Recall that, even in a non-custodial delegated staking arrangement, the validator’s signing key is held by the validator operator, rather than the ETH staker. This arrangement puts the ETH staker in the undesirable position of having to trust their validator operator to sign and submit a voluntary exit on their behalf whenever they wish to exit their validator.
While it is expected that any reputable validator operator would respect the ETH staker’s request to exit, this scenario exposes the ETH staker to the risk that a validator operator refuses to exit their validator (sometimes referred to as “griefing”). Fortunately, there is a workaround for this suboptimal staking user experience: pre-signed voluntary exits.
Pre-signed voluntary exits
At present, validator operators demonstrate their intent to honor exit requests from ETH stakers by pre-signing voluntary exits for the validators they operate, and sending these pre-signed voluntary exits to the ETH staker who funded each validator. Providing the ETH staker with pre-signed voluntary exits empowers them to unilaterally submit the voluntary exit to an Ethereum consensus client at any time, and by doing so, independently exit their validator(s).
Today, these pre-signed validator exits are valid only for the current and previous consensus layer (CL) fork versions. In other words, once the Deneb fork occurs, voluntary exits that were pre-signed prior to the Capella fork will no longer be valid.
This design choice—to limit the validity of pre-signed voluntary exits—was originally made due to a consideration from Core Devs around the case of a very long, contentious fork. In this case, a pre-signed voluntary exit submitted on fork version A would be replayable on fork version B. This will remain a risk once pre-signed voluntary exits are made perpetually valid via the Deneb upgrade, however the consensus amongst Core Devs is that the advantages and improved staking UX that this change enables outweigh this risk. The EIP’s author contends that “this possibility is not sufficient to justify the UX degradation exposed above, as no funds are at risk and the staker can re-stake on one or both of the chains.”
Future benefits of perpetually valid signed voluntary exits
To reiterate, EIP-7044 will make voluntary exits perpetually valid, rather than being valid only for the current and previous consensus layer (CL) fork versions.
Beyond improving the staking user experience in the ways described above, this EIP opens up a new design space around automated validator exits. For example, a perpetually valid pre-signed voluntary exit could be stored in some contract, or automated mechanism, that submits the voluntary exit to Ethereum’s consensus layer if and when a specific condition is met (e.g. if your validator is inactive for a set number of epochs). This would provide stakers additional protection against inactivity penalties in the event that their validator setup is lost, or otherwise goes offline.
For those who are more technically savvy, this change will be implemented by making a single change to the state transition function:
Additionally, the voluntary_exit gossip conditions are implicitly modified to support this change. To make the change backwards compatible the signature domain is locked on the Capella fork.
EIP-7045: Increase max attestation inclusion slot
From one perspective, the Ethereum blockchain is primarily made up of blocks (represented below as squares) and attestations (represented below as circles). Each attestation can be thought of as a vote on a given block to signal its ‘correctness.’