KiiChain
  • Learn
    • What is KiiChain?
    • KiiChain
      • Vision of KiiChain
      • The Problems We Solve
      • Use Cases
      • Roadmap
      • Whitepaper
      • Business Model
    • Tokenomics
      • Intro Coin Details
      • Coin Unlocking Schedule
      • Utility
      • Evergreen Model
    • Getting Started
      • Get a Wallet
      • Download a Mobile Wallet
      • Set Up a Web Wallet
      • Connect Wallet to Explorer App
  • BUILD ON KIICHAIN
    • Developer Hub
    • Testnet Oro
    • Endpoints - Cosmos
      • EVM
        • VM
        • ERC20
        • FeeMarket
      • IBC
      • Kiichain
        • TokenFactory
      • Cosmwasm
      • Cosmos
        • Auth
        • Authz
        • Bank
        • Tendermint
        • Consensus
        • Distribution
        • Evidence
        • Feegrant
        • Gov
        • Slashing
        • Staking
        • Tx
        • Upgrade
    • Developer Tools
      • RWA Protocol
      • Rust SDK
      • JS/TS SDK
        • Kiijs-evm
        • Kiijs-proto
      • Deploy a smart contract
      • Deploy a dApp
      • Testnet faucet
    • Smart Contracts
    • Modules
      • TokenFactory
      • EVM
  • Validate the Network
    • Getting Started
      • What is a delegator?
      • What is a validator?
    • Run a Validator / Full Node
      • Getting started
      • Step-by-Step Guide
        • Becoming a Validator
        • Recovering Legacy Addresses
      • Maintaining a validator
      • Incentive
      • Technical requirements
      • Validator Security
    • Economics
      • Staking Requirements
      • Delegation / Staking
      • Rewards
      • Block Rewards Formula
      • APR
    • Delegator Information
      • Choosing a validator
      • Directives of delegators
      • Incentive to stake
      • Security considerations
      • Risks to consider
  • KII AMBASSADORS
    • What does it mean to be a KiiAmbassador?
    • Your Core Responsibilities
    • Participation Perks
    • Points System & Performance
    • How to lose the Role
    • Evaluation Process
  • KIIEX
    • Set Up KIIEX Account
      • Contact OTC Desk
    • Connect to KIIEX APIs
      • Introduction
        • New endpoints
        • Revised calls
        • Behavior Changes
        • Revised Calls 3.5.0
      • Background Information
        • Message Frame
        • Standard Response Objects and Common Error Codes
        • Modules
        • Users, Accounts, and Permissions
        • Products and Instruments
        • Quotes and Orders
        • Time– and Date-Stamp Formats
        • The Trading Day
      • Users
        • Activate2FA
        • AddUserAffiliateTag
        • Authenticate2FA
        • AuthenticateUser
        • CancelUserReport
        • GetAllUnredactedUserConfigsForUser
        • GetL2Snapshot
        • GetLevel1
        • GetUnredactedUserConfigByKey
        • GetUserAccountInfos
        • GetUserAccounts
        • GetUserAffiliateCount
        • GetUserAfilliateTag
        • GetUserConfig
        • GetUserDevices
        • GetUserReportTickets
        • GetUserReportWriterResultRecords
        • GetValidate2FARequiredEndpoints
        • LogOut
        • RegisterNewDevice
        • SubscribeAccountEvents
        • SubscribeBlockTrades
        • SuscribeLevel1
        • SubscribeLevel2
        • SubscribeTicker
        • SubscribeTrades
        • UnsuscribeBlockTrades
        • UnsubscribeLevel1
        • UnsubscribeLevel2
        • UnsubscribeTicket
        • UnsuscribeTrades
        • UpdateUserAffiliateTag
        • Validate2FA
      • Accounts
        • GetAccountInfo
        • GenerateTransactionActivityReport
        • GenerateTradeActivityReport
        • GenerateTreasuryActivityReport
        • GetAllAccountConfigs
        • GetAccountPositions
        • GetTreasuryProductsForAccount
        • ScheduleTradeActivityReport
      • Trades
        • GetAccountTrades
        • GetAccountTransactions
        • GetAllOpenTradeReports
        • GetOpenTradeReports
        • GetTickerHistory
        • GetTradesHistory
      • OMS Orders
        • CancelAllOrders
        • CancelOrder
        • CancelQuote
        • CancelReplaceOrder
        • CreateQuote
        • GetOMSFeeTiers
        • GetOpenOrders
        • GetOpenQuotes
        • GetOrderFee
        • GetOrderHistory
        • GetOrderHistoryByOrderId
        • GetOrdersHistory
        • GetOrderStatus
        • ModifyOrder
        • SendOrder
        • SubmitBlockTrade
        • UpdateQuote
      • Products
        • GetProduct
        • GetProducts
      • Instruments
        • GetInstrument
        • GetInstruments
      • Tickets
        • CreateDepositTicket
        • CancelWithdraw
        • CreateWithdrawTicket
        • Deposit withdraw template
        • GetAccountDepositTransactions
        • GetAccountWithdrawTransactions
        • GetAllDepositRequestInfoTemplates
        • GetDeposits
        • GetDepositInfo
        • GetDepositTicket
        • GetDepositRequestInfoTemplate
        • GetOMSWithdrawFees
        • GetStandardTemplateExample
        • GetTetherRPCWithdrawTemplateExample
        • GetWithdrawFee
        • GetWithdraws
        • GetWithdrawTemplate
        • GetWithdrawTemplateTypes
        • GetWithdrawTicket
        • GetWithdrawTickets
        • SubmitDepositTicketComment
        • SubmitWithdrawTicketComment
      • Misc
        • Ping
Powered by GitBook
LogoLogo
On this page
  • What are hardware requirements?
  • What are software requirements?
  • What are bandwidth requirements?
  • How to handle key management?
  • What can validators expect in terms of operations?
  • What are the maintenance requirements?
  • How can validators protect themselves from denial-of-service attacks?
Export as PDF
  1. Validate the Network
  2. Run a Validator / Full Node

