Scenes from the #LabWeek23 Founders Shoot with Ann Stefan, co-founder and COO of @cubistdev.
Cubist is hardware-backed key management platform for low-latency signing on any blockchain
👏 Stay tuned for clips diving deeper into what Ann and the team are building.
@cubistdev co-founder and UCSD professor Deian Stefan @deiandelmars is at #TrustX2023 discussing design principles + pitfalls of building secure hardware-based systems. Here's the short version:
🔓 Not all secure hardware is actually secure
SGX is broken and makes your system less secure than not using enclaves at all
🪄 Secure hardware is an abstraction, not magic
You can’t just shove large systems into a Nitro Enclave and hope to get security
🛡️ We can use hardware correctly
Minimize the (amount, complexity, and privilege of) code running in the enclave and use a narrow well-typed interface across the trust boundary
Yesterday at @eigencloud's Restaking Summit, @cubistdev CEO @kwantam demo'd our anti-slasher. He showed multiple validator clients running simultaneously with the same keys, which can easily happen by accident (for example during maintenance) and is a major cause of slashing. Because of the anti-slasher, the validators were completely safe.
Running validators at scale is hard. If you want to protect large-scale deployments with a tool like Web3Signer, you have to carefully architect complex infrastructure that's easy to get wrong, and any mistake leaves you vulnerable to slashing. Techniques like DVT add yet more complexity—and they only help under the assumption that at least half of the participants have correctly configured slashing protection.
Protections that come down to "just don't mess up" aren't good enough when your ETH is literally at stake.
A validator that signs with CubeSigner relies on a simple, bulletproof abstraction: a validator key that will never sign a slashable message. The result is that you cannot misconfigure your validator infrastructure in a way that gets you slashed.
By the way, we still have two validator clients running simultaneously with the same keys: https://t.co/98k1d0Pisc
@cubistdev CEO Riad Wahby just took the Main Stage at the #StakingSummit to talk slashing, front running, exit stampedes, and all things staking security. The question is, “is it possible to build a better key abstraction that makes all these risks go away?”
New 'Secure Staking Alliance' with @cubistdev@eigencloud & @babylon_chain forms to create anti-slashing standards for blockchain validators - details in Protocol Village by @liqquidity
https://t.co/pvCJ6osiv6
👋Today the Secure Staking Alliance launches to make (re)staking more secure. We are collaborating on open standards and best practices for designing, building, and running secure validator infrastructure. Join us in shaping the future: https://t.co/ZYRCGBNSxG #SSA#SecureStaking
🎙️On the Crypto Conversation we're with @kwantam co-founder @cubistdev a key management platform for low-latency signing on any blockchain to discuss keys, the new wallet-as-a-service platform CubeSigner, Sci-Fi and more! https://t.co/gnlOjsLSww
This launch brings CubeSigner to teams building wallets, consumer loyalty programs, games, trading platforms, custody platforms, and more, so that no one has to choose between fast, safe, and easy to use.
We’re thrilled to announce CubeSigner, our Wallet-as-a-service platform! It’s the first WaaS with the speed, convenience, and security to support everything from loyalty programs to market makers, across any blockchain. 🧵
Learn more: https://t.co/DXIjeyx8PZ
Congrats to @redactedcartel on today’s pxETH testnet upgrade! Their stake/withdraw API is backed by first-class staking security:
🛟 Deposits will only be signed using keys pre-generated in CubeSigner hardware
🛟 Withdrawals can't be diverted to malicious addresses
🎉 #TrustX2023 Speaker: Riad Wahby
🎙️ Riad Wahby @kwantam, Co-founder and CEO, @cubistdev, Assistant Professor, CMU will speak about "What, Me Worry? Preventing Slashing by Design"
If honest node operators and Bitcoin holders feel confident they can stake without getting slashed, this is a huge win for the security of Proof-of-Stake chains.
Read more how we're working with @babylon_chain to make Bitcoin (re)staking safe by design:
https://t.co/Ugp1Q3Ijfo
Babylon is excited to see #OKXWallet supporting the #BTC testnet 🙌🏻! For the uninitiated, testnet is where many groundbreaking #Bitcoin innovations are born.
Kudos to the .@okx .@okxweb3 team!
7/ Since we’re also integrating CubeSigner as an easy alternative to local keystores, honest Babylon operators will be able to validate securely—and without fear of slashing—from the very start.
4/ Slashing is key for protocol security—but in practice, honest operators can get slashed because of everything from validator client bugs to infrastructural errors…and protecting (hot) staking keys from slashing-minded attackers is deceptively hard.
1/ Cubist is excited to announce our collaboration with @babylon_chain to build anti-slashers that will protect honest #Bitcoin stakers in the Babylon ecosystem from getting slashed—even in the case of bugs, mistakes, or attacks. 🧵
Read more: https://t.co/Ugp1Q3Ijfo
🎉 #TrustX2023 Speaker: Deian Stefan
🎙️ Deian Stefan @deiandelmars, Co-founder, @cubistdev, Security Professor, UCSD will speak about "Hardware pixie dust, or why your secure hardware implementation may not actually be secure"
We're excited to be working with @redactedcartel to secure their validators and pxETH Liquid Staking Token, which launched today on Testnet! They're leading the new wave of LSTs by using secure hardware+policies to protect their keys from compromise, slashing, and front running.