RPIP-32: Stake ETH on behalf of node Source

Enables an address to provide ETH to a node, allowing the node to make deposits using the provided ETH.
RPIP32
AuthorDarren Langley, Kane Wallmann
StatusFinal
TypeProtocol
CategoryCore
Created2023-09-21
DiscussionLink
Vote Link
Vote Date2023-12-20
Vote ResultPassed

Contents

RPIP-32: Stake ETH on behalf of node Source

Enables an address to provide ETH to a node, allowing the node to make deposits using the provided ETH.

Abstract

A proposal to enable an independent address to fund a registered node with ETH. Subsequently, the node can utilise this ETH to make deposits, without having direct access to the ETH.

Rationale

This supports a variety of situations were the node operator is not directly providing the ETH:

  • Enhanced security for node operators, as they can stake directly from their hardware wallet, eliminating the need to transfer funds to the node beforehand
  • Staking as a Service providers where custody of funds are managed by a trusted custodian
  • Protocol integrations where custody of funds are managed by smart contracts
  • DAOs or organisations where custody of funds are managed by a treasury

While the primary aim of this feature is to facilitate single depositor scenarios, it’s worth noting that multiple independent depositors can also leverage this capability by creating smart contracts layered on top.

Specification

  • As someone who wants to supply ETH to a node for staking, I MUST be able to fund a specific node with ETH from any address
  • As someone who wants to supply ETH to a node for staking, I want the supplied ETH to be accounted for separately from the node’s own funds
  • As the owner of a node’s withdrawal address, I MUST be able to withdraw unused supplied ETH
  • As a node operator, I MUST NOT be able to withdraw the ETH funds supplied by another address
  • As a node operator, I MUST be able to fund new minipools using the supplied ETH

Backwards Compatibility

The specification as written is backwards compatible with the current deposit process. The behaviour is as current for node operators who do not use the new functionality.

Security Considerations

The specification operates under the assumption that the ETH owner is synonymous with the withdrawal address owner. This aligns with the existing trust assumptions within the protocol and serves as a protective measure to guarantee that only the rightful owner can access these funds.

Copyright and related rights waived via CC0.

Citation

Darren Langley, Kane Wallmann, "RPIP-32: Stake ETH on behalf of node," Rocket Pool Improvement Proposals, no. 32, September 2023. [Online serial]. Available: https://rpips.rocketpool.net/RPIPs/RPIP-32.