Key storage management is an obstacle yet to be fully tackled, and its value to validators is IMMENSE. Riad Wanby and Deian Stefan, cofounders of Cubist, broke down how they plan to address improving validator security by developing cutting-edge secure hardware.
Here are the 3 biggest takeaways…
First, we broke down the problem space. Evidently, it’s very hard to secure keys. Validators need these keys secured because if someone steals them, they can try to slash that validator or steal their funds. Traditional approaches recommend making storage as cold as possible, but validators need to be live all the time!
To find out more about staking and slashing:
Since secure hardware seems to be the best solution to this problem, the design and rules of such hardware define its potential. The Cubist team specializes in building trusted execution environments (TEEs) wherein they restrict the rules for which attestations a key can sign, making it near-impossible to double sign.
Double signing is the classic example of an objective slashing condition. The design and rules of the TEEs from Cubist reduce the probability of slashing for any set of validators that utilize them. To put this in the context of Ion, any LST market whose provider incorporates TEEs would experience greater capital efficiency ie. lower rates for borrowers, and lower chances of liquidation.
To look towards the future they described an innovation called secure attestations. Secure attestations are ZK-proofs, delivered with the purpose of verifying the client software used by a validator within the TEE. This would allow protocols like Ion to verify that validators are using secure hardware, enabling us to underwrite those validators with a lot more capital efficiency.
Succinctly, the future goals of secure hardware include:
Which bolsters our fundamental thesis!
That is: Slashing risk will tend towards zero in the long run as validator infrastructure and its security become more refined.
This is just the tip of the iceberg! We highly recommend listening to the recording to hear all the details from our amazing friends @Cubistdev.
You can also check them out here: Cubist Blog