Closed ThomasDalla closed 1 year ago
If you have an HD seed you can create an HD wallet with the relevant accounts using ethdo
and serve it using dirk
to provide slashing protection. Does this address the issue?
Not exactly because web3signer
can run in a resilient fashion, having multiple instances on different machines, using a highly available, distributed PostgreSQL
database for the slashing protection.
You can then have multiple identical pairs of (validator-client
, web3signer
) on different machines, and even if they were to run at the same time on more than one machine, there would be no risk of being slashed (only one web3signer successfully signing back to one of them).
In more practical terms, you can have a cold standby VC+Web3signer on a separate machine (different network) that takes over if the main one goes offline.
When the backup pair starts, we could assert the same slots and get slashed. Same issue if there is a bug in our leader election and both of them run at the same time.
The shared database slashing protection of web3signer
protects us from that and allows us to be highly available without the risk of being slashed.
Migrating to an HD wallet in dirk
only allows for a single instance of Dirk to exist. Having 2 instances of Dirk with the same HD wallet can lead to slashing (unlike two instances of web3signer
backed by the same slashing database).
I have migrated to hd wallets in dirk
on Goërli and it works as a charm, but for Mainnet the slashing protection being resilient to multiple instances is a must.
An alternative to get the shared slashing protection benefits would be to support a shared slashing database between multiple instances of dirk
(for HD wallets, not needed for distributed wallets), similarly to web3signer
. In that case, web3signer
would have no advantages over dirk
and I would be happily migrating my "legacy" validators to Vouch+Dirk on Mainnet as well.
I spent some time looking at the web3signer, and think that rather than supporting it a better way to go will be to provide the ability to shard an existing private key. This would leverage Dirk's slashing protection and not require shared infrastructure.
That would be even better! Worth a separate ticket?
For reference:
SSV https://docs.ssv.network/developers/tools/ssv-key-distributor Obol https://github.com/ObolNetwork/charon-distributed-validator-cluster#import-existing-validator-keys
Raised under Dirk's Issue Tracker: https://github.com/attestantio/dirk/issues/30
Happy to close this ticket.
Superseded by https://github.com/attestantio/dirk/issues/30
Great discussion, very interested in this feature being available!
In a world where most of the existing validators have been created with hd wallets, this is currently impossible to migrate them to Vouch with slashing protection. We can migrate them to local wallet accounts in Vouch, and under normal operations Vouch does not produce slashing events, but having a robust slashing protection would be better (especially if we benefit from it with the current validator client we are running and want to migrate to Vouch).
Supporting web3signer as an account manager would make it possible to migrate existing non-ditributed validators to Vouch while retaining slashing protection. It would help increase Vouch's adoption.