I audit blockchain node and validator infrastructure security — covering RPC exposure, validator key management, admin interface access, node software configuration, and cloud host security for Ethereum, EVM-compatible chains, and other L1s.
Audit scope: Ethereum execution and consensus client configuration (Geth, Reth, Nethermind, Lighthouse, Prysm — auth RPC exposure, peer discovery, log verbosity); validator key management and remote signer security (Web3Signer, Dirk, keystore file permissions); RPC endpoint access controls and rate limiting; admin interface exposure (Grafana, Prometheus, custom management APIs); Docker/Compose configuration for node stacks; cloud host security (firewall rules, IAM, SSH hardening, OS baseline); and monitoring and alerting coverage gaps.
Config-file-only review available if you prefer not to grant live access — share your configs and I'll audit statically. Live access enables more comprehensive coverage.
Deliverables: infrastructure security report with severity-rated findings, evidence, and step-by-step remediation guidance tailored to your stack.