Withdrawal credentials uncovered with Blox Staking
Withdrawal credentials are the root of lots of confusion and uncertainty. This article explains the relationship between the withdrawal keys and credentials, how Blox Staking uses them, and how you can verify yours.
The TL;DR section covers the rough process with Blox Staking from deposit to withdrawal and is based on a couple of assumptions since withdrawal isn’t implemented yet. Finally, the Withdrawal in-depth section tries to explain the relationship between keys and credentials in more detail.
- Blox Live generates a random seed (mnemonic/24-word passphrase)
- Validator and withdrawal private keys are derived from the same seed, with different derivation paths. Actually, they are childs of each other.
- A public withdrawal key is generated from the private withdrawal key (never shown in Blox Live)
- The public withdrawal key is hashed, resulting in withdrawal credentials
- Withdrawal credentials are sent along with the deposit transaction inside TxData
(Once the merge has happened, and withdrawal is enabled. It will most likely be supported by Blox Live but is subject to change, since not yet specified)
- Generate the withdrawal private key from your seed (mnemonic/24-word passphrase) again.
- Sign a withdrawal operation with the validator and withdrawal private key and execute the withdrawal operation on the contract (This might require a voluntary validator exit beforehand).
- The operation contains an ETH1 address to where the funds should be moved to.
- The contract verifies the operation by matching the withdrawal credentials against the signed operation.
- If valid, funds are transferred to the given ETH1 address.
How can I withdraw my staked ETH?
Currently, there is no way to withdraw your staked ETH, and there is no fixed date for the feature. However, it will be enabled after the merge happens.
According to the official sources, the merge will ship in ~Q1/Q2 2022. Important features, such as the ability to withdraw staked ETH, will ship after the merge is complete but are expected to happen soon.
Withdrawal Credentials — The Blox Live process revisited
To better understand the role of withdrawal credentials, we need to revisit the Blox Live process during your first validator deployment.
It’s best explained by watching the tutorial video again.
There are a few interesting timestamps to mention:
0:54 — Blox Live created a seed (mnemonic/24-words passphrase) for you.
1:12 — Blox Live generated your private validator key from your seed and stored it securely inside your KeyVault on AWS.
1:17 — Blox Live shows your public validator key and your public withdrawal key, purely for your information.
1:55 — The deposit transaction (32 ETH) is initiated as a normal transaction through your connected wallet.
Now that we recalled the overall process, we can look at the withdrawal credentials in more detail.
Where do withdrawal credentials come from?
The deposit transaction from above sends your 32 ETH to the ETH2 Deposit Contract. This contract requires additional data, such as your validator public key and your withdrawal credentials. This additional data is sent through the transaction initiated by Blox Live inside TxData.
The withdrawal credentials inside TxData are nothing else than a hashed version of your public withdrawal key (it’s hashed to preserve privacy and save space), which itself is derived from the withdrawal (private) key. The withdrawal private key isn’t stored with the Blox Live app, thus never shown to you. But, of course, it can always be recreated from your seed (see verify section at the end).
What’s the purpose of the withdrawal credentials?
Once the withdrawal is enabled after the merge, credentials are used to verify your request to transfer your funds and proof that you’re the legit owner. The exact mechanism is currently under research and discussed on the ETH R&D discord.
However, it is safe to assume that once the day comes, you send a transfer request signed with your validator and withdrawal (private) key that will be verified against the withdrawal credentials (hashed version of your withdrawal public key).
There are two kinds of withdrawal credentials as of today:
- BLS withdrawal credentials
- ETH1 address withdrawal credentials
Blox Live doesn’t support ETH1 addresses as withdrawal credentials, except if you created a validator outside of Blox Live and later moved it to Blox Staking.
Since major parts of the withdrawal process are not yet implemented, we can’t vote for one over another. However, for Blox Staking (non-custodial, non-pooled), the currently used BLS withdrawal credentials are good enough.
How to verify withdrawal credentials
Some people learned about withdrawal credentials after they set up their validator and deposited 32 ETH, leaving some uncertainty about the correctness of their withdrawal credentials which Blox Live generated.
The following step-by-step guide illustrates how you can verify if you have the right seed/keys to signal a withdrawal once the time comes.
🔴 Warning: Please only do this on your own safe, completely offline device!
The simplest way to verify this is by using the ETH2.0 deposit cli, which you can download from its GitHub release page. Once downloaded, extract it to your own safe, completely offline device.
When ready, open a command prompt in the root folder of the cli, and run the following command:
./deposit existing-mnemonic --num_validators 1 --chain mainnet
When prompted, enter your 24-words passphrase, confirm the default values, and proceed unless you see the success screen.
Note the output folder where your keys can be found, and open the
deposit_data-[timestamp].json file inside that directory.
withdrawal_credentials field contains the hashed version of your withdrawal public key (without the BLS prefix
0x00) derived from the withdrawal (private) key generated from your seed.
Now you can easily compare the withdrawal credentials of your active validator with the generated one.
Jump over to the Beacon Chain Explorer and look up your validator. Down in the Eth2 Deposits section, you can find the stored withdrawal credentials. To compare the generated ones to the stored ones, prefix them with
0x00 . Remember, the
0x00 defines the semantics of the following chunk and indicates a BLS withdrawal key (as opposed to
0x01 which indicates an ETH1 address)
If the withdrawal credentials match, you have successfully verified that you have the necessary keys to transfer your funds once the withdrawal is enabled.
Please note that if your seed is lost or stolen, all your funds are gone. There is an ongoing discussion to give stakers a second chance in case only their withdrawal keys are compromised, but not the seed.