3. Generate one or more accounts for this node and take down the account address. A funded account may be required depending what you are trying to accomplish
```
$ geth --datadir new-node-1 account new
INFO [06-07|14:52:18.742] Maximum peer count ETH=25 LES=0 total=25
Your new account is locked with a password. Please give a password. Do not forget this password.
You could generate multiple accounts for a single node, or any number of accounts for additional nodes and pre-allocate them with funds in the genesis.json file (see below)
4. Create a `genesis.json` file see example [here](../genesis). The `alloc` field should be pre-populated with the account you generated at previous step
... alloc holds 'optional' accounts with a pre-funded amounts. In this example we are funding the accounts 679fed8f4f3ea421689136b25073c6da7973418f (generated from the step above) and c5c7b431e1629fb992eb18a79559f667228cd055.
7. Create a file called `static-nodes.json` and edit it to match this [example](../permissioned-nodes). Your file should contain a single line for your node with your enode's id and the ports you are going to use for devp2p and raft. Ensure that this file is in your nodes data directory
This configuration starts Quorum without privacy support as could be evidenced in prefix `PRIVATE_CONFIG=ignore`, please see below sections on [how to enable privacy with privacy transaction managers](#adding-privacy-transaction-manager).
Your node is now operational and you may attach to it with below commands.
4. Change into the lead (whichever one you consider first) node's working directory and generate the setup files for X initial validator nodes by executing `istanbul setup --num X --nodes --quorum --save --verbose`**only execute this instruction once, i.e. not X times**. This command will generate several items of interest: `static-nodes.json`, `genesis.json`, and nodekeys for all the initial validator nodes which will sit in numbered directories from 0 to X-1
5. Update `static-nodes.json` to include the intended IP and port numbers of all initial validator nodes. In `static-nodes.json`, you will see a different row for each node. For the rest of the installation guide, row Y refers to node Y and row 1 is assumed to correspond to the lead node
7. Now we will generate initial accounts for any of the nodes in the required node's working directory. The resulting public account address printed in the terminal should be recorded. Repeat as many times as necessary. A set of funded accounts may be required depending what you are trying to accomplish
```
$ geth --datadir node0/data account new
INFO [06-11|16:05:53.672] Maximum peer count ETH=25 LES=0 total=25
Your new account is locked with a password. Please give a password. Do not forget this password.
8. To add accounts to the initial block, edit the `genesis.json` file in the lead node's working directory and update the `alloc` field with the account(s) that were generated at previous step
9. Next we need to distribute the files created in part 4, which currently reside in the lead node's working directory, to all other nodes. To do so, place `genesis.json` in the working directory of all nodes, place `static-nodes.json` in the data folder of each node and place `X/nodekey` in node (X-1)'s `data/geth` directory
10. Switch into working directory of lead node and initialize it. Repeat for every working directory X created in step 3. *The resulting hash given by executing `geth init` must match for every node*
```
$ cd node0
$ geth --datadir data init genesis.json
INFO [06-11|16:14:11.883] Maximum peer count ETH=25 LES=0 total=25
INFO [06-11|16:14:11.894] Allocated cache and file handles database=/Users/krish/fromscratchistanbul/node0/data/geth/chaindata cache=16 handles=16
INFO [06-11|16:14:11.896] Writing custom genesis block
INFO [06-11|16:14:11.897] Persisted trie from memory database nodes=6 size=1.01kB time=76.665µs gcnodes=0 gcsize=0.00B gctime=0s livenodes=1 livesize=0.00B
INFO [06-11|16:14:11.897] Successfully wrote genesis state database=chaindata hash=b992be…533db7
INFO [06-11|16:14:11.897] Allocated cache and file handles database=/Users/krish/fromscratchistanbul/node0/data/geth/lightchaindata cache=16 handles=16
INFO [06-11|16:14:11.898] Writing custom genesis block
INFO [06-11|16:14:11.898] Persisted trie from memory database nodes=6 size=1.01kB time=54.929µs gcnodes=0 gcsize=0.00B gctime=0s livenodes=1 livesize=0.00B
INFO [06-11|16:14:11.898] Successfully wrote genesis state database=lightchaindata hash=b992be…533db7
$
$ cd ..
