Add withdrawal key aggregation
moles1 opened this issue · 1 comments
The withdrawal key should be an aggregate BLS key composed of public keys from the set of trusted Rocket Pool nodes. The withdrawal key should change whenever a trusted node is added to or removed from the set.
This could be implemented in the following way:
-
Rocket Pool network contracts store the current aggregate withdrawal key and credentials (hashed withdrawal key & prefix byte).
-
The smart node software generates the aggregate BLS key from the keys of all trusted nodes and submits it to the Rocket Pool network contracts. The contracts should only accept transactions from trusted nodes.
-
Rocket Pool network contracts provide a method to update the aggregate withdrawal key, which only accepts transactions from trusted nodes. Once a number of 'update' transactions from trusted nodes with an identical payload are received (e.g. 51%), the aggregate withdrawal key is updated.
The process to register a new trusted node and update the aggregate withdrawal key would be as follows:
-
The new trusted node runs the command to generate their BLS withdrawal key and sends it to Rocket Pool along with the node's IP address.
-
Rocket Pool updates the list of trusted node pubkeys and IP addresses hard-coded into the watchtower image.
-
Rocket Pool adds the new node to the trusted set via the
RocketAdmincontract. -
All trusted nodes automatically pull down the new watchtower image, compute the new aggregate withdrawal key, and submit it to the RP network contracts.
-
Once the threshold of txs hits 51%, the contract updates the aggregate withdrawal key.
Closed for now as withdrawal mechanics are TBD