthouse
  9. Build Lighthouse$ make
  10. This will prompt a lot of command-lines to run automatically. This process will take several minutes.Let it run until you see $ Finished.
  11. To ensure it worked, run the following which should display the command-line documentation.$ lighthouse --helpOr run the following to check the version of Lighthouse.$ lighthouse --version
  12. Now that Lighthouse is installed, reopen Launchpad.
  13. On Launchpad select the Lighthouse tile, scroll down and click continue.

Generate Key Pairs

  1. On the next page of Launchpad, where it asks how many validators would you like to run, I recommend simply starting with 1.
  2. Select Mac as your operating system.
  3. Select to download the CLI app.
  4. Open GitHub, scroll down and click the asset titled eth2deposit-cli-ed5a6d3-darwin-amd64.tar.gz
  5. This should trigger an automatic download of the CLI app for your operating system.
  6. Decompress the file you just downloaded.
  7. Open a fresh Terminal window, and run the following commands individually to launch the app$ cd downloads$ cd eth2deposit-cli-ed5a6d3-darwin-amd64$ ./deposit new-mnemonic --num_validators 1 --chain pyrmont
  8. In the terminal window you'll be prompted to choose your preferred language
  9. Then to type a password. There won't be any appearance of you typing the password so type consciously!
  10. Correctly confirming the password, generates your mnemonic.Write your mnemonic down and store it safely, preferably offline. Oldschool, right?
  11. Once you've proven that you have written down your mnemonic, you'll get your keys, a cute code rhino and the location of where your keys can be found.
  12. Return to Launchpad, and click continue at the bottom of the page.

Upload Deposit File

  1. Open finder and follow the path generated in terminal of the location of where your keys can be foundExample /Users/fullname/Downloads/eth2deposit-cli-ed5a6d3-darwin-amd64/validator_keys
  2. Drag the deposit-data-[timestamp].json file onto Launchpad
  3. Click continue

Connect Wallet

By far, the easiest way to handle your cryptocurrency is with MetaMask. It's a browser extension that acts as a bank account, allowing transitions and to send or receive funds.

Steps to run MetaMask are written below, although you are welcome to select and run any wallet you like.

To connect a wallet you first must have an account. Head to MetaMask and follow the prompts to install MetaMask as a Chrome extension. You'll then be prompted to get started, and create a wallet.

After following these prompts, you reach the homepage. Click the dropdown in the top right hand corner and switch to the Goerli Test Network.

Then hover your cursor over Account 1 and copy the key to clipboard.

Once you've copied this, open Discord which is a major instant messaging platform in this community. Click here to join the Ethstaker Discord server. Zap (ljhsgames) mac os. Post the key you've copied to your clipboard to one of their channels and request GöETH. Ethstaker has set up an automation that will directly deposit GöETH into your account upon request.

Beacon Node

Lighthouse (pawsmenu) Mac Os X

At this point you should have two terminal windows open. One running the Goerli testnet and the other where we downloaded the CLI.

Open a third fresh window, and start the beacon node by pasting.$ lighthouse bn --network pyrmont --httpMore information on the beacon node here.

Import Keys

  1. Using the terminal where we downloaded the CLI, paste the following.$ lighthouse account validator import --directory eth2.0-deposit-cli/validator_keys
  2. Enter your password when prompted, the one you created not the mnemonic one.
  3. Command lines started automatically running. Once the process is complete, you should see the following:$ Successfully moved keystore.$ Successfully updated validator_definitions.yml.$ Successfully imported 1 validators.

Run Lighthouse Validator Client

Now for the last step, running the Lighthouse Validator.

Lighthouse (pawsmenu) Mac Os Download

On the same terminal, paste the following.$ lighthouse vc --network pyrmont --http

And that's it! You should now have Lighthouse up and running on the Pyrmont Testnet. Nice work! Giga drill clicker mac os.

If you have any questions, comments or would like more information head over to the Lighthouse Book or reach out on our Discord.

Last week, we covered the launch of Slack Engineering's open source mesh VPN system, Nebula. Today, we're going to dive a little deeper into how you can set up your own Nebula private mesh network—along with a little more detail about why you might (or might not) want to.

VPN mesh versus traditional VPNs

The biggest selling point of Nebula is that it's not 'just' a VPN, it's a distributed VPN mesh. A conventional VPN is much simpler than a mesh and uses a simple star topology: all clients connect to a server, and any additional routing is done manually on top of that. All VPN traffic has to flow through that central server, whether it makes sense in the grander scheme of things or not.

In sharp contrast, a mesh network understands the layout of all its member nodes and routes packets between them intelligently. If node A is right next to node Z, the mesh won't arbitrarily route all of its traffic through node M in the middle—it'll just send them from A to Z directly, without middlemen or unnecessary overhead. We can examine the differences with a network flow diagram demonstrating patterns in a small virtual private network.

All VPNs work in part by exploiting the bi-directional nature of network tunnels. Once a tunnel has been established—even through Network Address Translation (NAT)—it's bidirectional, regardless of which side initially reached out. This is true for both mesh and conventional VPNs—if two machines on different networks punch tunnels outbound to a cloud server, the cloud server can then tie those two tunnels together, providing a link with two hops. As long as you've got that one public IP answering to VPN connection requests, you can get files from one network to another—even if both endpoints are behind NAT with no port forwarding configured.

