Do not use local copy of wallet store when creating HD wallet

consistency

.dockerignore

@@ -0,0 +1,24 @@
+# Binaries for programs and plugins
+*.exe
+*.dll
+*.so
+*.dylib
+ethdo
+
+# Test binary, build with `go test -c`
+*.test
+
+# Output of the go coverage tool, specifically when used with LiteIDE
+*.out
+coverage.html
+
+# Project-local glide cache, RE: https://github.com/Masterminds/glide/issues/736
+.glide/
+
+# Vim
+*.sw?
+
+# Local TODO
+TODO.md
+
+Dockerfile

Dockerfile

@@ -0,0 +1,19 @@
+FROM golang:1.14-buster as builder
+
+WORKDIR /app
+
+COPY go.mod go.sum ./
+
+RUN go mod download
+
+COPY . .
+
+RUN go build
+
+FROM debian:buster-slim
+
+WORKDIR /app
+
+COPY --from=builder /app/ethdo /app
+
+ENTRYPOINT ["/app/ethdo"]

README.md

@@ -10,6 +10,7 @@ A command-line tool for managing common tasks in Ethereum 2.
 ## Table of Contents
 
 - [Install](#install)
+  - [Docker](#docker)
 - [Usage](#usage)
 - [Maintainers](#maintainers)
 - [Contribute](#contribute)
@@ -27,6 +28,34 @@ Note that `ethdo` requires at least version 1.13 of go to operate.  The version
 
 If this does not work please see the [troubleshooting](https://github.com/wealdtech/ethdo/blob/master/docs/troubleshooting.md) page.
 
+### Docker
+
+You can obtain the latest version of `ethdo` using docker with:
+
+```
+docker pull wealdtech/ethdo
+```
+
+Or build `ethdo` using docker:
+
+```sh
+docker build -t ethdo .
+```
+
+You can run `ethdo` using docker after that. Example:
+
+```sh
+docker run -it ethdo --help
+```
+
+Note that that many `ethdo` commands connect to the beacon node to obtain information.  If the beacon node is running directly on the server this requires the `--network=host` command, for example:
+
+```sh
+docker run --network=host ethdo chain status
+```
+
+Alternatively, if the beacon node is running in a separate docker container a shared network can be created with `docker network create eth2` and accessed by adding `--network=eth2` added to both the beacon node and `ethdo` containers.
+
 ## Usage
 
 ethdo contains a large number of features that are useful for day-to-day interactions with the Ethereum 2 blockchain.
@@ -39,6 +68,16 @@ ethdo uses the [go-eth2-wallet](https://github.com/wealdtech/go-eth2-wallet) sys
     - for OSX: $HOME/Library/Application Support/ethereum2/wallets
     - for Windows: %APPDATA%\ethereum2\wallets
 
+If using the filesystem store, the additional parameter `basedir` can be supplied to change this location.
+
+> If using docker as above you can make this directory accessible to docker to make wallets and accounts persistent.  For example, for linux you could use the following command to list your wallets on Linux:
+>
+> ```
+> docker run -v $HOME/.config/ethereum2/wallets:/data ethdo --basedir=/data wallet list
+> ```
+>
+> This will allow you to use `ethdo` with or without docker, with the same location for wallets and accounts.
+
 All ethdo comands take the following parameters:
 
   - `store`: the name of the storage system for wallets.  This can be one of "filesystem" (for local storage of the wallet) or "s3" (for remote storage of the wallet on [Amazon's S3](https://aws.amazon.com/s3/) storage system), and defaults to "filesystem"

cmd/blockinfo.go

@@ -22,6 +22,8 @@ import (
 	"strings"
 	"unicode/utf8"
 
+	"github.com/prysmaticlabs/go-bitfield"
+	"github.com/prysmaticlabs/go-ssz"
 	"github.com/spf13/cobra"
 	"github.com/wealdtech/ethdo/grpc"
 	string2eth "github.com/wealdtech/go-string2eth"
@@ -61,6 +63,9 @@ In quiet mode this will return 0 if the block information is present and not ski
 		body := block.Body
 
