Revised 10/25/2021
Algorand has two main types of nodes that run on the network, relay and non-relay nodes. Each node can also run in different modes, archival and indexed. The official docs explain these types of nodes well so I won’t get into detail here.
This post is about running a non-relay, non-archival node that will be used to participate in the Algorand consensus.
NOTE: The OFFLINE computer is intended to be a highly secure machine. This is the point of it remaining OFFLINE or
air-gapped. There should be no way to access this machine without physically being able to interact with the computer. Throughout this post please pay close attention to which machine is being used.
A non-custodial wallet is required to get your account online. What is a non-custodial wallet as opposed to a custodial wallet you ask? A custodial wallet is wallets provided by any platform that manages your private keys for you. Think Coinbase, Binance the list is long. On the other hand, non-custodial wallets are managed by you, and you alone. For better or worse only you control the private key. If you misplace your key, poof, goodbye coins. No one can recover them for you.
Most n00bs (including me) start with a custodial wallet. Once I felt more comfortable I branched out and got the official Algorand Wallet for iOS. When setting up your wallet you will be provided with a 25 word mnemonic, Wikipedia (I had to look it up too). It’s simply a very long password/passphrase, 25 words one space between each, that is your private key. It’s an easier way for humans to remember it. This private key can also be referred to as your spending key.
It took me some time to discover that wallets and accounts are distinct and different things. A wallet can be created then later recovered with the wallet’s mnemonic. Once you have a wallet you need to create at least one account in the wallet. The account (the address) is how you receive and hold Algos.
This is my iOS wallet’s account address, or my public key. Feel free to send a tip if you find this post helpful! :)
UXF3G5LEMTBFI5WHAQRYTBXN2FHR525RSOCQYUUBUJTUEOFUWPFDHPRQSM
A wallet and an account can have their own mnemonics! The iOS wallet mnemonic you are provided at creation is the mnemonic for the account, not the wallet itself. Accounts can be imported into different wallets. If I delete the iOS app and re-download I’m creating a new wallet but I’d be recovering/importing my existing account with its mnemonic, not recovering the wallet itself.
On the other hand, if you’ve created a wallet on your computer using the Algorands CLI tool, goal, you have the option to recover the wallet itself with its mnemonic.
Fun fact the Algorand Wallet Doc states:
Every wallet is associated with a master key, represented as a 25-word mnemonic, from which all accounts in that wallet are derived. This allows the owner of the wallet to only need to remember a single passphrase for all of their accounts.
Because of this, every account that is created in the original wallet is recoverable with the single wallet mnemonic! On the flip side, if you’ve imported an account into a different wallet, that account can not be recovered with the wallet’s mnemonic.
If you want to see your CLI created account in your iOS wallet you need to export the accounts, not wallets, mnemonic then import that mnemonic into your iOS Algorand Wallet for easy viewing.
You will need the CLI tools to create a wallet, account, and sign transactions. I am using a MacBook Pro as my OFFLINE machine and a Ubuntu 20.04.2 LTS server as my ONLINE machine. Follow the Install a Node instructions to get your CLI tools. For Ubuntu, I used Installing with Other Linux Distros and was up and running in just a few minutes.
NOTE: To keep your OFFLINE machine, well offline. You can throw the CLI tools on a USB for use on the offline machine.
From the OFFLINE Machine
We use the OFFLINE machine to create and hold your wallet and hence your private keys. The keys are highly sensitive and should never be on the online participation node. This avoids any chance of being compromised. The whole point of an OFFLINE machine is to keep your private key safe!
DISCLAIMER: THE ONLINE COMPUTER SHOULD NOT HAVE THE WALLET AND/OR ACCOUNT ON IT!!! This is very insecure and bad practice!
Let’s create a wallet and account to stake Algo and pay the transaction fee to participate in consensus.
./goal wallet new <wallet name> --datadir data/./goal account new --datadir data/or
./goal wallet new -r <wallet name> --datadir data/./goal account new --wallet <wallet name> --datadir data/Note: If you recover a wallet using the wallet’s mnemonic note that running
./goal account new --wallet <wallet name> --datadir data/will also recover any accounts that were originally created in the wallet but not accounts that were imported.
Great, now you should have a wallet. You can double-check by running ./goal wallet list --datadir data/.
Next, you can run ./goal account list --datadir data/, enter the wallet password and see your account and its balance. You can also view the account by entering its public key into https://algoexplorer.io/. Once you are viewing the account on the explorer be sure to note the Status on the top right-hand side. It should say Offline by default all accounts are offline. When we start participating this will be changed to Online.
