From 7145de118ece3f14a76117b1a1b2624a6256ee1e Mon Sep 17 00:00:00 2001
From: pablomendezroyo <mendez4a@gmail.com>
Date: Thu, 17 Oct 2024 11:03:03 +0200
Subject: [PATCH 1/2] Implement certificates per network

---
 validator/Dockerfile                             |   6 ++++--
 .../cert/gnosis/teku_client_keystore.p12         | Bin 0 -> 2622 bytes
 .../cert/{ => gnosis}/teku_keystore_password.txt |   0
 .../cert/{ => holesky}/teku_client_keystore.p12  | Bin
 .../cert/holesky/teku_keystore_password.txt      |   1 +
 .../security/cert/lukso/teku_client_keystore.p12 | Bin 0 -> 2622 bytes
 .../cert/lukso/teku_keystore_password.txt        |   1 +
 .../cert/mainnet/teku_client_keystore.p12        | Bin 0 -> 2606 bytes
 .../cert/mainnet/teku_keystore_password.txt      |   1 +
 9 files changed, 7 insertions(+), 2 deletions(-)
 create mode 100644 validator/security/cert/gnosis/teku_client_keystore.p12
 rename validator/security/cert/{ => gnosis}/teku_keystore_password.txt (100%)
 rename validator/security/cert/{ => holesky}/teku_client_keystore.p12 (100%)
 create mode 100644 validator/security/cert/holesky/teku_keystore_password.txt
 create mode 100644 validator/security/cert/lukso/teku_client_keystore.p12
 create mode 100644 validator/security/cert/lukso/teku_keystore_password.txt
 create mode 100644 validator/security/cert/mainnet/teku_client_keystore.p12
 create mode 100644 validator/security/cert/mainnet/teku_keystore_password.txt

diff --git a/validator/Dockerfile b/validator/Dockerfile
index 120f498..b382194 100644
--- a/validator/Dockerfile
+++ b/validator/Dockerfile
@@ -7,7 +7,8 @@ ARG STAKER_SCRIPTS_VERSION
 
 USER root 
 
-ENV TLS_CERT_PATH=/tls/cert
+# Modify TLS_CERT_PATH to include the NETWORK arg value
+ENV TLS_CERT_PATH=/tls/cert/${NETWORK}
 
 ENV DATA_DIR=/opt/teku/data \
     NETWORK=${NETWORK} \
@@ -18,7 +19,7 @@ ENV DATA_DIR=/opt/teku/data \
     STAKER_SCRIPTS_URL=https://github.com/dappnode/staker-package-scripts/releases/download/${STAKER_SCRIPTS_VERSION}
 
 COPY /security/validator-api-bearer ${VALIDATOR_API_TOKEN_PATH}
-COPY /security/cert ${TLS_CERT_PATH}
+COPY /security/cert/${NETWORK} ${TLS_CERT_PATH}
 COPY entrypoint.sh /usr/local/bin/entrypoint.sh
 
 ADD ${STAKER_SCRIPTS_URL}/consensus_tools.sh /etc/profile.d/
@@ -31,3 +32,4 @@ RUN apt-get update && apt-get install ca-certificates --yes --no-install-recomme
 ENV NETWORK=${NETWORK}
 
