Each validator candidate is encouraged to run its operations independently, as diverse setups increase the resilience of the network.

Key Management - HSM

It is mission critical that an attacker cannot steal a validator's key. If this is possible, it puts the entire stake delegated to the compromised validator at risk. Hardware security modules are an important strategy for mitigating this risk.

The recommended hardware for storing private keys is Yubikey and Ledger Nano (support coming soon).

We will update this page when more key storage solutions become available. For the moment you can get further information by looking at tmkms

Sentry Nodes (DDOS Protection)

Validators are responsible for ensuring that the network can sustain denial of service attacks.

One recommended way to mitigate these risks is for validators to carefully structure their network topology in a so-called 'sentry node architecture'.

Validator nodes should only connect to full-nodes they trust because they operate them themselves or are run by other validators they know socially. A validator node will typically run in a data center. Most data centers provide direct links to the networks of major cloud providers. The validator can use those links to connect to sentry nodes in the cloud. This shifts the burden of denial-of-service from the validator's node directly to its sentry nodes, and may require new sentry nodes be spun up or activated to mitigate attacks on existing ones.

Sentry nodes can be quickly spun up or change their IP addresses. Because the links to the sentry nodes are in private IP space, an internet-based attack cannot disturb them directly. This will ensure validator block proposals and votes always make it to the rest of the network.

Firewalls

A firewall is a network security system that uses predetermined rules to filter incoming and outgoing traffic, blocking suspicious requests. A properly configured VPS firewall will block all connections to ports that are not used by any legitimate services. Firewalls help to stop attacks and threats that can lead to outages or server takeovers. For example, you can set up your firewall to allow access from only specific IPs, and have the necessary ports only open to sentry nodes.

SSH keys

SSH keys are more difficult to hack than passwords, as SSH keys can be up to 4096 bits in length and are typically at least 1024 bits long ( which is the security equivalent of a 12 characters password)

Also, SSH keys are more robust than passwords against compromises on the server-side, as even if the server is compromised, your SSH key remains safe. The SSH key remains on the client-side and no secret value is ever sent to the server

As the SSH key is stored on a device, keep in mind that you should protect the key with a passphrase( to defend your SSH key in case the device gets compromised)

Dedicated Server and Auditing

Try using a dedicated server, without unnecessary services. This will minimize the attack surface. Keep in mind using auditing tools to perform in-depth security scans. This will help test security defenses and enhance system hardening, Keep your operating system updated and dependencies updated, as his will help protect against vulnerabilities