 		// General info.
+		bodyRoot, err := ssz.HashTreeRoot(block)
+		errCheck(err, "Failed to calculate block body root")
+		fmt.Printf("Block root: %#x\n", bodyRoot)
 		outputIf(verbose, fmt.Sprintf("Parent root: %#x", block.ParentRoot))
 		outputIf(verbose, fmt.Sprintf("State root: %#x", block.StateRoot))
 		if len(body.Graffiti) > 0 && hex.EncodeToString(body.Graffiti) != "0000000000000000000000000000000000000000000000000000000000000000" {
@@ -84,7 +89,7 @@ In quiet mode this will return 0 if the block information is present and not ski
 				fmt.Printf("\t%d:\n", i)
 
 				fmt.Printf("\t\tCommittee index: %d\n", att.Data.CommitteeIndex)
-				fmt.Printf("\t\tAttesters: %d\n", countSetBits(att.AggregationBits))
+				fmt.Printf("\t\tAttesters: %d/%d\n", att.AggregationBits.Count(), att.AggregationBits.Len())
 				fmt.Printf("\t\tAggregation bits: %s\n", bitsToString(att.AggregationBits))
 				fmt.Printf("\t\tSlot: %d\n", att.Data.Slot)
 				fmt.Printf("\t\tBeacon block root: %#x\n", att.Data.BeaconBlockRoot)
@@ -99,15 +104,18 @@ In quiet mode this will return 0 if the block information is present and not ski
 		fmt.Printf("Attester slashings: %d\n", len(body.AttesterSlashings))
 		if verbose {
 			for i, slashing := range body.AttesterSlashings {
-				fmt.Printf("\t%d:\n", i)
-
 				// Say what was slashed.
 				att1 := slashing.Attestation_1
+				outputIf(debug, fmt.Sprintf("Attestation 1 attesting indices are %v", att1.AttestingIndices))
 				att2 := slashing.Attestation_2
+				outputIf(debug, fmt.Sprintf("Attestation 2 attesting indices are %v", att2.AttestingIndices))
 				slashedIndices := intersection(att1.AttestingIndices, att2.AttestingIndices)
 				if len(slashedIndices) == 0 {
 					continue
 				}
+
+				fmt.Printf("\t%d:\n", i)
+
 				fmt.Println("\t\tSlashed validators:")
 				for _, slashedIndex := range slashedIndices {
 					validator, err := grpc.FetchValidatorByIndex(eth2GRPCConn, slashedIndex)
@@ -173,24 +181,18 @@ func intersection(set1 []uint64, set2 []uint64) []uint64 {
 	sort.Slice(set1, func(i, j int) bool { return set1[i] < set1[j] })
 	sort.Slice(set2, func(i, j int) bool { return set2[i] < set2[j] })
 	res := make([]uint64, 0)
-	if len(set1) < len(set2) {
-		set1, set2 = set2, set1
-	}
 
+	set1Pos := 0
 	set2Pos := 0
-	set2LastIndex := len(set2) - 1
-	for set1Pos := range set1 {
-		for set1[set1Pos] == set2[set2Pos] {
-			res = append(res, set1[set1Pos])
-			if set2Pos == set2LastIndex {
-				break
-			}
+	for set1Pos < len(set1) && set2Pos < len(set2) {
+		switch {
+		case set1[set1Pos] < set2[set2Pos]:
+			set1Pos++
+		case set2[set2Pos] < set1[set1Pos]:
 			set2Pos++
-		}
-		for set1[set1Pos] > set2[set2Pos] {
-			if set2Pos == set2LastIndex {
-				break
-			}
+		default:
+			res = append(res, set1[set1Pos])
+			set1Pos++
 			set2Pos++
 		}
 	}
@@ -198,43 +200,25 @@ func intersection(set1 []uint64, set2 []uint64) []uint64 {
 	return res
 }
 
-// countSetBits counts the number of bits that are set in the given byte array.
-func countSetBits(input []byte) int {
-	total := 0
-	for _, x := range input {
-		item := uint8(x)
-		for item > 0 {
-			if item&0x01 == 1 {
-				total++
-			}
-			item >>= 1
-		}
-	}
-	return total
-}
+func bitsToString(input bitfield.Bitlist) string {
+	bits := int(input.Len())
 
-func bitsToString(input []byte) string {
-	elements := make([]string, len(input))
-	for i, x := range input {
-		item := uint8(x)
-		mask := uint8(0x80)
-		element := ""
-		for mask > 0 {
-			if item&mask != 0 {
-				element = fmt.Sprintf("%s✓", element)
-			} else {
-				element = fmt.Sprintf("%s✕", element)
-			}
-			mask >>= 1
+	res := ""
+	for i := 0; i < bits; i++ {
+		if input.BitAt(uint64(i)) {
+			res = fmt.Sprintf("%s✓", res)
+		} else {
+			res = fmt.Sprintf("%s✕", res)
+		}
+		if i%8 == 7 {
+			res = fmt.Sprintf("%s ", res)
 		}
-		elements[i] = element
 	}
-	return strings.Join(elements, " ")
+	return strings.TrimSpace(res)
 }
 
