How To Create My AWS  ‘Access Key ID’ and ‘Secret Access Key’

In order to establish a connection between your validator and BloxStaking, we need to generate unique access keys. Those keys are yours, and yours alone.

We broke down the process and made it as simple as possible. This is how you do it:

  1. Go to your AWS account
  2. In the search bar, type ‘IAM’
  3. Click on ‘Users’
  4. Click on ‘Add User’ in order to create a new user
  5. Choose a ‘ username’

We suggest choosing a name that will be easy to remember.

  1. Make sure to enable the ‘Programmatic access’ option before proceeding
  2. On the bottom of the page, click on ‘Next: Permissions’
  3. Of the 3 available options, choose ‘Attach existing policies directly’
  4. In the search bar, type ‘EC2’ and select ‘Amazon EC2 FullAccess’
  5. Proceed to ‘Next: Tags’
  6. You can skip this one if you’d like and just click on ‘Next: Review’
  7. Make sure that everything checks out before clicking on ‘Create User’
  8. Done! Your user is created!

Congrats! You have successfully generated an EC2 AWS Access Key and Secret Key.
This is a very important part of the security process. Since Blox is non-custodial, we won’t be able to help you reproduce these keys in case you lose them. So please make sure to store the information in a safe location.

Why Does Blox Need An Access Point to My Server?

Blox is completely non-custodial, and will remain that way. For that reason, the importance of having your own server takes on a new meaning. A key component of the Blox platform, a personal instance of KeyVault remote signer, is housed on your cloud server of choice and protects your validator key therein. This ensures that we do not have access to your validator key.

Keyvault is a Hashicorp Vault with a proprietary plug-in that supports Eth2 signing functionalities and includes built-in slashing protection. As part of set-up with Blox, Blox assists with the installation of KeyVault by providing a Wizard with instructions through the Blox Live Desktop App. During installation, Blox Live is given permissions to perform maintenance tasks for Keyvault, strictly upon opt-in with your password.
Your Eth2 validator key is stored safely in your Keyvault remote signer, and is used when incoming requests from the blockchain are sent from Blox Infra. Every time you’re called upon to complete a duty, Blox Infra will send the request to your server for signing using http requests and an access token mechanism. KeyVault will analyze the request and sign if appropriate, then send it back to complete the block. Therefore, your server will only communicate with our infrastructure when it’s your turn to attest or propose; in a limited, encrypted capacity.

What is my 24-Word Seed?

Your 24-word seed is a complete backup of your assets, in this case, all of your Staked ETH. 


It’s absolutely CRUCIAL to store your 24-word seed securely, offline. NEVER enter that combination into any device connected to the internet. And yes, that includes your smartphone and computer.



  • Never take a picture of your recovery seed 
  • Never type the recovery seed into a computer or phone 
  • Never save it in cloud storage and never upload the seed on the internet. 
  • Make sure to copy down the recovery seed correctly

What is My Blox Password?

Your password is an additional security layer generated in Blox Live that is used on top of your 24-word ‘seed’ passphrase.  Also known as the 25th word. 


Similar to any of your other passwords (just a little more sensitive), you can pick any set of letters, numbers and characters as your password. The password allows you to perform management tasks and access your secure data in Blox Live.


What is a Validator Key?

Your validator key, much like your ‘normal’ Eth1 key, uses elliptic-curve cryptography. However, in Ethereum 2.0, your keys have additional functionalities, and require different parameters when being created, leveraging the Boneh-Lynn-Shacham (=BLS) signature processes.



Breakdown of Ethereum 2.0 Keys

In Ethereum 1.0, users have a single private key to access their funds. Ethereum 2.0 requires two different keypairs. Validator keys and withdrawal keys.

The Validator Key

The validator signing key consists of two elements:


  • Validator private key
  • Validator public key


The role of the validator private key is to actively sign on-chain (Eth2) duties, namely attestations and block proposals. 


The validator public key is included in the deposit data which allows Eth2 to identify and associate between the validator and the ETH funds.


The Withdrawal Key

The withdrawal key is required to move (or withdraw) the validator balance. 

Although being developed and already accounted for, this ability will only be made available in later phases of Eth2 (expected in Q1 of 2021).


Much like the validator key, the withdrawal key also consist of two components:


  • Withdrawal private key
  • Withdrawal public key


Losing this key means losing access to the validator, and the entirety of the ETH balance at stake. A validator is still able to propose and attest if a withdrawal key is lost; however the ETH at stake is not accessible for withdrawal or transfer without this key.

Ethereum 2.0 Staking Deposit Process

In short, there are four main steps when making a staking deposit, or in other words, fueling your validator so that it can start accumulating revenue. 


1. Mempool – Status: Unknown

The first step of the process takes place in the Mempool, which acts as a sort of waiting room for the transactions. During this step, the transaction status is pending, waiting approval. 


The speed and execution of the transaction depends on the chosen gas fee. Miners ‘pick’ the transactions with the highest gas fees, since they will receive higher returns. If the network is highly congested (many pending transactions), cost of transactions (gas fees) goes up. In this case, there is a higher chance that new transactions will ‘outbid’ older transactions, causing significantly longer wait times. 


2. Deposit Contract – Status: Deposited

Once step one is complete, and the transaction is ‘picked’ by a miner, the transaction will reach the deposit contract. In this step, the deposit contract checks the transaction for its input data and value. This process takes an average of 7.5 hours.


If the threshold of ETH is not met or the transaction has no/invalid input data, the transaction will be rejected and the funds returned to the sender’s address.