 ENTRYPOINT [ "/usr/local/bin/entrypoint.sh" ]
+
diff --git a/validator/security/cert/gnosis/teku_client_keystore.p12 b/validator/security/cert/gnosis/teku_client_keystore.p12
new file mode 100644
index 0000000000000000000000000000000000000000..3538af00766ec6e706a87483a806e2cfb2746e31
GIT binary patch
literal 2622
zcma)8X*d*$8lH_YmW+Kl#u?p0NHZ8?5XPE)tjE4HWJ$ItTcgmiZ=sQ04n?+P-$g<*
z6v<e}iR4O#?A-2i@6);W*S$Z!=Y78S{oeQI`+O)8t1<`(Mv-7E%rL3=Yw>#=Kq#=7
z1bYu5!KgpzF%*fZ>AxhV3J8g*<Oluu$K*4!{oBRP3Ir9Cm^6Nnswl6Y4kiwiElTOH
zl^rDw;k5~$05{P^R@KY-zYjDFYm<!Ho`OIUa1aoQVrORgS0V_;1VAB}VJ`94fSzCo
zPznN1(yU5cwwa*%x!_ywtCg2RND#_Z&H%f#HwrIqK3j*&Z-AZCUk95%OU|Gz5BDia
zKsk#L>+fHk7f89i(rVyJKQn)z^hm%N0h>@RHw?eeSrQqM8)`5~jy}$RT~X|y$AeYj
zxKyH;fOZ$sD~+7Pn%uITqUwO7*sE1>T5eA?ex2cDGUk^ibnJLHdV#n)c%CQSRyOmS
z(NIksTg`4SQ@~178B4|&az~8YL1`>~r?OkM?1i=_k>ZS&Pmw}_cqiPl4k4=Z65Ii?
zKdbAs;#iT_ZGzk!X`2{p8Qoe~uu2gBZX{82RyAI&8#%}>ERAql;?j?XrUy=lKgFFA
z{cz{@Gl%UW=x;)TlB78<)mow`&pFsAm?_BzG8t<s4^tnyzU_&AD-}bRR~MxjSB~^U
z{z%v*-=GI4$FWnHp%)5H3~lKOt@?g%y|ltjTM`W5e5&44W126yvycBg;<0y5myD}#
zB4rnPv8W#T=1eJyk2vkfd}?r%E$uFBCr-{;b-U%~Gu{gLW?U`IsBev~%R4r^Nk$8-
z|5l@=M7PvMjEzQ<*h7jvv~GU88}Oo%;?832#DTZWKle2`MwOGSFZ>O^O(Efl`0bT~
zifyhTwJgo~*7F6z(v%ypRH&?peN3fVkM)&GxMd!Bc5S00$q10;&3kRWmgkfs@wa5(
zgXM|M-{W{jS-H)2P`)MjukVUhUm3@y9zJNzk&st2GCUIFA8F+?NPo`A>bCby-fzDn
z$Z-q|OiKvMTocoFBDgw*V#|bD+k0jE1xoAIf))!JHx_Ym_vkEdS}4>_j_JVhDwtK*
zy}cKNaK$%Gdrv!+tD0jM54W7UtJM|RzM2`iYvCdvJ=2gf9jxJ?A*8TkHOz5YqkjZR
zmAq0;l6e=27*|fuu(kRXgwQd`*c*DOPDw%F%P93a<12}h(CtJQF9O4QxbbVGZrOLb
zqbdsrm2DQ*l}G!qT&NN&mMu8A=<<2)H20mXpSt5IVf9gc@3m%LVt&R$$N;dy%SwyO
z{JNG7?P1gStR=#FgehkgBRo96B_sr0_O)fpbi23DMiqzkj*{1jy>8M|U^kCBN29AL
zf#a5whtvl7BeXF8!8LxGt(;1?5&~oCtp&HW&T3xr3UZ!4H{vg{w_i$7y{rVsn8<`Z
z03=;v+$44at8z1rYzPRG4#Qn|{wNIVTBDg(i(c(_4#NT6R^Iz9eKNe3-Mj6IlF;11