 func init() {
 	blockCmd.AddCommand(blockInfoCmd)
 	blockFlags(blockInfoCmd)
 	blockInfoCmd.Flags().Int64Var(&blockInfoSlot, "slot", -1, "the default slot")
-
 }

cmd/chainstatus.go

@@ -82,7 +82,7 @@ In quiet mode this will return 0 if the chain status can be obtained, otherwise
 			}
 			if verbose {
 				fmt.Printf("Prior justified epoch: %d\n", info.GetPreviousJustifiedEpoch())
-				distance := (slot - info.GetPreviousJustifiedEpoch()) / slotsPerEpoch
+				distance := (slot - info.GetPreviousJustifiedSlot()) / slotsPerEpoch
 				fmt.Printf("Prior justified epoch distance: %d\n", distance)
 			}
 		}

cmd/root.go

@@ -31,6 +31,8 @@ import (
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 	e2types "github.com/wealdtech/go-eth2-types/v2"
+	filesystem "github.com/wealdtech/go-eth2-wallet-store-filesystem"
+	s3 "github.com/wealdtech/go-eth2-wallet-store-s3"
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/credentials"
 
@@ -50,10 +52,14 @@ var generate bool
 // Root variables, present for all commands.
 var rootStore string
 var rootAccount string
+var rootBaseDir string
 var rootStorePassphrase string
 var rootWalletPassphrase string
 var rootAccountPassphrase string
 
+// Store for wallet actions.
+var store wtypes.Store
+
 // Remote connection.
 var remote bool
 var remoteAddr string
@@ -90,6 +96,7 @@ func persistentPreRun(cmd *cobra.Command, args []string) {
 	debug = viper.GetBool("debug")
 	rootStore = viper.GetString("store")
 	rootAccount = viper.GetString("account")
+	rootBaseDir = viper.GetString("basedir")
 	rootStorePassphrase = viper.GetString("storepassphrase")
 	rootWalletPassphrase = viper.GetString("walletpassphrase")
 	rootAccountPassphrase = viper.GetString("passphrase")
@@ -120,8 +127,26 @@ func persistentPreRun(cmd *cobra.Command, args []string) {
 
 	if viper.GetString("remote") == "" {
 		// Set up our wallet store
-		err := wallet.SetStore(rootStore, []byte(rootStorePassphrase))
-		errCheck(err, "Failed to set up wallet store")
+		switch rootStore {
+		case "s3":
+			assert(rootBaseDir == "", "--basedir does not apply for the s3 store")
+			var err error
+			store, err = s3.New(s3.WithPassphrase([]byte(rootStorePassphrase)))
+			errCheck(err, "Failed to access Amazon S3 wallet store")
+		case "filesystem":
+			opts := make([]filesystem.Option, 0)
+			if rootStorePassphrase != "" {
+				opts = append(opts, filesystem.WithPassphrase([]byte(rootStorePassphrase)))
+			}
+			if rootBaseDir != "" {
+				opts = append(opts, filesystem.WithLocation(rootBaseDir))
+			}
+			store = filesystem.New(opts...)
+		default:
+			die(fmt.Sprintf("Unsupported wallet store %s", rootStore))
+		}
+		err := wallet.UseStore(store)
+		errCheck(err, "Failed to use defined wallet store")
 	} else {
 		err := initRemote()
 		errCheck(err, "Failed to connect to remote wallet")
@@ -159,6 +184,10 @@ func init() {
 	if err := viper.BindPFlag("account", RootCmd.PersistentFlags().Lookup("account")); err != nil {
 		panic(err)
 	}
+	RootCmd.PersistentFlags().String("basedir", "", "Base directory for filesystem wallets")
+	if err := viper.BindPFlag("basedir", RootCmd.PersistentFlags().Lookup("basedir")); err != nil {
+		panic(err)
+	}
 	RootCmd.PersistentFlags().String("storepassphrase", "", "Passphrase for store (if applicable)")
 	if err := viper.BindPFlag("storepassphrase", RootCmd.PersistentFlags().Lookup("storepassphrase")); err != nil {
 		panic(err)
@@ -291,7 +320,8 @@ func accountFromPath(path string) (wtypes.Account, error) {
 		return nil, errors.New("no account name")
 	}
 
