Cubist Unveils Key Management Solution Without Custodianship for Web3 Frameworks
In Brief
The non-custodial key management solution is tailored for infrastructure engineering teams, enabling them to effectively manage their sensitive keys. secure This innovative platform enables the programmatic management of critical secret keys.
The leadership team at Cubist features a veteran from fintech who previously handled fraud operations and professors specializing in computer security.
With its non-custodial key manager, Cubist empowers providers of web3 services, blockchain networks, and validation operators to safeguard their secret keys using robust hardware.
Cubist Inc., known for its dedication to security in web3 tools, has launched a non-custodial key management solution designed to aid teams in securing and effectively managing their secret keys.
The founding group of this San Diego-based company includes a past head of fraud from the fintech sector alongside three professors from Carnegie Mellon University and the University of California San Diego, specializing in computer science and engineering.
According to DeFi Llama Since early 2022, over $1.5 billion has been lost due to breaches related to secret key compromises and exploits on access controls within the web3 ecosystem. The ongoing struggle between ensuring security and maintaining convenience has led some teams to adopt risky practices, like keeping their secret keys on the same servers as their validator software.
Conversely, other teams have resorted to building complex systems using commercially available vaults and signing devices, which, while intricate, provide scant protection, leaving secret keys exposed to unauthorized access.
"The future of decentralized finance relies heavily on security. It’s essential for stakers and validators to trust that their assets are secure, yet the frequent failures in key management and the staggering multi-million-dollar hacks completely erode that trust,\" remarked Riad Wahby, Cubist's Co-Founder and CEO. \"
Cubist’s goal is to tackle the security challenges in the web3 space with its key management solution, allowing teams to securely lock their secret keys in robust hardware. Instead of relying on the keys themselves, teams can use temporary, revocable privileges to programmatically sign transactions and validation messages.
Ann Stefan, the Chief Operating Officer, mentioned that the key manager is also built to guard against inadvertent mistakes that Web3 developers might encounter while building tech infrastructures. Such mistakes can lead to vulnerabilities that put dApp users at risk. Blockworks The key manager simplifies access control configurations, for example, ensuring that validator clients can only produce attestations for their designated keys. Moreover, it allows for the straightforward creation of customized policies for key usage, like requiring multi-factor authentication to access staked funds. Additionally, the key manager includes features such as anti-slashing protection, alerts for anomalies, and a comprehensive audit trail.
Ankr, a leading provider in web3 infrastructure and developer tools, has become Cubist’s first publicly identified key management customer. They are implementing the key manager to ensure the safety of their Ethereum validators, especially for executing secure withdrawals post the recent Shanghai upgrade.
Secret Network Overview: Pioneering Web3’s Privacy-Centric Platform press release .
Read more:
Disclaimer
In line with the Trust Project guidelines Cindy is a journalist contributing to Metaverse Post, exploring themes related to web3, NFTs, the metaverse, and AI, with a strong emphasis on interviewing significant figures in the Web3 industry. She has engaged with more than 30 C-level executives, sharing their invaluable perspectives with readers. Originally from Singapore, Cindy has set up her base in Tbilisi, Georgia, and holds a Bachelor's degree in Communications & Media Studies from the University of South Australia, backed by a decade of experience in journalism and writing.