zoe#(K)WO|SBy4g+i{UNT6-vs(1P6H!t88u^Qy=f-+ws%x%_oQ&a6C_s@o@g7PsMhd
z&*tb`wTb>l;>DP69>{(b`77yrIguS7ei8P_DM<a8R@()Pc=6f=6Jhqo=Ps@n#zdZC
ztTl`B+=5!#%^#>EOkF6-;KGmc&PNoc!q85LN76IHv`oRw;m?DH8TX6jiYCMr`?z4k
z_kp3Ke9<mlG}ATH%DM}Z14k!?)p;+dTzU#a<<bi?6)SSl4reJt*~rNHQIYG3-{YXX
zo40LB1HuPK#SaLXhoxSt*5c_4pHsQfQq#S`REz43Iw4k1UZS19`AmJC=A*aBvT4ex
zPj{uNai4UqZ%~sy5qj#FB-fqwK{wa3)-L9GUff`3%HO*~m?@hJ@H2*9rzZb`<tsD3
z0qungXkC=p&$@*1qIpHR0bu}FfFHmI;PC@P05<?Z|9QfP=7n%u`uKYy(TZ3FtO5=z
zr>KaLLy;g{KXahW#Uuy_MFO9KfPf#c_m=|vUu8YQdFG<j=kPcAVfTLNqRh^!K(g@v
zQ`QkmxjPN(CL-!}K5MMze8aIMaI63#2&|iN##><|If5K)%n6ANNy9u7)vh00#_=Kj
zk+rnCfdNBdlb77y?U-}<wP{laU{`@Z5?rE}v%C%3%R1EkHzMz{Hkj{H@Ed0k_J-rW
z=t?-yO7)~_f2#37#C!-7IxE*+Go7EZf3{N>24Sw5R`MAWK{DqJ3Y~%7OV$HuT>V_+
z>c`EpiC?-a$3!+;^rtmHw3n=rtPGF_8ZwQU{Uh^(O;z^V#TvU4C-qZ4qxs05%n5v?
zwdp3o&7pK=`%BG@RbkAbgiTnMN$mQ^y<N`~A1J16O7=SqA%8%=WO~AG9FA_;>D4wW
z5+?W#<T<AqkfKx@3J+Bl)RI!0Ocqbc4EwBRg8j%BoxeL=%-hBlr5xPZc782FLtm8-
zlX}1C)Fmp8$Bz=Vay<sd4#K<o=yhp~MAmTHVs6otxsc>T4IVnVQAK}j(6@W`@+9_#
zZx7KT#xoPW`XIPo(4yLg;0@x#pDYDETTA;qiSj!qMgaTcheDGP`=Znv72y?%yT3Lq
zU)Shdw+Ou~ch8W>IQ{)@!OW;Y^q{8~^k$;1hv0;H?W;HSxg}hf?V8{9)Yb>mZ+&bV
zQ;~MI{8G;;JsHdB@+3d_%7}Z?#_zf!sd%)io->*d&A)95fh$b}Z+QoUR+e@vE(fat
zNt;*1>ZD<Vn#5!SO!nE5nxp3@)w$Uy)0Yx;)z(@nCu<B8K79dLc&FHPjfq?W26QG{
z;N-A&E=@Qw&5*4_dG=v<qn2piKR3{i=i_lSVg#W8cIQkw;)2@Su;}!*#;B9u+_nRR
zOX=(NdQUo<v8RMJ&#{p<o%jySxzgM!!NnI&$)-aWmvmR2?r0_mI0}C+x49Bn+ZGid
zq`tdp=vHerv!PNfL*|qXJZ3R5_$9<I`s7f@{JhJbU-+xI;Fn4147nWF=N_G9m&Tg5
zMEKPF%#M2w1Xz(?lBuScqVa%+;nFzjG#paXyT7xSlh}`H*DGjoJRL!2vc@wN5#91)
z-ldIhLe=Wqn?w{g+WYL&<9o9U9bV@jT3eNa`)2&_Lcf(welXDKqhqh1$F7yD5}FS9
z5(DF0?*<pa@QmBx<z3Xaeb)5I?Z<WMF|;e%`|hXYCqz+xW1G72c}rzYZX*lX<GGU#
zqbMHL<uf)gw?+@>UDaAR)x>vC1`uF=emuk?avNogLZdi-{!}0!699truxYORa`9VZ
zMqxa1?l3s-h>!!fVs+h0iC@ZiU$hYn;k~j&RDMmLYd$Erg>6js8xpy1sr%0g_y^qt
B!-fC=

