Security

Security best practices for node operators

Draft Documentation

This documentation is under development and may be incomplete or subject to change.

Overview

This guide covers security best practices for operating ComputeNet infrastructure, including validator nodes and supporting systems.

Key Management

Proper key management is critical for validator security:

  • Generate keys on secure, air-gapped systems
  • Use hardware security modules (HSMs) where possible
  • Implement key rotation procedures
  • Maintain secure, encrypted backups
  • Use separate keys for signing and encryption

Security Warning

Never share validator private keys. Compromised keys can lead to slashing and loss of staked funds.

Network Security

Protect your node at the network level:

  • Use firewalls to restrict access to necessary ports only
  • Enable DDoS protection where available
  • Use private networking between your own nodes
  • Monitor for unusual network activity
  • Keep network software updated

System Hardening

Recommended system hardening measures:

  • Run nodes on dedicated, minimal OS installations
  • Keep all software updated with security patches
  • Disable unnecessary services and ports
  • Use non-root users for node processes
  • Implement intrusion detection systems
  • Enable audit logging

Access Control

Implement strict access controls:

  • Use SSH keys instead of passwords
  • Implement multi-factor authentication
  • Limit administrative access to necessary personnel
  • Use bastion hosts for remote access
  • Audit access logs regularly

Operational Security

Maintain security in day-to-day operations:

  • Implement change management procedures
  • Test updates in staging before production
  • Maintain incident response procedures
  • Conduct regular security reviews
  • Keep documentation up to date
NextOverview