Our craft, written down

Cubist's team is on the cutting edges of cryptography, zero-knowledge proofs, security, programming languages, and more. Our academic background means that we're obsessed with sharing what we know—clearly and correctly.

Latest posts

Hardware-backed signing for MetaMask developers

Our Snap lets Snap- or dapp-developers use CubeSigner, our hardware-backed key management system, to safely sign transactions on behalf of their MetaMask users.

September 12, 2023

Intel SGX is broken (again)

Last week, security researcher Daniel Moghimi publicly announced the new Downfall attack that can steal private keys from Intel SGX hardware. In this post, we review the SGX architecture and discuss its underlying security problems. Then, we describe the process we used for evaluating which secure hardware to use in our key manager.

August 15, 2023

Your validator can get slashed even if you do everything by the book

This blog post outlines a handful of accidental slashing scenarios, and explains how you can protect yourself and your validators—even if something goes wrong.

July 6, 2023

Passkeys for secure web3 workflows

Passkeys are fundamentally changing how we authenticate on the web. They can fundamentally improve the security of web3 tools too.

May 18, 2023

Understanding the security of web3 remote signing

The signing code that uses secret keys should not be able to talk to the network or filesystem, and your logging library should definitely not be in your trusted computing base.

May 1, 2023

You're likely not securing your staking keys properly

We review the challenges infrastructure teams face when trying to secure staking keys and why we've been working on a hardware-backed key manager.

April 19, 2023

Cubist launches key management platform

We're excited to launch a non-custodial key management platform designed to help infrastructure engineering teams secure and programmatically manage their secret keys.

April 18, 2023

web3.js vs ethers.js

In this post, we explain why we ultimately prefer ethers.js—after outlining the anatomy of Ethereum transactions, the JSON-RPC API, and why JavaScript libraries are helpful to begin with.

April 5, 2023

Cubist raises $7M seed round

The round was led by Polychain Capital, with participation from venture capital and strategic investors including dao5, Amplify Partners, Polygon, Blizzard, Axelar, and more.

March 8, 2023

Announcing our Cross-Chain SDK

The alpha version of the Cross-Chain SDK is now available for early access. The Cross-Chain SDK is the first SDK designed for multi-chain/cross-chain development. Switch chains by editing one line of configuration!

January 18, 2023

The cross-chain status quo

We walk through the cross-chain development status quo with code examples for multiple blockchains and bridge providers. This post covers writing cross-chain smart contracts.

January 12, 2023

Why we’re building Cubist

The future of Web3 is applications, not speculation. That's why we're building Cubist: to let developers create the future of Web3 safely and productively—without repeatedly reinventing the wheel.

January 10, 2023