-	if wallet.Type() == "hierarchical deterministic" && strings.HasPrefix(accountName, "m/") && rootWalletPassphrase != "" {
+	if wallet.Type() == "hierarchical deterministic" && strings.HasPrefix(accountName, "m/") {
+		assert(rootWalletPassphrase != "", "--walletpassphrase is required for direct path derivations")
 		err = wallet.Unlock([]byte(rootWalletPassphrase))
 		if err != nil {
 			return nil, errors.New("invalid wallet passphrase")

cmd/validatordepositdata.go

@@ -14,12 +14,14 @@
 package cmd
 
 import (
+	"encoding/hex"
 	"fmt"
 	"os"
 	"strings"
 
 	"github.com/prysmaticlabs/go-ssz"
 	"github.com/spf13/cobra"
+	"github.com/wealdtech/ethdo/grpc"
 	e2types "github.com/wealdtech/go-eth2-types/v2"
 	util "github.com/wealdtech/go-eth2-util"
 	string2eth "github.com/wealdtech/go-string2eth"
@@ -27,8 +29,10 @@ import (
 
 var validatorDepositDataValidatorAccount string
 var validatorDepositDataWithdrawalAccount string
+var validatorDepositDataWithdrawalPubKey string
 var validatorDepositDataDepositValue string
 var validatorDepositDataRaw bool
+var validatorDepositDataForkVersion string
 
 var validatorDepositDataCmd = &cobra.Command{
 	Use:   "depositdata",
@@ -58,13 +62,23 @@ In quiet mode this will return 0 if the the data can be generated correctly, oth
 			}
 		}
 
-		assert(validatorDepositDataWithdrawalAccount != "", "--withdrawalaccount is required")
-		withdrawalAccount, err := accountFromPath(validatorDepositDataWithdrawalAccount)
-		errCheck(err, "Failed to obtain withdrawal account")
-		outputIf(debug, fmt.Sprintf("Withdrawal public key is %048x", withdrawalAccount.PublicKey().Marshal()))
-
-		withdrawalCredentials := util.SHA256(withdrawalAccount.PublicKey().Marshal())
-		errCheck(err, "Failed to hash withdrawal credentials")
+		assert(validatorDepositDataWithdrawalAccount != "" || validatorDepositDataWithdrawalPubKey != "", "--withdrawalaccount or --withdrawalpubkey is required")
+		var withdrawalCredentials []byte
+		if validatorDepositDataWithdrawalAccount != "" {
+			withdrawalAccount, err := accountFromPath(validatorDepositDataWithdrawalAccount)
+			errCheck(err, "Failed to obtain withdrawal account")
+			outputIf(debug, fmt.Sprintf("Withdrawal public key is %048x", withdrawalAccount.PublicKey().Marshal()))
+			withdrawalCredentials = util.SHA256(withdrawalAccount.PublicKey().Marshal())
+			errCheck(err, "Failed to hash withdrawal credentials")
+		} else {
+			withdrawalPubKeyBytes, err := hex.DecodeString(strings.TrimPrefix(validatorDepositDataWithdrawalPubKey, "0x"))
+			errCheck(err, "Invalid withdrawal public key")
+			assert(len(withdrawalPubKeyBytes) == 48, "Public key should be 48 bytes")
+			withdrawalPubKey, err := e2types.BLSPublicKeyFromBytes(withdrawalPubKeyBytes)
+			errCheck(err, "Value supplied with --withdrawalpubkey is not a valid public key")
+			withdrawalCredentials = util.SHA256(withdrawalPubKey.Marshal())
+			errCheck(err, "Failed to hash withdrawal credentials")
+		}
 		// This is hard-coded, to allow deposit data to be generated without a connection to the beacon node.
 		withdrawalCredentials[0] = byte(0) // BLS_WITHDRAWAL_PREFIX
 		outputIf(debug, fmt.Sprintf("Withdrawal credentials are %032x", withdrawalCredentials))
@@ -88,7 +102,24 @@ In quiet mode this will return 0 if the the data can be generated correctly, oth
 				Value:                 val,
 			}
 			outputIf(debug, fmt.Sprintf("Deposit data:\n\tPublic key: %x\n\tWithdrawal credentials: %x\n\tValue: %d", depositData.PubKey, depositData.WithdrawalCredentials, depositData.Value))
-			domain := e2types.Domain(e2types.DomainDeposit, e2types.ZeroForkVersion, e2types.ZeroGenesisValidatorsRoot)
+
+			var forkVersion []byte
+			if validatorDepositDataForkVersion != "" {
+				forkVersion, err = hex.DecodeString(strings.TrimPrefix(validatorDepositDataForkVersion, "0x"))
+				errCheck(err, fmt.Sprintf("Failed to decode fork version %s", validatorDepositDataForkVersion))
+				assert(len(forkVersion) == 4, "Fork version must be exactly four bytes")
+			} else {
+				err := connect()
+				errCheck(err, "Failed to connect to beacon node")
+				config, err := grpc.FetchChainConfig(eth2GRPCConn)
+				errCheck(err, "Failed to obtain chain configuration")
+				genesisForkVersion, exists := config["GenesisForkVersion"]
+				assert(exists, "Failed to obtain genesis fork version")
+				forkVersion = genesisForkVersion.([]byte)
+			}
+			outputIf(debug, fmt.Sprintf("Fork version is %x", forkVersion))
+
+			domain := e2types.Domain(e2types.DomainDeposit, forkVersion, e2types.ZeroGenesisValidatorsRoot)
 			outputIf(debug, fmt.Sprintf("Domain is %x", domain))
 			err = validatorAccount.Unlock([]byte(rootAccountPassphrase))
 			errCheck(err, "Failed to unlock validator account")
@@ -159,6 +190,8 @@ func init() {
 	validatorFlags(validatorDepositDataCmd)
 	validatorDepositDataCmd.Flags().StringVar(&validatorDepositDataValidatorAccount, "validatoraccount", "", "Account of the account carrying out the validation")
 	validatorDepositDataCmd.Flags().StringVar(&validatorDepositDataWithdrawalAccount, "withdrawalaccount", "", "Account of the account to which the validator funds will be withdrawn")
+	validatorDepositDataCmd.Flags().StringVar(&validatorDepositDataWithdrawalPubKey, "withdrawalpubkey", "", "Public key of the account to which the validator funds will be withdrawn")
 	validatorDepositDataCmd.Flags().StringVar(&validatorDepositDataDepositValue, "depositvalue", "", "Value of the amount to be deposited")
 	validatorDepositDataCmd.Flags().BoolVar(&validatorDepositDataRaw, "raw", false, "Print raw deposit data transaction data")
+	validatorDepositDataCmd.Flags().StringVar(&validatorDepositDataForkVersion, "forkversion", "", "Use a hard-coded fork version (default is to fetch it from the node)")
 }

