Staking
Key management
Company news
We’ve been collaborating with GoGoPool to make it safe and easy for anyone in the decentralized universe to spin up validators for CoqNet, a new Avalanche L1 emerging as the “cultural epicenter” of the Avalanche community.
We’re proud to announce that Bridgetower has chosen Cubist as the exclusive wallet provider for their Web3 Commerce Platform, which powers interesting and forward-thinking projects related to digital ownership, provenance, and content monetization.
CubeSigner now protects finality providers! Our new release supports EOTS keys, which Babylon finality providers use to sign validation messages for proof-of-stake chains.
CubeSigner now supports policy-protected workflows for Babylon deposits, withdrawals, and early unbonding.
Most providers only support basic transfers. CubeSigner's newest release includes support for policy-protected Taproot and SegWit keys, arbitrary spending conditions, and PSBTs.
Our startup story began with a simple phone call. That same spark of inspiration continues to drive us today as we work tirelessly to make Web3 more user-friendly, accessible, and secure for everyone.
Lombard’s LBTC is a Bitcoin LST that builds governance on Cubist’s hardware-backed key management primitives. It uses Cubist’s policy engine to implement “smart contracts” for Bitcoin.
We look forward to bringing our expertise in anti-slashing to the Shared Security Alliance and collaborating with our fellow members to promote safe practices in the restaking community.
Here are the four questions to ask before choosing your embedded wallet provider. If you want to keep your users’ keys safe—and keep yourself safe from key custody risk—read on.
As a node operator, Cubist is supporting Allora’s mission by operating a validator to secure the Allora chain and a Reputer to rate the performance of the ML models delivered by Allora Workers.
A proper anti-slashing setup mitigates these risks on AVSes which have designed their protocols to be anti-slashable, but this doesn’t mean just firing up an instance of Web3Signer.
Cubist co-founders Fraser Brown and Deian Stefan co-authored a blog post about CubeSigner's architecture which was published on the AWS Database Blog.
Catch this video interview by Protocol Labs, where Cubist COO Ann Stefan talks about her background in fraud ops and the process she used to ensure Cubist was building something people need.
The new Core wallet offers seedless wallet creation and recovery using CubeSigner's primitives for social login and 2FA across many EVM and non-EVM chains.
Our newest partner, Really, is re-imagining moviegoing. Really wallets, powered by CubeSigner, allow movie fans to use NFTs access exclusive rewards, content, and events.
Cubist is excited to announce the Secure Staking Alliance, a new cross-industry partnership with the mission of making staking—from traditional staging to liquid staking and restaking—more secure.
CubeSigner is the first WaaS with the speed, convenience, and security to support everything from loyalty programs to market makers.
Here, we ask: What kind of attacker could extract private keys from a given key management setup? There is a reason we didn't take the YOLO approach (signing in the browser) or the marketing-driven approach (MPC).
Our team has deep academic experience with MPC, which is why we understand its practical limitations: it doesn't give the security guarantees you think it does.
Writing secure cryptographic code in JavaScript is basically impossible, so it’s safe to assume that browser-based wallets are…unsafe.
We're excited to announce our partnership with Babylon to make Bitcoin staking—and restaking!—safe by design.
Cubist is excited to announce a new partnership: we are working with EigenLabs to build anti-slashers that will help honest operators avoid getting slashed on EigenLayer.
Our Snap lets Snap- or dapp-developers use CubeSigner, our hardware-backed key management system, to safely sign transactions on behalf of their MetaMask users.
Last week, security researcher Daniel Moghimi publicly announced the new Downfall attack that can steal private keys from Intel SGX hardware. In this post, we review the SGX architecture and discuss its underlying security problems. Then, we describe the process we used for evaluating which secure hardware to use in our key manager.
This blog post outlines a handful of accidental slashing scenarios, and explains how you can protect yourself and your validators—even if something goes wrong.
Passkeys are fundamentally changing how we authenticate on the web. They can fundamentally improve the security of web3 tools too.
The signing code that uses secret keys should not be able to talk to the network or filesystem, and your logging library should definitely not be in your trusted computing base.
We review the challenges infrastructure teams face when trying to secure staking keys and why we've been working on a hardware-backed key manager.
We're excited to launch a non-custodial key management platform designed to help infrastructure engineering teams secure and programmatically manage their secret keys.
In this post, we explain why we ultimately prefer ethers.js—after outlining the anatomy of Ethereum transactions, the JSON-RPC API, and why JavaScript libraries are helpful to begin with.
The round was led by Polychain Capital, with participation from venture capital and strategic investors including dao5, Amplify Partners, Polygon, Blizzard, Axelar, and more.
The alpha version of the Cross-Chain SDK is now available for early access. The Cross-Chain SDK is the first SDK designed for multi-chain/cross-chain development. Switch chains by editing one line of configuration!
We walk through the cross-chain development status quo with code examples for multiple blockchains and bridge providers. This post covers writing cross-chain smart contracts.
The future of Web3 is applications, not speculation. That's why we're building Cubist: to let developers create the future of Web3 safely and productively—without repeatedly reinventing the wheel.