Extended overview of Ethereum Staking Keys

General

Both of these keys (ETH 1.0 and ETH 2.0) are based on the same idea and use elliptic-curve cryptography to create keys. However, Ethereum 2.0 has additional functionality, and its keys require different parameters when creating them, and use the Boneh-Lynn-Shacham (=BLS) signature scheme.

Ethereum 2 Keys

Compared to Ethereum 1.0, where users only have a single private key to access their funds, Ethereum 2.0 offers two different keys. The validator private key and the withdrawal private key.

The validator key

As seen in the cutout below the validator signing key consists of two elements:

• Validator private key

• Validator public key

The purpose of the validator private key is to actively sign on-chain (ETH2) operations such as block proposals and attestations. Therefore these keys have to be held in a hot wallet.

This flexibility has the advantage to move validator signing keys very quickly from one device to another, however, if they have gotten lost or stolen, the thief has the ability to act maliciously in two ways:

• Get the validator slashed by:

  • Being a proposer and sign two different beacon blocks for the same slot

  • Being an attester and sign an attestation that "surrounds" another one.

  • Being an attester and sign two different attestations having the same target.

• Force a voluntary exit, which stops the validator from "staking", and grants access to its ETH balance to the withdrawal key owner.

The validator public key is included in the deposit data which allows ETH2 to identify the validator.

The withdrawal key

The withdrawal key is required to move the validator balance once it is possible in Phase1/2. Just like the validator keys, the withdrawal keys also consist of two components:

• Withdrawal private key

• Withdrawal public key

Losing this key means losing access to the validator balance. However, the validator can still sign attestations and blocks since these actions require the validator private key, but there is little to no incentive to do so if the keys are lost.

To withdraw, the validator status needs to be "exited".

Multiple validators from a single wallet

Each validator has their own unique deposit data by which they are identified by the beaconchain. Four keys for one validator.

Q: How can I re-deposit to my validator balance? (e.g. Effective balance has dropped)

A: Send another transaction (>=1ETH) to the deposit contract with the validator specific deposit data as the transaction input. After the first deposit-transaction, the unique deposit data is stored on the blockchain and can be found on various explorers.

Note: The deposit contract requires about 150,000 gas limit.

Mnemonics for ETH2.0 validators

Over the last few years, we have become so accustomed to the 12 or 24 word-system. Why do we take steps back again and make our lives more complicated and more insecure with locally stored keys?

Known hardware wallets will not be able to support ETH2.0 key generation until the BLS library gets audited. EIP-2333 and EIP-2334 offer a solution but yet need to be implemented. With all this knowledge, we can assume that the known Mnemonics will not be accessible from day one of Phase 0.

How does it work?

Mnemonics and paths are a known feature and usually found when users try to access their hardware wallets.

"Old ETH 1.0" path structure and example:

m/44'/60'/0'/0

m / purpose' / coin_type' / account' / change / address_index

The same logic applies to ETH2.0 Keys, just with different parameters. There is a single "master key" (=Mnemonic phrase) which allows the user to attach as many validators to a single withdrawal key as they want. This way the user can derive all keys from the Mnemonic phrase.

A simplified overview would look like the following:

Source: Carl Beekhuizen

Credits: Nishant Das for fact-checking