Security Policy
1. Infrastructure Security
- Validator nodes hosted in secure data centers or trusted cloud providers.
- Restricted physical access to authorized personnel only.
- Minimal OS setup with automatic security patching.
- SSH access limited to key-based authentication from specific IPs.
- Host-based and cloud firewalls applied to restrict ports.
2. Key Management
- Validator identity keypair stored offline, only used during initialization or key rotation.
- Vote account keypair stored on encrypted disk with restricted access.
- Withdraw authority key stored offline on hardware or air-gapped devices.
- All keys rotated regularly or upon suspicion of compromise.
3. Network Security
- RPC endpoints are private or require authentication where possible.
- DDoS mitigation includes rate limiting and upstream protection.
- Peer access and gossip behavior controlled with command-line flags.
4. Software Security
- Validator runs latest stable Solana release with verified binaries.
- Monitoring setup with alerts for health, forks, and potential slashable behavior.
- Validator process runs as non-root user in a locked-down environment.
5. Incident Response
- Logs and alerts monitored for anomalies.
- If compromise is suspected, validator is stopped, keys rotated, and node rebuilt.
- Preventative measures in place to avoid slashing (e.g. no duplicate validator processes).
6. Backups & Recovery
- Encrypted backups of critical keys stored in multiple secure locations.
- Recovery processes documented and tested.
- Snapshot-based fast bootstrapping enabled.
7. Policy Review
- Security policies reviewed quarterly or after security events.
- Internal audits conducted regularly.