2ⁿᵈ Layer Staking — High-level Design
Dear Cardano fans and other readers of our blog, as you may already know, our infrastructure for Shelley Incentivized testnet will vary greatly from the one we’re planning on the Cardano Shelley mainnet. At the time this article is published, Shelley Incentivized testnet snapshot has already been captured. We would like to take this opportunity to introduce High-level Design Specification for our planned production environment.
Our overall server footprint will compose of three state-of-the-art servers; two will operate our staking platform and the third will participate in consensus over any automated disaster recovery plan execution as so-called “witness”. The third server is present to mitigate risks associated with automated disaster recovery called “split brain”. In essence, it is meant to prevent undesired activation of the disaster recovery plan in case of a network connectivity problems.
Each of our servers will be placed in a different collocation datacenter, one of which will be located in Poland. This infrastructure topology will help us protect our Stake Pool against disasters, both natural and man-made as well as possible government scrutiny.
All our servers will be secured as per relevant Center for Internet Security baselines, with relevant exceptions registered in the exception register as per our IT Governance guidelines.
Each datacenter site will be connected to two different Internet eXchange Points (IXP) and to rest of the Internet using different IP transit providers. This network topology will provide high level of resilience against Distributed Denial of Service attacks which are common in Blockchain peer-to-peer networks.
In addition to these slot-leader servers, we will also operate a separate layer of relay nodes connected to different service providers networks to further strengthen our resilience against DDoS attacks.
From the operating system perspective, we will rely on SUSE Linux Enterprise Server with a little addition of virtualization and Docker containerization on top. This architectural approach will enable us to streamline our deployment processes as well as to seek support from a commercial Linux distribution provider shall we’ve encounter any operating system related issues.
We are confident, that our private IaaS platform will not only be rock-solid platform for Staking-as-a-Service operations, but with some minor tweaks down the line will also enable us to provide variety of Blockchain and Decentralized Finance related services we have in the pipeline.
Over the duration of the Incentivized Shelley Testnet, we will publish more sneak-peaks behind a curtain of our infrastructure stack as well as services we plan to launch more down the line after Cardano mainnet is upgraded to Shelley.