$ cd node1
$ geth --datadir data init genesis.json
INFO [06-11|16:14:24.814] Maximum peer count ETH=25 LES=0 total=25
INFO [06-11|16:14:24.824] Allocated cache and file handles database=/Users/krish/fromscratchistanbul/node1/data/geth/chaindata cache=16 handles=16
INFO [06-11|16:14:24.831] Writing custom genesis block
INFO [06-11|16:14:24.831] Persisted trie from memory database nodes=6 size=1.01kB time=82.799µs gcnodes=0 gcsize=0.00B gctime=0s livenodes=1 livesize=0.00B
INFO [06-11|16:14:24.832] Successfully wrote genesis state database=chaindata hash=b992be…533db7
INFO [06-11|16:14:24.832] Allocated cache and file handles database=/Users/krish/fromscratchistanbul/node1/data/geth/lightchaindata cache=16 handles=16
INFO [06-11|16:14:24.833] Writing custom genesis block
INFO [06-11|16:14:24.833] Persisted trie from memory database nodes=6 size=1.01kB time=52.828µs gcnodes=0 gcsize=0.00B gctime=0s livenodes=1 livesize=0.00B
INFO [06-11|16:14:24.834] Successfully wrote genesis state database=lightchaindata hash=b992be…533db7
$
$ cd ..
$ cd node2
$ geth --datadir data init genesis.json
INFO [06-11|16:14:35.246] Maximum peer count ETH=25 LES=0 total=25
INFO [06-11|16:14:35.257] Allocated cache and file handles database=/Users/krish/fromscratchistanbul/node2/data/geth/chaindata cache=16 handles=16
INFO [06-11|16:14:35.264] Writing custom genesis block
INFO [06-11|16:14:35.265] Persisted trie from memory database nodes=6 size=1.01kB time=124.91µs gcnodes=0 gcsize=0.00B gctime=0s livenodes=1 livesize=0.00B
INFO [06-11|16:14:35.265] Successfully wrote genesis state database=chaindata hash=b992be…533db7
INFO [06-11|16:14:35.265] Allocated cache and file handles database=/Users/krish/fromscratchistanbul/node2/data/geth/lightchaindata cache=16 handles=16
INFO [06-11|16:14:35.267] Writing custom genesis block
INFO [06-11|16:14:35.268] Persisted trie from memory database nodes=6 size=1.01kB time=85.504µs gcnodes=0 gcsize=0.00B gctime=0s livenodes=1 livesize=0.00B
INFO [06-11|16:14:35.268] Successfully wrote genesis state database=lightchaindata hash=b992be…533db7
$ cd ../node3
$ geth --datadir data init genesis.json
INFO [06-11|16:14:42.168] Maximum peer count ETH=25 LES=0 total=25
INFO [06-11|16:14:42.178] Allocated cache and file handles database=/Users/krish/fromscratchistanbul/node3/data/geth/chaindata cache=16 handles=16
INFO [06-11|16:14:42.186] Writing custom genesis block
INFO [06-11|16:14:42.186] Persisted trie from memory database nodes=6 size=1.01kB time=124.611µs gcnodes=0 gcsize=0.00B gctime=0s livenodes=1 livesize=0.00B
INFO [06-11|16:14:42.187] Successfully wrote genesis state database=chaindata hash=b992be…533db7
INFO [06-11|16:14:42.187] Allocated cache and file handles database=/Users/krish/fromscratchistanbul/node3/data/geth/lightchaindata cache=16 handles=16
INFO [06-11|16:14:42.189] Writing custom genesis block
INFO [06-11|16:14:42.189] Persisted trie from memory database nodes=6 size=1.01kB time=80.973µs gcnodes=0 gcsize=0.00B gctime=0s livenodes=1 livesize=0.00B
INFO [06-11|16:14:42.189] Successfully wrote genesis state database=lightchaindata hash=b992be…533db7
$ cd ../node4
$ geth --datadir data init genesis.json
INFO [06-11|16:14:48.737] Maximum peer count ETH=25 LES=0 total=25
INFO [06-11|16:14:48.747] Allocated cache and file handles database=/Users/krish/fromscratchistanbul/node4/data/geth/chaindata cache=16 handles=16
INFO [06-11|16:14:48.749] Writing custom genesis block
INFO [06-11|16:14:48.749] Persisted trie from memory database nodes=6 size=1.01kB time=71.213µs gcnodes=0 gcsize=0.00B gctime=0s livenodes=1 livesize=0.00B
INFO [06-11|16:14:48.750] Successfully wrote genesis state database=chaindata hash=b992be…533db7
INFO [06-11|16:14:48.750] Allocated cache and file handles database=/Users/krish/fromscratchistanbul/node4/data/geth/lightchaindata cache=16 handles=16
INFO [06-11|16:14:48.751] Writing custom genesis block
INFO [06-11|16:14:48.751] Persisted trie from memory database nodes=6 size=1.01kB time=53.773µs gcnodes=0 gcsize=0.00B gctime=0s livenodes=1 livesize=0.00B
INFO [06-11|16:14:48.751] Successfully wrote genesis state database=lightchaindata hash=b992be…533db7
This configuration starts Quorum without privacy support as could be evidenced in prefix `PRIVATE_CONFIG=ignore`, please see below sections on [how to enable privacy with privacy transaction managers](#adding-privacy-transaction-manager).
