Curve
Curve
Jul 14, 2024
Useful Links
Website: https://www.validationcloud.io/
Analytics: Rated Network - Validation Cloud
EigenLayer Operators: Validation Cloud | EtherFi
This report is conducted by the YieldNest independent risk and research team operated by Llama Risk in support of its node operator onboarding process. In this report, we examine Validation Cloud, a professional node operator.
This report provides insights into the operational practices, historical performance, and relevant risk factors of Validation Cloud as a restaking service provider. Our approach involves both quantitative and qualitative analysis to help inform the YieldNest community about making restaked ETH delegation decisions.
Section 1: Operator Introduction
This section addresses the fundamentals of the Node Operator. It contains descriptive elements that provide an introduction to the service provider.
1.1 Service Offering
Validation Cloud offers enterprise-grade staking, node, and data-as-a-service capabilities. It is a leading provider of Web3 infrastructure solutions.
The company website showcases two core products:
Staking - full suite Staking-as-a-Service (StaaS) built for “enterprise-grade” client demand. Its non-custodial staking solution enables on-demand deployment (without opt-in/opt-out periods), automated rewards management and top security standards (SOC 2 Type II audit).
Node API - a comprehensive suite of API endpoints, categorized by crypto network, to ensure seamless integration and interoperability across the web3 ecosystem.
Validation Cloud's business model is based around a user-centric approach, targeting primarily institutional-level clients and organizations. Their focus lies in providing highly customizable products and services tailored to the specific needs of these enterprises and teams.
One of the core pillars of Validation Cloud's offering is their user-friendly interface for managing validators. The platform allows clients to easily deploy and manage their validators without specific technical knowledge, and in that way lowering the barrier to entry for institutional adoption.
Source: Validation Cloud - Staking
According to the CompareNode website, the Validation Cloud is the fastest way to connect to Web3 and the solution with the lowest latency worldwide.
Source: CompareNodes | Date: 6/26/2024
1.2 Staking Service Provider Longevity
Validation Cloud has been providing staking and node services since July 2022. (the company was launched in July 2022 by Validation Capital)
1.3 Team
Source: Pitchbook, Startupticker
Validation Cloud takes an interesting approach to build credibility with a Medium blog series called "Team Profiles". The blog series highlights the diverse backgrounds and expertise of team members at Validation Cloud, showcasing their knowledge and experience in the industry. This helps potential clients feel more connected to the team and reassures them of the company's expertise, with the aim of creating stronger client relationships.
1.4 Investors
Validation Cloud raised $5.8 million, as publicized on February 27, 2024, in a seed round led by Cadenza Ventures. GS Futures, AP Capital, Blockwall, Bloccelerate, Side Door Ventures, and Blockchain Founders Fund also participated in the capital raise.
Source: RootData | Dste: 6/26/2024
1.5 Communication and Engagement
Beyond the standard email communication line, Validation Cloud also operates a blog and offers a docs section on its website. Nevertheless, these platforms do not feature an overwhelming quantity of materials.
Section 2: Business Sustainability
This section goes into further detail about the node operator business model, including its revenue streams and industry partnerships. This information should provide insight into the sustainability of the operator's business.
2.1 Business Model
The StaaS platform offered by Validation Cloud involves these features:
Focus on "enterprise-grade" client demand
Non-custodial solution with on-demand validator deployment (limitation - 100 validators in a single transaction or API request)
Automatic reward splitting via smart contract
Set a benchmark for excellence via SOC 2 Type II compliance
White-label availability through client platform (e.g. EtherFi Restaking node)
DVT staking option (Obol)
Initially, Validation Cloud's approach was to support smaller blockchain networks (e.g. Hedera, Aptos, Provenance), establishing themselves as a trusted partner from the early stages of these projects. This strategic move not only allowed them to gain valuable experience and expertise but also positioned them as a go-to provider as these blockchain ecosystems matured and attracted institutional interest.
It should certainly be mentioned that Validation Cloud, by acquiring the SOC2 Type II compliance certificate, has expanded its market opportunity. Many traditional finance institutions demand strict compliance to specific security standards when entering into a business venture (depending on the business model and operations of the individual provider).
2.2 Revenue Streams
Like any other StaaS business, the provider has multiple potential revenue streams:
1) Node API Services
They offer a comprehensive suite of Node APIs across numerous blockchain networks like Ethereum, Aptos, Avalanche, BNB, Bitcoin, etc. This allows them to generate revenue from developers and their applications via subscriptions and usage-based pricing for API access.
2) Staking-as-a-Service
Their core offering of non-custodial, SOC2-compliant staking infrastructure primarily targets enterprises and institutions. They charge a 10% commission on the staking rewards earned by validators deployed on their platform.
3) Additional services as support for the StaaS core business
Validation Cloud also offers a "white-label" staking solution (similar to one provided to EtherFi) and could potentially offer other services like IaaS, consulting, secure custody, asset management, etc. to institutional clients, generating further revenue streams.
