In this note, we explore how white-label operators could steal funds from parties that delegate validator keys to them.
Suppose a white-label operator $W$ is delegated a set of $n$ validator keys belonging to node operator $O$. If the white-label operator wanted, it can act as a whistleblower and submit incontrovertible evidence to the dispute-resolution mechanism, in the form of arbitrary messages signed with each of the validator keys. This will yield a reward $R(n)$ for the node operator upon a successful court case.
Note that, even for very large values of $n$ (say, $n=1000$), our court design was such that $R(n)$ is only a small fraction of the total ETH staked by these validators. There were a few reasons for this:
Capital efficiency: we don’t want the bonds required for the courts to be exceedingly large.
Decreasing the size of the accuser’s bond: let $A(n)$ denote the bond that an accuser must post to accuse an operator of having $n$ white-label validators. In the note Bonding requirements for operating the courts, we found that to account for an imperfect court with the possibility of human error, the parameter $\alpha = R/A$ was required to be bounded as follows:
$$ \frac{1-p_\text{CTP}}{p_\text{CTP}}< \alpha<\frac{1-p_\text{CFP}}{p_\text{CFP}}, $$
where $p_\text{CTP}$ and $p_\text{CFP}$ are the true-positive and false-positive rates for the court, respectively. The consequence of the above is that a very large $R$ will also require a very large $A$—making it so that accusers may not have the liquidity to challenge a very large operator.
From the restrictions that follow from Bonding requirements for operating the courts and Analysis of operators’ economic incentives, for $n>1$, we see that accuser’s rewards in the order of magnitude of $R(1000) = 40 \text{ ETH}$ are enough to fund private, complex investigations while at the same time making the expected return of white-labeling negative. However, such a number may not be enough to sway an entire white-label organization to become a whistleblower.
An example: Consider a white-label operator running 1000 nodes (with 32 ETH each) and taking 3% of the total APR as a fee. Even with a conservative APR of 4%, their expected yearly returns are roughly 38.4 ETH—roughly the whistleblower reward proposed above. It would be unreasonable for this organization to burn bridges with its customers under this value proposition.
Given the above, we would like to improve the potential whistleblowing returns for white-label operators holding validator keys that belong to other operators in the Lido protocol, to sway them towards action-taking.
In our note Bonding requirements for operating the courts, we describe the needed bonds that are adequate to cover court fees $C$ and pay appropriate whistleblower rewards $R$. We also described that having two different sources of bond is likely: a smaller bond $B_0$ for the dispute resolution mechanism, and a larger $B_s$ to insure against collateral damages from slashing or MEV stealing. The total bond is given by $B=B_0 + B_s$.
We propose that a party holding validator keys should be able to efficiently claim ownership of this second source of bonds $B_s$.
Lido’s permissionless staking module is still under development, so there is not a clear picture of how the validator exits for the permissionless staking module will look. However, we would expect the following from the process:
The validator’s withdrawal address $w$ itself is immutable due to Ethereum’s design. However, the bond withdrawal address $w_B$ for the operator’s bond is set at the smart contract level (or determined by a transaction at the time of exit) and can be modified by claiming the validator’s ownership. Specifically, we propose the following: