Security you can underwrite.
A full catalogue of the controls, audits, and incident transparency that let institutional risk teams green-light us as an operator.
Security you can underwrite, not just read about.
We operate to the posture your risk team needs to green-light. Not marketing claims — reports, hardware attestations, and public incident history.
Third-party audited operations covering change management and key custody. Security brief available on request.
FIPS 140-2 Level 3 hardware across multiple geographies. Signing keys never leave the box.
Underwritten coverage per protocol, scoped to delegator stake. Claim path documented in the brief.
Every sev-1 in operating history is published with timeline, root cause, and mitigation.
A validator signs two conflicting blocks or attestations for the same slot — the canonical fault that burns stake.
Remote-signer with anti-double-sign database; slash-protection journal replicated across regions; key never loaded on more than one live signer.
- Security brief — available on request
- Penetration tests — annual, with remediation tracked publicly
- Access reviews — quarterly, with documented approvers
- FIPS 140-2 Level 3 HSMs across three geographies
- Scoped signing policies — per-protocol, per-action, rate-limited
- Slash-protection journal replicated before any signer rotation
- 24/7 on-call with named protocol engineers per network
- Sev-1 response time: under 10 minutes, median under 4
- Change management — dual-approval on all production pushes
- Public post-mortems on every sev-1 in operating history
- Status page with raw uptime, not averages
- Customer-facing runbooks for all recoverable incident classes
Put your workload on infrastructure that's built to run it.
One conversation. A named engineer. A reply within one business day. No custody transfer. No lock-in.