In this technology overview, we zoom out to share more knowledge on Blox Staking technologies that power our non-custodial staking services. To get started, let’s look at one of the main challenges with Eth 2.0 validators.
Eth 2.0 validators are unique in that they require the user’s validation keys to be online at all times, to sign transactions when called upon. That has resulted in creating challenges around security and privacy, as most dapps still don’t require user keys, in order to be online.
Every Eth 2.0 validator setup has the following basic architecture:
ETH1.0 and ETH2.0 (the beacon-chain) are the infrastructure layer of any setup, they are both necessary and equal between different setups. A user can choose which versions of nodes to run but they all function in the same fashion (according to Eth1.0 and Eth2.0 specs). Another property of the infrastructure layer is that it doesn’t hold any sensitive information.
Hashicorp Vault + Blox Plugin
The validator itself is a piece of software which has the responsibility of executing duties for a set of public-keys that represent active validators, as defined in the beacon-chain. To be clear, validator software is actually a validator and a validator wallet. The wallets job is to securely store the sensitive data, like private keys and slashing protection data. The last item, slashing protection, is a unique construction exclusive to Eth2.0 and is essential for security purposes.
Blox implemented a unique approach to keeping the wallet (and it’s internal data) safe by using Hashicorp’s open-source vault platform. A leader in robust key management, Hashicorp employs an always on-disk encryption policy which means that sensitive data is never available in plain-text. On-disk encryption, coupled with advance policy, authentication and years of production deployments, are what makes Vault an ideal solution for an Eth 2.0 validator wallet.
Blox developed a dedicated Vault plugin that supports BLS12-381 (the keys used in Eth 2.0) and built-in slashing protection as an open project, available here.
To keep true with our custody-free (non-custodial) philosophy, Vault (and the Blox plugin) is installed on the user’s own cloud account, solely accessed by the user. Blox will never have independent access to user data.
During the installation process, Vault and the Blox plugin are both verified and installed on the user’s cloud account (after creating a dedicated machine), network configurations are set and specific admin credentials are created for the user.
For Blox to connect and use Vault to sign duties for the user’s validators, the installation process creates restricted permissions for Blox to use. Those are completely controlled by the user.
The installation itself and admin management of Vault are managed by Blox Live (see below).
Behind the scenes Blox’s Vault plugin uses KeyVault, an open-source project developed by Blox for all common functionalities needed by an Eth 2.0 validator (key management, slashing protection, validator signer and more). Our code is written in Golang.
The philosophy behind KeyVault is abstraction, well tested and developer oriented.
KeyVault is built with abstraction in mind so that it’s easily extendable by any developer, it is focused on core functionality which is not implementation (or use) specific. KeyVault has tested well per the latest eth2.0 spec.
KeyVault is aimed for developers, to provide usability and essential documentation.
Blox Live is an open-source desktop app that bundles together all of the functionality for securely managing Vault, backups, imports and other Blox account functionalities. Live maintains direct connectivity with Blox and the user’s defined cloud service, on which Vault is installed.
All sensitive operations will be carried out through Blox Live, and Blox never requests access to your private keys, seed, mnemonic phrase or any other sensitive information.
As we’ve mentioned above, except for the validator wallet, all other components of an Eth 2.0 validator setup are non-sensitive.
For years, Blox has built robust and reliable infrastructure for many blockchains and now we continue our journey with Eth 2.0 as well. Users no longer need to worry about running Eth 1.0 or 2.0 nodes, which can be expensive when considering and resource intensive (especially with redundancy for a production environment). The KeyVault walle connects to Blox infrastructure automatically, leveraging all of its operations.
In the background Blox runs a cluster of nodes (both eth1.0 and eth2.0) with continuous health checks to make sure they are consistent and have 99.99% uptime.
Written By: Alon Muroch
CEO & Co-Founder of Blox and Blox Staking
Check the Blox Blog for more guides, news and blogs!
Blox Staking Beta Waitlist Coming Soon.
Blox encourages you to continue monitoring the space for the latest news, support, progress, updates and more. It’s a bold new future for the world of Ethereum, blockchain and the millions of followers around the world.
Who is Blox Staking?
Blox Staking is one of the infustry industry’s first non-custodial solutions for Ethereum 2.0 staking services.
Blox possesses formidable experience as master builders and code-craftsmen with years of experience building nodes, databases, infrastructure and applications for consumers, businesses and enterprise grade customers.
Never surrender ownership of your private keys and stake with reliable infratructure built to be secure and maximize your rewards. By leveraging our blockchain solutions, we expedite the setup process making it simple for anyone to start staking.