2.3 Pricing Model and Fee Structure
The pricing model and fee structure of Validation Cloud are set in a very flexible, "user-centric" way. Its Staking Service Provider platform charges 10% on client staking profits. In terms of providing Node APIs, Validation Cloud offers a free tier up to 50m CU. Calls above that threshold use a "pay-as-you-go" pricing model.
2.4 Partnerships
Partnerships with other blockchain businesses can enhance the services offered by staking service providers and contribute to their growth. Providers should disclose their strategic partnerships and the benefits they bring to their operations.
Protocols supported by Validation Cloud's staking solution:
Ethereum,
Aptos,
EigenLayer,
Casper,
Flow,
Obol,
dydx,
Saga,
Provenance,
Zetachain on mainnet, and on testnet
Aleo and
Berachain.
Validation Cloud supports the development of EVM-based, purpose-built blockchain, Autonity, by running validators on its testnet. This protocol is specifically designed for peer-to-peer networks that host decentralized risk markets.
Validation Cloud has entered into a partnership with DoraHacks - a global leading hacker organization (hackathon, bug bounties, grant programs). As part of the partnership, developers who participate in Dorahack's events will have free access to Validation Cloud's Node API product (e.g. Javelin).
Validation Cloud joined DIN, a decentralized RPC-as-a-service initiative, to enhance the accessibility, reliability, and efficiency of Web3 data access.
Section 3: Regulatory Compliance
This section outlines the legal status of the operator, including specific conditions to its chosen jurisdiction, and the obligations those impart to its customers. It serves to clarify the likelihood of adverse regulatory conditions that may threaten the operator's service offerings and to understand user assurances.
3.1 Legal and Regulatory Compliance
Validation Cloud, incorporated under Swiss law and headquartered at Dammstrasse 16, 6300 Zug, Switzerland, serves as the designated operator of validationcloud.io. Through this platform, Validation Cloud provides access to its proprietary offerings, including the Node API and Staking Services.
3.2 Jurisdictional Considerations
Switzerland has established itself as a pioneer in the adoption of blockchain technology, fostering a vibrant ecosystem of ventures in blockchain and crypto-assets. Renowned as a prime hub for distributed ledger technology (DLT) and blockchain innovations, the nation continues to lead regulatory advancements in this rapidly evolving sector.
The Federal Financial Market Supervisory Authority (FINMA) has issued comprehensive Guidance on staking, delineating the distinctions between custodial and non-custodial staking. This document elaborates on the associated risks, the supervisory framework, and the legal ramifications of engaging in staking activities. Importantly, the guidance specifies that custodial staking does not necessitate a banking license. Non-custodial staking has not come under regulatory scrutiny yet.
3.3 Transparency
Staking Services at Validation Cloud are comprehensively outlined, positioning the company as a non-custodial provider. These services enable users to engage in staking activities without relinquishing control of their private keys or assets. Validation Cloud is responsible for establishing, maintaining, and operating the essential infrastructure for these Staking Services.
The conditions for account eligibility are meticulously detailed. A user is classified as non-compliant if they engage in suspicious transactions, operate multiple distinct accounts, are suspected of fraud, become subject to sanctions as per the Sanctions Regulation, or fail to provide information requested by Validation Cloud in accordance with its legal and regulatory obligations under AML/CFT regulations, etc.
The refund conditions are explicitly stated: a user is entitled to a refund only if the service provided does not correspond with the product description.
Geographical restrictions are specified as follows: This website is intended for use solely by individuals located in Switzerland. The company does not represent that the website or any of its content is accessible or appropriate outside of Switzerland. Access to the website from outside Switzerland may contravene local laws and is undertaken at the user’s own risk.
Regarding Sanctions, AML, and CTF regulations, Validation Cloud does not assert, nor can it ensure, that it or any of its products are suitable or available in any particular location or jurisdiction, and comply with the laws of any specific location or jurisdiction. Due to certain sanctions, Validation Cloud prohibits customers with IP addresses from sanctioned regions or countries from creating accounts or initiating endpoints.
3.4 Disclaimers
Terms of Service disclose all the inherent risks associated with staking and staking services, including the decentralized and largely unregulated nature of crypto markets, high volatility, and potential for significant capital loss. Technical risks such as security failures, key management errors, and protocol malfunctions are explained, along with regulatory risks stemming from potential changes in the legal landscape. Users are warned about the potential for unforeseen risks, including slashing penalties imposed by blockchain protocols for performance issues, which could result in the loss of staking rewards or staked assets. Liquidity risks are present, as staked assets are not tradable until unstaked, which may be delayed by protocol-specific queuing systems. There is notification also that market risks due to the high volatility of tokens may lead to losses exceeding staking rewards.
The website and services are provided "as is" and "as available," without warranties of any kind. Validation Cloud exercises due care in service provision but is not liable for any damages arising from user errors, third-party failures, or blockchain malfunctions. Users are responsible for the security of their own wallets and keys.