Please note that istanbul-tools may be used to generate X number of nodes, more information is available in the [docs](https://github.com/jpmorganchase/istanbul-tools).
2. Change into the working directory for the new node and run `istanbul setup --num 1 --verbose --quorum --save`. This will generate the validator details including Address, NodeInfo and genesis.json
5. Copy `static-nodes.json` and genesis.json from the existing chain. `static-nodes.json` should be placed into new nodes data dir
```
$ cd node5
$ mkdir -p data/geth
$ cp ../node0/static-nodes.json data
$ cp ../node0/genesis.json .
```
6. Edit `static-nodes.json` and add the new validators node info to the end of the file. New validators node info can be got from the output of `istanbul setup --num 1 --verbose --quorum --save` command that was run in step 2. Update the IP address and port of the node info to match the IP address of the validator and port you want to use.
```
$ vim data/static-nodes.json
...add new validate nodes details with correct IP and port details
INFO [06-11|16:42:27.120] Maximum peer count ETH=25 LES=0 total=25
INFO [06-11|16:42:27.130] Allocated cache and file handles database=/Users/krish/fromscratchistanbul/node5/data/geth/chaindata cache=16 handles=16
INFO [06-11|16:42:27.138] Writing custom genesis block
INFO [06-11|16:42:27.138] Persisted trie from memory database nodes=6 size=1.01kB time=163.024µs gcnodes=0 gcsize=0.00B gctime=0s livenodes=1 livesize=0.00B
INFO [06-11|16:42:27.139] Successfully wrote genesis state database=chaindata hash=b992be…533db7
INFO [06-11|16:42:27.139] Allocated cache and file handles database=/Users/krish/fromscratchistanbul/node5/data/geth/lightchaindata cache=16 handles=16
INFO [06-11|16:42:27.141] Writing custom genesis block
INFO [06-11|16:42:27.142] Persisted trie from memory database nodes=6 size=1.01kB time=94.57µs gcnodes=0 gcsize=0.00B gctime=0s livenodes=1 livesize=0.00B
INFO [06-11|16:42:27.142] Successfully wrote genesis state database=lightchaindata hash=b992be…533db7
$
```
10. Start the node by first creating below script and executing it:
```
$ cd ..
$ cp startall.sh start6.sh
$ vim start6.sh
... paste below and update IP and port number matching for this node decided on step 6
1. Build Quorum and install [Tessera](https://github.com/jpmorganchase/tessera/releases) as described in the [Installing](../Installing) section. Ensure that PATH contains geth and bootnode. Be aware of the location of the `tessera.jar` release file
Enter a password if you want to lock the private key or leave blank
Please re-enter the password (or lack of) to confirm
10:32:51.256 [main] INFO com.quorum.tessera.nacl.jnacl.Jnacl - Generating new keypair...
10:32:51.279 [main] INFO com.quorum.tessera.nacl.jnacl.Jnacl - Generated public key PublicKey[pnesVeDgs805ZPbnulzC5wokDzpdN7CeYKVUBXup/W4=] and private key REDACTED
10:32:51.624 [main] INFO c.q.t.k.generation.FileKeyGenerator - Saved public key to /Users/krish/fromscratch/new-node-1t/new-node-1.pub
10:32:51.624 [main] INFO c.q.t.k.generation.FileKeyGenerator - Saved private key to /Users/krish/fromscratch/new-node-1t/new-node-1.key
```
3. Create new configuration file with newly generated keys referenced. Name it `config.json` as done in this example
Enter a password if you want to lock the private key or leave blank
Please re-enter the password (or lack of) to confirm
10:45:02.567 [main] INFO com.quorum.tessera.nacl.jnacl.Jnacl - Generating new keypair...
