--- tags: withdrawals, WC rotation --- # Withdrawal credentials rotation plan The goal is to rotate the withdrawal credentials for all early Lido validators that had 0x00 type to 0x01 type. This ensures that all of the Lido validators will have a withdrawal credentials reference to the [Lido Withdrawals Manager contract](https://docs.lido.fi/contracts/withdrawals-manager-stub/). The rotation plan includes several steps: ## 1. Development and audit In this step we [improve dc4bc](https://github.com/lidofinance/dc4bc/pull/192) and develop additional scripts responsible for sending signed messages, checking them, and tracking their status. We audit the critical parts. - [Status and timeline of audits and script development](/@lido/ry8de97Uo) ## 2. Testnet ceremony In this step, we test the rotation ceremony on a testnet. The goal is to check together all the changes made in dc4bc, test the developed scripts and identify possible challenges at each step. - [Status and timeline of testnet](/@lido/ryBbbHjIj) ### Initial ceremony - [Instructions for the dev team](/@lido/SkPyjto8j) - [Instructions for the participants](/@lido/B1vMvFi8s) - [Instructions for the master of ceremony](/@lido/tOlusnJeSjimovb_oMm08A) ### Reinit ceremony - [Instructions for the participants](/@lido/HJ-LDjBuo) ## 3. Mainnet preparation At this step, we gather the necessary or greater number of key holders for the quorum, ask them to prepare an environment, explain the process to them, and answer their questions. Having prepared the environment, we perform a reinitialization procedure from the source logs to restore the state of the dc4bc software to the state it was right after the original DKG ceremony. <!-- - [How to set up dc4bc](/@lido/rtfUDqQTQlKOdGZi-9Rx4A?both) - [How to use dc4bc](/@lido/xMmW0FbEQi6l5RiiqrFpfQ) --> - [Instructions for the participants](/@lido/rkm53W9Li) - [Instructions for the master of ceremony](/@lido/ryBVn-9Lj) - [Instructions for the dev team](/@lido/B1RfoSeYs) ## 4. Signing rotation messages This is the most critical step, here we sign messages to rotate withdrawal credentials from type 0x00 to 0x01. Each participant of the ceremony runs software that communicates with each other over a secure data bus and exchanges messages. One of the participants initializes the signing process by sending to the network indexes of messages to sign. The messages themselves are generated on the fly based on a list of validators prepared in advance for rotation. Once the participant receives indexes of messages to be signed to sign, they transmits the data to the airgapped machine using QR codes, signs a bunch of messages to rotate and sends the signed ones back. Signed messages are sent to the data bus and read out by other participants. When the number of signed messages reaches a quorum (6/11), the signatures are aggregated and the final signed message is sent to the data bus. The signing procedure takes place before the fork, so that just after the fork all the messages are already ready to be sent. - [Instructions for the participants](/@lido/H1lKGOOOo) - [Instructions for the master of ceremony](/@lido/BkObCcFus) - [Instructions for the dev team](/@lido/SkEBcSlFj) - [QR-tool usage](/@lido/HkQfnpa_s) ## 5. Sending messages to the network In this step, we send the previously collected signed messages to the network and monitor the rotation of withdrawal credentials. Signed messages are read from the data bus in batches and sent to the network using the script. Another script looks at the state of the network and checks how many Lido validators have withdrawal credentials 0x00 type and how many Lido validators are in the rotation queue. - [Instructions for the master of ceremony](/@lido/By_4AYlFj) - [Instructions for the dev team](/@lido/H1sn6YgYj)