literal 0
HcmV?d00001

diff --git a/validator/security/cert/teku_keystore_password.txt b/validator/security/cert/gnosis/teku_keystore_password.txt
similarity index 100%
rename from validator/security/cert/teku_keystore_password.txt
rename to validator/security/cert/gnosis/teku_keystore_password.txt
diff --git a/validator/security/cert/teku_client_keystore.p12 b/validator/security/cert/holesky/teku_client_keystore.p12
similarity index 100%
rename from validator/security/cert/teku_client_keystore.p12
rename to validator/security/cert/holesky/teku_client_keystore.p12
diff --git a/validator/security/cert/holesky/teku_keystore_password.txt b/validator/security/cert/holesky/teku_keystore_password.txt
new file mode 100644
index 0000000..a1a35a1
--- /dev/null
+++ b/validator/security/cert/holesky/teku_keystore_password.txt
@@ -0,0 +1 @@
+dappnode
\ No newline at end of file
diff --git a/validator/security/cert/lukso/teku_client_keystore.p12 b/validator/security/cert/lukso/teku_client_keystore.p12
new file mode 100644
index 0000000000000000000000000000000000000000..3fe369393a6a22d1f5582190f9e61572ccc5866c
GIT binary patch
literal 2622
zcma)8X*d*&8l4R@uKk;`4l^N3G&8<1V^<NfWy{jY5)nd(>@!))XU*PF8bd-0GS|L+
zG$^UDWM8Lb8DwXQ+kNhR`tJR8?~nI6&wI{$&d>9_7!tPz2nfcIU`$S!VuDe^E-#P^
zSVV#iK}fKVKj}UUiR1NuNgO2*633IDbm7m*=lt8hT|C@CP!Wkk?<c8+@%-iB;Kev#
zaDS~lm{Slq4WVQ8xi&(V?P0C<=&2n?w{@X72qY%}0wOUyoX~$If?yl~41yEpl3)b%
z07HO^5P?P8xj})hr7*Q+Et)~mls$w5`S38h<Q(Pd4&S)wa;{`JtH=py5~q`qYVK<-
zQq<CWWq>_4s(MhTv#8Ufpj^+;Z;mZL?{iG<(rS3c4Mivs(T0y{DQ}cHAN(;(-*?(v
zEl#HBynkvyJLR(0@zy%rk?J+z#-eL;Sue0bQGWVx1$oCWpqVM;a?(8BB)FINzMc<$
znjY?XlfLxuX14z^{l7oV<CZya{RofZsh75#^!U>c)W5xWoDPa;2EW}1Sa@|{injM;
zddMygQgtG9CyOg<x7HiH<!haxOyVV<V4pg&wgZaZM_S9zKe<vGzW4imc#B~$UeX^C
zW%fRCK|SYVs6fJiQp=xE-K~zVjc$ReYbYy|5*8JKnk=1t@L?wUfHlF#oEjYJyL{wx
z(uPzot*)(p?WVhbMAf8Y;o~Pkm62aQdyouh<-HQ&np+u$88BJ!(!Q!(;r{apnvK*#
z!Yiq=@Z{SFwR6z@xuF|VY{x6kNqTkP&g2i?ZKzj3H{aUFT%)7*nei%qV$u`I+f(Z@
z9JRg5H{=@kfcb1Qs`0B&SJqk#PGx1jR1J&tls-pu(MhAqT^5-?U0D!%PuwviG*F!@
z?ACOXc5x)%m)l@ODpz87=$!R%k(<=}(syJj9BlC+{wz&kZ(MY|T&ZUhgfAIOE`&m^
z7G&Z~LZ7$*Q;qoDUs3k0f^6?<b?y+j_bwh68hZ-aU_=3~C65ydX%#Cy_E-<8Plube
zmX&|N-Yu)~$KK~bv##S??-0^C1hO}g=8t+`N+6gUxvZsY=wS6Zkr;cr;?|PGS?WTU
