Ethereum (ETH)
There are two ways to unstake Ethereum validators with Kiln.
Option 1: Unstake from Kiln Dashboard
Following the Shapella upgrade, you can unstake your validators in a couple of clicks from the Kiln dashboard:
You can request multiple validators to exit by:
Selecting them on the dashboard and using the batch request exit button (ideal for specific stakes; otherwise, use option 2).
Using the batch request exit on the dashboard and adjusting the slider to auto-select stakes (for exiting many stakes simultaneously).
Inputting a list of validators in the
requestExit
function with thebytes[] validators
parameter.
On the dashboard you can see when a stake is pending to exit along with the estimated time it will take (look for the status Exit requested).
The addresses of our Ethereum Exit Contracts are as follows:
Make sure these contracts are whitelisted in your custody solution.
For more details on what happens behind the scenes when you unstake, check out this blog post.
Option 2: pre-signed exit messages
In Option 1, you rely on Kiln processing the requestExit
message that you send via the Dashboard. Option 2 is a fully non-custodial approach we describe below.
The validator exit operation requires the validator’s validation key to sign a VoluntaryExit message and broadcast it to the Consensus Layer. It has become an industry standard that the validation keys are protected by the node operator themselves and are rarely shared with customers; having the same validation key in multiple places exposes the staker to slashing risks.
The problem we are trying to solve is the following:
As an ETH holder staking on dedicated ETH validators through a node provider, I want to be able to exit my validator without relying on the node operator to perform the VoluntaryExit task.
This is why at Kiln we developed a full flow to provide pre-signed VoluntaryExit messages to all our clients.
We built our ExitMessage API, which exposes signed VoluntaryExit messages of your validators, encrypted using your GPG key, this way guaranteeing that only you can access these messages. After getting these messages you can decrypt them and send them directly to a beacon chain node which will execute the exit.
Steps to setup and exit validators
Provide PGP/GPG public key
PGP/GPG key must be provided in order to encrypt the messages in our database and in the API
The public key can be shared with your CSM or Sales Engineer and they’ll share it internally
PGP/GPG private key must be stored in a safe place as it’ll be the only way to decrypt the messages.
Create integration with our
getExitMessage
endpointRequest encrypted messages via
getExitMessage
endpointDecrypt exit messages with the private key that corresponds to the PGP public key shared
If you want to perform exits, broadcast the messages to a Beacon Chain node
For testing we usually use Nimbus open Beacon Nodes APIs:
Goerli/Prater:
http://unstable.prater.beacon-api.nimbus.team/eth/v1/beacon/pool/voluntary_exits
Holesky:
http://unstable.holesky.beacon- api.nimbus.team/eth/v1/beacon/pool/voluntary_exits
Mainnet:
http://unstable.mainnet.beacon- api.nimbus.team/eth/v1/beacon/pool/voluntary_exits
The request must be a
POST
with the following structure:curl
request example
Wait for exit queue + skimming cycle to get the ETH back to the withdrawal credentials of your validator(s). You have now unstaked!
If you have any questions on this flow, please don't hesitate to reach out to your CSM or SE.
Last updated