Skip to content
CenturionValidator program
Operator documentation

Technical runbook for external validator seat operators.

Everything you need to set up, secure, monitor, and maintain a Centurion validator seat - from hardware selection through BLS key generation, onboarding submission, and ongoing operations.
ContentsPrerequisitesClient setupClient source & buildsBLS key generationOnboarding submissionGoing liveMonitoringTroubleshootingUpgradesHardware migrationGlossary
01

Prerequisites

These are the minimums for a single seat. Operators running multiple seats should scale RAM and storage accordingly.
CPU
4+ cores; modern x86-64 or ARM64 processor.
RAM
16 GB minimum; 32 GB recommended for multi-seat setups.
Storage
500 GB NVMe SSD with high IOPS.
Network
Stable connection with at least 10 Mbps and low latency.
OS
Ubuntu 22.04 LTS or Debian 12 recommended.
Hosting
Bare metal, AWS, GCP, Hetzner, OVH, and other providers work.
02

Client setup

Run one execution client, one consensus client, and a validator client. Prefer the minority client on each layer where possible.
Execution client
30303 TCP/UDP for peer discovery and block propagation.
Consensus client
9000 TCP/UDP for beacon peers and attestation gossip.
Validator client
No inbound port required; connects outbound to the local consensus client.
Centurion is its own network. Approved operators receive genesis, bootnode, and trusted peer artifacts after seat assignment.
03

Client source & builds

go-centurion (Execution)
Go 1.23+ - https://github.com/centurion-protocol/go-centurion
rustcen (Execution)
Rust (stable) - https://github.com/centurion-protocol/rustcen
centauri (Consensus)
Rust (stable) - https://github.com/centurion-protocol/centauri
rockstar (Consensus)
Node.js + pnpm - https://github.com/centurion-protocol/rockstar
github.com/centurion-protocol/go-centurion github.com/centurion-protocol/rustcen github.com/centurion-protocol/centauri github.com/centurion-protocol/rockstar
04

BLS key generation

External operators generate BLS keypairs in their own controlled environment. Clone and build centurion-deposit-cli.
1
Work on an air-gapped machine or one that will never go online again after key generation.
2
Clone centurion-deposit-cli and verify the release tag before running it.
3
Run: centurion-deposit-cli new-mnemonic --num_validators 1 --chain centurion
4
Write down your mnemonic on paper. Do not store it digitally.
5
Submit only deposit_data-*.json during onboarding. Never send the keystore.
6
Move the keystore to your validator host via encrypted SSH transfer.
05

Onboarding submission

After seat approval, submit your validator pubkey and deposit data for the assigned seat. The Foundation validates those inputs before funding.
1
Wait for your seat assignment notification, assigned vault withdrawal credentials, and your short-lived signed enrollment token.
2
Submit the enrollment token alongside your validator public key and deposit_data-*.json through the console or onboarding channel before the token expires.
3
Do not submit private key material at any point. The enrollment token is a scoped admission credential, not a key.
4
Foundation verifies the enrollment token and validates your submission against the seat vault credentials and allowlist policy.
5
You are notified when validation is complete and deposit funding has been submitted or scheduled for the assigned seat.
6
If your enrollment token expires before submission, request a fresh token — never re-use or share an old one.
06

Going live

After the deposit, your validator enters the activation queue. Activation timing is variable and depends on current network queue depth.
1
Foundation funds the 32 CTN deposit transaction after final validation and approval.
2
Deposit included in an execution block.
3
Consensus client queues activation.
4
Validator waits through activation queue.
5
Validator reaches active status and begins attesting.
GET /eth/v1/beacon/states/head/validators/{pubkey}
07

Monitoring

Most validator clients expose Prometheus metrics natively. Wire them to your alerting stack.
Missed attestations > 5%
Page; check validator connectivity to the consensus client.
Peer count < 10
Page; check firewall rules for ports 30303 and 9000.
Disk usage > 80%
Warn; prune chain data or add storage.
Any client process restart
Warn; check logs for recurring failure.
Validator inactive for > 2 epochs
Page; confirm validator client is running and key is loaded.
08

Troubleshooting

1
Validator client is not connected to the consensus client — check the beacon API endpoint in your validator client config.
2
Keystore is not loaded — confirm the keystore path and password are correct in your validator client.
3
Consensus client is still syncing — check sync status via the beacon API before expecting attestations.
09

Upgrades

The program targets 72-hour advance notice for non-emergency upgrades. Emergency security events may require faster turnaround.
1
Watch email and Announcements. Planned upgrades target 72 hours of notice.
2
Stop the validator client cleanly before upgrading.
3
Upgrade execution and/or consensus client binaries as directed.
4
Restart execution first, then consensus, then validator.
5
Confirm the validator is attesting again before marking the upgrade complete.
6
Never skip an upgrade past its target epoch.
10

Hardware migration

Migrating a validator to new hardware is safe when done in strict sequence. The only risk is running the same keystore in two places at once.
1
Provision and fully sync the new host before touching the old host.
2
Stop the validator client on the old host and confirm it stopped.
3
Copy the keystore via scp with SSH key authentication.
4
Start the validator client on the new host and confirm it is attesting.
5
Never run the same keystore on two machines simultaneously.
11

Glossary

Program-specific terms, cryptographic primitives, protocol mechanisms, and validator operations concepts referenced throughout this site.
Seat
An approved validator position in Centurion. One seat maps to one validator and one WithdrawalVault once onboarding and deployment complete.
Enrollment token
Short-lived, signed admission credential scoped to one assigned seat. Authorizes a single onboarding attempt and lets the console verify operator, seat, chain, scope, and nonce before accepting validator data. It is not a BLS key, reward claim, funding guarantee, or long-lived credential — expired tokens require reissue.
Beneficiary
Wallet identity authorized to receive operator-side vault proceeds.
Treasury
Foundation-controlled address set that funds deposits and executes treasury-side settlement actions.
WithdrawalVault
Per-seat smart contract governing beneficiary claims and exit-settlement accounting.
Principal-first
Exit rule where Foundation principal settles before any operator excess is distributed.
Deposit data
Validator onboarding payload generated using centurion-deposit-cli.
BLS12-381
Signature scheme used on the consensus layer for validator duties.
ECDSA
Execution-layer signature scheme used for wallet and vault transactions.
CIP-7002
Execution-layer mechanism allowing withdrawal credentials to request validator exit without a BLS signature.
Slashing
Protocol punishment for provably malicious validator behavior.
DVT
Distributed validator technology using threshold cryptography.

Need help?

Contact support