ziBZyw3N5Z)Q&~Xa!OFc$+nygRLT5T`Uq?oXQ*4le;%mIJ_H+w`*cbZ1e3P56-aEVF
zt}=uiTZC$WK*go1k{<@1s+d_(sjd)6=ay;hg8YT;p=zJ+rE){*G7>vosz*v|UT;ie
z19BE47fRHa3k~S6Tc;&e3r)Wp;%%21^8MmBsJg2S&KHogC(g!vXEK8*NA3Osw;naV
z<TA}+nx`Ryk~nos>6_tCqx7-N$d2sWLtSt;BI1*qrd!@8PQl1Byx|uhN1i&_KxsG6
z0WhI8{oXmfErF};2SbD1!DM!=c2|zb#$`TtmAURV;*smq0}`L*zllnT+v{1ls*uZI
zf0NdnG(l2LA<YGJNWJ5Is)%eZV9&Cc8~aRWK#ZrcOShX4O+$T8H*?z#wvdXG`$#cX
zJI9?R%gsAHSl>$FM{VH|jrP_M6$UsAI9;_U^)2C(lC2198Nd^9!@_Lm!Aa|xY+b*_
zM=-p47+{34MlS|8I!QS3o}tv8%)^W~DOio7RfdmgQg^(F$F_1l5d=esS-*i~mZKZz
z{h}Jy9-K&)fJ;_Vcm$;=Lq@y#H9G_4l^=~e<~1fA&ORKQ1Mog^*q8A(ArnV}mvbM}
zP1vKj`=$CsiFK?fO0!&=AO?@~s;W_oH-u@X<~oGs8trHBd}g_a)}djj6Z7Kn4M!LL
z<O3eOF&EDKcKXt{7+cX3lbzOAQL_zmn7-FBX_;$x#+@os7{-T^G0(>0_iM%M;PNh4
zUM}=n`1o4?F6oU*nT&1<5@EAhW7Y1Wlwz%h=~2lSfad%%&rFrwWxZ@nFfQ>PS;@)T
zK5Sq_Fk~ESh(Z0TOBfsrmlOir2Dk!z0p5UXKQS2K54iQ8C&#dGh>(r9p9d1FhR2@4
zsi<MqF)Hd95=8J<4i{$;2?D~9z=t3p;3w?<r2zj|S)=VdGY0t552t7FbsgEIcvhZQ
z-Tzb8`Y~pi+P|GL3+%bu%(sJ9i6wz!m*h+{>Z<px(&Y#J20M>G5i79CPVg&VO4fFX
zXVCizW`xi2*#4D!V?K=ymT!<qAxN3yy|$?~?nKO-4j<zWr%BBq*t+qiMqOQ$Yy9uq
zcEfS;g4N)u{x~W*Kwdi<&92Nu(#CIQ8c>~Evs=g?U;tZ<_Z2n#q3biR!k3_Pp66Lu
z{=UPms$6Bdk4N*Br590t``)U~brbWgv(v_|f}A718%1wSe>;cslDD6NyUU&RM9#h%
z2d0<o1(T~z@rwx8L?2P!zbH-%bMJeZvNFVKFSf1DaPUGeL|`LdciUy{3%E^5(kgwy
zi0JQ+?Xl-O<r@eDc!v(!Yc!`QxM}glyUE@5QF0pS;tjjMU6Pf*uStun5El0eh*Da&
zjR&aB95l`Wij<?2Cb*vYaNGR&N|x|tF>IvOlb;tYTJ`s&P}oG@ToIZAqy0)mf#QV4
z1v?G5fh4Jvm|f4e(A{=N7!hhDpEBI5lsGBmsO8Y7<@Yrqk*eKoGAmpo%$HC#twIYT
z#%0ttdezOc!n6SDA@4FMj6iSK<Y$%E4%=hcy{8fnbw*ChdWCSTLSYLtW!$j^sAXc6
zi;94#CB4L>@c9?ny!jb`?GJAtqXWXMBsAc>4?Ar(Rb<o{tmt9RL6Or#N#qoL(@HRB
z%A>8I-Qv%21qPp^E(h1!AXdlNrIGe`8hOb0ejF2XN}-_r^hWSw{ZY+W9*HAX5GFot
zFi-P9x_WGIic`!)$k<dvdpj`B1og(^12j=~RNOB;j=UzN$}TrI8hkA!l=d{WgCsgd
zw*;>o5~11-hvw=7XNc+X<FfPk%h5=g+n{)&&RxlhsjT9@n3yI*d#3&!kIwobgT-pH
z!5=9$jy?I&IQiDi@@_p}T!`}5P@_5bvaZk`n~79q;k>kDN^z%dmZ67zMQnJV${2Kk
zJ?1NGp>@5w`{GK=S#`+`xT^vouxGpStD{g`S4Yjx2@U~Cs`|@m=JPRlYnTE&2%^~3
z>)eT3H9d4YK+Vq3WH3HJ|5fhZNk-y}&ayVanj@%kxaifOn)A!SwN<0euVKA(5+Cmx
z`pazB1S-4VDu}A-JFeOoG7MdEDnPeY))1}JbS`9N_L*cQF%#eB;<R`;_5yuLC2vkf
zPE}MRLJ${;*e*T!x4SLWS;rtyctBo-@P}fsB^YCd!D4uS{Zt?z2LOUx&*^jS&uKZe
zFL0If`fZD8lsTUB7C)~T!Cz;#dnUmR0>88Gn8X#<Fzot7!qOX4onYqm^yr@z@DErg
By8r+H

