BitSong
Search…
Introduction
Delegators
Validators
Validator Overview
Validator FAQ
Validator Security
Relayer
FAQ
Glossary
Roadmap
Media Kit
Links
Blockchain
Install go-bitsong
Join the Mainnet
Create Validator
Join the Testnet
CLI Guide
Gas and Fees
Pruning of State
Export the state
Verify Mainnet
Upgrades
Features and Modules
Fan Tokens
Liquidity
NFTs
Marketplace
IBC
Auth
Bank
Crisis
Capability
Community Pool
Distribution
Evidence
Governance
Mint
Staking
Slashing
Upgrade
BTSG
What is BTSG ?
Distribution and Tokenomics
Wallets
Buy and Sell
Liquidity Provider
Developers
bitsongJS
USEFUL GUIDES
How to Create a BitSong wallet
How to Import Your BitSong Wallet
How to Stake $BTSG
How to Add $BTSG Liquidity to Osmosis Pools
How to Participate in the Fan Token Airdrop
Sinfonia User's Guide
How to Report a Bug on Sinfonia
Powered By GitBook
Validator Security

Validator Security

BitSong encourages Validators to run their operations independently to ensure diverse setups to increase network resilience. However, these are some general guidelines and information.

Key Management - HSM

Validator key security is absolutely paramount. If a Validator's key becomes compromised, their entire staked pool, including delegated BTSG, is at risk. Hardware security modules are hardware-based key management solutions that help to offset the risk of a breach.
HSM modules must support ed25519 signatures for the BitSong blockchain. The YubiHSM2 supports ed25519 and this yubikey library is available (opens new window). Please note that the YubiHSM can protect a private key but cannot ensure in a secure setting that it won't sign the same block twice.
We are also working on extending our Ledger Nano S application to support validator signing. This app can store recent blocks and mitigate double signing attacks.
We will update this page when more key storage solutions become available.

Sentry Nodes (DDoS Protection)

Validators have a responsibility to ensure that the network can withstand denial of service (DoS) attacks.
Validators can mitigate these risks by carefully structuring their network topology in a so-called sentry node architecture.
Validator nodes should only connect to full nodes they trust - either because they operate the nodes themselves or because the nodes are run by other validators they know socially.
A validator node typically runs in a data center, most of which are linked directly to the networks of major cloud providers. The validator can use those links to connect to sentry nodes, which run in the cloud.
This setup shifts the responsibility of denial-of-service from the validator's node directly to its sentry nodes. It may require new sentry nodes to be set up to mitigate attacks on existing ones.
It's possible to spin up sentry nodes or change their IP addresses relatively quickly. Because the links to the sentry nodes exist in private IP space, an internet-based DoS attack does not affect them directly. Thus, this setup will ensure that validator block proposals and votes are always transmissible to the rest of the network.
Follow these steps to set up your sentry node architecture:
Validators nodes should edit their config.toml:
# Comma separated list of nodes to keep persistent connections to
# Do not add private peers to this list if you don't want them advertised persistent_peers =[list of sentry nodes]
# Set true to enable the peer-exchange reactor pex = false
Sentry Nodes should edit their config.toml:
# Comma separated list of peer IDs to keep private (will not be gossiped to other peers)
# Example ID: [email protected]:26656 private_peer_ids = "node_ids_of_private_peers"

Environment Variables

By default, uppercase environment variables with the following prefixes will replace lowercase command-line flags:
  • GA (for Gaia flags)
  • TM (for Tendermint flags)
  • BC (for democli or basecli flags)
For example, the environment variable GA_CHAIN_ID will map to the command line flag --chain-id. Note that while explicit command-line flags will take precedence over environment variables, environment variables will take precedence over any of your configuration files. For this reason, it's imperative that you lock down your environment such that any critical parameters are defined as flags on the CLI or prevent modification of any environment variables.
Previous
Validator FAQ
Next
Relayer
Last modified 6mo ago
Copy link
Contents
Validator Security
Key Management - HSM
Sentry Nodes (DDoS Protection)
Environment Variables