D.U.C.K. - Knowledge Base

D.U.C.K. Knowledge Base
Risk Framework
Mitigation & Controls Library
Communications Toolkit

Powered by GitBook

On this page

Was this helpful?

Downtime (DOW)

Connectivity issues leading to reduced rewards.

PreviousSlashing (SLS)NextKey Compromises (KEC)

Last updated 7 months ago

Downtime Risks:

ID

Risk Group

Risk Vectors

Risk Vector Description

DOW1

Infrastructure

External: Operational Failure of Cloud Service Provider

Cloud Downtime, malfunction

DOW2

Infrastructure

Operational Failure of own bare metal set-up due to malfunction software

Malfunction of software (e.g. validator client or third party software) leads to downtime

DOW3

Infrastructure

Operational Failure of own bare metal set-up due to malfunction hardware

Malfunction of hardware (e.g. physical network, computer system, CPU, RAM) leads to downtime

DOW4

Infrastructure

External: Operational Failure of own bare metal set-up due to people (ManMade)

Employees are responsible for the downtime event (accidentally or intentionally)

DOW5

Infrastructure

External: Operational Failure of own bare metal set-up due to natural causes

A natural event (e.g. earthquake, flood, hurricane,...) leads to an downtime

DOW6

Infrastructure

Failure to design for high availability

Having too few beacon nodes relative to validator clients, leading to: - opportunity costs - slashing on some networks

DOW7

Infrastructure

External: Internet connectivity

Loss of infrastructure network connection due to: - Sudden cloud outage - Sudden internet failure in on-premise machines - Accidental firewall change locks out access.

DOW8

Infrastructure

External: Power supply

Power Breakdown

DOW9

Infrastructure

External: Power supply

Volatile power supply damages infrastructure

DOW10

Infrastructure

External: DDOS attack

Systems unresponsive, slowed down, and compromized due to buffer/stack overflow

DOW11

Software

Software Bug in the Validator Client

Downtime or accidental interpretation of dishonest behavior

DOW12

Software

Software Bug in the Validator Client (Intentional or accidental) through software update

New versions of a validator client that may cause errors that lead to downtime (Supply chain attack)

DOW13

Software

Software Bug in the Validator Client through software customization

New versions of a validator client may cause errors that lead to downtime

DOW14

Software

Software Bug in third party software

Third party software failure can lead to downtime of the whole system

DOW15

Software

Latency / Failure of relays

Latency / Failure of relays

DOW16

People

Malicious Internal Employee (intentionally causes operational failure)

An employee having too privileged access

DOW17

People

Malicious Ex-Employee intentionally causes a downtime incident

A Ex-Employee can still have access to the system when his acces is not blocked or removed

DOW18

People

Malicious External Hacker (intentionally causes operational failure)

A hacker may find a way to overload the system or shut parts of it down manually.

DOW19

Software

Running outdated validator software

The node operator os not updating its validator software

DOW20

Software

Validator client update incompatible with IT system

System downtime after validator client update caused by incompatibility