It is very scary to me that withdrawal credentials are not verified at any point after generation. Adding a withdrawal signature & and the full withdrawal public key would allow verification of the key and it's encoding which would be a comforting sanity check.
Update: #195 verifies the withdrawal public key validation but not the withdrawal signature. We mostly rely on the launchpad to double verify the signatures.
It is very scary to me that withdrawal credentials are not verified at any point after generation. Adding a withdrawal signature & and the full withdrawal public key would allow verification of the key and it's encoding which would be a comforting sanity check.