Harmony Guides
New Validators
Introduction

πŸŽ“ New Harmony Validators

Comprehensive Learning Path: Welcome to EasyNodePro's Companion Guide covering everything needed to become a professional Harmony ONE validator.

Official Integration: Use this guide alongside the official manual installation (opens in a new tab) for your first server deployment with enhanced understanding and best practices.

Harmony Logo

🎯 Professional Validator Responsibilities

  • πŸ–₯️ Infrastructure Management - Create and maintain servers for block signing operations
  • 🏷️ Brand Development - Establish professional validator identity and community presence
  • 🀝 Community Engagement - Contribute value and provide support in official Harmony channels
  • πŸ“Š Delegation Growth - Develop strategies to attract and retain delegators
  • βš–οΈ Strategic Planning - Optimize BLS key allocation (typically add 2nd key around 10M ONE)
  • πŸ”„ Network Adaptation - Deploy new nodes as shard conditions evolve

πŸš€ Getting Started

Ready to Begin? Follow this systematic approach to establish your professional validator infrastructure.

πŸ–₯️ Server Selection

Infrastructure Planning: Select a provider with adequate resources for validator operations. Research current validator hosting patterns as preferences evolve frequently.

πŸ‘€ User Account & SSH Configuration

⚠️

Security Foundation: Proper user account setup covered comprehensively in our admin tools section.

πŸ“ Create Harmony Workspace

Organization: Establish a dedicated workspace for validator files and database storage within your user account.

Create your harmony directory within your user home directory:

mkdir ~/harmony
⚠️

Navigation: Always return to your harmony folder when executing validator commands. Use this command if you become lost in the directory structure:

cd ~/harmony

πŸ“Œ Important: Execute all installation and validator commands from this harmony directory to maintain proper file organization.

πŸ” Firewall Configuration

🚫

Security Critical: Configure firewall with minimal attack surface - open only essential ports publicly.

πŸ“₯ Inbound Rules

πŸ”‘ Port 22 TCP - SSH Access

⚠️

Security Best Practice: Restrict to specific IP addresses (home/work) and disable password authentication to prevent brute force attacks.

⚑ Port 6000 TCP - Harmony Consensus
🌐 Port 9000 TCP - P2P Communication

πŸ“€ Outbound Rules

Simplified Configuration: Leave all outbound ports open to enable server internet communication.

πŸ’° Validator Wallet Configuration

⚠️

Account Names: Replace serviceuser with your actual account name in all examples below!

πŸ†• Option A: Create New Validator Wallet

Dedicated Validation: Create a separate wallet exclusively for validator operations and reward collection to maintain clear separation of funds.

Execute wallet creation after your server is online and synchronized:

cd ~/harmony
./hmy keys add serviceuser --passphrase
🚫

Critical Security: The system will display your mnemonic phrase only once. Record it immediately in a secure location and never share it. Loss of this phrase means permanent loss of wallet access.

πŸ“₯ Option B: Import Existing Wallet

Import Flexibility: Multiple import methods available for existing wallets. Review available options with the keys command below.

./hmy keys
Manage your local keys

Usage:
  hmy keys [flags]
  hmy keys [command]

Available Commands:
  add                   Create a new keystore key
  check-passphrase      Check if passphrase for given account is valid.
  export-ks             Export the keystore file contents
  export-private-key    Export the secp256k1 private key
  generate-bls-key      Generate bls keys then encrypt and save the private key with a requested passphrase
  generate-bls-keys     Generates multiple bls keys for a given shard network configuration and then encrypts and saves the private key with a requested passphrase
  get-public-bls-key    Get the public bls key associated with the provided private bls key
  import-ks             Import an existing keystore key
  import-private-key    Import an existing keystore key (only accept secp256k1 private keys)
  list                  List all the local accounts
  location              Show where `hmy` keeps accounts & their keys
  mnemonic              Compute the bip39 mnemonic for some input entropy
  recover-bls-key       Recover bls keys from an encrypted bls key file
  recover-from-mnemonic Recover account from mnemonic
  remove                Remove a key from the keystore
  save-bls-key          Encrypt and save the bls private key with a requested passphrase

Flags:
  -h, --help   help for keys

Global Flags:
      --file string   Path to file for given command when applicable
  -e, --ledger        Use ledger hardware wallet
      --no-latest     Do not add 'latest' to RPC params
      --no-pretty     Disable pretty print JSON outputs
  -n, --node string   <host> (default "http://localhost:9500")
  -v, --verbose       dump out debug information, same as env var HMY_ALL_DEBUG=true

Use "hmy keys [command] --help" for more information about a command.

Example: Recover wallet from mnemonic phrase:

./hmy keys recover-from-mnemonic serviceuser --passphrase

Verification: List your registered validator wallet address:

./hmy keys list

πŸ’Έ Fund Validator Wallet

🚫

Minimum Requirement: Transfer at least 10,001 ONE to your validator wallet before executing the create-validator command during official setup.

πŸ” BLS Keys Configuration

Blockchain Authentication: BLS keys authenticate your server on the Harmony blockchain during the Official Setup process.

🎯 BLS Key Strategy

Best Practice: Generate 10 BLS keys for your starting shard and store them securely on your local machine for reusability across deployments.

🏠 Local Storage: Save .key and .pass files locally using WinSCP, scp, rsync, or your preferred file transfer method.

⚑ Scaling Efficiency: While you initially need only 1 key (threshold: ~9.5 million ONE), having additional keys ready prevents service restarts and missed blocks during expansion.

πŸ”‘ Creating BLS Keys

⚠️

Shard Selection: Consider running validators on shards 1-3 rather than the congested shard 0 for better performance.

πŸ—‚οΈ Preparation: Create password file for streamlined key generation:

cd ~/harmony
echo -E 'password' > blskey.pass

⚑ Generate Keys (execute after toolbox installation):

./hmy keys generate-bls-keys --count 10 --shard 1 --passphrase-file blskey.pass

File Management: This generates .key files in your ~/harmony directory. Ensure secure backup storage of these critical files.

πŸ“ Key Installation: Copy generated keys to the BLS directory:

cp *.key ~/harmony/.hmy/blskeys

βš™οΈ Configuration Setup: Edit harmony configuration file:

nano ~/harmony/harmony.conf
⚠️

Configuration Update: Modify the PassFile parameter from PassFile = [] to include your password file path.

PassFile = "./blskey.pass"

Save and exit nano (Ctrl+X y enter)

Backup your .key and .pass files @ home or in the cloud

Using your admin transfer tool of choice, transfer your .key and .pass files to your home pc and store them securely. The key and pass files are all you need backed up to quickly restore a node. Once you create keys for a shard you can save them and re-use them when needed. They do not need to be created again once you have working copies backed up.

We suggest building a folder that contains a folder for each shard and storing your keys in there.

Ready to Install

You're ready to hit our next section which you'll use along side the official harmony documentation to install. Each chapter in the next section matches up to the official Harmony docs website. Read our notes on what to do before you go through their pages so you can avoid a lot of unneccessary information.

Start HereValidator Toolbox