Staking Ethereum and Safe Wallets
Staking Ethereum and Safe Wallets
Level 1 - NGMI
Welcome Avatar! The most popular requests from our recent Q&A for paid subscribers were a guides on staking and which hardware wallets we recommend.
Which Wallets Do You Recommend?
Readers have been asking which wallets the DeFi team are using now. The answer might surprise you.
Following the Ledger debacle, some of us use Trezor.
And for software wallets, we recently explained why we didn’t think any of the popular contenders were “lindy” or secure enough to trust with our funds.
We’re still on Metamask!
But what about privacy, and the Consensys / Infura Terms and Conditions?
Well, we use TOR/VPN and have a dedicated browser (or VM) only for Metamask.
Rather than trust any third party infrastructure provider, we deny them information about us and our transactions. This includes rotating IP addresses, avoiding browser fingerprinting, and using separate ‘seed phrases’ or bunches of private keys (JBOK) to avoid linking all accounts under a master seed phrase.
Autist Note: Metamask requests information (balances) about all accounts linked to a seed phrase through a centralized Infura RPC node, which could expose the common ownership of otherwise anonymous addresses. To avoid this, only load 1 address into Metamask at a time. You can remove addresses after use, and addresses can be added by inputting the private key. Make sure to keep track of the private keys / seed phrases securely if doing this.
Staking Ethereum
CEX Staking
Long term readers will know our views on this.
Not Your Keys, Not Your Coins
If the bankruptcies of FTX and the CeDeFi companies last year didn’t convince you, then consider this.
Centralized staking makes the network more vulnerable to cyber attacks, regulatory control, and bugs. If Ethereum becomes centralized it is likely the ETH token becomes far less valuable.
It isn’t in your interests as a holder to stake on a centralized provider.
Pooled Staking
Pooled staking is not native to the Ethereum network.
This means additional risks apply when you stake with Lido, Rocket Pool, or another service.
The benefits include being able to stake fewer than 32 ETH and to use the liquid staking derivative token elsewhere in DeFi (for example, as loan collateral).
We’ve covered these services in the past.
Metamask now allows users to use pooled staking directly through its interface.
Pooled staking will be an easy option for most people, especially those who cannot lock up $60,000. Simply make a decision on whether ~4.5% returns are worth the risks of using either provider.
Solo Staking
This is the form of staking recommended by DeFi Education in an *ideal world* where people have free time and high technical ability.
Advantages include:
Full Rewards: no middlemen take a cut from fees and if you run MEV boost software you keep all your bribes (rather than having bribes averaged out and subject to fees).
Full Control: Your keys, your crypto. You choose the software to run and which types of MEV to participate in, whether to follow OFAC blacklist or not, and so on.
Full Decentralization: you can run your node from anywhere in the world and you are not subject to the policies of any CEX or staking pool - this improves the decentralization and resilience of the Ethereum network.
You’ll need to provide (or rent) hardware, electricity, and Internet bandwidth which is likely to cost up to $140/year. In return, you receive ~5.7% yield on 32 ETH (1.824 ETH/year, around $3,400 at current rates).
And you’ll need to have the technical ability to set up your node and the time to perform maintenance.
If you don’t wish to maintain a node, you can use a staking as a service provider.
Staking As A Service
In this model you rent a preconfigured validator from a cloud provider, so you don’t need technical knowledge.
The cloud provider must control your signing keys to validate on your behalf. This introduces a small risk of having your ETH ‘slashed’ or penalized for inactivity if the service provider has software bugs.
You usually control the withdrawal keys, or have set an address you control as the withdrawal address, which means you have custody of your funds.
Fees are around 10%, which is over double what you’d expect to pay for the direct costs of solo staking. It depends how you value your time for performing maintenance.
Providers
Blox Staking: Requires you to log in with a Google, Github, or Microsoft account; privacy policy discloses they may collect and share information.
SensiNode: Although linked by the Ethereum Foundation, there is only a “Get in Touch” button with no apparent ability to rent a node immediately. Their documentation suggests poor client diversity, with only Geth x Lighthouse supported.
We haven’t found a SaaS provider we’d endorse yet.