Section 4: Security Protocols
This section delves into the security documentation of the operator and assesses the protective measures established for delegators. It also examines the security protocols that are implemented and followed, as well as the audits that are carried out. Furthermore, the staking infrastructure is assessed from a security perspective. On the operational side, the focus is on the maintenance of validators and the designs concerning AVS selection.
4.1. Delegator Insurance
Our checks indicate that there is no established security fund to protect delegators, nor is there accessible data on slashing protection insurance offerings for delegators.
4.2. Internal Security Protocols
Key Management (Private Key Policy)
On the Validation Cloud platform, each validator operates with a remote signer, following the principle of least privilege by being the only component with access to the validator's private keys. This setup enhances security by separating key management from other operations. Validator keys are generated in a secure, ephemeral environment and stored in AWS Secrets Manager, accessible only to remote signers, which reduces the risk of key exposure.
For the remote signer, Validation Cloud utilizes Web3Signer built by Consensys. Web3Signer has a built-in PostgreSQL slashing database to prevent slashing events.
Compliance Certificates (ISO, SOC 2)
SOC 2 is an auditing procedure that ensures service organizations maintain high standards for security, availability, processing integrity, confidentiality, and privacy. Validation Cloud became SOC 2 Type 2 compliant, demonstrating a strong commitment to platform security and availability.
Internal Security Controls
Internal security controls, including infrastructure, organizational, and product security are not disclosed. Data control and privacy matters are referenced in the Privacy Policy.
Third-party Audits
Third-party smart contract audits are entrusted to Certik. Progress can be checked on Certik SkyNet dashboard.
4.3. Node and Staking Infrastructure
Validator infrastructure
For running validators, Validation Cloud utilize a high-availability Kubernetes cluster configured as a stateful set. By leveraging Kubernetes, Validation Cloud can effectively manage the deployment, scaling, and operation of the validators, allowing for seamless execution of validation tasks.
Geographically diversification
On the CompareNode website, it is visible that Validation Cloud servers are globally distributed with coverage on every continent.
Client diversification
Validation Cloud relies 100% on the Lighthouse consensus client (according to Rated Network data).
Source: Rated.Network | Date: 6/26/2024
4.4. Validators Maintenance
Validation Cloud uses Datadog for comprehensive monitoring and alerting of their technology stack. They have set up alerts for various scenarios, such as missed attestations, missed proposals, slashing events, and other infrastructure component issues, ensuring 0-24h monitoring.
4.5. Node Operator Approach to AVS Selection
Validation Cloud primarily serves as an infrastructure provider for enterprise-grade clients where the AVS selection is under the complete control of the client. But Validation Cloud also operates its own "Operator profile" on EigenLayer with 1.328 restaked ETH in the form of LSTs with four registered AVSs: Xterio, AltLayer, Omni Network, and OpenLayer.
EtherFi white-label (Validation Cloud) EigenLayer operator:
Source: EigenLayer
Validation Cloud EigenLayer operator:
Source: EigenLayer
Section 5: On-chain Performance
This section focuses on sources that attest to the on-chain track record of the operator, providing valuable insights into their historical performance and behavior. By observing on-chain data, a deeper understanding of the operator's track record and their reliability can be gained.
Over a trailing 30-day period, Validator Cloud has performed in the top 15% as calculated by Rated.Network's "Rated Effectiveness Rating" (RAVER), a composite scoring metric of operator performance in their deterministic responsibilities.
Source: Rated.Network | Date: 6/26/2024
The Rated Network platform evaluates validators' performance using various metrics that are intended to form an overall score reflecting the validator’s effectiveness, reliability, and economic performance.
The following data reflect Cloud Validator's track record of historical performance as per Rated Network (Rated Network metrics - Validator Cloud), 30 day window as of June 19, 2024.
Source: Rated Network and EigenLayer - own and white-label
Overall, the metrics indicate a highly reliable and profitable validator set operated by Validator Cloud with the absence of slashing or significant penalties.
Conclusion
The evaluation reveals that Validation Cloud possesses notable strengths, including high operational flexibility and extensive geographical diversification of nodes, alongside robust performance attestations. However, concerns about the degree of centralization and the dependency on specific cloud providers as well as the lack of publicly accessible information on validator infrastructure should not be neglected. Validator Cloud's sole reliance on the Lighthouse client somewhat reinforces network-wide client centralization, or which Lighthouse is the second most prominent consensus client over a trailing 30-day period.
The overall network consensus client distribution over the past 30 days is shown below:
Source: Rated.Network | Date: 6/26/2024
With regard to the decision by YieldNest to delegate restaked ETH to Validation Cloud, the information presented in this report typifies an operator with extensive experience and a solid track record. We support the decision to onboard Validation Cloud with a recommendation for vigilant oversight. It is advisable for YieldNest to actively pursue further details about Validation Cloud's operational dependencies and infrastructure security. Engaging in deeper business-to-business dialogue could yield critical insights and data, enhancing transparency.