Where Nebula becomes more efficient is when two Nebula-connected machines are closer to each other than they are to the central cloud server. When a Nebula node wants to connect to another Nebula node, it'll query a central server—what Nebula calls a lighthouse—to ask where that node can be found. Once the location has been gotten from the lighthouse, the two nodes can work out between themselves what the best route to one another might be. Typically, they'll be able to communicate with one another directly rather than going through the router—even if they're behind NAT on two different networks, neither of which has port forwarding enabled.

By contrast, connections between any two PCs on a traditional VPN must pass through its central server—adding bandwidth to that server's monthly allotment and potentially degrading both throughput and latency from peer to peer.

Direct connection through UDP skullduggery

Nebula can—in most cases—establish a tunnel directly between two different NATted networks, without the need to configure port forwarding on either side. This is a little brain-breaking—normally, you wouldn't expect two machines behind NAT to be able to contact each other without an intermediary. But Nebula is a UDP-only protocol, and it's willing to cheat to achieve its goals.

https://xvbmonkeyinrapslotsblackjack.peatix.com. If both machines reach the lighthouse, the lighthouse knows the source UDP port for each side's outbound connection. The lighthouse can then inform one node of the other's source UDP port, and vice versa. By itself, this isn't enough to make it back through the NAT pinhole—but if each side targets the other's NAT pinhole and spoofs the lighthouse's public IP address as being the source, their packets will make it through.

UDP is a stateless connection, and very few networks bother to check for and enforce boundary validation on UDP packets—so this source-address spoofing works, more often than not. However, some more advanced firewalls may check the headers on outbound packets and drop them if they have impossible source addresses.

Advertisement

If only one side has a boundary-validating firewall that drops spoofed outbound packets, you're fine. But if both ends have boundary validation available, configured, and enabled, Nebula will either fail or be forced to fall back to routing through the lighthouse.

We specifically tested this and can confirm that a direct tunnel from one LAN to another across the Internet worked, with no port forwarding and no traffic routed through the lighthouse. We tested with one node behind an Ubuntu homebrew router, another behind a Netgear Nighthawk on the other side of town, and a lighthouse running on a Linode instance. Running iftop on the lighthouse showed no perceptible traffic, even though a 20Mbps iperf3 stream was cheerfully running between the two networks. So right now, in most cases, direct point-to-point connections using forged source IP addresses should work.

Setting Nebula up

To set up a Nebula mesh, you'll need at least two nodes, one of which should be a lighthouse. Lighthouse nodes must have a public IP address—preferably, a static one. If you use a lighthouse behind a dynamic IP address, you'll likely end up with some unavoidable frustration if and when that dynamic address updates.

The best lighthouse option is a cheap VM at the cloud provider of your choice. The $5/mo offerings at Linode or Digital Ocean are more than enough to handle the traffic and CPU levels you should expect, and it's quick and easy to open an account and get one set up. We recommend the latest Ubuntu LTS release for your new lighthouse's operating system; at press time that's 18.04.

Installation

Nebula doesn't actually have an installer; it's just two bare command line tools in a tarball, regardless of your operating system. For that reason, we're not going to give operating system specific instructions here: the commands and arguments are the same on Linux, MacOS, or Windows. Just download the appropriate tarball from the Nebula release page, open it up (Windows users will need 7zip for this), and dump the commands inside wherever you'd like them to be.

(pawsmenu)

On Linux or MacOS systems, we recommend creating an /opt/nebula folder for your Nebula commands, keys, and configs—if you don't have an /opt yet, that's okay, just create it, too. On Windows, C:Program FilesNebula is probably a more sensible location.

Certificate Authority configuration and key generation

The first thing you'll need to do is create a Certificate Authority using the nebula-cert program. Nebula, thankfully, makes this a mind-bogglingly simple process:

What you've actually done is create a certificate and key for the entire network. Using that key, you can sign keys for each node itself. Unlike the CA certificate, node certificates need to have the Nebula IP address for each node baked into them when they're created. So stop for a minute and think about what subnet you'd like to use for your Nebula mesh. It should be a private subnet—so it doesn't conflict with any Internet resources you might need to use—and it should be an oddball one so that it won't conflict with any LANs you happen to be on.

Nice, round numbers like 192.168.0.x, 192.168.1.x, 192.168.254.x, and 10.0.0.x should be right out, as the odds are extremely good you'll stay at a hotel, friend's house, etc that uses one of those subnets. We went with 192.168.98.x—but feel free to get more random than that. Your lighthouse will occupy .1 on whatever subnet you choose, and you will allocate new addresses for nodes as you create their keys. Let's go ahead and set up keys for our lighthouse and nodes now:

Now that you've generated all your keys, consider getting them the heck out of your lighthouse, for security. You need the ca.key file only when actually signing new keys, not to run Nebula itself. Ideally, you should move ca.key out of your working directory entirely to a safe place—maybe even a safe place that isn't connected to Nebula at all—and only restore it temporarily if and as you need it. Also note that the lighthouse itself doesn't need to be the machine that runs nebula-cert—if you're feeling paranoid, it's even better practice to do CA stuff from a completely separate box and just copy the keys and certs out as you create them.

