diff --git a/docs/how-to/enable-validator-slashing-protection.md b/docs/how-to/enable-validator-slashing-protection.md new file mode 100644 index 000000000..2e9fc7e66 --- /dev/null +++ b/docs/how-to/enable-validator-slashing-protection.md @@ -0,0 +1,52 @@ +--- +title: Enable validator slashing protection +description: Shut down the validator client if any owned validator is slashed. +sidebar_position: 8 +--- + +# Enable validator slashing protection + +Validator slashing protection monitors the validators slashing and shuts down the validator client when any of the owned validator is slashed. + +When enabled, the validator slashing protection is triggered whenever an attester or proposer slashing event is received through the peer to peer network and will terminate the validator client with exit code `2`. +When that happens, the validator client should not be restarted by default because more slashing are likely to happen. We recommend restarting the validator client with the [Doppelganger Detection](./enable-doppelganger-detection.md) enabled. + +:::warning + +The validator slashing protection is imperfect and might fail to detect slashing events rapidly. Use this as a last resort option that might prevent validators from being slashed. + +::: + +## Enable validator slashing protection + +Enable validator slashing protection by setting the +[`--validator-slashing-protection-enabled`](../reference/cli/index.md#validator-slashing-protection-enabled) +option to `true`. + +Your validator client must be connected to a beacon node that supports the `proposer_slashing` and `attester_slashing` SSE event streams (both supported by Teku beacon node). + +## Side effects + +The validator slashing protection is intended to prevent a massive slashing. When triggered the validator client will terminate and all the running validator will stop performing their duties. + +:::warning + +Stopping the validators might cause: + +- Missed attestations. +- Missed sync committee contributions. +- Missed block proposals. + +These side effects result in penalties and missed rewards. + +::: + +You might still consider these side effects a worthwhile trade-off of the validator slashing protection, since it can prevent more slashing. + +## Logs + +When enabled, the validator slashing protection prints the following log when an owned validator is slashed: + +```bash title="Example validator protection log when a validator is slashed" +Validator(s) with public key(s) {} got slashed: 0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001, 0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002. Shutting down validator client... +``` diff --git a/docs/reference/cli/index.md b/docs/reference/cli/index.md index c9f49bfd9..b5cd5ee89 100644 --- a/docs/reference/cli/index.md +++ b/docs/reference/cli/index.md @@ -2570,47 +2570,41 @@ This option can't be used with [`--beacon-node-api-endpoint`](subcommands/valida ::: -### stop-vc-when-validator-slashed-enabled +### `validator-slashing-protection-enabled` ```bash ---stop-vc-when-validator-slashed-enabled[=] +--validator-slashing-protection-enabled[=] ``` ```bash ---stop-vc-when-validator-slashed-enabled=true +--validator-slashing-protection-enabled=true ``` ```bash -TEKU_STOP_VC_WHEN_VALIDATOR_SLASHED_ENABLED=true +TEKU_VALIDATOR_SLASHING_PROTECTION_ENABLED=true ``` ```bash -stop-vc-when-validator-slashed-enabled: true +validator-slashing-protection-enabled: true ``` -Set to `true` to enable the validators slashing monitoring and shut down the VC when a validator gets slashed. The default is `false`. - -:::caution - -When running a remote BN different than Teku, this option can only be used with a BN that supports the `attester_slashing` and `proposer_slashing` SEE event streams. - -::: +Set to `true` to enable the [validators slashing protection](../../how-to/enable-validator-slashing-protection.md) and shut down the Validator Client when any owned validator is slashed. The default is `false`. ### version