1. What are Blockdaemon’s security measures for relay nodes?
We work closely with the Algorand protocol developers to get first-hand information about security threats as well as preemptively think through attack scenarios. We run all blockchain software in Docker using a dedicated user account and enforce industry standard hardening practices.
All REST traffic is encrypted with TLS, and provides token-based authentication for the REST endpoint. TLS private keys are rotated frequently. All unnecessary ports are blocked and underlying software is upgraded using best practices.
2. What security measures does Blockdaemon take for participation nodes?
We maintain the same level of security for professional and personal participation nodes as we do for relay nodes. In addition, all external traffic is blocked for participation nodes. Private keys are stored in a secure database and access is limited to the relay nodes.
3. What security measures does Blockdaemon take at the cloud level for relay nodes?
We follow best practices outlined in AWS Well Architected Framework. All nodes run on hardened Linux servers inside a Docker container in a VPC. Inbound traffic is limited to the ports and monitored actively.
4. How does Blockdaemon safeguard against DDoS attacks on the entire network?
We use a DNS provider that monitors for DDoS attacks and can mitigate on the global network level. We also have a failover DNS server in case the primary is under attack.
5. How does Blockdaemon safeguard against DDoS attacks on a single node?
We have designed our network to be dynamic and easy to migrate nodes from one location to another. If a node is under attack, that node will be migrated elsewhere. Taking advantage of the distributed nature of blockchain data will not be lost and the migration will be seamless.
6. How does Blockdaemon safeguard against DDoS attack on at the protocol level?
The Algorand protocol itself provides some security against DDoS attacks. Being a decentralized network means that there is no single point-of-failure that can be attacked. In the event that a significant number of nodes get attacked at the same time, we have the capability to add more relay nodes until the attack is over.
7. What happens if one node is compromised and what is the exposure for the others?
Each node runs completely independent of each other, at a bare minimum in a different VPC. In the unlikely event that a node is comprised, the other nodes will not be affected.
8. What is monitored on the node and blockchain?
At the Node level we monitor:
- VM monitoring
- Disk Usage
- Network Line speed
At the Blockchain level we monitor:
- Block Height
- Peer Count
- Number of transactions sent to a node
- Number of transactions pending in txpool
- Number of queued transactions in txpool
9. How fast are protocol hotfixes applied?
Our typical process is to fully vet and test every new release before rolling it out so that the customer has the best experience that is smooth. In emergencies, we have the ability to roll out hotfixes immediately. Because of our distributed team, we always have engineers in various time zones able to work on issues that arise throughout the entire day. We will only deploy hotfixes in emergencies and will closely work with the Foundation in that case.
10. What is the process for regular protocol updates?
We work closely with Algorand Inc. and the Algorand Foundation to make any updates necessary. To stay informed, we also actively monitor news, Twitter, Github, and relevant channels for security warnings.
As an example, we reacted to the Electrum vulnerability within hours and had security measures in place so that our customers weren’t affected.