It’s useful for staking pools to know that a validator lifecycle is completed to distribute the funds in a non-linear way. For example, if the final balance of the validator is lower than the starting balance you may want to make a party absorb the loss while distributing the rest to another party.
For that to happen you must know that the entire balance of the validator has already been transferred to the withdrawal account to trigger the above logic. Otherwise, someone could send 1ETH to the withdrawal address and claim the validator got slashed. How could the decentralized staking pool contracts tell the difference?
A possible way to achieve that would be for the validator balance transfer to happen when the withdrawal address itself calls the system contract. Then the contract could in one transaction
Call system contract
Compute its own balance diff
Call the staking pool manager contract to mark its status and “done” and trigger accounting logic according to the above diff
A plus would be for the call to the system contract to revert if the withdrawal receipt has already been consumed.
Just wanted to say thanks for putting some attention to the theft of credentials, sadly I fall into that category, I had a withdrawal key and wallet key compromised/stolen
Could there be a way to enable an option where withdrawals can only take place from the validator, for example, only the host could initiate the withdrawal from the node, but external withdrawals could not gain access to the validator and funds with the withdrawal key. if my validator could have this option enabled then my host could withdraw the funds for me and I could create a new cold wallet and ask them to send the funds there so I could move to a new node, I am in this for the long haul and intend on keeping the node, sadly now suffering from anxiety and regret.
I would be eternally grateful if ETH devs can keep working on a way to stop stolen keys from being used, I am sure there is a way, I am just worried that some Devs dont see it as an issue, please dont forget people like me, I invested a lot and would be devastated to lose my funds when we get to that point and am 110% behind the project.
Somewhat basic question but didn’t find an explicit mention so thought to bring it up. If our ETH1 withdrawal key is actually a smart contract address, will this work? This is an example address that we’re thinking to use:
Based on my knowledge, as long as the ETH1 contract can receive ETH it should work. Mainly make sure no specific function call is needed and if you can withdraw from your smart contract if needed.