cmd/version.go

@@ -30,7 +30,7 @@ var versionCmd = &cobra.Command{
 
     ethdo version.`,
 	Run: func(cmd *cobra.Command, args []string) {
-		fmt.Println("1.4.10")
+		fmt.Println("1.4.13")
 		if viper.GetBool("verbose") {
 			buildInfo, ok := dbg.ReadBuildInfo()
 			if ok {

cmd/walletaccounts.go

@@ -32,7 +32,7 @@ var walletAccountsCmd = &cobra.Command{
 
 In quiet mode this will return 0 if the wallet holds any addresses, otherwise 1.`,
 	Run: func(cmd *cobra.Command, args []string) {
-		assert(walletWallet != "", "wallet is required")
+		assert(walletWallet != "", "--wallet is required")
 
 		hasAccounts := false
 

cmd/walletcreate.go

@@ -21,7 +21,6 @@ import (
 	wallet "github.com/wealdtech/go-eth2-wallet"
 	keystorev4 "github.com/wealdtech/go-eth2-wallet-encryptor-keystorev4"
 	hd "github.com/wealdtech/go-eth2-wallet-hd/v2"
-	filesystem "github.com/wealdtech/go-eth2-wallet-store-filesystem"
 )
 
 var walletCreateType string
@@ -44,23 +43,10 @@ In quiet mode this will return 0 if the wallet is created successfully, otherwis
 		switch strings.ToLower(walletCreateType) {
 		case "non-deterministic", "nd":
 			assert(walletCreateSeed == "", "--seed is not allowed with non-deterministic wallets")
-			_, err = wallet.CreateWallet(walletWallet, wallet.WithType("nd"))
+			err = walletCreateND(walletWallet)
 		case "hierarchical deterministic", "hd":
 			assert(rootWalletPassphrase != "", "--walletpassphrase is required for hierarchical deterministic wallets")
-			store := filesystem.New()
-			encryptor := keystorev4.New()
-			if walletCreateSeed != "" {
-				// Creating wallet from a seed.
-				var seed []byte
-				seed, err = bip39.MnemonicToByteArray(walletCreateSeed)
-				errCheck(err, "Failed to decode seed")
-				// Strip checksum; last byte
-				seed = seed[:len(seed)-1]
-				assert(len(seed) == 32, "Seed must have 24 words")
-				_, err = hd.CreateWalletFromSeed(walletWallet, []byte(rootWalletPassphrase), store, encryptor, seed)
-			} else {
-				_, err = hd.CreateWallet(walletWallet, []byte(rootWalletPassphrase), store, encryptor)
-			}
+			err = walletCreateHD(walletWallet, rootWalletPassphrase, walletCreateSeed)
 		default:
 			die("unknown wallet type")
 		}
@@ -68,6 +54,31 @@ In quiet mode this will return 0 if the wallet is created successfully, otherwis
 	},
 }
 
