Skip to main content
Validators on Subnet 42 run in a secure TEE (Trusted Execution Environment) enclave to validate and verify data from miners. This ensures secure and tamper-proof validation of network data through hardware-level security.

​
Hardware Prerequisites

​
Required Hardware

πŸ”’ Intel SGX Support

  • Intel SGX 2.0+ enabled CPU required
  • Hardware-level security enclave
  • Secure computation environment

πŸ’» Compatible Processors

  • 11th Gen+ Intel Core series
  • Modern Intel Xeon processors
  • Must have SGX feature enabled in BIOS
Verify your CPU supports Intel SGX 2.0 or higher before setting up mining operations. The SGX feature must also be enabled in your system BIOS.

​
Cloud Provider Recommendations

For optimal TEE mining performance and reliability, we recommend using Microsoft Azure. This provider has been extensively tested and validated by our team to ensure seamless compatibility with Gopher Network’s TEE mining requirements:

Microsoft Azure

βœ“ Offers SGX-enabled virtual machines
βœ“ Proven reliability for TEE workloads
βœ“ Validated for Masa Network mining
βœ“ Our recommended provider

​
System Setup & Configuration

​
Prerequisites

Before starting TEE validator operations, ensure you have:

Docker Setup

βœ“ Docker installed and running
βœ“ Permissions to run containers

Network Keys

βœ“ BTCLI to installation to manage your wallet
βœ“ Generate coldkey and hotkey mnemonics and register your validator
  • masOS and Linux
  • Windows
To install the BTCLI please follow the Bittensor BTCLI docs.
  • Linux
  • Windows
To install Docker, follow these steps:Linux:
# Install Docker using snap
sudo snap install docker

# Add user to docker group and set permissions
sudo usermod -aG docker $USER
After running these commands, restart your system for the changes to take effect.Verify installation by running:
docker --version

​
Creating your wallet mnemonics and register your validator

Follow these steps to create your wallet keys and register as a validator on the network. You’ll need to generate both a coldkey (for secure storage) and hotkey (for active mining operations).
1

Create a Cold Wallet

First, create a cold wallet for your validator:
2

Create a Hot Wallet

Next, create a hot wallet for your cold wallet:
Make sure to use the same wallet name (validator) that you used in Step 1.
3

Verify Your Wallets

Finally, verify that both wallets were created successfully:You should see your validator wallet listed, along with its associated hotkey (default).
Keep your wallet passwords safe! You’ll need them for future operations.
4

Register Your Node

Register your node as a validator on the subnet:
btcli subnet register --netuid 42
Replace the β€”netuid with 42 for mainnet or 165 for testnet
This command will:
  • Configure your node as a validator
  • Set up the necessary network connections
5

Verify Registration

Check that your validator is properly registered on the subnet:
btcli s metagraph --netuid 165 --network test
Replace the β€”netuid with 42 for mainnet or 165 for testnet
This command will display the subnet metagraph, showing:
  • All registered nodes and their roles
  • Your validator’s status and registration
  • Current network topology
Look for your hotkey address in the output to confirm successful registration. If you don’t see your node listed, wait a few minutes and try again.
Keep your coldkey and hotkey mnemonics secure and backed up. These are required for mining operations and cannot be recovered if lost.

​
Optional: Delegate with Child Key

If you’re running a validator, you can optionally delegate using a child hotkey for enhanced security. This allows you to:
  • Keep your cold key secure
  • Isolate operational risk
  • Manage multiple delegations
  • Set custom take rates (up to 18% of rewards)
The Gopher validator charges 2% take rate - you keep 98% of your rewards when delegating to us! See our Validator Child Key Delegation Guide for detailed instructions on secure delegation with child hotkeys. The take rate is subject to change in the near future.

​
Subnet 42 Validator setup

To begin validating on Subnet 42, follow these steps:
1

Clone Repository

First, clone the Subnet 42 repository which contains the docker compose file and .env example:
git clone https://github.com/gopher-lab/subnet-42.git
2

Navigate to Directory

Change into the repository directory:
cd subnet-42
3

Copy Environment File

Create your environment configuration file:
cp .env.example .env
4

Edit Environment File

Wallet Setup - you can add either your mnemonics, or load your wallet from disk:
COLDKEY_MNEMONIC="your_coldkey_mnemonic"
HOTKEY_MNEMONIC="your_hotkey_mnemonic"
or
WALLET_NAME="your_wallet_name"
HOTKEY_NAME="your_hotkey_name"
WALLET_PATH="~/.bittensor"
Next, add your role and network configuration:
ROLE="validator"
NETUID="42" #(165 for testnet)
SUBTENSOR_NETWORK="finney" #(test for testnet)
VALIDATOR_PORT="your_validator_port"
LISTEN_ADDRESS=":your_tee_worker_port"
TELEMETRY_RESULT_WORKER_ADDRESS="your_tee_worker_address:<your_tee_worker_port>"
5

Start Your Node

Start your node with Docker Compose:
docker compose --profile validator-tee up -d
This will:
  • Launch the required containers
  • Initialize your validator node
  • Initialize your TEE worker
  • Connect to the subnet network
6

Verify TEE Worker

Once your node is running, verify the TEE worker is accessible by visiting your configured address in a browser:
<TELEMETRY_RESULT_WORKER_ADDRESS>
You should see a response indicating the TEE worker is running. If you get a connection error:
  • Verify your IP address is correct in the .env file
  • Check that your tee worker port is open in your firewall
  • Ensure the TEE worker container is running properly
The browser may show a security warning due to the self-signed certificate. This is expected and you can proceed to verify the endpoint is responding.
7

Monitor Logs

Monitor your miner’s logs to ensure everything is running properly.
docker logs <container-name>
Note that subnet validators run with two containers, one for the neuron (validator) and one for the worker (tee)

​
Upgrading your validator

1

Stop current validator

docker compose -p <container-name> down
2

Start new version

docker compose --profile validator-tee up -d
The latest docker image will automatically be pulled and used, as defined in the docker-compose.yml file.
⌘I