In a distributed network where partitions are inevitable, we prioritize Consistency over Availability due to the harsher penalty for inconsistency than unavailability.
We believe the basis of reliability is simplicity. Complication often ends up being over-promising and under-performing. What's a good system if you can't sufficiently maintain it?
Security cannot be guaranteed but resilience can. We fully adapt the "Prevention, Detection and Response" approach standardized in the Information Security industry to mitigate risks.
HSM Key Management
We store our private keys on a HSM to prevent the keys being left exposed on the validator host. Our HSM has full Ed25519 signature support, and is used in signing votes and submitting block proposals.
A sentry node architecture is utilized to defend against DDoS attacks. Geographically distributed sentry nodes shift the burden of DDoS from the validator node(s) and can be quickly spun up or configured to mitigate the impact of existing attacks.
We collect a wide range of metrics including metrics exposed by the consensus protocol, language-specific processing statistics, Prometheus exporters and so on. Our ultimate goal is to develop one integrated tooling that combines metrics , monitoring and alerting.