Solo Staking Step-by-Step
We’re going to stake on Goerli testnet until we are thoroughly familiar with the process, the software (including client upgrades), and the procedures for recovering a failed node.
Prerequisites
Technical knowledge: should be comfortable with Linux and the command line.
Key management: should be familiar with private keys and mnemonics.
Suitable hardware: Modern fast CPU with 4+ cores, 16GB+ RAM, 1.5TB+ storage.
Reliable power and fast Internet: you should have 25MBit/s un-metered bandwidth. To avoid being charged penalties for downtime, your server should be reliable. If your home utilities are unreliable, consider a VPS.
Time for maintenance: you’ll need to be aware of scheduled Ethereum network upgrades and regularly check for critical upgrades to client software.
Capital: 32 ETH (per validator, so you can only stake exact multiples).
The Validator Computer
Consult project documentation for each of the following steps.
Install your operating system (e.g. Ubuntu or Debian Linux)
Install your execution layer (Geth, Nethermind, or Erigon)
Install your consensus layer (Lighthouse, Prysym, Teku, or Nimbus)
Allow the clients to talk to each other, usually via a shared JWT token
Sync the blockchain (this can take several days even on fast hardware)
Use the Staking Launchpad instructions to generate your validator keys
Load the validator keys into the consensus layer client
Use the Staking Launchpad to deposit 32 ETH in the staking contract
The Staking Launchpad
The Ethereum Foundation offers a Launchpad to help get started with staking.
Choose “Become a Validator”. Then read and understand the advisories. Read ahead the link to the Validator Checklist and plan those steps.
Now generate your validator key pairs. Set your withdrawal address. Then download CLI app from Github. Run this app with these parameters for 1 validator on Goerli testnet:
./deposit new-mnemonic --num_validators 1 --chain goerli --eth1_withdrawal_address 0xYourAddress
Then move the created “validator_keys” folder to your Validator Computer.
Refer to the documentation for your consensus client to import your validator keys. For example, using Lighthouse, the command would be:
lighthouse account validator import --directory validator_keys
And the output would look like:
Password is correct.
Successfully imported keystore.
Successfully updated validator_definitions.yml.
Successfully imported 1 validators (0 skipped).
WARNING: DO NOT USE THE ORIGINAL KEYSTORES TO VALIDATE WITH ANOTHER CLIENT, OR YOU WILL GET SLASHED.
Now continue on the Staking Lauchpad to “Upload your deposit data”.
Connect your wallet, follow instructions to make deposit to the ETH staking contract, being sure to check the address. Approve the transaction.
Your stake has reached the deposit contract! 🎉
You've successfully set up a testnet validator! We recommend you complete the checklist before validating on Mainnet
You should thoroughly test staking your Goerli ETH on testnet, changing consensus and execution clients, restoring your validator from a backup (or rebuilding it from scratch), and all the items suggested on the linked checklists before staking real ETH.
Remember, the minimum investment is nearly $60,000 so you need to be absolutely certain that you understand everything before staking your funds.
Time Saving Tip: Use Rocket Pool
We’re going to be going deeper into Rocket Pool for paid subscribers, but in summary form here’s how Rocket Pool can be used.
Join a pool by swapping ETH for rETH LSD token - either through Rocket Pool or on a DEX. You currently earn a lower yield compared to Lido so we don’t recommend except for diversification if you have large LSD holdings.
Run a node and earn a higher yield by staking only 16 ETH (or 8 ETH after recent upgrade). The remaining ETH is ‘borrowed’ from the staking pool funds and the yield is shared between the validator operator and the ‘lender’. The extra profit to the operator is greater than node costs so a more efficient way to stake. (Caveat: need to factor in cost of hedging RPL token exposure as a bond must be deposited in RPL)
Use the Rocket Pool software to configure your consensus and execution clients
We recommend the third option for those who wish to solo stake. Manually setting up a node is complex and painful. Especially managing integrations between the execution and consensus clients. Even if you’re familiar with Linux like our resident Iguana it can take hours. Rocket Pool can get your system set up in minutes, and it supports checkpointing to make your node sync quicker (otherwise can take a week).
