Suggest a staking product or service

[Gandalf-Dust-Wizard]

Project name

RockX Staking

Product type

Staking as a service

If other product type, please describe

No response

Logo

Description

RockX Staking solution is designed to enhance user’s staking experience by simplifying the current ETH staking process. RockX fully manages the entire journey covering validator setup, upgrade MEV, slash protection, etc. with high security and protection standards.

Website

https://www.rockx.com/staking/ethereum

If software is involved, is everything open source?

Yes, everything is open source: provide link(s) to project repo(s)

Is the project a fork? If yes, which project was forked?

No

Is the product out of beta development?

The product is out of beta development and was launched in May 2023

What wallets support the product or service?

All wallets that support ERC20 tokens

If the product or service enables staking with <32 ETH, what is the minimum ETH required to stake?

RockX Ethereum Staking only accept multiples of 32 ETH for staking

If a service, what are the fees associated with using the service?

RockX charges 20% commission on the fee reward, which is only approximately 20 - 30% of overall rewards

If the product or service involved a liquidity token, what are the tokens involved?

N/A

What date did the project or service go live?

May 2023, https://www.crypto-reporter.com/press-releases/rockx-pioneers-the-future-of-ethereum-staking-with-diverse-scalable-solutions-46489/

Has the project undergone an external security audit?

Yes. Smart contract audit report is done by PeckShield: https://github.com/RockX-SG/direct_staking_contracts/blob/main/PeckShield-Audit-Report-RockX-DirectStaking-v1.0.pdf

Has the project undergone any security bug bounties?

No, however, we plan to conduct Big Bounties in the future

Is the project being actively maintained?

Yes

Is the product or service free of trusted/human intermediaries?

Yes, the process is fully automated without human intervention.

If a pooled staking service, can users participate as a node operator without permission?

N/A

If listing a staking-as-a-service, are users required to sign-up for an account?

Yes, users are required to register an email address to create an account

If listing as staking-as-a-service, who has access to the signing keys?

There are a few keys for transaction signing:

• The validator signing key is managed and secured by RockX service
• The withdrawal credential is managed and secured by RockX service
• The withdrawal credential is generated based on the withdraw address provided by the user, the user must have access to this withdraw address
• The deposit address is managed and owned by the user

If a pooled staking service or SaaS provider, what type of withdrawal credentials are being utilized / who holds the withdrawal keys?

• The withdrawal credentials are utilized and hold by RockX service

• Yes, the withdrawal credentails are utilising 0x01 type credentials

• The account is provided by the user when the validator is initiated

If a pooled staking service or SaaS provider, what percent of node operators are running a super-majority client?

Currently, the RockX SaaS service is running on 100% of Lighthouse and Geth

If listing node or client tooling, which consensus layer clients (Lighthouse, Teku, Nimbus, or Prysm) are supported?

• Only Lighthouse is supported at the moment

• No, switching to a different client is not supported at the moment

What platforms are supported?

Most platforms supported including Linux, macOS, Windows, iOS, Android

What user interfaces are supported?

Browser app for now

Social media links

Twitter: https://twitter.com/rockx_official LinkedIn: https://www.linkedin.com/company/rockx-official Discord: https://discord.gg/YJzs4UwsTp YouTube: https://www.youtube.com/channel/UCur9s16EemOPuY_YAXhtG9A

Would you like to work on this issue?

• [X] Yes
• [ ] No

[github-actions[bot]]

This issue is stale because it has been open 45 days with no activity.

[wackerow]

Hey @Gandalf-Dust-Wizard!

Re open source question, can you please link to the repos?

"...withdrawal credential is managed and secured by RockX service The withdrawal credential is generated based on the withdraw address provided by the user, the user must have access to this withdraw address"

"generated based on"... is it a new address? Or is the users deposit address automatically assigned as the address for the withdrawal credentials? (ie. 0x010000000000000000000000users0deposit0address0here00000000000001)

If we can clarify those few things I'm happy to move this forward.

[Gandalf-Dust-Wizard]

Thanks for the feedback @wackerow

Here's the link to our repos on GitHub https://github.com/RockX-SG/direct_staking_contracts

the user is requested to provide a withdraw address, which can be the deposit address or a second, unique address. Whichever address provided by the user is inputed as the withdraw address for the respective validator(s). I've attached two screenshots that will help explain.

[wackerow]

Got it, thanks @Gandalf-Dust-Wizard ...

Follow up question about the signing keys... it appears that RockX is the only one with the signing keys (and thus the underlying mnemonic?). Our definition of "Self Custody" states "User maintains custody of any validator credentials, including signing and withdrawal keys" which is why I'm asking. It sounds like the withdrawal side is covered but not necessarily the signing credentials. If I'm understanding correct the user would use their "claim address" to trigger an exit, maybe you can help me understand that process?

I'll put up a PR erring on the side of caution and tag you in it, you're welcome to continue convo here or comment in that PR.

[Gandalf-Dust-Wizard]

Ok, in the above definition, you are right. We are not self-custody right now. We've got some developments to deal with signing and withdrawal keys etc. but not active at this stage.