Our craft, written down

Cubist's team is on the cutting edges of cryptography, zero-knowledge proofs, systems security, formal verification, and more. Our academic background means that we're obsessed with sharing what we know—clearly and correctly.

Latest posts

What's embedded in your embedded wallet?

What's embedded in your embedded wallet?

Here are the four questions to ask before choosing your embedded wallet provider. If you want to keep your users’ keys safe—and keep yourself safe from key custody risk—read on.

May 6, 2024
Cubist joins the Allora Network as a node operator

Cubist joins the Allora Network as a node operator

As a node operator, Cubist is supporting Allora’s mission by operating a validator to secure the Allora chain and a Reputer to rate the performance of the ML models delivered by Allora Workers.

April 15, 2024
Slashing risks you need to think about when restaking

Slashing risks you need to think about when restaking

A proper anti-slashing setup mitigates these risks on AVSes which have designed their protocols to be anti-slashable, but this doesn’t mean just firing up an instance of Web3Signer.

March 28, 2024
CubeSigner technical design and system architecture

CubeSigner technical design and system architecture

Cubist co-founders Fraser Brown and Deian Stefan co-authored a blog post about CubeSigner's architecture which was published on the AWS Database Blog.

March 15, 2024
Cubist’s original pitch had nothing to do with private keys

Cubist’s original pitch had nothing to do with private keys

Catch this video interview by Protocol Labs, where Cubist COO Ann Stefan talks about her background in fraud ops and the process she used to ensure Cubist was building something people need.

March 6, 2024
Cubist partners with Ava Labs to power Core seedless wallet

Cubist partners with Ava Labs to power Core seedless wallet

The new Core wallet offers seedless wallet creation and recovery using CubeSigner's primitives for social login and 2FA across many EVM and non-EVM chains.

December 15, 2023
Cubist + Really and the future of movie fan engagement

Cubist + Really and the future of movie fan engagement

Our newest partner, Really, is re-imagining moviegoing. Really wallets, powered by CubeSigner, allow movie fans to use NFTs access exclusive rewards, content, and events.

December 21, 2023
Introducing the Secure Staking Alliance

Introducing the Secure Staking Alliance

Cubist is excited to announce the Secure Staking Alliance, a new cross-industry partnership with the mission of making staking—from traditional staging to liquid staking and restaking—more secure.

November 9, 2023
Cubist launches millisecond-latency Wallet-as-a-Service

Cubist launches millisecond-latency Wallet-as-a-Service

CubeSigner is the first WaaS with the speed, convenience, and security to support everything from loyalty programs to market makers.

November 1, 2023
Threat modeling for web3 key management

Threat modeling for web3 key management

Here, we ask: What kind of attacker could extract private keys from a given key management setup? There is a reason we didn't take the YOLO approach (signing in the browser) or the marketing-driven approach (MPC).

November 1, 2023
MPC does have a single point of failure

MPC does have a single point of failure

Our team has deep academic experience with MPC, which is why we understand its practical limitations: it doesn't give the security guarantees you think it does.

November 1, 2023
Why you should NEVER handle private keys in the browser

Why you should NEVER handle private keys in the browser

Writing secure cryptographic code in JavaScript is basically impossible, so it’s safe to assume that browser-based wallets are…unsafe.

November 1, 2023
Cubist & Babylon partner on anti-slashing for Bitcoin stakers

Cubist & Babylon partner on anti-slashing for Bitcoin stakers

We're excited to announce our partnership with Babylon to make Bitcoin staking—and restaking!—safe by design.

October 19, 2023
Cubist & EigenLabs anti-slasher collaboration

Cubist & EigenLabs anti-slasher collaboration

Cubist is excited to announce a new partnership: we are working with EigenLabs to build anti-slashers that will help honest operators avoid getting slashed on EigenLayer.

September 19, 2023
Hardware-backed signing for MetaMask developers

Hardware-backed signing for MetaMask developers

Our Snap lets Snap- or dapp-developers use CubeSigner, our hardware-backed key management system, to safely sign transactions on behalf of their MetaMask users.

September 12, 2023
Intel SGX is broken (again)

Intel SGX is broken (again)

Last week, security researcher Daniel Moghimi publicly announced the new Downfall attack that can steal private keys from Intel SGX hardware. In this post, we review the SGX architecture and discuss its underlying security problems. Then, we describe the process we used for evaluating which secure hardware to use in our key manager.

August 15, 2023
Your validator can get slashed even if you do everything by the book

Your validator can get slashed even if you do everything by the book

This blog post outlines a handful of accidental slashing scenarios, and explains how you can protect yourself and your validators—even if something goes wrong.

July 6, 2023
Passkeys for secure web3 workflows

Passkeys for secure web3 workflows

Passkeys are fundamentally changing how we authenticate on the web. They can fundamentally improve the security of web3 tools too.

May 18, 2023
Understanding the security of web3 remote signing

Understanding the security of web3 remote signing

The signing code that uses secret keys should not be able to talk to the network or filesystem, and your logging library should definitely not be in your trusted computing base.

May 1, 2023
You're likely not securing your staking keys properly

You're likely not securing your staking keys properly

We review the challenges infrastructure teams face when trying to secure staking keys and why we've been working on a hardware-backed key manager.

April 19, 2023
Cubist launches key management platform

Cubist launches key management platform

We're excited to launch a non-custodial key management platform designed to help infrastructure engineering teams secure and programmatically manage their secret keys.

April 18, 2023
web3.js vs ethers.js

web3.js vs ethers.js

In this post, we explain why we ultimately prefer ethers.js—after outlining the anatomy of Ethereum transactions, the JSON-RPC API, and why JavaScript libraries are helpful to begin with.

April 5, 2023
Cubist raises $7M seed round

Cubist raises $7M seed round

The round was led by Polychain Capital, with participation from venture capital and strategic investors including dao5, Amplify Partners, Polygon, Blizzard, Axelar, and more.

March 8, 2023
Announcing our Cross-Chain SDK

Announcing our Cross-Chain SDK

The alpha version of the Cross-Chain SDK is now available for early access. The Cross-Chain SDK is the first SDK designed for multi-chain/cross-chain development. Switch chains by editing one line of configuration!

January 18, 2023
The cross-chain status quo

The cross-chain status quo

We walk through the cross-chain development status quo with code examples for multiple blockchains and bridge providers. This post covers writing cross-chain smart contracts.

January 12, 2023
Why we’re building Cubist

Why we’re building Cubist

The future of Web3 is applications, not speculation. That's why we're building Cubist: to let developers create the future of Web3 safely and productively—without repeatedly reinventing the wheel.

January 10, 2023