Spectrum Staking Security

We place an incredibly strong emphasis on security measures given the risks of operating infrastructure supporting digital assets. Our extensive experience in IT systems security allows us to protect these sensitive services with utmost care.

spectrum staking security image

Key management

image icon

All validator private and withdrawal authority keys are always stored on our secure private management systems which are blocked from outside access.

image icon

All validator entities and voting keys are backed up in a secure location.

System access

image icon

All SSH sessions are always authenticated using keys stored on U2F hardware. Password authentication is disallowed.

image icon

IP access-lists are used to limit management access from authorized management locations to all of our publicly available systems and nodes.

image icon

Authentication logs are automatically audited with alerts setup for unauthorized access.

Other practices

image icon

Operating systems are regularly patched with vulnerability updates.

image icon

Only necessary TCP/UDP ports are open to public access.

image icon

Services always run as an unprivileged user and are containerized when feasible.

image icon

“Root” account is never used for services or system administration.

background image