Skip to main content


Create and sign a voluntary exit for the specified validator or set of validators.
This subcommand can be run as a separate Teku process.


To submit a voluntary exit, you must have a running beacon node with the REST API enabled.


teku voluntary-exit --beacon-node-api-endpoint=<ENDPOINT>

Endpoint of the beacon node's REST API. The default is


teku voluntary-exit --config-file=<FILE>

Path to the YAML configuration file. The default is none.


teku voluntary-exit --confirmation-enabled=<BOOLEAN>

Specify whether to request confirmation when exiting a validator. The default is true.


If you set --confirmation-enabled to false, exits are generated immediately without any prompt.


teku voluntary-exit --epoch=<EPOCH>

Earliest epoch that the voluntary exit can be processed. The specified epoch can be a past epoch, or current epoch. You cannot specify a future epoch. The default is the current epoch.


If there is a high number of validators that are queued to exit, then the validator exit may be processed at a later epoch.


teku voluntary-exit --include-keymanager-keys=<BOOLEAN>

Include validator keys managed using the key manager APIs. The default is false.


teku voluntary-exit --network=<NETWORK>

Predefined network configuration. There is no default value, because Teku reads the network specification from the Beacon API unless specified.


teku voluntary-exit --validator-keys=<KEY_DIR>:<PASS_DIR> | <KEY_FILE>:<PASS_FILE>[,<KEY_DIR>:<PASS_DIR> | <KEY_FILE>:<PASS_FILE>...]...

Directory or file to load the encrypted keystores and passwords of the validators that you wish to exit. Keystore files must use the .json file extension, and password files must use the .txt file extension.

When specifying directories, Teku expects to find identically named keystore and password files. For example validator_217179e.json and validator_217179e.txt.

When specifying file names, Teku expects that the files exist.


The path separator is operating system dependent, and should be ; in Windows rather than :.


teku voluntary-exit --validator-public-keys=<PUBKEY>[,<PUBKEY>...]...

Restrict the exit command to a specified list of public keys. When the parameter is not used, all keys will be exited.


teku voluntary-exit --validators-external-signer-keystore=<FILE>

The keystore that Teku presents to the external signer for TLS authentication. Teku can use PKCS12 or JKS keystore types.

Use the PKCS12 keystore type if connecting to Web3Signer.


teku voluntary-exit --validators-external-signer-keystore-password-file=<FILE>

Password file used to decrypt the keystore.


teku voluntary-exit --validators-external-signer-public-keys=<KEY>[,<KEY>...]

List of public keys of validators that you wish to voluntarily exit when using an external signer (for example, Web3Signer).


teku voluntary-exit --validators-external-signer-timeout=<INTEGER>

Timeout in milliseconds for requests to the external signer. The default is 5000.


teku voluntary-exit --validators-external-signer-truststore=<FILE>

PKCS12 or JKS keystore used to trust external signer's self-signed certificate or CA certificate which signs the external signer's certificate.


teku voluntary-exit --validators-external-signer-truststore-password-file=<FILE>

Password file used to decrypt the keystore.


teku voluntary-exit --validators-external-signer-url=<URL>

URL of the external signer (for example, Web3Signer).