Why does this take 7.5 hours?

In order to avoid mistakes or incorrect deposits, the network can only review transactions that have been in the deposit contract for 1024 Ethereum 1.0 blocks. This ensures that transactions do not end up in a reorged block. 


In addition to the 1024 Ethereum 1.0 blocks, 32 Ethereum 2.0 Epochs must also pass before the beacon chain recognizes the deposit. During these 32 Epochs, randomly selected validators vote on newly received deposits, to approve their validity.


So why exactly 7.5 hours?

1024 blocks = 1024 x ~13 seconds = 13,312 seconds = ~4 hours

32 Epochs = 32 x 6.4 minutes =  204.8 minutes = ~3.5 hours


Once this step is complete, the validator status will change to Deposited on the Beacon Chain explorer.


3. Validator Queue – Status: Pending

Once step two is complete, the ETH deposit is officially accessible from the beacon chain. Much like the previous steps, the Validator Queue phase also requires waiting. Depending on how many deposits were made to the network in total, a queue is formed. Each Epoch, only four validators are activated, which comes to about 900 validators a day.


There is an exception to the rule.

The first 16,384 Validators are called the genesis validators since they participate in the Genesis Block . These validators are not placed in a queue, but rather start staking from Slot 0. In this case, a validator would only wait to reach the minimum number of validators required to ‘activate’ the network.


4. Staking – Status: Active

The final stage of the Validator deposit process. In this phase, the validator is actively staking, signing attestations, proposing blocks, and more importantly, earning rewards in the form of ETH for its activity. 

What is the difference between the Testnet and the Mainnet?

As a new Staker, you are faced with an option to stake on the ‘Testnet’ or the ‘Mainnet’ (coming soon). Although the name ‘test’ indicates its functionality, it’s still important to clarify what it really means. 


Public Testnet(s)

Public Ethereum blockchains that are designed for community testing before Eth2 goes live. Sandbox environments where developers and early stakers run valueless ETH (called GoETH) that mimics the mainnet environment as closely as possible.

Examples: Medalla, Spadina, Zinken


Local Testnet(s)

Private, local blockchains running on an individuals personal machine or on a small scale.


The live, public Eth2 blockchain where actual transactions occur, with real live ETH. The mainnet is set to be released in late 2020.

How to Complete your GöETH Deposit in Blox Beta for The Medalla Testnet

This guide instructs you how to complete the validator setup process with Blox Beta, by depositing the required 32GöETH to the Medalla Testnet. 


Keep in mind that GöETH isn’t ‘real’ currency, it’s valueless and is only meant to mimic the real deal for testing purposes.


When you reach the final step of the Blox Beta Wizard, right after you ‘Generate your Keys’, you’ll find yourself at this screen:

At this point you will need to deposit GöETH using your crypto wallet.  We’ve provided instructions for our preferred wallets, MyEtherWallet and MetaMask.


Important: Make sure to leave the Blox Beta Wizard open while you complete this process.

How To Make the GöETH Deposit with MyEtherWallet
Step 1: Access Your MEW Account 

On your MEW App or your Hardware Wallet, navigate to your Dashboard.

Step 2: Choose Your Network

On the right side of the Dashboard, select ‘Network’. Then, select the ‘GOERLI’ Network.

Step 3: Make Sure You Have Enough GöETH

Once you select the GOERLI Network, you’ll need to get at least 32 GöETH. We recommend having a little more to cover the gas costs.


To get your GöETH, return to the Blox Beta Desktop App and click on the ‘Need GöETH’ button. If you require any assistance at this stage, reach out on our Discord channel.


Step 4: Deposit the GöETH into the Smart Contract

In your Blox Beta Desktop App, copy the Address and the Tx data:

In your MEW Dashboard, click ‘Send’


In your MEW wallet, paste the Address in the ‘To Address’ box.


You’ll see a pop-up informing you that the address belongs to a Smart Contract, don’t be alarmed, that means that it’s the right recipient.


In your MEW Wallet,  enable the ‘Data & Gas Limit’ section. 

Once the ‘Advanced’ section has expanded, paste the Tx Data into the ‘Add Data’ box.

That’s it! Now you can go back to your Blox Beta Dashboard to monitor the approval process.

How To Make the GöETH Deposit with MetaMask
Step 1: Open your MetaMask Wallet

You can make the deposit from your mobile device or your web extension, the process is almost identical.

Step 2: Select the ‘Goerli Test Network’ 

In your toolbar, on the upper right corner of your screen, you’ll find a drop down list containing all of the available networks that MetaMask supports. 

Select the ‘Goerli Test Network’.

Step 3: Show Hex Data

Make sure that the ‘Show Hex Data’ is enabled in your MetaMask account.


Go to your MetaMask Settings, click on ‘Advanced’.

Scroll down until you find the ‘Show Hex Data’ button, make sure it’s enabled.

Step 4: Add your ‘Recipient’ 

In Blox Beta, copy the Address and the Tx data.

In your MetaMask Dashboard, click ‘Send’. 

Paste the Smart Contract Address you copied from Blox in the ‘Add recipient’ box.
Step 5: Make the GöETH deposit

Add the following information in the fields that appear:


Asset: 32 ETH (GöETH)

Transaction Fee: Fast (since its not real ETH, might as well speed up the process) 

Hex Data: paste in the TX data that you copied from Blox

That’s it! Now you can go back to your Blox Beta Dashboard to monitor the approval process.