Censure Allnodes for insecure VaaS practices

jacobgadikian · January 29, 2023, 6:06am

In recent days it has come to our attention that allnodes.com has informed customers of its VaaS service that:

It is possible for allnodes.com to hold validator seed phrases, while claiming to operate in a non custodial manner.
Deleting these seed phrases on allnodes.com after allnodes.com has sent them to their customers via a web based DM means that the seed phrases are no longer compromised.

Here is a document on the depths of compromise on Luna classic:

In cryptocurrency, custodial services hold cryptographic secrets. Non custodial services do not. Allnodes is distributing false information to cosmos, as illustrated by the following screenshots:

|185.0x361.0

|247.0x434.0

|202.0x165.0

|247.0x364.0

|247.0x231.0

Vote YES to censure allnodes.com for irresponsible key management on behalf of its VaaS clients, thereby endangering the cosmos hub.

Vote NO to affirm allnodes.com claims

Vote ABSTAIN to express no opinion

Vote NoWithVeto to contribute to a veto tally. If that exceeds 1/3rd of the

Jcook_14 · January 29, 2023, 7:20pm

I feel like we need to figure out a way to make this practice in general, a censorable offense. Or figure a new way to educate delegators to be aware of this practice, and disincentivize it through community efforts. It’s somewhat of a SRAAS (Systemic Risk as a Service).

Not sure really what the best way to approach this situation is, even without the misappropriation of keys by All Nodes, this practice is a serious centralization threat. It’s essentially pooling validators, and with Interchain Security making validating ever more challenging, we need to find a way to nip this practice in the bud fast.

jacobgadikian · January 30, 2023, 8:28pm

Strongly agreed.

One way to do ics is with exactly the kind of orchestration systems that allnodes likely uses.

Also, found another.

lexa · January 31, 2023, 3:26pm

‘Censure’ as in expressing formal disapproval? Just want to confirm that this is a signalling prop

jacobgadikian · February 1, 2023, 1:17am

that’s correct

expressing formal disapproval, and nothing more.

Hydra_Guy · February 27, 2023, 2:07pm

What happens if Allnodes is censored on Cosmos blockchain? Is this like being ‘jailed’? And what happens to those who have delegated their ATOM with Allnodes?

jacobgadikian · February 27, 2023, 2:15pm

It’s a formal criticism.

nothing changes for allnodes, except that there’s been a gov prop censuring them. We will not censor them.
Nothing changes for allnodes delegators, except that they now know that the cosmos hub thinks that they have behaved irresponsibly and should redelegate.

jacobgadikian · February 28, 2023, 12:08pm

Here’s some brief commentary on the description of security research as hostile by a board member of the ICF’s company:

It should be noted that chorus one also provides validator as a service services on the cosmos hub.

It is my strongly convicted belief that none of the many teams contributing to the research that led to the passage of this proposal acted in a hostile fashion, however it is also my strongly convicted belief that numerous individuals connected to allnodes.com did in fact act in a hostile fashion.

Topic		Replies	Views
Allnodes white label customers compromised Conversation	10	1103	February 24, 2023
This is an Official statement from Allnodes regarding VaaS and Tendermint Keys Management Conversation	1	270	March 7, 2023
Allnodes Validator Profile Validator Profiles	0	705	August 10, 2022
Securing the Cosmos Hub from Compromised Validator Keys and Insecure VaaS Providers Signaling/Text draft	1	673	February 14, 2023
Validators and cloud services who are NOT vulnerable to downfall Conversation	1	246	August 24, 2023

Censure Allnodes for insecure VaaS practices

Related Topics