Security implications around running a Stakepool

I am a bit worried, as we have a very nice intro on “how to set up a stakepool” properly through a Youtube video conference.
But we also have videos regarding how to set up Jormungandr and running it on a Raspberry Pi 3.
Meaning “everyone” could do it, but they lack the knowledge around security and general firewall settings.

So would it be possible to generalize it a bit more for the general public?
Do this on your firewall, add this for extra security, or even with the latest update from Microsoft, allow end users to conform to automatically to run a stake pool?

My general concern being that ADA will get a tag for not being secure based on this, because one or more of the pools was compromised. This would be a downfall. And allowing this Open collaboration of Stakepools needs to adhere to common sense and security.

To align with this, I think a “Verified” stamp of stakepool from the Cardano Foundation could come in handy. Where they process certain criteria for each pool to go through the “eye of the needle”
There needs to be some sort of alignment in the start until it is generalized.

Also, it has been promoted that a “13 year” can get this up and running. The implications regarding a bad wolf knocking this nerd to give up some private keys is also of some concern.
The general public needs to know that their Stake is in good hands.

PS: Knocking in Norwegian terminology is knocking on the door, but can also mean “bitch slapping”, getting someone to tell something by the strength of the fist. …or knee


your private key does not leave your wallet. if you delegate your ADA to a stake pool, your ADA is 100% safe.


If a node (stake pool) is “compromised”, it would not affect the Cardano consensus because Ouroboros is designed to operate in a trustless environment. The stakeholders’ delegated ADA are not at risks because each stakeholder’s ADA is not stored with the stake pool. The “compromised” stake pool node will not be available for its slot if it remains compromised.

1 Like