literal 0
HcmV?d00001

diff --git a/validator/security/cert/lukso/teku_keystore_password.txt b/validator/security/cert/lukso/teku_keystore_password.txt
new file mode 100644
index 0000000..a1a35a1
--- /dev/null
+++ b/validator/security/cert/lukso/teku_keystore_password.txt
@@ -0,0 +1 @@
+dappnode
\ No newline at end of file
diff --git a/validator/security/cert/mainnet/teku_client_keystore.p12 b/validator/security/cert/mainnet/teku_client_keystore.p12
new file mode 100644
index 0000000000000000000000000000000000000000..a0d1777738eeedd50a83c09ad176915ef3a7e58a
GIT binary patch
literal 2606
zcma)8XE+;*8ct*o#8ILYMeS9MAUUl~Y1M2)tsXQb2x6~uR4YcU*tFE9En@Fovy`aX
zySr*9jn<~O_qq4!x%bz-KfdREzW4pU_uuzEACkl>%LD`=Nw7&MOg8Fj)Gi#z49q9N
z`oSbv_fNV5NrKe>mjrnNCP4~*(m6jX6Uz4QEp}EQQ$7iz^^;UX;(u*G;7Dua?|--K
zNI5WKPP>awXTEhpy0M#+P1tW==(l)XCMGFPCZGtC9m?`AM<y5qfIJI@IYeCrI)T7I
zSup3FA}WTQrz<E>0b+GnV_5)`z^|=(HFQ1yDlLqgLv008!fM>|>gSsDOU*w3xLpHK
zhr7PqqtzPA@_SpfylGIabkmfqV_!wt#qvWz`1Cg1#Ib-MZ$0MVtSTHTl(6kVwVVi#
zOtsdm*h!-GvOpr=4T>%38+2dd*HrtMI?|K1quLgf?R8VFw6nh<Q|BNy$dG1`6OaPx
zP<i~lY#(A}(xx)u@yesBI<f5GAccE7`!{DYahA%rzs_Kz-4-CHR&^NC51+MjAJIp#
zJV`E}_8oKz>tk4oh&A8uxtIvCM~KjcPcl07nrs9Q=X!#u0xT2HHHtsd%_)!hYKfkN
zTq>Maq@JGms5O5<>5%)}#*MSXD0|6Xd0b<qyf(VW^37MZdh50o(t({vRLGuD*U*GE
zw4>NqfE~5ds$*x(%vO~_>(knlO6BFsgKjd<e1>n**Lb?TzL=KRmOTN9>pPAw8&C@|
zv*s6Sq%8)dBJ<^eN;np)OD|ZDZn|?0EMzL3X?jE%#2s%7I5O2KYpgEk<w-BWWjdnb
zTXrPl_+O9VxrA~G0;6H)ZjJVNOMCWshdhga(eX?gc`AnMhS}Dp7AWp~%U(!mZi8wz
zhY|OH%r(ICr`Nm`1}d{jS-qjOeo`j#3qCt1@N>e0rTL60h-p~St+?C_$Hg}OeTwH1
zU17ZbhCxu6zy}+S-HZB{crBm@S5jmpp7ayq3q8so%ZwlcE)yzI=r?0Hoz<!mD1r-t
z_b*-Njsq{uW2Dl4Hx8Jrq=g+%_%p4p*C$0{KM7hM3@v|Y<(M*1+ZjbanP#R$$X#(8
zs@H5XOM5z{NNxBrl%jx0V*U#OqjWG^mDKwqc{ia*V!wlokIK;j(aDJtuDXIl9;7i{
zqu#mMjFwE4tqU?}WvShHrY14-Ay4$e%AtgOGbc+Dm_z4g1Ip!Vtc8Tby&4eP#I$>Q
zTw-9KXE)KJtwS}K=<6?aTTllgP}izjTrVOvbeGhXb4vsNBYvZ!q~$(7H@0%NrP*jo
z%W8w(mT<f4<cDE^*~5AIyID`MZmEYO2}VLBypL7XbfBJb7%?Y#uTNJnL$o^G#3?%{
