Eth2 Key-Management Call #0

[CarlBeek]

Meeting Date/Time:

Thursday 2020/06/18 at 14:00 GMT

Meeting Duration:

1 hour

Agenda

1. Standardising private key & secret storage & ingestion
2. Key Derivation
   1. EIP 2334 Compulsory Paths
3. Key Storage & Transfers
   1. EIP 2335
      1. KDF (Single vs. Multiple)
      2. Unicode & Bytes passwords
         1. Name field
         1. Length Extension on checksum
4. Open Discussion

[paulhauner]

Here are my thoughts on loading validator keys into a validator client (from filesystem).

It's not quite how Lighthouse does it as writing these documents lead me to make some changes.

I'm looking to encourage collab, not necessarily define standards.

https://notes.ethereum.org/r6UL8XeuSfaewZwS8wzGig?view

[mcdee]

I'd like to add "adding a name field" to the EIP-2335 discussion.

Also, there was a question about a length extension attack due to the construction of the checksum. At https://eips.ethereum.org/EIPS/eip-2335#procedure step 2 the checksum is a calculated as SHA256(DK_slice | cipher_message) which is vulnerable. I'm unsure of the impact of this issue, but though it would worth raising.

[mratsim]

My (short) notes:

Goal: minimum set that is easy to implement

Wallet stores vs keys and keystores

Paul Hauner’s POV: https://notes.ethereum.org/r6UL8XeuSfaewZwS8wzGig?view

Jim McDonald: confusion “which keys should be loaded for validating?” (as we also have withdrawal keys)

Mamy: Add a prefix to distinguish between validating and withdrawal keys?

- Example signing a deposits with hardware wallet

Issue: more metadata = more to keep track of and more places to go wrong


———

Name field, uses cases for people?

-> Jim: issue BLS keys are ugly, no checksum, can easily mis-paste them dropping a character.
—> associate keys with users, validators, customers, …
—> Carl concern: name collision
—> Scope/namespace by wallet and raise error at update time.

Proto: generating unique namespace from public key? ex: docker container
Paul: One thing frustrating, metamask not syncing names between mobile and desktop

———

EIP 2335: Unicode and bytes as passwords for keystores

Note UTF-8 is specifies how to encode but does not specify the order
Pick one of the used form from unicode (like ENS, nfkd?)

- newlines? causes issues once password encrypted

———
EIP 2334 Key derivation and HD derivation path

- https://github.com/ethereum/EIPs/pull/2670

Withdrawal keys / Validating keys
Stakers might want to have a common withdrawal key for all their deposits

Use-case: deploy large number of validators on a large number of clients

Lockfile while file is in use, in particular for slashing protection

https://github.com/protolambda/eth2-val-tools

———

Closing thoughts:

Lighthouse audit: consider allowing password from CLI and not just files so that users don’t leave files with password around