> ## Documentation Index
> Fetch the complete documentation index at: https://developers.gopher-ai.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Validators

Validators on Subnet 42 run in a secure TEE (Trusted Execution Environment) enclave to validate and verify data from miners. This ensures secure and tamper-proof validation of network data through hardware-level security.

## Hardware Prerequisites

### Required Hardware

<CardGroup cols={2}>
  <Card title="🔒 Intel SGX Support" icon="microchip">
    * Intel SGX 2.0+ enabled CPU required
    * Hardware-level security enclave
    * Secure computation environment
  </Card>

  <Card title="💻 Compatible Processors" icon="server">
    * 11th Gen+ Intel Core series
    * Modern Intel Xeon processors
    * Must have SGX feature enabled in BIOS
  </Card>
</CardGroup>

<Note>
  Verify your CPU supports Intel SGX 2.0 or higher before setting up mining operations. The SGX feature must also be enabled in your system BIOS.
</Note>

### Cloud Provider Recommendations

For optimal TEE mining performance and reliability, we recommend using Microsoft Azure. This provider has been extensively tested and validated by our team to ensure seamless compatibility with Gopher Network's TEE mining requirements:

<CardGroup cols={2}>
  <Card title="Microsoft Azure" icon="microsoft">
    ✓ Offers SGX-enabled virtual machines\
    ✓ Proven reliability for TEE workloads\
    ✓ Validated for Masa Network mining\
    ✓ Our recommended provider
  </Card>
</CardGroup>

## System Setup & Configuration

### Prerequisites

Before starting TEE validator operations, ensure you have:

<CardGroup cols={2}>
  <Card title="Docker Setup" icon="docker">
    ✓ Docker installed and running\
    ✓ Permissions to run containers
  </Card>

  <Card title="Network Keys" icon="key">
    ✓ BTCLI to installation to manage your wallet\
    ✓ Generate coldkey and hotkey mnemonics and register your validator
  </Card>
</CardGroup>

<AccordionGroup>
  <Accordion icon="code" title="Installing the Bittensor BTCLI">
    <Tabs>
      <Tab title="masOS and Linux">
        To install the BTCLI please follow the [Bittensor BTCLI docs](https://docs.bittensor.com/getting-started/install-btcli).
      </Tab>

      <Tab title="Windows">
        Note that there is limited support for Windows at the moment. We recommend using WSL2 to run the BTCLI.
        Please reference the Bittensor CLI where it covers windows installation  [here](https://docs.bittensor.com/getting-started/install-btcli).
      </Tab>
    </Tabs>
  </Accordion>
</AccordionGroup>

<AccordionGroup>
  <Accordion icon="code" title="Installing Docker">
    <Tabs>
      <Tab title="Linux">
        To install Docker, follow these steps:

        **Linux:**

        ```bash theme={null}
        # Install Docker using snap
        sudo snap install docker
        ```

        ```bash theme={null}
        # Add user to docker group and set permissions
        sudo usermod -aG docker $USER
        ```

        After running these commands, restart your system for the changes to take effect.

        Verify installation by running:

        ```bash theme={null}
        docker --version
        ```
      </Tab>

      <Tab title="Windows">
        For windows users, we recommend using WSL2 to run Docker. Please reference the Docker docs where it covers windows installation  [here](https://docs.docker.com/desktop/install/windows-install/).
        Then use the linux instructions above to install docker.
      </Tab>
    </Tabs>
  </Accordion>
</AccordionGroup>

<AccordionGroup>
  <Accordion icon="code" title="Generate coldkey and hotkey mnemonics and register your validator">
    ### Creating your wallet mnemonics and register your validator

    Follow these steps to create your wallet keys and register as a validator on the network. You'll need to generate both a coldkey (for secure storage) and hotkey (for active mining operations).

    <Steps>
      <Step title="Create a Cold Wallet">
        First, create a cold wallet for your `validator`:

        <CodeBlock language="bash">
          {`btcli wallet new_coldkey --wallet.name validator`}
        </CodeBlock>
      </Step>

      <Step title="Create a Hot Wallet">
        Next, create a hot wallet for your cold wallet:

        <CodeBlock language="bash">
          {`btcli wallet new_hotkey --wallet.name validator --wallet.hotkey default`}
        </CodeBlock>

        <Note>
          Make sure to use the same wallet name (validator) that you used in Step 1.
        </Note>
      </Step>

      <Step title="Verify Your Wallets">
        Finally, verify that both wallets were created successfully:

        <CodeBlock language="bash">
          {`btcli w overview`}
        </CodeBlock>

        You should see your `validator` wallet listed, along with its associated hotkey (`default`).