+// walletCreateND creates a non-deterministic wallet.
+func walletCreateND(name string) error {
+	_, err := wallet.CreateWallet(name, wallet.WithType("nd"))
+	return err
+}
+
+// walletCreateND creates a hierarchical-deterministic wallet.
+func walletCreateHD(name string, passphrase string, seedPhrase string) error {
+	encryptor := keystorev4.New()
+	if seedPhrase != "" {
+		// Create wallet from a user-supplied seed.
+		var seed []byte
+		seed, err := bip39.MnemonicToByteArray(seedPhrase)
+		errCheck(err, "Failed to decode seed")
+		// Strip checksum; last byte.
+		seed = seed[:len(seed)-1]
+		assert(len(seed) == 32, "Seed must have 24 words")
+		_, err = hd.CreateWalletFromSeed(name, []byte(passphrase), store, encryptor, seed)
+		return err
+	}
+	// Create wallet with a random seed.
+	_, err := hd.CreateWallet(name, []byte(passphrase), store, encryptor)
+	return err
+}
+
 func init() {
 	walletCmd.AddCommand(walletCreateCmd)
 	walletFlags(walletCreateCmd)

cmd/walletinfo.go

@@ -32,7 +32,7 @@ var walletInfoCmd = &cobra.Command{
 In quiet mode this will return 0 if the wallet exists, otherwise 1.`,
 	Run: func(cmd *cobra.Command, args []string) {
 		assert(!remote, "wallet info not available with remote wallets")
-		assert(walletWallet != "", "Wallet is required")
+		assert(walletWallet != "", "--wallet is required")
 
 		wallet, err := walletFromPath(walletWallet)
 		errCheck(err, "unknown wallet")

docs/usage.md

@@ -339,7 +339,13 @@ Validator commands focus on interaction with Ethereum 2 validators.
 
 #### `depositdata`
 
-`ethdo validator depositdata` generates the data required to deposit one or more Ethereum 2 validators.
+`ethdo validator depositdata` generates the data required to deposit one or more Ethereum 2 validators.  Options include:
+  - `withdrawalaccount` specify the account to be used for the withdrawal credentials (if withdrawalpubkey is not supplied)
+  - `withdrawalpubkey` specify the public key to be used for the withdrawal credentials (if withdrawalaccount is not supplied)
+  - `validatoraccount` specify the account to be used for the validator
+  - `depositvalue` specify the amount of the deposit
+  - `forkversion` specify the fork version for the deposit signature; this should not be included unless the deposit is being generated offline.  Note that supplying an incorrect value could result in the loss of your deposit, so only supply this value if you are sure you know what you are doing
+  - `raw` generate raw hex output that can be supplied as the data to an Ethereum 1 deposit transaction
 
