*Note: This review and score is purely based on the information disclosed by the validator service and the scoring rubric.
Last Updated: Oct 7, 2019
Figment.Network is a security and compliance focused validator service based in Canada. The company labels themselves as the “#1 Legal and Compliant Token Staking Provider”.
This review draws from Figment’s public disclosure of their Cosmos validator infrastructure.
Team Background (75/100)
- Full-Time/Part-Time (10/10)
- Prior Blockchain Dev/Impact (10/10)
- Systems Experience (10/10)
- Recognizability (0/10)
Current Voting Power (47/100)
- Total Staked: (9/10)
- Unique Self-Bonders: (5/10)
- Commissions: (0/10)
Historical Metrics (75/100)
- Uptime (10/10)
- Proposals (5/10)
- Legal Compliance/Insurance (+5)
- Innovations (+5)
Figment.Network was co-founded by 3 individuals; Matt Harrop, Lorien Gabel, and Ryan F. All three co-founders are serial entrepreneurs, specialized in telecommunications, data-centers and managed web hosting providers. Lorien and Matt started one of Canada’s first commercial ISP’s, grown to over 150+ employees and later acquired by a multinational telecommunications provider. Lorien and Matt then went on to co-found Wire Networks, a managed web hosting and data center provider acquired by AT&T after it’s incubation. The co-founders have a very impressive resume, with more successful ventures launched thereafter.
The team’s experience in data center and hosting technology translates well into the skills needed to launch a highly available validator service provider. The group also runs an investment arm, Figment.Capital, providing capital to startups. Figment.Network aligns incentives by using their validator service to run nodes in the networks they invest in. This has lead to the diverse portfolio of networks that exist and are upcoming within Figment.Network.
Figment.Network’s has a unique perspective on validator services. In our interview, it was stated that token staking is essentially a “treasury management” problem. The company provides their delegators with month-to-month accounting, reporting, and off-chain rebates and envisions a future where token rewards are loaned out for an increased yield.
Figment.Network is the #10 validator on the cosmos hub with a 3.48% voting share in the network. In addition to running their validator, the team has also casted votes for some cosmos governance proposal to date. It is good to see the team take a stance on proposals with varying sides such as proposal #4, issuance of fungible tokens directly on the cosmos hub, where the team voted NO.
Among the network Figment validates, the team holds the most stake in the cosmos hub. The service’s stake on the Tezos network equates to a 0.12% share of the currently 510,364,642 activated Tezos tokens.
Figment.Network has been bonded on the Cosmos Hub since it’s genesis block. The service has maintained 100% uptime and the Hubble’s event log shows no signs of missed precommits or blocks.
Figment.Network created one of the most used block explorers for the Cosmos ecosystem. The team regularly maintains this block explorer and has differentiated the site from other explorers. Most prominently, Hubble has some baseline alerting built in on missed blocks and pre-commits per validator that the team uses to monitor their own service.
Before the Cosmos launch, Figment.Network participated in Game of Stakes and was one of the teams to never be jailed (slashed due to downtime).
Figment.Network includes a delegation agreement, that is binding between the company and it’s delegators. The agreement varies between the supported networks in the case of slashing. However common amongst all networks, Figment.Network states that they “agree to compensate you for missed Net Rewards to the extent arising from our failure to perform the Service”.
Figment.Network’s architecture is setup to prioritize safety over liveness; The team would rather experience downtime instead of an accidental slash event. The delegation agreement is in place as an insurance policy to delegators for this tradeoff.
- Failover (16/30)
- Private Peering (10/10)
- Agreements with other Validators (10/10)
- Sentry Scaling (10/10)
- Backup Strategy
Figment.Network runs their validator nodes in a private data center rack located in Canada. The team currently operates their physical servers in a single data center but notes on their website that establishing a second facility is planned for in the future. The servers have a mixed network of direct connections and VPNs to their cloud providers. Public internet inbound traffic is fully blocked off their private network.
The team must failover manually to in-sync standby servers in the event of downtime.
For the Tezos network, any failover procedure requires a visit data center. The ledger’s PIN is purposefully made long and hard to remember, stored encrypted and on a separate server, only decrypted in the same secure facility. As a result of only having 1 active ledger to mitigate the risk of double baking, a team member must visit and move/replace the ledger to failover to the standby server.
Figment.Network makes use of the standard sentry architecture for networks like Cosmos and Tezos. The team recognizes that sentry nodes are vulnerable to DoS attacks by nature and in result, spreads their nodes across 5-8 cloud providers. Regular snapshots are taken making to easy to deploy additional nodes. As stated in their posted full architecture disclosure and our discussion, their sentry nodes do not change frequently leading to a static setup. The nodes are currently manually managed with no autoscaling mechanism in place.
The team also operates a few privately peered sentry nodes with other capable validators via a VPC (virtual private cloud).
Figment.Network believes in using as much open source code as possible. Custom tooling has not been added to critical parts of their architecture to mitigate risk. As quoted in our discussion, “the most secure software is open source”.
Monitoring Tools (67 /100)
- Network Level (5/10)
- Hardware Level (5/10)
- Paging (10/10)
Single Point of Failure (75/100)
- Multi-Cloud (10/10)
- Multi-Region (5/10)
Key Management (75/100)
- HSM Selections (10/10)
- Smart Key Management (5/10)
Validator Access (100/100)
- Physical/Remote (10/10)
Figment.Network uses standard open source tools such as Prometheus to monitor the health of their service. Their open-sourced block explorer, Hubble, is used for external alerting. In addition to agent-based monitoring, the team also instruments the nodes binaries to track mempool sizes, active peer-sessions, and additional metrics that could lead to downtime.
Figment.Network exercises on-call practices within their team to ensure liveness. Pagerduty is setup as a backup to email. At least one member of the team is always physically near the data center to resolve validator node problems.
Single Points of Failure
Figment.Networks validator architecture currently does not have regional redundancy. Although unlikely, an environmental disaster or large-scale outage of the data center will cause significant downtime. As the Ledger PIN for the Tezos network is stored encrypted in the datacenter, this can be fatal. There are no clear single points of failure in the team’s sentry architecture.
Figment.Network uses the best HSM possible for each network. The YubiHSM2 is used for the Cosmos network paired with the Tendermint KMS for software-based double sign protection. The Ledger Nano S, although not designed for continuous operation, is used for the Tezos network due to its only support. The ledger will be replaced with a better HSM when possible.
Figment.Network’s remote server access is restricted and protected using SSH keys, with bastion servers and IP restriction. Standard physical security practices are in place for the data centers that host the team’s servers.
Figment.Network invests and runs validator nodes on several networks. The team focus is to yield a return for their delegators and believes they can scale this service going forward. To achieve this, the company uses a breadth versus depth strategy by validating as many networks as possible analogous to VC firms investing in several startups at once. The success of a few networks in combination with new strategies such as lending token rewards can prove Figment.Network to become a sustainable financial services company.