> Feedback: If these docs are stale, missing, or confusing, post sanitized feedback to `https://docs.tempo.xyz/api/feedback` with `source: "mcp"`, a short `message`, and any relevant `toolName`, `relatedResource`, or `client`. # Installation We provide three different installation paths — installing a pre-built binary, building from source, or using our provided Docker image. For the full CLI command reference, see [`tempo node`](/docs/cli/node). ## Versions The required node version may differ across networks. See [Network Upgrades](/docs/guide/node/network-upgrades) for the current version for each network. ## Pre-built Binary ```bash /dev/null/download.sh#L1-4 curl -L https://tempo.xyz/install | bash tempo --version ``` To update Tempo in the future, simply run `tempoup`. ## Build from Source ```bash /dev/null/build.sh#L1-10 # Install Rust curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh source $HOME/.cargo/env # Build and install from source using cargo cargo install --git https://github.com/tempoxyz/tempo.git tempo --root /usr/local tempo --version ``` ## Docker You can find the latest tagged version of Tempo at [the Tempo GHCR package](https://github.com/tempoxyz/tempo/pkgs/container/tempo). ```bash /dev/null/docker.sh#L1-4 # Pull the latest Docker image docker pull ghcr.io/tempoxyz/tempo: # Run the Docker container docker run -d --name tempo ghcr.io/tempoxyz/tempo: --version docker logs tempo ``` ## Snapshots Downloading a snapshot lets your node skip syncing from genesis and start participating much faster. Choose the snapshot profile based on what the node does: * Validators should use `--minimal`. * RPC providers, indexers, and other workloads that need complete historical data should use `--archive`. ### What is Minimal Mode? Minimal Mode is a Reth storage profile for nodes that need to follow the chain and serve recent state, such as validators. It keeps disk usage low by pruning older historical data. If the node serves historical RPC, indexing, archive, or tracing workloads, use `--archive` instead. See Reth's [Minimal Storage Mode](https://reth.rs/run/storage/minimal/) docs for the storage trade-offs. ::::code-group ```bash [Validator mainnet] tempo download --chain mainnet --minimal ``` ```bash [Validator testnet] tempo download --chain moderato --minimal ``` ```bash [Archive mainnet] tempo download --chain mainnet --archive ``` ```bash [Archive testnet] tempo download --chain moderato --archive ``` :::: Use [snapshots.tempo.xyz](https://snapshots.tempo.xyz/) to compare snapshot profiles or copy generated `tempo download` commands. :::note\[Replacing existing snapshot data] When replacing snapshot data in an existing data directory, add `--force` after selecting the right profile. `--force` overwrites snapshot data but preserves `discovery-secret` and `known-peers.json`. ::: ## Verifying Releases All release artifacts are cryptographically signed. We recommend verifying signatures before running any binary. ### Binary Signatures (GPG) Release binaries are signed with GPG. The `tempoup` installer verifies signatures automatically when `gpg` is available. To verify manually: ```bash # Import the Tempo release signing key gpg --keyserver keyserver.ubuntu.com --recv-keys EE3C5D41EA963E896F310EC3CBBFA54B20D33446 # Verify a downloaded binary gpg --verify tempo-v1.1.0-x86_64-unknown-linux-gnu.tar.gz.asc \ tempo-v1.1.0-x86_64-unknown-linux-gnu.tar.gz ``` A successful verification will show `Good signature from "Tempo Release Signing Key"`. **Fingerprint:** `EE3C 5D41 EA96 3E89 6F31 0EC3 CBBF A54B 20D3 3446`
Public Key ``` -----BEGIN PGP PUBLIC KEY BLOCK----- mDMEaYXmJhYJKwYBBAHaRw8BAQdAa+cO3zz4+YQuPgUCNXSW7ApNTCAIwx9wBfPc lXyZBw20Xlp5Z2ltYW50YXMgTWFnZWxpbnNrYXMgKFRlbXBvIHJlbGVhc2Ugc2ln bmluZyBrZXkgZm9yIDIwMjYgYW5kIG9ud2FyZHMpIDx6eWdpbWFudGFzQHRlbXBv Lnh5ej6IkwQTFgoAOxYhBO48XUHqlj6JbzEOw8u/pUsg0zRGBQJpheYmAhsDBQsJ CAcCAiICBhUKCQgLAgQWAgMBAh4HAheAAAoJEMu/pUsg0zRGjJABAP8dy+gWx/E8 EqzkKEUkEfLiRZ6n8APsc0aI5gqwfVAuAP99147oAq9cWVkNMh5PQmvdSG8MIx7Z G4OIGIHqFwKSCA== =o2TA -----END PGP PUBLIC KEY BLOCK----- ```
### Docker Image Signatures (Cosign) Docker images are signed with [Cosign](https://docs.sigstore.dev/cosign/signing/overview/) using keyless signing via GitHub Actions OIDC. To verify a Docker image: ```bash # Install cosign: https://docs.sigstore.dev/cosign/system_config/installation/ cosign verify ghcr.io/tempoxyz/tempo:latest \ --certificate-identity-regexp="https://github.com/tempoxyz/tempo/" \ --certificate-oidc-issuer="https://token.actions.githubusercontent.com" ``` This verifies that the image was built and signed by the official Tempo CI pipeline. ### SHA256 Checksums Every release archive includes a `.sha256` checksum file: ```bash # Download the checksum file curl -sSfLO https://github.com/tempoxyz/tempo/releases/download/v1.1.0/tempo-v1.1.0-x86_64-unknown-linux-gnu.tar.gz.sha256 # Verify shasum -a 256 -c tempo-v1.1.0-x86_64-unknown-linux-gnu.tar.gz.sha256 ```