Hi, i’m a full windows validator since genesis… I have a similar problem where my account used to fund my validator with 32 eth was compromised. I was told since I haven’t migrated to 0x01 credentials yet, I’m good. Is this true? thanks in advance
My understanding is if he has the seed phrase you need to go and set your withdrawal address to a fresh secure wallet as quickly as you can or the person who has your seed phrase can do it for you to an address you don’t control. @benjaminchodroff can you confirm?
1 Like
Actually, I replied in haste because I was concerned for you. But thinking about it yes you’re right because the validator withdrawal address is not the deposit address is it? as long as you’ve not lost control of the seed phrase for the withdrawal address you’re okay.
1 Like
If only the seed phrase used for your deposit address was compromised, it will not compromise your validator seed phrase (unless, you did something odd and used the same seed phrase for your validator). As you have indicated you have not yet set your withdrawal address, you can still set this to a new address that is not compromised. I recommend every validator should always set their withdrawal address managed by a seed phrase that is secure, offline and operated with a cold hardware wallet.
2 Likes
hi thanks for your replies! so I don’t think the actual “seed phrase” was compromised, I use metamask and accidentally executed a rogue smart-contract which compromised the metamask “private key” ( i think) … anyway, when I finally migrate to 0x01 I will definitely set a new withdrawal address offline as you stated.