10:45:02.585 [main] INFO com.quorum.tessera.nacl.jnacl.Jnacl - Generated public key PublicKey[AeggpVlVsi+rxD6h9tcq/8qL/MsjyipUnkj1nvNPgTU=] and private key REDACTED
10:45:02.926 [main] INFO c.q.t.k.generation.FileKeyGenerator - Saved public key to /Users/krish/fromscratch/new-node-2t/new-node-2.pub
10:45:02.926 [main] INFO c.q.t.k.generation.FileKeyGenerator - Saved private key to /Users/krish/fromscratch/new-node-2t/new-node-2.key
Tessera IPC bridge will be over a file name defined in your `config.json`, usually named `tm.ipc` as evidenced in prefix `PRIVATE_CONFIG=tm.ipc`. Your node is now able to send and receive private transactions, advertised public node key will be in the `new-node-1.pub` file. Tessera offers a lot of configuration flexibility, please refer [Configuration](../../Privacy/Tessera/Configuration/Configuration%20Overview) section under Tessera for complete and up to date configuration options.
Your node is now operational and you may attach to it with `geth attach new-node-1/geth.ipc` to send private transactions.
```
$ vim private-contract.js
... create simple private contract to send transaction from new-node-1 private for new-node-2's tessera public key created in step 4
a = eth.accounts[0]
web3.eth.defaultAccount = a;
// abi and bytecode generated from simplestorage.sol:
// > solcjs --bin --abi simplestorage.sol
var abi = [{"constant":true,"inputs":[],"name":"storedData","outputs":[{"name":"","type":"uint256"}],"payable":false,"type":"function"},{"constant":false,"inputs":[{"name":"x","type":"uint256"}],"name":"set","outputs":[],"payable":false,"type":"function"},{"constant":true,"inputs":[],"name":"get","outputs":[{"name":"retVal","type":"uint256"}],"payable":false,"type":"function"},{"inputs":[{"name":"initVal","type":"uint256"}],"payable":false,"type":"constructor"}];
var bytecode = "0x6060604052341561000f57600080fd5b604051602080610149833981016040528080519060200190919050505b806000819055505b505b610104806100456000396000f30060606040526000357c0100000000000000000000000000000000000000000000000000000000900463ffffffff1680632a1afcd914605157806360fe47b11460775780636d4ce63c146097575b600080fd5b3415605b57600080fd5b606160bd565b6040518082815260200191505060405180910390f35b3415608157600080fd5b6095600480803590602001909190505060c3565b005b341560a157600080fd5b60a760ce565b6040518082815260200191505060405180910390f35b60005481565b806000819055505b50565b6000805490505b905600a165627a7a72305820d5851baab720bba574474de3d09dbeaabc674a15f4dd93b974908476542c23f00029";
1. Build Quorum and install [Constellation](https://github.com/jpmorganchase/constellation/releases) as described in the [Installing](../Installing) section. Ensure that PATH contains geth, bootnode, and constellation-node binaries
2. Generate new keys with `constellation-node --generatekeys=new-node-1`
3. Start your constellation node and send it into background with `constellation-node --url=https://127.0.0.1:9001/ --port=9001 --workdir=. --socket=tm.ipc --publickeys=new-node-1.pub --privatekeys=new-node-1.key --othernodes=https://127.0.0.1:9001/ >> constellation.log 2>&1 &`
4. Start your node and send it into background with `PRIVATE_CONFIG=tm.ipc nohup geth --datadir new-node-1 --nodiscover --verbosity 5 --networkid 31337 --raft --raftport 50000 --rpc --rpcaddr 0.0.0.0 --rpcport 22000 --rpcapi admin,db,eth,debug,miner,net,shh,txpool,personal,web3,quorum,raft --emitcheckpoints --port 21000 2>>node.log &`
Constellation IPC bridge will be over a file name defined in your configuration: in above step #3 see option `--socket=file-name.ipc`. Your node is now able to send and receive private transactions, advertised public node key will be in the `new-node-1.pub` file.
Your node is now operational and you may attach to it with `geth attach new-node-1/geth.ipc`.
Quorum ships with a permissions system based on a custom whitelist. Detailed documentation is available in [Network Permissioning](../../Security/Framework/Quorum%20Network%20Security/Nodes/Permissioning/Network%20Permissioning).