Skip to content

Run an execution client

In order to run a beacon node, you need to also be running an execution client - one for each beacon node.

Nimbus has been tested all major execution clients - see the execution client comparison for more information.

The --web3-url option informs the beacon node how to connect to the execution client - both http:// and ws:// URL:s are supported.

Once started, the execution client will create a file containing a JWT secret token. The token file is needed for Nimbus to authenticate itself with the execution client and perform trusted operations. You will need to pass the path to the token file to Nimbus together with the web3 URL.

You can pass one or more --web3-url parameters to the node. Any additional web3 url:s will be used for backup, should the first client become unavailable:

./ \
  --web3-url=ws:// \
  --web3-url=http://other:8545 \


You need to run your own execution client after the merge - relying on third-party services such as Infura, Alchemy and Pocket will not be possible.


Syncing an execution client may take hours or even days, depending on your hardware! The backup providers will be synced only when the primary becomes unavailable, which may lead to a small gap in validation duties - this limitation may be lifted in future versions.


1. Install execution client

Select an execution client and install it, configuring it such that that WebSockets are enabled and a JWT secret file is created.

In parallel to nimbus-eth2, we are working hard on the Nimbus execution client. While this is very much a project in development (i.e. not yet ready for public consumption), we welcome you to experiment with it.

1. Install Geth

See the Installing Geth for instructions on installing Geth.

2. Start Geth

Once you have geth installed, make sure to enable the JSON-RPC WebSocket interface when running geth, along with the options for creating an autheticated RPC endpoint:

geth --ws --authrpc.addr localhost --authrpc.port 8551 --authrpc.vhosts localhost --authrpc.jwtsecret /tmp/jwtsecret
geth --goerli --ws --authrpc.addr localhost --authrpc.port 8551 --authrpc.vhosts localhost --authrpc.jwtsecret /tmp/jwtsecret


The --ws flag allows Nimbus to connect using WebSockets.

3. Leave Geth running

Let it syns - it may take anywhere between a few hours and a couple of days.

You'll know Geth has finished syncing, when you start seeing logs that look like the following:

INFO [05-29|01:16:05] Imported new chain segment               blocks=1 txs=3   mgas=0.065  elapsed=5.885ms   mgasps=11.038  number=3785445 hash=553d9e…fc4547
INFO [05-29|01:16:10] Imported new chain segment               blocks=1 txs=0   mgas=0.000  elapsed=5.447ms   mgasps=0.000   number=3785446 hash=5e3e7d…bd4afd
INFO [05-29|01:16:10] Imported new chain segment               blocks=1 txs=1   mgas=0.021  elapsed=7.382ms   mgasps=2.845   number=3785447 hash=39986c…dd2a01
INFO [05-29|01:16:14] Imported new chain segment               blocks=1 txs=11  mgas=1.135  elapsed=22.281ms  mgasps=50.943  number=3785444 hash=277bb9…623d8c

Geth accepts connections from the localhost interface (, with default authenticated RPC port 8551. This means that your default Web3 provider URL should be: ws://

See the Getting started guide to set up Nethermind.

Make sure to enable the JSON-RPC interface over WebSockets, and pass --JsonRpc.JwtSecretFile=/tmp/jwtsecret to select a JWT secret file location.

See the Besu documentation for instructions on setting up Besu.

Make sure to enable the JSON-RPC WebSocket interface and store the JWT token in /tmp/jwtsecret.

See the Erigon README for instructions on setting up Erigon.

Make sure to enable the JSON-RPC WebSocket interface and use --authrpc.jwtsecret=/tmp/jwtsecret to set a path to the JWT token file.

2. Leave the execution client running

When the execution client starts, it will create a JWT authentication token file - you will need to pass this file to Nimbus to allow it to perform authenticated requrests.

It will then start syncing the chain, up to the merge. Once it reaches this point, it will wait for the beacon node to provide further sync instructions.

It is safe to start the beacon node even if the execution client is not yet fully synced.