*Note: This review and score is purely based on the information disclosed by the validator service and the scoring rubric.
Last Updated: Oct 8, 2019
About Cryptium Labs
Cryptium’s validator service operates across the Tezos, Cosmos, and IRIS Network blockchains. Built by a team of Cosmos core devs and researchers, Cryptium differentiates itself with deep technical understanding of platform protocols, a strong stance on involvement in governance, and a devotion to ongoing engineering. Crypium presently offers 10-20% commission rates on delegations, and is based in Switzerland.
Team Background (75/100)
- Full-Time/Part-Time (10/10)
- Prior Blockchain Dev/Impact (10/10)
- Systems Experience (0/10)
- Recognizability (10/10)
Current Voting Power (57/100)
- Total Staked: (7/10)
- Unique Self-Bonders: (5/10)
- Commissions: (5/10)
Historical Metrics (90/100)
- Uptime (8/10)
- Proposals (10/10)
- Legal Compliance/Insurance (0)
- Innovations (+5)
Cryptium is founded by Adrian Brink, Awa Sun Yin, and Christopher Goes. Both Adrian and Awa are full-time on the project, while Chris is part time. The three met together as core developers and researchers on the Tendermint and Cosmos protocols. Brief bios of co-founders are included below:
Adrian Brink: Adrian’s background lies in both Computer Science as well as Business. He currently works on making blockchains scalable and interoperable, as an engineer, researcher as well a connection builder. His main interests lie within cross-chain communication, BFT consensus systems, and on-chain governance.
Awa Sun Yin: Awa worked as a data scientist and software engineer at Chainalysis and as a researcher at Cosmos. The areas of research she focuses on are applied cryptography for privacy and scalability of consensus algorithms, security in distributed and decentralised systems, and hardware security modules (HSMs).
Christopher Goes: Christopher Goes is a protocol developer & researcher at Tendermint/Cosmos primarily focused on inter-blockchain communication, formally verifiable smart contract languages, and proof-of-stake incentive design. He is also the author of the Wyvern Ethereum DEX protocol.
Outside of Adrian, Awa, and Chris, Cryptium employs three other full-time researchers/engineers. These hires have skillsets spanning advanced mathematics, functional programming, web development, and economics. No formal systems engineers have been hired to date.
Cryptium is presently the #2 validator on Tezos by stake, with ~23.229M XTZ under possession. At time of writing, this translates to approximately $27.2M USD staked. These funds are spread across 1104 delegates.
Cryptium is presently the #19 validator on the Cosmos hub by stake with ~2.57M atoms staked. At time of writing, this translates to approximately $16.4M USD. Much of these funds are delegated, and come from the co-founders reputation as researchers in the Tendermint community. What is additionally interesting to note on cosmos is that Cryptium has received ~25% of their delegation (~$4.15M) from ION, another Cosmos validator.
Cryptium is the #13 validator on IRIS Network, with 12.91 M IRIS staked (~$891,000 USD). This equates to 2.4742% vote on the network. 20% commission is taken on delegations.
Cryptium has maintained 100% uptime since its inception as an active Cosmos validator. They have, however, once missed 500 of 1000 precommits, triggering a warning on the Hubble block explorer. The company has 1.79% of the voting power on the network, has participated in three of the five core proposals to date, and has initiated proposal 7: “Activate the community pool”, which passed with 99.73% acceptance.
Cryptium’s three core focuses from a business perspective are i) community development, ii) core engineering, and iii) governance. The company is focused on taking a depth-first approach to the networks they validate, preferring to learn about the entire network stack rather than taking a breadth-first approach.
I) Community Development
Cryptium sees its mission as playing a large role in helping certain networks reach their long term potential – specifically by helping build out the communities and developer toolings for platforms that possess consensus algorithms that are alternative to PoW. Currently, Cryptium supports PoS chains, but may also in the future support Proof of Space chains, Proof of Elapsed Time chains, and more.
II) Core Engineering
The grunt of Cryptium’s time on a day-to-day basis is spent on core engineering, building tools across Tezos and Cosmos. In the past, the team has built and published research on hardware-based double sign prevention infrastructure, automated reward payment infrastructure (for Tezos), and multi-chain stake monitoring tools across networks. The company currently focuses more on engineering than validation services, due to the breadth of tools still needing to be developed for PoS networks.
Cryptium sees governance as one of the most important roles for a validator to play – stating that it is the responsibility of validators to govern the blockchains they validate upon. Accordingly, the team has actively participated in and produced governance initiatives. The company is chain-agnostic in its governance style, however hopes to see a world in which interoperability is supported between chains in the future.
Cryptium provides all delegators with “liveness guarantees”. Legal documents ensure that delegators are compensated for any downtime slashing penalties, paid out by Cryptium. Protocol-specific slashing risks like double-signing are not yet covered by any documentation.
- Failover (8/30)
- Private Peering (10/10)
- Agreements with other Validators (10/10)
- Sentry Scaling (5/10)
- Backup Strategy
Cryptium Labs’ validator setup favours extreme safety over liveness. The company possesses a single server hosted in one location – a data center in Switzerland – with 24/7 security. No automatic failover is configured at the time of writing, and snapshotting is only available on networks that provide automatic snapshotting support – meaning that (worst case), in the face of downtime, the company would have to initiate a full system resync manually from the Swiss data center.
This system design is rooted in the belief that most validators are vulnerable to double-signing events due to the complexity of their architecture. As complicated architecture becomes more involved, the probability of an accidental double sign rises – resulting in large scale penalties.
Cryptium operates a two-layer sentry architecture, with both public and private peers, and private peering between validators and sentry nodes. Cloud autoscaling has been configured, and will trigger in the face of DoS attacks/increased network traffic.
Cryptium’s sentries are split across multiple regions, allowing the company to reduce latency by jumping into the private fibre backbone of the cloud providers. Cryptium’s validation nodes are connected to the dark (private) fibre. Private peers are also subsetted, which means that no one knows all private peers.
Cryptium has verbal agreements with other PoS validators, to privately peered to their nodes for trusted information.
As mentioned in the community section above and the key management section below, Cryptium has invested significant time into engineering custom solutions for PoS networks. This includes building and publishing research on hardware-based double sign prevention infrastructure, building automated reward payment infrastructure (for Tezos), and developing multi-chain stake monitoring tools.
Monitoring Tools (50 /100)
- Network Level (5/10)
- Hardware Level (5/10)
- Paging (5/10)
Single Point of Failure (100/100)
- Multi-Cloud (10/10)
- Multi-Region (10/10)
Key Management (75/100)
- HSM Selections (5/10)
- Smart Key Management (10/10)
Validator Access (100/100)
- Physical/Remote (10/10)
Cryptium operates standard monitoring tools, ensuring that notifications are triggered in the face of either validators or sentries going down.
Single Points of Failure
Cryptium operates sentries across multiple cloud providers (AWS and Google Cloud), and multiple regions within each cloud. The company only operates a single validator node, however, based in Switzerland. To mitigate potential concerns, at least one member of the team stays in the country at all times, in relative proximity to their data center.
Cryptium uses a Ledger Nano S as their HSM. This decision was made due to the fact that the Ledger is programmable, and can be used to support in-hardware double-sign protection (vs the software-based double sign protection required by the YubiHSM2 and other HSMs). With this protection in place, even if hackers are able to breach Cryptium’s VM, double sign-events are incredibly difficult to trigger.
All software protecting double sign events was created by others, and is openly available for audit.
Access to Cryptium’s validator is restricted to core personnel only. Their data center is monitored 24/7, and can be accessed in under 30 minutes.