zyWbF0GculaNGOy;$Cs@Dno?$KDM-T9BX;&b|L`r{Cz4-!Ro63J;`ru!ZwcST7weQ|
zDcX)wUwg?)ToQhqEg}A17?XHfF-GyOXjOPCSwgobAk(fiGe#m-wxI#H%W3LOho31(
zV&kdtV$2|tBl2xrhZg>P5ELf*lv@^8gm5rzyX^VYNvF3<#ikJtiAoAu!7lr;U=KDT
z#hoiV-`m4wrOLTl1*~DbM^qQ8;)Lx9cE$7#ueSl&tlcpnad-UQxNsK+o*~QcE@N7r
z?B_NdiZhsY7O{gw-&#fZl_qB~Ryp=RuT;zTKbYB^tYKKRaJMVZ30g|YjhshsPsx^5
zI<FcXv+5*okEzDJ7<?Y?JkO~wxudHYJvTbh(HcR%P`AU5YWbvh(o-vuP#K}c*_Yip
zVRzkCI#AlBpnEe}I{p;5a>nLD2x1lw5b42d_Y!M+%x`w?35IjDq22P?HYZ)M&KPrQ
zp{>ErSICPka=YjeG%XJ~8Wp`oc&Ns|8<NUs^RrUZpTyuK&{RjIfw-cQPzXFYSX<U6
zMNuDl?pIvG5Q+#PE<ga_HozU=3UK_1egIE^&wq~aC?ddI=B^%2B8q5?GDZc7Qc?aL
zt%4+hfxmp1q4^{b14#mHF#!QT;mh9&@PCCh^BVLb%6G}k_{0M|UMsnn+gKC-|Ah6z
zF~X$4qVm31Du1pS!E^3D3FIYja?!cG7;F`n{gFH;ckNt6dNHppp*q1}JwZbaMd9>6
z)Yy5f&_~D_cVQ@-(6mLg6yE9~W)w0~Fetg0j4KcskwC3lul(rBv)+QjbzNZs?r|B&
zyYIqm-EXi)yLPfu%WR0KtK!Bpkub^flGE;zF`=uU*Nq<}7Iv*wii%<{LW?UeZ7U?5
z+O}x8>7cHz{w_gnpa2(m=8q~>q`%T?o15Ja6Y7d>+0nP_<iW*-{9%fO43<6mtI<fQ
zoR0&H{@QxBqoyb17Qq`}5Tz<6bS{9OZ|l@y4%s`h#7Q75*19udwDGM)oEsfD5_(0n
zc-%>#V%iWP>i`>nAF?^Z`gO0bq6=#HHW*midpaPdK%hEI6|6o+TC?LW{Ly%ad0CAj
zy<UageVsn1zpmHG;Q<-@^!XTX+bB#mObnhc8~w|Y+VpjdBYfqNraki2aE<Rq`!~6@
zK|pr_+woYSZr$K{ExvPk%~gx#jT`sp_MbNhv(2m=oI)3|mY?tcU@7MVypSVD<Kmz{
z9Cizz>}U^Vges@>)uk}t3=nU8F)|7@W_qMMsOmvExG}sxdFKAxlQ%NGjk=mf{XAcW
zcTNdV)^R6dSs`s?j1YTnH0$>F7S1xJo);FlOM~p2&TTcWij{(jw8js`E`O*)KIvn#
zw9TTXU+$}ci+P8!)xDIU48P<Z*r+%5<#lccW;6Fc-$*7+Ge5OaE>rF2*w<On%ijCI
z7=z02G-Jr{Sbsw5+1$$y)-#irm&lQ(wzaK(d_2?~K94VkgreLgV+*Z$Z=aNA(L@IE
z2M)V6(^X~pQO{Bzt$cm4*nz&2Ugzx7D;B4}?i>DIZSvbmPR#*&E<=woY)`g(P!1+c
z8H3)PHFFrVS9EfJl}%IukF||s*r#wT?F!q+QNWt5b?v0?X*A&3<)%Bh;EO6`aV5<P
zcl?uJ+S{<Eq3*{A5#56WZ09MV{N(+}&nAB2R|X>B-?!qdtkQk%S=rq!$ZukA3>~W2
zQ(B;OfNc*9CBt>#;(<z=csfVj0P}^4^1uW6vXSsBkL+`CG-KXp=&BqW=;GD+w-~u=
z37PRFJ>RNdFTK~}ex*J+$G~_{F=AKE4=TDDmyLF3^6w}nHGr>ipCox#5x^*HA7y;e
z#OXSvh@P?DY$`-sb3z&;6_M~?KNJ%X0sxC_6s;?8^lR><dAp`Q7Xe-Gf5<D$0mO&5
lt)G$LeR8%4jBuJX5{;@RE(cGau5gPwPP0$5TmI+C{{uOBxhwzx