From the ONLINE Machine
Now jump over to your ONLINE machine. Since we will be participating in consensus we need to be caught up with the latest block on the chain. Go into your ~/node and make sure your node is running.
./goal node status -d data/./goal node start -d data/ if needed.Once started you may have noticed the committed block count keeps climbing each time you check the status. It would take several days to catch up to the current block on its own. The CLI tools allow you to take a shortcut and catch up quicker. Have a look at Sync Node Network using Fast Catchup for full details.
./goal node catchup 4420000#Q7T2RRTDIRTYESIXKAAFJYFQWG4A3WRA3JIUZVCJ3F4AQ2G2HZRA -d ./data
Note: Fast catchup is estimated to take ~15-30 minutes on modern hardware. My experience has been mixed but I have determined that attempting to catch up on a machine with a spinning HDD was a waste of time! I had a box running for ~20 hours and it still had not finished the fast catch-up. I tried again on my home server that has AMD Ryzen 5 with a Samsung 970 Evo 500 GB M.2-2280 NVME Solid State Drive. This made a major difference and was completed in ~30 minutes.
From the ONLINE Machine
Staying on your ONLINE machine we need to generate participation keys. These are separate keys used in the participation and kept on the online machine. Algorand does this so if the online machine is compromised your spending keys are not also compromised. Again, another reason for an ONLINE and OFFLINE machines. Let’s create a participation key. Also checkout official docs.
./goal account addpartkey \
--address <address-of-participating-account> \
--roundFirstValid=<partkey-first-round> \
--roundLastValid=<partkey-last-round> \
--datadir data/
address is your public key. ie UXF3G5LEMTBFI5WHAQRYTBXN2FHR525RSOCQYUUBUJTUEOFUWPFDHPRQSM
roundFirstValid is when you would like the key to begin to be valid. 13689801 is the latest block found at https://algoexplorer.io/, at the time of this post.
roundLastValid is the block that the key should expire. There is no theoretical limit to the range you can specify for a partkey validity period, only disk space constraints. A recommended range is 3,000,000 rounds. Which is ~6 months.
Assuming your node is catchup, then continue.
From the ONLINE Machine
Again on your ONLINE machine create an online transaction
./goal account \
changeonlinestatus \
--address UXF3G5LEMTBFI5WHAQRYTBXN2FHR525RSOCQYUUBUJTUEOFUWPFDHPRQSM \
--online=true \
--txfile=online1.txn \
--datadir data/
Also create a transaction to be offline
./goal account \
changeonlinestatus \
--address UXF3G5LEMTBFI5WHAQRYTBXN2FHR525RSOCQYUUBUJTUEOFUWPFDHPRQSM \
--online=false \
--txfile=offline1.txn \
--datadir data/
These commands will create two files, online1.txn and offline1.txn. Grab a USB drive and transfer these files to your OFFLINE machine. This air gap is part of the security mechanism.
From the OFFLINE Machine
In order to send the transaction files to the blockchain you need to sign them with your private key. Again, we keep offline for security purposes.
./goal clerk sign \
--infile="online1.txn" \
--outfile="online1.stxn" \
--datadir data/
and
./goal clerk sign \
--infile="offline1.txn" \
--outfile="offline1.stxn" \
--datadir data/
Note that both of the files now have the suffix .stxn, designating that they are signed. Back to your USB drive, transfer the signed files back onto the USB, and go back to your online machine.
From the ONLINE Machine
Now that you have signed transaction files you are ready to get online! We need to send the signed transaction file to the network. Be sure to have at least 0.001 Algos in the wallet to pay for the transaction fee.
./goal clerk rawsend \
-f online1.stxn \
--datadir data/
If you need to go down for maintenance or you want to change your hardware you do the same but send the offline.stxn.
Run over to https://algoexplorer.io/ and check your account again. This time the Status in the top right corner should say Online!
Keeping track of your node is important for many reasons and fortunately, there is already a solution! Check out the blog post by Algorand. Or jump right over to https://app.metrika.co
Metrika Lets your monitor
I wondered this too! I reach out to the Algorand community Discord and got this response.
There are 2,888,274,776.69 Algos online as of this post. There are two votes (soft + cert) every 4.5s, with committees of size around 3000 and 1500.
This means that over one hour, there are around 60*60/4.5*4500 = 3,600,000 chances to be on a committee. So with 10,000 Algos, you should be voting around 12.5 times per hour (=10,000 / 2,888,274,776.69 * (60*60/4.5*4500))
Tips Appreciated! 😎 ☕️ Cheers! 🍺