Generate keystore
Time: ~5 minutes.
1. Generate a publisher mnemonic (24 words)
cast wallet new-mnemonic --words 24
Write it down on paper, or store it on a hardware device. Do this before you continue.
This 24-word phrase is the only way to regenerate your publisher private key if you lose the server. There is no recovery if you skip this step. Lose the mnemonic, lose the funds in the publisher account, lose the ability to publish, get slashed for inactivity, lose your stake.
Do not:
- Store it on the server running the node.
- Email it to yourself.
- Save it in a password manager that syncs to the cloud without a hardware-key second factor.
- Take a screenshot.
2. Derive the publisher private key
cast wallet derive-key "your 24 word mnemonic phrase here"
Copy the returned private key into the Publisher Private Key field in the configuration panel.
3. Generate the validator keystore
The configuration panel says you'll register 1 sequencer identit. Adjust the Sequencer count field above if that's wrong before running the command.
aztec validator-keys new \
--fee-recipient 0x0000000000000000000000000000000000000000000000000000000000000000 \
--coinbase {{COINBASE_ADDR}} \
--staker-output \
--gse-address {{GSE_ADDR}} \
--l1-rpc-urls {{ETH_RPC}} \
--l1-chain-id {{L1_CHAIN_ID}} \
--publishers {{PUBLISHER_KEY}} \
--count {{COUNT}}
The --coinbase flag is included by default. Use a wallet you control that is not the attester key. If you omit --coinbase, the CLI writes the attester ETH address into the keystore's coinbase field and rewards accumulate against the signing key. Coinbase can be changed later by editing the coinbase field in key1.json and reloading the keystore (admin API call or node restart), but doing it right at setup avoids the cleanup.
This writes two files in ~/.aztec/keystore/:
key1.jsonis the private keystore. Never share it, never commit it to git.key1_staker_output.jsonis the public keystore. Safe to share. You'll upload it to the staking dashboard when you register as sequencer.
This command stores private keys inline in key1.json. That's the simplest setup, but means anyone with read access to the file gets your keys. At a minimum, restrict file permissions (chmod 600 ~/.aztec/keystore/key1.json), use full-disk encryption, and limit who can SSH into the server. For more advanced storage (encrypted JSON V3 keystores, remote signers like Web3Signer), see Key storage methods.
The mnemonic from step 1 is your single backup. Both the publisher ECDSA key and the attester BLS key are derived deterministically from it, so re-running the same aztec validator-keys new command with the same mnemonic reproduces key1.json byte-for-byte. If the server's disk fails and you have the mnemonic, you can rebuild the node from scratch.
Without the mnemonic and without a copy of key1.json, a disk loss means a forced exit and re-registration, including the withdrawal delay of about 10 days.
Optional, for faster recovery: keep an encrypted copy of key1.json and key1_staker_output.json somewhere off this server. Restoring from a copy is faster than re-deriving from the mnemonic. The command below uses GPG symmetric encryption (most Linux distros ship gpg; macOS users can brew install gnupg). It prompts for a passphrase, asks you to confirm it, and writes the encrypted archive:
tar czf - ~/.aztec/keystore/key1.json ~/.aztec/keystore/key1_staker_output.json \
| gpg --symmetric --cipher-algo AES256 --output aztec-keystore-backup.tar.gz.gpg
Move aztec-keystore-backup.tar.gz.gpg off this server (hardware drive, encrypted cloud bucket, air-gapped machine). To restore later, on a fresh server, run:
gpg --decrypt aztec-keystore-backup.tar.gz.gpg | tar xzf - -C /
GPG prompts for the same passphrase. The keystore lands back in ~/.aztec/keystore/key1.json.
4. Extract your addresses
5. Verify the keystore loaded correctly
cat ~/.aztec/keystore/key1.json | jq .
Expected structure:
{
"schemaVersion": 1,
"validators": [{
"attester": { "eth": "0x...", "bls": "0x..." },
"publisher": ["0x..."],
"feeRecipient": "0x000...000",
"coinbase": "0x..."
}]
}
Before you continue
- Mnemonic written down on paper or stored on a hardware device. Not on this server. Not in a synced password manager. Not in a screenshot.
key1.jsonandkey1_staker_output.jsonexist in~/.aztec/keystore/.- Attester address and Publisher address filled in the configuration panel.
If you cannot honestly check off the first item, stop now and do it. The next steps fund accounts with real ETH and AZTEC; losing the mnemonic after that point costs money.
The keys, the addresses, and who calls what
A sequencer involves a small cast of distinct identities. They can be the same wallet for a casual setup, or fully separated for a production setup.
Cryptographic keys (live in key1.json):
- Attester ETH key (ECDSA) identifies your sequencer on the network. The address derived from this key is what gets registered in the Rollup contract and what other operators see.
- Attester BLS key (BLS12-381) signs block attestations. BLS signatures aggregate, so when a 32-member committee attests to a block, all 32 signatures combine into one short signature on L1. That saves gas.
- Publisher key (ECDSA) is a separate Ethereum account that pays L1 gas when your node submits proofs and attestations. Keeping it separate means you can rotate the funded account without rotating your sequencer identity.
Operational addresses (passed in at registration time, stored onchain):
- Caller is whoever calls
Rollup.deposit(...)to register the sequencer. This is the address whose 200K AZTEC gets pulled in as stake (verified againstStakingLib.deposit:safeTransferFrom(msg.sender, ...)). Typically a treasury or operator multisig that holds the AZTEC. - Withdrawer is the address authorized to call
initiateWithdraw, sign governance delegations (governance docs), and receive residual stake on slash-driven ejection (slashing docs). Use a cold wallet or multisig you control. It does not need to be the same as the caller. - Coinbase is an L1 Ethereum address that accumulates sequencer rewards on the Rollup contract. You claim them via
claimSequencerRewards(coinbase). - Fee recipient is an L2 Aztec address that would collect L2 transaction fees. L2 fees are not enabled today, so this is a placeholder set to
0x000...000.
Casual setup uses one operator wallet for caller + withdrawer + coinbase, plus a hot publisher key on the box, plus the in-keystore attester. Production setup keeps caller and withdrawer on a multisig, attester hot on the node, publisher funded separately, and coinbase on a treasury wallet. Four (or five) distinct identities, each rotatable on its own.
--gse-address in the keystore-generation command points at the Governance Staking Escrow contract that manages validator registration and stake. It is a different address on testnet vs mainnet; the configuration panel handles that for you.
For the deeper schema, advanced patterns (multi-validator, hardware-wallet publisher), and recovery procedures, see the Keystore Management section.
Something wrong?
- "Error: could not connect to RPC" — Your L1 RPC URL may be wrong or rate-limited. Test with
cast block-number --rpc-url YOUR_URL. jqshows an empty validators array — Re-run the command. Ensure--publishershas a valid private key with the0xprefix.
Stuck? Ask in Discord.