Validator Security & Operations Policy

1. Infrastructure

Our mainnet validator runs on dedicated bare-metal hardware hosted by Latitude.sh in Singapore. Latitude operates ISO 27001 certified data centers with physical access controls, network isolation, and enterprise-grade uptime SLAs.

A backup validator node is maintained in a separate European data center to provide geographic redundancy. Only one validator instance is active at any time to eliminate the risk of double-sign slashing.

2. Key Management

We follow a strict one-active-validator-per-network model. Validator identity keys are stored securely and are never exposed to public-facing systems.

A documented emergency procedure is in place to stop the validator immediately if a compromise is suspected.

3. Access Control

SSH access to production infrastructure is limited to three authorized individuals: two DevOps engineers and the operations lead. Access follows the principle of least privilege.

The team uses a shared password manager for credential storage. An offboarding procedure is in place to revoke SSH keys, rotate shared secrets, and audit access logs when someone leaves the team.

4. Monitoring and Alerting

We monitor validator health continuously using a custom Zabbix-based monitoring stack with alerts delivered to Telegram.

• Delinquent state detection
• Missed blocks and missed vote credits
• Low identity balance (vote fee coverage)
• BAM errors
• Server CPU and disk usage

An on-call rotation is in place so that alerts are always handled by a designated team member. Our target response time for critical alerts is 15 minutes.

5. Automation

Infrastructure configuration and deployments are managed with Ansible, ensuring consistent and repeatable operations across environments. This reduces the risk of manual configuration errors and supports rapid recovery if a node needs to be rebuilt.

6. Incident Response

In the event of a security incident or significant operational disruption, we commit to communicating transparently with delegators and the broader community.

• Announcements are posted on our X (Twitter) account and in our Discord community
• Critical alerts are acknowledged by an on-call engineer within 15 minutes
• Post-incident reviews are conducted to identify root causes and prevent recurrence

7. Vulnerability Disclosure

We welcome responsible security research. If you discover a potential vulnerability in our validator infrastructure, website (lumlabs.io), or any of our subdomains (pools-adviser.lumlabs.io, earningpulse.lumlabs.io), please report it to us.

• Contact: hello@lumlabs.io
• We will acknowledge valid submissions promptly
• We will not take legal action against good-faith security researchers
• We do not currently operate a paid bug bounty program

Out of scope: denial-of-service attacks, social engineering, and vulnerabilities in third-party services we rely on (such as hosting providers, CDNs, or DNS providers).

8. Data Privacy

Our staking services are non-custodial. We do not collect or store validator keys, wallet addresses, or staking-related user data. For information about data collected through our website and analytics, please refer to our Privacy Policy.

9. Continuous Improvement

Security is an ongoing process. We monitor upstream advisories and Solana client releases, rotate credentials regularly, and review our monitoring and incident response readiness on an ongoing basis. This policy is reviewed and updated at least twice per year.