Technical requirements

For hardware and software protocols.

What are hardware requirements?

A modest level of hardware specifications is initially required and rises as network use increases. Participating in the testnet is the best way to learn more.

Validators are recommended to set up sentry nodes to protect your validator node from DDoS attacks.

What are software requirements?

Validators are expected to implement monitoring, alerting, and management solutions. There are several tools that you can use.

What are bandwidth requirements?

Kiichain has the capacity for very high throughput relative to chains like Dash, Ethereum or Bitcoin.

We recommend that the data center nodes connect only to trusted full nodes in the cloud or other validators that know each other socially. This connection strategy relieves the data center node from the burden of mitigating denial-of-service attacks.

Ultimately, as the network becomes more heavily used, multi-gigabyte per day bandwidth is very realistic.

How to handle key management?

Validators are expected to run an HSM that supports ed25519 keys. Here are potential options:

  • YubiHSM 2

  • Ledger Nano S

  • Ledger BOLOS SGX enclave

  • Thales nShield support

Kii Global nor the Interchain Foundation does not recommend one solution above the other. The community is encouraged to bolster the effort to improve HSMs and the security of key management.

What can validators expect in terms of operations?

Running an effective operation is key to avoiding unexpected unbonding or slashing. Operations must be able to respond to attacks and outages, as well as maintain security and isolation in the data center.

What are the maintenance requirements?

During an chain upgrade, progress is discussed in a private channel in the Kii Discord. If your validator is in the active set we encourage you to request access to that channel by contacting a moderator.

How can validators protect themselves from denial-of-service attacks?

Denial-of-service attacks occur when an attacker sends a flood of internet traffic to an IP address to prevent the server at the IP address from connecting to the internet.

An attacker scans the network, tries to learn the IP address of various validator nodes, and disconnects them from communication by flooding them with traffic.

One recommended way to mitigate these risks is for validators to carefully structure their network topology using a sentry node architecture.

Validator nodes are expected to connect only to full nodes they trust because they operate the full nodes themselves or the trust full nodes are run by other validators they know socially. A validator node is typically run in a data center. Most data centers provide direct links to the networks of major cloud providers. The validator can use those links to connect to sentry nodes in the cloud. This mitigation shifts the burden of denial-of-service from the validator's node directly to its sentry nodes, and can require that new sentry nodes are spun up or activated to mitigate attacks on existing ones.

Sentry nodes can be quickly spun up or change their IP addresses. Because the links to the sentry nodes are in private IP space, an internet-based attack cannot disturb them directly. This strategy ensures that validator block proposals and votes have a much higher chance to make it to the rest of the network.

PreviousIncentiveNextValidator Security

Last updated 4 months ago

Validators are expected to perform regular software updates to accommodate chain upgrades and bug fixes. It is suggested to consider using to partially automate this process.

For more sentry node details, see the or the on the forum.

Cosmovisor (opens new window)
CometBFT Documentation (opens new window)
Sentry Node Architecture Overview (opens new window)