Issue

Currently, a validator must call logout using their validation key. If the validator loses their validation key, they can never get their deposit back. Allowing logout to be called from the validator’s withdrawal addr provides a backup in case of any issue that might arise with their validation key.

This is a simple addition that will ultimately provide a better validator experience and will likely encourage validation through reduced risk.

Proposed Implementation

• change logout to assert that either ‘the msg sender is withdrawal_addr’ or ‘logout_msg is signed by the validators validation key’
• add tests demonstrating both of these methods (including when both!)

Code should look something like the following:

@public
def logout(logout_msg: bytes <= 1024):
    sighash: bytes32 = extract32(raw_call(self.SIGHASHER, logout_msg, gas=self.SIGHASHER_GAS_LIMIT, outsize=32), 0)
    values = RLPList(logout_msg, [int128, int128, bytes])
    validator_index: int128 = values[0]
    epoch: int128 = values[1]
    sig: bytes <= 1024 = values[2]

    assert self.current_epoch >= epoch

    from_withdrawal: bool = msg.sender == self.validators[validator_index].withdrawal_addr
    assert msg.sender == from_withdrawal or self.validate_signature(sighash, sig, validator_index)
    
    ...