SPOs, Do not repeat my mistakes, Keep your Core Node Safe

This is how a disclosure should be performed. Well done, and thank you for being honest to the Cardano community and helping the SPOs. I encourage each stake pool to think about layered defenses, not only from a trust boundary such as a port/firewall but also monitoring and logging. Please SPOs use things such as deception and alerting to identify malicious actors on your machines. Canary tokens are a great way to get an alert when a file is accessed or someone has cloned your website trying to impersonate you. This is a free service. https://canarytokens.org/generate or if you would rather not click a link (this would be me) just google canary tokens and do some research on the subject.

Anyone have thoughts for the SPOs on using a honeypot node to see if there is malicious traffic specifically looking for relay/node architectures?

Iā€™m interested in operating something like this and reporting to a close-knit group of SPOs on what kind of traffic/attacks are occurring.

My sincerest apologies for your losses. Thanks for sharing your valuable lesson with the community.

By posting this article explaining what happened, it shows that you are a Stake Pool Operator of perhaps insufficient expertise, skill and/or knowledge, yet also of over-abundant character and integrity.

You can always increase your expertise, hone your skill, and gain more knowledge. But character and integrity are generally fixed commodities. You are the kind of SPO operator that Cardano hodlers looking over their delegated ADA in the decades to come.

I join everyone else in expressing my sympathy, and hope that you will chalk this up to experience (albeit very expensive) and not be too discouraged.

1 Like