 #### `exit`
 
@@ -347,6 +353,7 @@ Validator commands focus on interaction with Ethereum 2 validators.
   - `epoch` specify an epoch before which this exit is not valid
   - `json-output` generate JSON output rather than sending a transaction immediately
   - `json` use JSON input created by the `--json-output` option rather than generate data from scratch
+  - `forkversion` specify a specific fork version; default is to fetch it from the chain but this can be used when generating offline deposits
 
 ```sh
 $ ethdo validator exit --account=Validators/1 --passphrase="my validator secret"

go.mod

@@ -4,18 +4,20 @@ go 1.13
 
 require (
 	github.com/OneOfOne/xxhash v1.2.5 // indirect
-	github.com/aws/aws-sdk-go v1.30.24 // indirect
+	github.com/aws/aws-sdk-go v1.30.25 // indirect
 	github.com/ferranbt/fastssz v0.0.0-20200415074633-b062b680417b // indirect
 	github.com/fsnotify/fsnotify v1.4.9 // indirect
 	github.com/gogo/protobuf v1.3.1
 	github.com/golang/protobuf v1.4.1 // indirect
 	github.com/google/uuid v1.1.1
 	github.com/grpc-ecosystem/grpc-gateway v1.14.5 // indirect
+	github.com/herumi/bls-eth-go-binary v0.0.0-20200508110836-07e8f416e478 // indirect
 	github.com/mitchellh/go-homedir v1.1.0
 	github.com/mitchellh/mapstructure v1.3.0 // indirect
 	github.com/pelletier/go-toml v1.7.0 // indirect
 	github.com/pkg/errors v0.9.1
-	github.com/prysmaticlabs/ethereumapis v0.0.0-20200501162653-df460bd3d84b
+	github.com/prysmaticlabs/ethereumapis v0.0.0-20200511212457-3444ffb75440
+	github.com/prysmaticlabs/go-bitfield v0.0.0-20200322041314-62c2aee71669
 	github.com/prysmaticlabs/go-ssz v0.0.0-20200101200214-e24db4d9e963
 	github.com/spaolacci/murmur3 v1.1.0 // indirect
 	github.com/spf13/afero v1.2.2 // indirect
@@ -33,12 +35,13 @@ require (
 	github.com/wealdtech/go-eth2-wallet-encryptor-keystorev4 v1.0.0
 	github.com/wealdtech/go-eth2-wallet-hd/v2 v2.0.4
 	github.com/wealdtech/go-eth2-wallet-store-filesystem v1.7.3
+	github.com/wealdtech/go-eth2-wallet-store-s3 v1.6.3
 	github.com/wealdtech/go-eth2-wallet-types/v2 v2.0.2
 	github.com/wealdtech/go-string2eth v1.1.0
-	golang.org/x/crypto v0.0.0-20200429183012-4b2356b1ed79 // indirect
+	golang.org/x/crypto v0.0.0-20200510223506-06a226fb4e37 // indirect
 	golang.org/x/net v0.0.0-20200506145744-7e3656a0809f // indirect
-	golang.org/x/sys v0.0.0-20200509044756-6aff5f38e54f // indirect
-	google.golang.org/genproto v0.0.0-20200507105951-43844f6eee31 // indirect
+	golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25 // indirect
+	google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380 // indirect
 	google.golang.org/grpc v1.29.1
 	gopkg.in/ini.v1 v1.56.0 // indirect
 )

go.sum

@@ -27,8 +27,8 @@ github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmV
 github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8=
 github.com/aws/aws-sdk-go v1.30.15 h1:Sd8QDVzzE8Sl+xNccmdj0HwMrFowv6uVUx9tGsCE1ZE=
 github.com/aws/aws-sdk-go v1.30.15/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0=
-github.com/aws/aws-sdk-go v1.30.24 h1:y3JPD51VuEmVqN3BEDVm4amGpDma2cKJcDPuAU1OR58=
-github.com/aws/aws-sdk-go v1.30.24/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0=
+github.com/aws/aws-sdk-go v1.30.25 h1:89NXJkfpjnMEnsxkP8MVX+LDsoiLCSqevraLb5y4Mjk=
+github.com/aws/aws-sdk-go v1.30.25/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0=
 github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
 github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
 github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs=
@@ -155,6 +155,8 @@ github.com/hashicorp/memberlist v0.1.3/go.mod h1:ajVTdAv/9Im8oMAAj5G31PhhMCZJV2p
 github.com/hashicorp/serf v0.8.2/go.mod h1:6hOLApaqBFA1NXqRQAsxw9QxuDEvNxSQRwA/JwenrHc=
 github.com/herumi/bls-eth-go-binary v0.0.0-20200428020417-6dd0e5634b87 h1:23l9wMlu3iMRg5PwI4wuA7sbR77GSF+rnwI0Z/Y4IPc=
 github.com/herumi/bls-eth-go-binary v0.0.0-20200428020417-6dd0e5634b87/go.mod h1:luAnRm3OsMQeokhGzpYmc0ZKwawY7o87PUEP11Z7r7U=