Summary
Wallets
We’re aware that there are some attacks possible on Trezor if the attacker has physical possession of the device. That means if you lose your Trezor, you need to restore a backup of your seed phrase and move your assets to a newly created wallet. There’s no reason to buy a Ledger now that they have enabled *remote* key recovery. Whether opt-in or not, this increases the attack surface and just isn’t worth the risk.
For software wallets, Metamask is the most Lindy and probably the most secure. While other wallets exist, we don’t trust any except for MyEtherWallet (which isn’t very useful these days, except for airgap signing basic token transfers).
So we’re on Metamask + Trezor. This is good enough for vast majority of people. If you need higher security, use a multisig like Gnosis Safe.
Staking
We’re still researching whether to stake some Rocket Pool Minipools (earn extra to subsidize cost of maintaining a validator node and take on some smart contract risk) or whether to go the whole hog and just solo stake in multiples of 32 ETH. Either way, we’re using the Rocket Pool software to help set up the system as it’s otherwise quite painful.
Vote in the poll below and let us know follow up questions in the comments. How many readers are seriously considering solo staking and would like an in depth guide? Same question for Rocket Pool.
Coinbase
We informed paid subscribers that we had a position in early May (see Coinbase v SEC: Will the COIN Shorts Win).
If there was any crypto company with the political and financial clout to take on the SEC and get a favorable outcome, we think it would be Coinbase.
Although we were against buying COIN during the bull market, we update our analysis as new facts become available. We now think it’s risky not to have some COIN in your crypto portfolio!
COIN looks well positioned to achieve near monopoly status among whales and institutions as the safest most regulated crypto derivatives exchange. And it might be the only choice for retail users, as other leading exchanges refuse US customers.
At the time, COIN was trading under $50.
On the day of the official SEC charges, COIN opened below $50 again. We added.
Today COIN closed at $69.89 (+45% since our post!) and we no longer have a position.
Depending on your long term views for crypto and Coinbase, it might still have a place in your portfolio. But the risk:reward is different here and with a 45% rise recently it seems like the market is now pricing in our previously contrarian thesis about the SEC lawsuit. We think it’s hard to own equities when rates are at 5%. The plan was to capture a risk premium from emotional decisions around the lawsuit news. Now that prices have reverted we’re looking for the next opportunity.
For only $100 you get a one-year membership to DeFi Education which includes a monthly Q&A and full access to all our past content. Avoid missing out on future opportunities in the crypto market.
Disclaimer: None of this is to be deemed legal or financial advice of any kind. These are opinions from an anonymous group of cartoon animals with Wall Street and Software backgrounds.
We now have a full course on crypto that will get you up to speed (Click Here)
Security: Our official views on how to store Crypto correctly (Click Here)
I've been solo staking for a while. This is only for tech savvy users and it takes a while to setup. Non-technical users should use liquid staking. Just buy some rETH or whatever and forget about it. The APY doesn't really justify the risk or cost of solo staking. Companies with thousands of machines can make a profit at these low APYs using economy of scale. Solo staking only makes sense for hobbyists, enthusiasts, and researchers.
I don't stake for the APY. I stake because I want to see firsthand whether or not Ethereum is a viable blockchain. All the blockchains make various claims about decentralization. For example, try running your own Solana node. (hint: you can't). Running the blockchain node moves my knowledge about Ethereum from speculation to experience. I'll be able to see for myself if they make some change that makes Ethereum fail to live up to its promises.
Anyway, after the setup, my solo staking node is very low maintenance. The main maintenance task is that I subscribe to the github release notifications for the execution and consensus clients and install the software updates. I highly recommend the monitoring service and app at https://beaconcha.in/mobile
Good article, thanks for the overview.
I mentioned allnodes.com in the past, and it seems their service fits perfectly in the staking as a service category. And with their advanced plan you pay $10 per month and get MEV boost (where you have a few different options). So not sure if I'm missing something, but seems like a much better deal then the services you mentioned, as you state that they take about a 10% cut. Allnodes' fees is about the same as running your own node with $120 per year. (or $60 if you don't want MEV boost and some other features).