We were keen to start our own stake pool, so we´ve just started the 5 day course. However I’ve just read a post on the cardano forum that alarmed us.
Not sure if you’ve seen it but its about the korean pool owner that just got his pledge hacked.
# SPOs, Do not repeat my mistakes, Keep your Core Node Safe
When will the staking pools be secure against hackers? We don’t want to start a pool to have it hacked and our pledge stolen.
The pools are safe if you know how to handle and have some knowledge about network security.
In the thread you linked the pooloperator clearly said that he made some security mistakes.
So there is nothing to fix and all the pools are safe you you configurated them correctly.
Cheers
Fabian
Thanks for your reply Fabian.
I get what you are saying, however could Cardano “clearly” make this process hacker proof? Just like staking with a mirroring of funds in the pledge? Losing 1 million ADA is not exactly a small amount that was hacked. I don´t understand how a fellow ambassador could make should a huge security mistake. It really does baffle and worry me.
I am capable of running a pool however it appears at the moment if you make a mistake like this, you loose your funds completely. Surely this could have been prevented?
The number one thing you can do to mitigate theft of funds is learn to craft transactions manually - this will allow you to keep your signing keys cold and never within an environment where they could be compromised.
Get cardano-node and cardano-cli installed on a cold (offline) machine. Then you can build and sign all transactions on this cold machine, and move the signed transaction files to your hot node for submission to the chain. I operate as if my nodes will be compromised. Protecting your keys protects your operation.
Many thanks. So would you recommend NOT to use the AWS service?
Thanks for sharing this.
AWS is fine - just don’t put your keys on an instance or any device connected to the internet
There are many aspects of a secure stake pool operation. The Cardano node itself, operating system, hardware, network and people. Saying you’ll wait for a hacker proof Cardano node is like saying you’ll wait for safe online banking. The online banking is usually very secure and the weakest link are the people using it.
There will also never be a 100% secure pool setup guide. If a hacker knows you’ve followed certain guide, he’ll use it to his advantage and will find the weak spot more easily. That’s why security experts never publish a guide they followed themselves as it would reveal their weak spot.
The more publicity and ADA value the more hackers will target stake pools, exchanges or individuals. Even crypto exchanges are getting hacked and they are employing one of the best security experts. You need to find the balance between what you are protecting, convenience and how much resources to spend to protect it. Securing your stake pool operation should be therefore an ongoing process with continuous learning, improvements and adaptation and there is always a chance you’ll be hacked anyway.
Thanks for the detailed response.
From what I understand, stake pool servers are normally set up so that ADA can’t be stolen from them, not even the pledged ADA. So there isn’t much incentive to hack into a stake pool server, other than harming the pool’s reputation or the Cardano network as a whole. Exchanges are higher profile targets, because they need to keep some of their funds accessible online in hot wallets.
Operators should consider a bug bounty anyway, either directly through social media, or something like HackerOne.
Please see this post: