The Cosmos and Tendermint blockchains were developed to facilitate communication between distributed ledgers without relying on a centralized server. But if you ask the experts, they’ll tell you how both these blockchains are centralised in terms of:
- The capital for staking on these chains is controlled by a small number of people and organisations.
- The infrastructure these nodes run on is also extremely centralised.
Nodes on Multiple Clouds and Bare Metal
This service provides Cosmos and Tendermint nodes that are automatically configured by Launchnodes for use with Fortanix One Time Signer. These nodes can be used for solo staking or as RPC nodes, either on premise or on public cloud (AWS), and are engineered to integrate seamlessly with Fortanix’ One Time Signer solution.
The service includes:
- Full installation support for all your nodes
- Node synchronisation
- Node software updates and maintenance
- Uptime support
- Email support
- Zoom support
- Node resilience plan to meet your organisation’s availability requirements
Using Launchnodes’ Cosmos nodes in combination with Fortanix One Time Signer provides a high security environment for staking and RPC nodes.
This service by default distributes nodes across public cloud (AWS & GCP) and bare metal (Equinix and Vultr) globally, which meaningfully decentralises the blockchain, whilst securing it to a FIPS accredited standard
Why Does This Provide Value to Customers?
The centralised nature of the infrastructure and capital being controlled by a small number of people are two major limitations that the Fortanix Launchnodes solution mitigates by:
- Allowing keys to be managed not only through securing the keys but also the process flows associated with their use and auditability.
- Giving customers the benefit of a signer with distributed deployment. The default architecture offers five independent clusters, with each cluster deployed across three data centres.
- Providing state tracking signers that are specifically designed to prevent double signing.
- Distributing nodes (that connect to a distributed signer) across cloud and bare metal, (vendor and geography can be chosen by the client) reducing the risk of a single point of failure for staking operations.
- Systemically decentralising the blockchain by meaningful diversification of geography for the nodes
- Enabling blockchains to operate at the highest speeds and lowest latencies, regardless of the location of the nodes.
Example Use Case
Context
An existing or new blockchain (customer A) working in the Cosmos ecosystem which is looking to be part of the internet of blockchains has created a chain with:
- Specific utility
- Useful working software
- Integration with existing blockchains in the Cosmos Tendermint blockchain ecosystem.
Value
Customer A would benefit from a rigorous key storage and management tool that gives credibility to their blockchain.
Customer A would further benefit from scaling their blockchain across multiple pre-configured nodes, distributed across multiple geographies and technical infrastructure to
- Provide credibility for their chain.
- Give credibility about how decentralised the blockchain is in terms of geography and infrastructure.
Solution
Customer A can buy a solution from Fortanix and Launchnodes to achieve this value when they launch. This robust, secure architecture supports their growth by enabling key investors to use the same pattern to actively participate in the network, and stake.
Secure One Time Signer
Fortanix DSM SaaS is a FIPS 140-2 Level 3 compliant platform for secure key management. It offers a unique security architecture where custom plugins can be developed and deployed to run inside the hardware protected secure environment. The plugin can be protected with a quorum policy that involves multiple admin users. Once deployed, a plugin code cannot be modified without explicit permissions from multiple administrators.
The Fortanix One Time Signer solution includes a plugin which validates proposals and votes, tracks the state of the protocol and signs proposals and votes while ensuring that double-signing is prevented.