Hi everyone, I am contemplating running a pool and want to better understand what is at risk in terms of my pledge since the learning curve to start a pool is high and the recent hack to the pool operator in korea is on my mind.
Question: If I pledge 100k ada to my pool, is this 100k ada associated directly to the pool and at risk of being hacked if the pool is setup improperly or has security issues? Or is the 100k ada pledge completed and sent from a separate wallet (with its own security). In otherwords, if instead of creating a pool I delegate all 100k ada to another pool and the pool operator gets hacked, then my delegated 100k ada is safe in my wallet. However if I pledge 100k to my own pool and if my pool gets hacked will this 100k ada be hacked too if the pool has security issues, or is my 100k ada still safe in my own wallet that is separate from my pool. Thanks
Your pledge would live in your pool, not your wallet. If your pool gets hacked, say goodbye to your pledge.
1 Like
Thanks for the reply. I need to be clear on this one… its still kinda fuzzy… I watched several videos and read several guides but none that I’ve seen so far clearly state how and where the pledge is made. Based on what I’ve seen, a pledge is a promise to contribute funds to the pool by delegating to it.
So in your reply when you said “if your pool gets hacked then say goodbye to your pledge” do you mean goodbye to the promise of a pledge? or is this goodbye to the actual 100k ada pledge?
Cheers!
It would be goodbye to the actual 100k Ada, not the promise of it.
When setting up your pool, the amount of pledge, 100k Ada in your example, would need to be transferred from your wallet to your stake pool’s respective payment address account. The 100k Ada would need to stay in that account for the entirety of your pool’s operation and you would need to safeguard this to protect your Ada. If your stake pool’s payment address account gets compromised, you will lose your pledge, 100k Ada in your example.
1 Like
Your pledge is as at risk as you want it to be. You can/should have your keys on an offline machine and never expose them to the internet. The chance of somebody hacking your cold storage should be slim to nill if you are doing it right. The only real attack vectors are in the room with you - a shady roommate who has your passphrase and knows where you hide your keys.
1 Like