literal 0
HcmV?d00001

diff --git a/validator/security/cert/mainnet/teku_keystore_password.txt b/validator/security/cert/mainnet/teku_keystore_password.txt
new file mode 100644
index 0000000..a1a35a1
--- /dev/null
+++ b/validator/security/cert/mainnet/teku_keystore_password.txt
@@ -0,0 +1 @@
+dappnode
\ No newline at end of file

From c41fb455560b0f6491eb857717d39134c1940782 Mon Sep 17 00:00:00 2001
From: Marketen <marcfont12@gmail.com>
Date: Thu, 17 Oct 2024 13:24:40 +0200
Subject: [PATCH 2/2] add doppelganger flags

---
 beacon-chain/entrypoint.sh | 1 +
 validator/entrypoint.sh    | 1 +
 2 files changed, 2 insertions(+)

diff --git a/beacon-chain/entrypoint.sh b/beacon-chain/entrypoint.sh
index 1a9ed1f..a166db4 100755
--- a/beacon-chain/entrypoint.sh
+++ b/beacon-chain/entrypoint.sh
@@ -23,6 +23,7 @@ FLAGS="--network=$NETWORK \
     --ee-endpoint=$ENGINE_URL \
     --ee-jwt-secret-file=$JWT_FILE_PATH \
     --p2p-port=$P2P_PORT \
+    --beacon-liveness-tracking-enabled=true \
     --rest-api-cors-origins=* \
     --rest-api-interface=0.0.0.0 \
     --rest-api-port=3500 \
diff --git a/validator/entrypoint.sh b/validator/entrypoint.sh
index 2f5d522..df8af4d 100755
--- a/validator/entrypoint.sh
+++ b/validator/entrypoint.sh
@@ -25,6 +25,7 @@ FLAGS="--log-destination=CONSOLE \
   --metrics-interface=0.0.0.0 \
   --metrics-port=8008 \
   --metrics-host-allowlist=* \
+  --doppelganger-detection-enabled=true \
   --validator-api-enabled=true \
   --validator-api-interface=0.0.0.0 \
   --validator-api-port=$VALIDATOR_PORT \