We safeguard your data in transit and at rest.
We use Multi-Factor Authentication (MFA) & Role-Based Access (RBAC) to ensure only authorized personnel can access sensitive data.
We maintain 24/7 monitoring to detect and mitigate vulnerabilities before they impact operations.
Regular audits by internal and external experts, plus crowdsourced security testing, help keep our systems robust.
Certified under the globally recognized standard for information security management systems, ensuring rigorous security controls are in place.
Demonstrates our commitment to security and data protection, with verified controls designed to safeguard customer information.
Designed to meet global regulatory standards, including data privacy (GDPR) and financial compliance requirements (AML/KYC).
All smart contracts undergo comprehensive third-party audits to identify and address vulnerabilities before deployment.
We commit to full transparency across security and business continuity. Our slashing protection, backed by leading risk advisors and insurers, safeguards clients against potential losses. With 24/7 global monitoring, we detect and address issues in real time. To prevent disruptions, we maintain 70+ terabit DDoS protection, securing infrastructure against attacks. We disclose any security incidents that could affect compliance, security, or privacy - reinforcing trust and accountability.
To find out more about infrastructure uptime and reliability,
check out our infrastructure page.
Blockdaemon’s infrastructure is secured by enterprise-grade firewalls, real-time intrusion detection, and strict access controls. With 24/7 monitoring and automated risk mitigation, we provide institutional-grade security at every layer of our stack.
Our products are built with security at the core, integrating secure coding practices, continuous security testing, and proactive threat detection. Through regular penetration testing and transparent security assurance, we ensure robust protection against vulnerabilities.
Blockdaemon enforces strict internal security protocols to maintain a security-first culture. Employees undergo continuous security training, adhere to least privilege access principles, and follow strict data handling procedures that align with institutional security standards.
All employees and contractors undergo pre-screening and background checks to ensure they are qualified and trustworthy. Regular training on the latest security protocols and best practices ensures that personnel remain up to date on potential risks and mitigations.
Engineers are assigned responsibilities with explicitly restricted access based on operational requirements. All production secrets are managed through service accounts, removing direct engineer access to deployment environments.
We adhere to a strict data minimization policy, collecting and processing only what’s necessary to provide our services effectively. Users maintain full control over their data, with options to access, modify, or delete their information in compliance with privacy regulations. Additionally, anonymization techniques are implemented to improve privacy and protect sensitive information across all systems.
Holders of the Network’s token who choose to stake these tokens to the protocol in order to participate in the network’s consensus mechanism. At all times throughout the staking process, the Delegator maintains control of the private keys associated with this address and has full control of the movement of tokens in and out of that address, subject to any bonding period set by the protocol.
A node, configured with the protocol’s software, that operates as the primary method for producing new blocks of the Network. It does this by selecting and ordering the transactions to be included in the next block of the chain and creates that block per the protocol rules, in order to keep consensus on the blockchain.
Validator nodes act as access points for delegators to participate in the protocol’s consensus mechanism, but they do not control access. A delegator can choose to simply undelegate from a specific validator and re-delegate through another validator.
Validators can be made up of multiple machine node types, a single machine node, or multiple validators on a single machine. The exact configuration of a validator node is dependent on the processing power required by a particular protocol.
A Validator typically has a keypair - public and private. Public keys are the Validator’s onchain identity, and the private key is used to control that identity on chain (ie. set the validator to active or inactive, set parameters like Commission Fee rate or plain text name). The actions the Validator can perform are set by the Network.
Validator Keys are NOT able to control Delegator’s funds. Please note that the Validator Keys are different to the public-private key pair controlling the delegator’s wallet address.
Depending on the network, a Validator may have one keypair (Public and Private), or there are multiple keys that control and operate various functions.
Tokens required on the Validator keys are typically the minimum self-stake required for the Validator to be activated, which is separate from the Delegator’s staked funds. The Network sets the minimum self-stake a Validator is required to have, and can sometimes be as little as 1 Token.
Token distributions made by the protocol if a Validator Node is chosen to validate transactions. These rewards subsidize the cost of network participation.
Every Network has a specific way it calculates Rewards that can include Network state and Validator performance.
The Validator charges the Delegators who choose to stake their tokens to the protocol via the validator infrastructure. This fee is charged as a % of any rewards distributed by the protocol to that validator.
Commission fees help to cover operating costs of running the machine(s) and the network bandwidth that is required to effectively operate the Validator in accordance with the Network’s requirements.
Validators set the commission fee %, but are only able to change it in accordance with limitations set by the Network. The Commission Fee is public information published on the Network, accessible by any participants including Delegators.
The tokens that are staked to the network are usually locked up (“bonded”) for a specified period of time. The length of time differs from protocol to protocol and is entirely controlled by the protocol.
During this period, the protocol has temporarily removed the ability for the delegator to remove tokens from the address that is being used to stake and the tokens must remain in the address that is on the blockchain ledger.
Once the time period has elapsed, the tokens can be transferred back to the origin address (“unbonded”). Subject to any bonding period that is set by the protocol, the delegator has full control of the movement of tokens.
A delegator also has the ability to undelegate/unbond from a specific validator, and re-delegate to another validator without requiring permission from either the validator operator or the protocol.
To guarantee the integrity of the network, the protocol imposes a penalty on any participant who violates the protocol’s rules. This is referred to as a slashing event. These rules usually relate to signing or double-signing blocks or extreme downtime.
Slashing is applied at the validator level and is implemented by taking a set percentage from staked tokens.