Advertisement

Each Nebula node does need a copy of ca.crt, the CA certificate. It also needs its own .key and .crt, matching the name you gave it above. You don't need any other node's key or certificate, though—the nodes can exchange them dynamically as needed—and for security best practice, you really shouldn't keep all the .key and .crt files in one place. (If you lose one, you can always just generate another that uses the same name and Nebula IP address from your CA later.)

Configuring Nebula with config.yml

Nebula's Github repo offers a sample config.yml with pretty much every option under the sun and lots of comments wrapped around them, and we absolutely recommend anyone interested poke through it see to all the things that can be done. However, if you just want to get things moving, it may be easier to start with a drastically simplified config that has nothing but what you need.

Lines that begin with a hashtag are commented out and not interpreted. Fly boy mac os.

Warning: our CMS is mangling some of the whitespace in this code, so don't try to copy and paste it directly. Instead, get working, guaranteed-whitespace-proper copies from Github: config.lighthouse.yaml and config.node.yaml.

There isn't much different between lighthouse and normal node configs. If the node is not to be a lighthouse, just set am_lighthouse to false, and uncomment (remove the leading hashtag from) the line # - '192.168.98.1', which points the node to the lighthouse it should report to.

Note that the lighthouse:hosts list uses the nebula IP of the lighthouse node, not its real-world public IP! The only place real-world IP addresses should show up is in the static_host_map section.

Starting nebula on each node

I hope you Windows and Mac types weren't expecting some sort of GUI—or an applet in the dock or system tray, or a preconfigured service or daemon—because you're not getting one. Grab a terminal—a command prompt run as Administrator, for you Windows folks—and run nebula against its config file. Minimize the terminal/command prompt window after you run it.

root@lighthouse:/opt/nebula# ./nebula -config ./config.yml

That's all you get. If you left the logging set at info the way we have it in our sample config files, you'll see a bit of informational stuff scroll up as your nodes come online and begin figuring out how to contact one another.

If you're a Linux or Mac user, you might also consider using the screen utility to hide nebula away from your normal console or terminal (and keep it from closing when that session terminates). Editing software download.

Figuring out how to get Nebula to start automatically is, unfortunately, an exercise we'll need to leave for the user—it's different from distro to distro on Linux (mostly depending on whether you're using systemd or init). Advanced Windows users should look into running Nebula as a custom service, and Mac folks should call Senior Technology Editor Lee Hutchinson on his home phone and ask him for help directly.

Conclusion

Nebula is a pretty cool project. We love that it's open source, that it uses the Noise platform for crypto, that it's available on all three major desktop platforms, and that it's easy.ish to set up and use.

With that said, Nebula in its current form is really not for people afraid to get their hands dirty on the command line—not just once, but always. We have a feeling that some real UI and service scaffolding will show up eventually—but until it does, as compelling as it is, it's not ready for 'normal users.'

Right now, Nebula's probably best used by sysadmins and hobbyists who are determined to take advantage of its dynamic routing and don't mind the extremely visible nuts and bolts and lack of anything even faintly like a friendly interface. We definitely don't recommend it in its current form to 'normal users'—whether that means yourself or somebody you need to support.

Unless you really, really need that dynamic point-to-point routing, a more conventional VPN like WireGuard is almost certainly a better bet for the moment.

Lighthouse (pawsmenu) Mac Os 11

The Good

  • Free and open source software, released under the MIT license
  • Cross platform—looks and operates exactly the same on Windows, Mac, and Linux
  • Reasonably fast—our Ryzen 7 3700X managed 1.7Gbps from itself to one of its own VMs across Nebula
  • Point-to-point tunneling means near-zero bandwidth needed at lighthouses
  • Dynamic routing opens interesting possibilities for portable systems
  • Simple, accessible logging makes Nebula troubleshooting a bit easier than WireGuard troubleshooting

The Bad

  • No Android or iOS support yet
  • No service/daemon wrapper included
  • No UI, launcher, applet, etc

The Ugly

  • Did we mention the complete lack of scaffolding? Please don't ask non-technical people to use this yet
  • The Windows port requires the OpenVPN project's tap-windows6 driver—which is, unfortunately, notoriously buggy and cantankerous
  • 'Reasonably fast' is relative—most PCs should saturate gigabit links easily enough, but WireGuard is at least twice as fast as Nebula on Linux




broken image
PreviousNext
Cookie Use
We use cookies to improve browsing experience, security, and data collection. By accepting, you agree to the use of cookies for advertising and analytics. You can change your cookie settings at any time. Learn More
Accept all
Settings
Decline All
Cookie Settings
Necessary Cookies
These cookies enable core functionality such as security, network management, and accessibility. These cookies can’t be switched off.
Analytics Cookies
These cookies help us better understand how visitors interact with our website and help us discover errors.
Preferences Cookies
These cookies allow the website to remember choices you've made to provide enhanced functionality and personalization.
Save