Security Policy
This document is available as a PDF

Validator Security Policies

Validator Name:AsugaCluster:mainnet-betaWebsite:https://asuganodes.com

Infrastructure Overview

Hosting Provider:EdgevanaServer Location: Frankfurt, GermanyRedundancy:Backup infrastructure in place to ensure validator uptime and fast recoveryMonitoring: Real-time monitoring and alerting powered by DataDog

Security Practices

Key Management

Validator identity key is stored offline in secure, air-gapped storage.
Vote and authorized withdrawal keys are stored securely with restricted access.
All keys are backed up in encrypted form, with access limited to trusted personnel.

Firewall and Network Security

Firewalls restrict access to only necessary Solana ports and secure SSH.
SSH access is protected with public key authentication and IP whitelisting.
Logs and access attempts are regularly reviewed for anomalies or intrusion attempts.

Software Security

Validator runs the latest stable version of Solana software.
Updates are tested on a non-critical node before deployment to mainnet.
System and dependency packages are regularly patched for known vulnerabilities.

Incident Response

Incidents such as downtime or suspected compromise are investigated promptly.
If key compromise occurs, validator identity is revoked and replaced.
Significant incidents will be communicated via our official Twitter account.

Contact

Security Contact: security@asuganodes.com
Twitter: https://x.com/asuganodes

Responsible Disclosure

We welcome responsible disclosure of any vulnerabilities or misconfigurations. Please contact us at the email above. Although we do not currently offer a formal bug bounty, we appreciate the contributions of the security community.