+github.com/herumi/bls-eth-go-binary v0.0.0-20200508110836-07e8f416e478 h1:UMIHMlIgtPmh96SmXdDiEDRbQ2NSroxBQzpEknueoG4=
+github.com/herumi/bls-eth-go-binary v0.0.0-20200508110836-07e8f416e478/go.mod h1:luAnRm3OsMQeokhGzpYmc0ZKwawY7o87PUEP11Z7r7U=
 github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM=
 github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8=
 github.com/jmespath/go-jmespath v0.3.0 h1:OS12ieG61fsCg5+qLJ+SsW9NicxNkg3b25OyT2yCeUc=
@@ -227,8 +229,8 @@ github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40T
 github.com/protolambda/zssz v0.1.3/go.mod h1:a4iwOX5FE7/JkKA+J/PH0Mjo9oXftN6P8NZyL28gpag=
 github.com/protolambda/zssz v0.1.4 h1:4jkt8sqwhOVR8B1JebREU/gVX0Ply4GypsV8+RWrDuw=
 github.com/protolambda/zssz v0.1.4/go.mod h1:a4iwOX5FE7/JkKA+J/PH0Mjo9oXftN6P8NZyL28gpag=
-github.com/prysmaticlabs/ethereumapis v0.0.0-20200501162653-df460bd3d84b h1:PSLKYmF+Z0GoHt0BDVMSqnhr//83NyzQIGlmhRbQMgs=
-github.com/prysmaticlabs/ethereumapis v0.0.0-20200501162653-df460bd3d84b/go.mod h1:5OkRN6UmvgtP+kIewitcEKC7S5KOzLOGtya/Tz+HBns=
+github.com/prysmaticlabs/ethereumapis v0.0.0-20200511212457-3444ffb75440 h1:plalLbsEdAKKURjR7u+JUsgD2tyxSa/yitdMyqaWY4E=
+github.com/prysmaticlabs/ethereumapis v0.0.0-20200511212457-3444ffb75440/go.mod h1:5OkRN6UmvgtP+kIewitcEKC7S5KOzLOGtya/Tz+HBns=
 github.com/prysmaticlabs/go-bitfield v0.0.0-20191017011753-53b773adde52/go.mod h1:hCwmef+4qXWjv0jLDbQdWnL0Ol7cS7/lCSS26WR+u6s=
 github.com/prysmaticlabs/go-bitfield v0.0.0-20200322041314-62c2aee71669 h1:cX6YRZnZ9sgMqM5U14llxUiXVNJ3u07Res1IIjTOgtI=
 github.com/prysmaticlabs/go-bitfield v0.0.0-20200322041314-62c2aee71669/go.mod h1:hCwmef+4qXWjv0jLDbQdWnL0Ol7cS7/lCSS26WR+u6s=
@@ -338,8 +340,8 @@ golang.org/x/crypto v0.0.0-20191105034135-c7e5f84aec59 h1:PyXRxSVbvzDGuqYXjHndV7
 golang.org/x/crypto v0.0.0-20191105034135-c7e5f84aec59/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20200427165652-729f1e841bcc h1:ZGI/fILM2+ueot/UixBSoj9188jCAxVHEZEGhqq67I4=
 golang.org/x/crypto v0.0.0-20200427165652-729f1e841bcc/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.0.0-20200429183012-4b2356b1ed79 h1:IaQbIIB2X/Mp/DKctl6ROxz1KyMlKp4uyvL6+kQ7C88=
-golang.org/x/crypto v0.0.0-20200429183012-4b2356b1ed79/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.0.0-20200510223506-06a226fb4e37 h1:cg5LA/zNPRzIXIWSCxQW10Rvpy94aQh3LT/ShoCpkHw=
+golang.org/x/crypto v0.0.0-20200510223506-06a226fb4e37/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@@ -405,8 +407,8 @@ golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200427175716-29b57079015a h1:08u6b1caTT9MQY4wSbmsd4Ulm6DmgNYnbImBuZjGJow=
 golang.org/x/sys v0.0.0-20200427175716-29b57079015a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200509044756-6aff5f38e54f h1:mOhmO9WsBaJCNmaZHPtHs9wOcdqdKCjF6OPJlmDM3KI=
-golang.org/x/sys v0.0.0-20200509044756-6aff5f38e54f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25 h1:OKbAoGs4fGM5cPLlVQLZGYkFC8OnOfgo6tt0Smf9XhM=
+golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs=
@@ -456,8 +458,8 @@ google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBr
 google.golang.org/genproto v0.0.0-20190927181202-20e1ac93f88c/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8=
 google.golang.org/genproto v0.0.0-20191108220845-16a3f7862a1a/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
 google.golang.org/genproto v0.0.0-20200228133532-8c2c7df3a383/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
-google.golang.org/genproto v0.0.0-20200507105951-43844f6eee31 h1:Bz1qTn2YRWV+9OKJtxHJiQKCiXIdf+kwuKXdt9cBxyU=
-google.golang.org/genproto v0.0.0-20200507105951-43844f6eee31/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
+google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380 h1:xriR1EgvKfkKxIoU2uUvrMVl+H26359loFFUleSMXFo=
+google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
 google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
 google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38=
 google.golang.org/grpc v1.21.0 h1:G+97AoqBnmZIT91cLG/EkCoK9NSelj64P8bOHHNmGn0=