nimbus-eth2
nimbus-eth2 copied to clipboard
Improved logging/docs for validator flow
I was recently gifted a stack of Görli eth to stake on Prater and thought this would be a good time to run a serious staking setup with nimbus! While configuring the setup, I ran into a few problems (all self-imposed) that I feel could be better illuminated through logging. These are kind of from memory so please forgive me if I get something confused.
- Incrementally output validator pubkeys as their keystores are unencrypted. Lighthouse currently does this. For only a handful of validators it's probably fine to do a summary, but for a larger number it's sort of weird for it to appear to block for a long period of time (even with debug log level set).
-
NOT
is not a terribly reassuring log prefix msg to be seeing while importing validator keys (nimbus deposits import
). - Both
--validators-dir
and--secrets-dir
state the argument is "a directory containing X", but I believe the actual expected value is a directory containing another directory, which contains X. - Incorrect permissions on
validators
orsecrets
causes nimbus to simply ignore them. IMO if those directories exist, but have invalid permissions that should at least be logged as aWARN
if not outrightFATAL
. -
--insecure
is a kind of a concerning flag name to pass to a piece of software I'm about to delegate tens of thousands of (hypothetical) euros to (yes I see if you don't want metrics you don't need it, but still). - Overall, I find the docs sort of difficult to follow because it's very focused on these scripts in the root of the repo. I think it would be great to actually remove these scripts to run nimbus and put things that should go into the client in the client and things that don't make sense into the docs. A good example of this is in the "Import your validator keys"; it asks to copy the
validator_keys
directory into the nimbus repository and then run a command (nimbus deposits import
) whose path defaults to the current directory. Would much rather it be agnostic to where the user has placed their files. - The "Joe Clapis" dashboard is now extremely rocketpool focused - not sure if it makes sense as the first community dashboard to point people to anymore.
--insecure is a kind of a concerning flag name to pass to a piece of software I'm about to delegate tens of thousands of (hypothetical) euros to (yes I see if you don't want metrics you don't need it, but still).
The insecure
options was used in very early versions of Nimbus to enable metrics support - metrics have since been added to the stable feature set and no longer require the insecure flag (for a good while too) - it looks like there's a guiide somewhere that needs updating?
@arnetheduck ah good to know! I guess this is my fault, I was trying to read the Joe Clapis guide which lead me to an older version of his repo https://github.com/jclapis/rp-pi-guide/blob/main/Grafana.md. I can't find any references to NIMFLAGS="-d:insecure"
in any other documentation. So maybe linking directly to Joe's guide at rocketpool or completely omitting the link will help avoid people like me digging around to get the original guide :)