        <Tip>
          Keep your wallet passwords safe! You'll need them for future operations.
        </Tip>
      </Step>

      <Step title="Register Your Node">
        Register your node as a validator on the subnet:

        ```sh theme={null}
        btcli subnet register --netuid 42
        ```

        <Note>Replace the --netuid with 42 for mainnet or 165 for testnet</Note>
        This command will:

        * Configure your node as a validator
        * Set up the necessary network connections
      </Step>

      <Step title="Verify Registration">
        Check that your validator is properly registered on the subnet:

        ```sh theme={null}
        btcli s metagraph --netuid 165 --network test
        ```

        <Note>Replace the --netuid with 42 for mainnet or 165 for testnet</Note>

        This command will display the subnet metagraph, showing:

        * All registered nodes and their roles
        * Your validator's status and registration
        * Current network topology

        <Note>
          Look for your hotkey address in the output to confirm successful registration. If you don't see your node listed, wait a few minutes and try again.
        </Note>
      </Step>
    </Steps>
  </Accordion>
</AccordionGroup>

<Note>
  Keep your coldkey and hotkey mnemonics secure and backed up. These are required for mining operations and cannot be recovered if lost.
</Note>

### Optional: Delegate with Child Key

If you're running a validator, you can optionally delegate using a child hotkey for enhanced security. This allows you to:

* Keep your cold key secure
* Isolate operational risk
* Manage multiple delegations
* Set custom take rates (up to 18% of rewards)

<Note>
  The Gopher validator charges 2% take rate - you keep 98% of your rewards when delegating to us! See our [Validator Child Key Delegation Guide](/docs/subnet/validator-child-key) for detailed instructions on secure delegation with child hotkeys. The take rate is subject to change in the near future.
</Note>

## Subnet 42 Validator setup

To begin validating on Subnet 42, follow these steps:

<Steps>
  <Step title="Clone Repository">
    First, clone the Subnet 42 repository which contains the docker compose file and .env example:

    ```sh theme={null}
    git clone https://github.com/gopher-lab/subnet-42.git
    ```
  </Step>

  <Step title="Navigate to Directory">
    Change into the repository directory:

    ```sh theme={null}
    cd subnet-42
    ```
  </Step>

  <Step title="Copy Environment File">
    Create your environment configuration file:

    ```sh theme={null}
    cp .env.example .env
    ```
  </Step>

  <Step title="Edit Environment File">
    Wallet Setup - you can add either your mnemonics, or load your wallet from disk:

    ```bash theme={null}
    COLDKEY_MNEMONIC="your_coldkey_mnemonic"
    HOTKEY_MNEMONIC="your_hotkey_mnemonic"
    ```

    or

    ```bash theme={null}
    WALLET_NAME="your_wallet_name"
    HOTKEY_NAME="your_hotkey_name"
    WALLET_PATH="~/.bittensor"
    ```

    Next, add your role and network configuration:

    ```bash theme={null}
    ROLE="validator"
    NETUID="42" #(165 for testnet)
    SUBTENSOR_NETWORK="finney" #(test for testnet)
    VALIDATOR_PORT="your_validator_port"
    LISTEN_ADDRESS=":your_tee_worker_port"
    TELEMETRY_RESULT_WORKER_ADDRESS="your_tee_worker_address:<your_tee_worker_port>"
    ```
  </Step>

  <Step title="Start Your Node">
    Start your node with Docker Compose:

    ```sh theme={null}
    docker compose --profile validator-tee up -d
    ```

    This will:

    * Launch the required containers
    * Initialize your validator node
    * Initialize your TEE worker
    * Connect to the subnet network
  </Step>

  <Step title="Verify TEE Worker">
    Once your node is running, verify the TEE worker is accessible by visiting your configured address in a browser:

    ```
    <TELEMETRY_RESULT_WORKER_ADDRESS>
    ```

    You should see a response indicating the TEE worker is running. If you get a connection error:

    * Verify your IP address is correct in the .env file
    * Check that your tee worker port is open in your firewall
    * Ensure the TEE worker container is running properly

    <Note>
      The browser may show a security warning due to the self-signed certificate. This is expected and you can proceed to verify the endpoint is responding.
    </Note>
  </Step>

  <Step title="Monitor Logs">
    Monitor your miner's logs to ensure everything is running properly.

    ```sh theme={null}
    docker logs <container-name>
    ```

    Note that subnet validators run with two containers, one for the neuron (validator) and one for the worker (tee)
  </Step>
</Steps>

## Upgrading your validator

<Steps>
  <Step title="Stop current validator">
    ```sh theme={null}
    docker compose -p <container-name> down
    ```
  </Step>

  <Step title="Start new version">
    ```sh theme={null}
    docker compose --profile validator-tee up -d
    ```

    The latest docker image will automatically be pulled and used, as defined in the docker-compose.yml file.
  </Step>
</Steps>
