Security, compliance and operating transparency — in one place.
Everything institutional partners need to complete due diligence on NodeStake infrastructure. Transparent roadmaps, verifiable metrics, audit artefacts on request.
A transparent, dated path to certification.
We publish our compliance timeline — including what's already in place, what's in audit, and what is still scheduled. Institutional partners can use this to align procurement timelines with our certification milestones.
Security baseline
HSM custody, remote signing (tmkms/horcrux), sentry architecture, 24/7 on-call.
Incident response programme
Documented runbooks, post-mortem discipline, tabletop exercises.
SOC 2 Type II readiness
Control mapping, evidence collection, internal audit underway.
Third-party penetration testing
Scoped on validator hosts, signing infrastructure and public endpoints.
SOC 2 Type II attestation
External audit with a recognised firm (KirkpatrickPrice / Schellman tier).
ISO 27001 scoping
Expansion of ISMS across global operations.
Validator keys never touch the validator.
Hardware-secured custody
Signing keys live in FIPS 140-2 Level 3 HSMs. They never appear in plaintext on disk or in validator processes.
Remote signing
tmkms / horcrux mediate every sign request with double-sign protection. Validators don't hold secrets — they ask the signer.
Multi-region failover
Active-passive across EU, US and APAC. Sub-second failover; documented runbooks; regularly exercised.
Perimeter, before signer.
Key custody is the last line of defence — not the first. Every validator, signer and relayer host runs behind a deliberately narrow perimeter: DDoS-mitigated, key-only access, allowlisted origins and a deny-by-default firewall.
Anti-DDoS protection
Upstream DDoS mitigation at the edge plus per-host rate limits. Consensus and P2P stay reachable under load; casual traffic does not.
SSH key-only access
Password authentication is disabled on every host. SSH requires hardware-backed keys — no shared credentials, no fallbacks.
IP allowlisting
Administrative SSH is restricted to a small set of statically-allowlisted operator IPs. Bastion is the only path in, and the bastion itself is allowlisted.
Minimal firewall surface
Deny-by-default on every host. Only ports required for consensus, P2P, metrics scrape or public endpoints are exposed — nothing else.
Detection is the other half of security.
Protection only matters if we notice when something drifts. Metrics, heartbeats and chain-level sanity checks feed a tiered alerting pipeline — routed to Discord, Telegram and phone so no critical event ever sits on a single channel.
Metrics & dashboards
Prometheus scrapes every validator, signer and relayer; Grafana dashboards track block-miss rate, signing latency, peer count. Host scripts watch CPU, RAM and disk continuously.
Health probes
Every critical service heartbeats into hc-ping on a known cadence. A missed heartbeat fires an incident before a dashboard can render — silence is the failure we care about most.
AI explorer audit
A daily AI agent walks each chain's explorer and cross-checks signing, bonding and governance state against what we expect. Catches slow drift that dashboards miss.
Multi-channel alerting
Tiered alerts route to Discord for team visibility, Telegram for chat triage, and direct phone calls for severity-1. Follow-the-sun on-call across EU, US and APAC.
Verifiable, not asserted.
Uptime, signing success and governance participation are published on third-party platforms — so you never have to take our word for them.
Request audit artefacts
SOC 2 readiness summary, architecture overview, insurance evidence and key management attestation — available under NDA.
Request via email →Download the security overview
A one-page PDF covering our security posture, key custody, incident response and compliance roadmap.
Coming soon →Responsible disclosure
Found a security issue? Email security@nodestake.org. We respond within 48 hours and coordinate on a fix timeline.
security@nodestake.org →Planning a procurement process?
We'll share artefacts under NDA and walk your security team through our architecture.