nimbus-eth2 icon indicating copy to clipboard operation
nimbus-eth2 copied to clipboard

Published 20 hours ago verified publisher icon status-im

Improved logging/docs for validator flow

Open lightclient opened this issue 2 years ago • 2 comments

I was recently gifted a stack of Görli eth to stake on Prater and thought this would be a good time to run a serious staking setup with nimbus! While configuring the setup, I ran into a few problems (all self-imposed) that I feel could be better illuminated through logging. These are kind of from memory so please forgive me if I get something confused.

  • Incrementally output validator pubkeys as their keystores are unencrypted. Lighthouse currently does this. For only a handful of validators it's probably fine to do a summary, but for a larger number it's sort of weird for it to appear to block for a long period of time (even with debug log level set).
  • NOT is not a terribly reassuring log prefix msg to be seeing while importing validator keys (nimbus deposits import).
  • Both --validators-dir and --secrets-dir state the argument is "a directory containing X", but I believe the actual expected value is a directory containing another directory, which contains X.
  • Incorrect permissions on validators or secrets causes nimbus to simply ignore them. IMO if those directories exist, but have invalid permissions that should at least be logged as a WARN if not outright FATAL.
  • --insecure is a kind of a concerning flag name to pass to a piece of software I'm about to delegate tens of thousands of (hypothetical) euros to (yes I see if you don't want metrics you don't need it, but still).
  • Overall, I find the docs sort of difficult to follow because it's very focused on these scripts in the root of the repo. I think it would be great to actually remove these scripts to run nimbus and put things that should go into the client in the client and things that don't make sense into the docs. A good example of this is in the "Import your validator keys"; it asks to copy the validator_keys directory into the nimbus repository and then run a command (nimbus deposits import) whose path defaults to the current directory. Would much rather it be agnostic to where the user has placed their files.
  • The "Joe Clapis" dashboard is now extremely rocketpool focused - not sure if it makes sense as the first community dashboard to point people to anymore.

lightclient avatar Jun 03 '22 10:06 lightclient

--insecure is a kind of a concerning flag name to pass to a piece of software I'm about to delegate tens of thousands of (hypothetical) euros to (yes I see if you don't want metrics you don't need it, but still).

The insecure options was used in very early versions of Nimbus to enable metrics support - metrics have since been added to the stable feature set and no longer require the insecure flag (for a good while too) - it looks like there's a guiide somewhere that needs updating?

arnetheduck avatar Jun 03 '22 11:06 arnetheduck

@arnetheduck ah good to know! I guess this is my fault, I was trying to read the Joe Clapis guide which lead me to an older version of his repo https://github.com/jclapis/rp-pi-guide/blob/main/Grafana.md. I can't find any references to NIMFLAGS="-d:insecure" in any other documentation. So maybe linking directly to Joe's guide at rocketpool or completely omitting the link will help avoid people like me digging around to get the original guide :)

lightclient avatar Jun 04 '22 04:06 lightclient