Thank you Ariel Zimroni for the idea and comments
As soon as ETH staking came to light, tokenized variations started to pop up. Up until recently tokenized stake referred to ETH value locked, or rather who controls the asset once it’s withdrawn.
But what about tokenizing the validator while it’s still working (the validation key)?
Ownership of an active validator validation key is non transferable, primarily because there is no safe way to transfer it. Most (if not all) validation keys are generated in a centralized way (a person/ entity running key generation on their machines), most keys have a cold storage backup as well.
This means the original creator of the key will always know the private key, preventing any safe transfer to a 3rd party as that 3rd party could not guarantee that it’s the only one in possession of the private key.
If a staking pool wants to transfer its validators to a different entity (we can think of a large pool like Lido buying up a smaller pool for example) it can’t really do that under the current paradigm.
By using SSV + DKG we can tokenize validator ownership, opening up a whole array of possibilities not possible before, including:
- True OTC validator deals
- Validator transfer between protocols/ services
- Transfer validator cost
- Splitting control over a validator (think of a multisig controlling the validator on SSV)
- Bypass the beacon chain activation queue
How will it work?
The first piece of the puzzle is generating keys via Distributed-Key-Generation(DKG) rather than in a centralized way. DKG is a way to generate a valid BLS12–381 validation key by independent parties:
- Every party ends up with a private share
- Every party can calculate the full validation public key
- Every party can verify the shares are valid
SSV uses a unique protocol that requires zero manual coordination, essentially every SSV node is “DKG ready” and can participate in a DKG ceremony without any special coordination.
DKG unlocks the first step towards transferable validations as none of the DKG participants nor the DKG originator (the one initiating the DKG ceremony) have the full private key so transfer can now be safe.
The next piece of the puzzle is the SSV registry contract. All validators on the SSV network are registered via a smart contract (read more here).
By using a new tokenizer contract which emits NFT/ ERC20 tokens as proof of ownership we can make validators transferable.
A user wishing to register a new validator will use the tokenizer contract as a gateway to the SSV registry contract. The tokenizer contract will become the owner of the validator on the SSV network but since it’s a contract, outside wallets can make it call the SSV validator registry contract if they hold the proof of ownership.
When the wallet that owns the proof of ownership wants to transfer the ownership it’s a simple call, indicating the new owner. Once that’s done there is a new owner to the validator.
Since we use DKG to generate the validator in the first place, the new owner can be sure that the old owner doesn’t have the original private key which is crucial for an atomic transfer.
The validator withdrawal credentials are set to the tokenizer contract as well and are a package deal since it’s not wise to transfer the validator without controlling the withdrawal credentials as well.
Note that when the validator is transferred, only the ownership of it within the SSV contracts is transferred, not the actual shares.