π Site Β· π Docs Β· π¦ crates.io package Β· π¬ Cryptuon Research
Policy-enforcing trust boundary for PoS validators β the slashing firewall in front of your signing keys.
Nklave is a signing security layer that makes slashable signing impossible by construction. It sits between validator clients and signing keys, enforcing EIP-3076 slashing-prevention rules and configurable policies before any signature is produced β so a compromised or buggy validator client cannot produce a slashable signature, even when the host is fully compromised.
For most of proof-of-stake's history, a validator key faced exactly one slashing surface: the consensus layer of the chain it validated. Restaking changed that. As EigenLayer-style restaking and Actively Validated Services (AVS) go mainstream, the same staked capital and β increasingly β the same keys are opted into multiple independent slashing regimes at once. Each AVS defines its own slashing conditions. Each one is a new way to lose stake, governed by code you did not write.
That shift makes the boundary between "what asked for a signature" and "what actually gets signed" the single most valuable control point a staking operation has. A policy firewall that sits in front of the signing keys β refusing anything that violates a rule before the key is touched, and logging every decision β stops being a nice-to-have and becomes critical infrastructure.
nklave is that firewall. Today it enforces the consensus-layer slashing rules that account for the overwhelming majority of real-world slashing incidents (double proposals, double votes, surround votes on Ethereum; height/round double-signing on CometBFT), with EIP-3076 interchange import/export for migration. Its policy layer evaluates every request to an explicit allow-or-refuse decision before the key is reached β exactly the shape you need as restaking pushes more, and more heterogeneous, signing constraints down onto the same keys.
Honest scope: nklave enforces protocol-level slashing prevention (EIP-3076 and equivalents). AVS-specific slashing conditions are defined per-service and are not built in β but the policy engine is designed so operators can express additional guardrails as first-class policies. See ROADMAP.md for where restaking-aware policy work is headed.
βββββββββββββββββββ βββββββββββββββββββββββββββββββββββ βββββββββββββββββββ
β Validator Clientβ β Nklave β β Signing Keys β
β β Sign β βββββββββββββββββββββββββββββ β β β
β - Lighthouse β βββββββΆ β β Policy Engine β β βββββββΆ β - BLS (ETH2) β
β - Teku β β β βββββββββββββββββββββββ β β β - Ed25519 β
β - Prysm β βββββββ β β β Slashing Protection β β β βββββββ β (Cosmos) β
β - Lodestar β Sig/ β β βββββββββββββββββββββββ β β Sign β β
β β Refuse β βββββββββββββββββββββββββββββ β β β
βββββββββββββββββββ βββββββββββββββββββββββββββββββββββ βββββββββββββββββββ
β
βΌ
βββββββββββββββββββββββββ
β Append-Only Log β
β + Checkpoints β
βββββββββββββββββββββββββ
docker run -p 9000:9000 ghcr.io/cryptuon/nklavecargo install nklave-server
nklave --keys-dir ./keys --data-dir ./datagit clone https://github.com/cryptuon/nklave
cd nklave
docker compose -f docker/docker-compose.yml up- Enforce before the key is touched - The policy chain evaluates every request first; a refused request never reaches the keystore or HSM. Slashable signing is impossible by construction, even if the host is compromised.
- Web3Signer Compatible - Drop-in replacement for existing validator setups
- Slashing Protection - Enforces EIP-3076 and custom rules at the signing layer
- First-class policy engine - Slashing rules live in a dedicated policy module (
nklave-core::policy) that returns an explicitAllow/Refuse(code)decision per request β a real enforcement layer, not a config afterthought, and the extension point that matters as restaking pushes more signing constraints onto the same keys - Multi-Chain - Ethereum (BLS), Cosmos/CometBFT (Ed25519), extensible to others
- Audit Trail - Append-only decision logs with cryptographic chaining
- State Integrity - Rollback-resistant checkpoints prevent state manipulation
- Embedded UI - Vue.js dashboard for monitoring and operations
- High Availability - Primary/passive replication with automatic failover
| Crate | Description |
|---|---|
nklave-core |
Core signing logic, BLS/Ed25519 keys, slashing protection rules |
nklave-api |
Web3Signer-compatible HTTP API with embedded UI |
nklave-storage |
Append-only logs, checkpoints, EIP-3076 interchange |
nklave-server |
Main server binary with TLS, metrics, configuration |
nklave-cosmos |
Cosmos/CometBFT remote signer protocol |
nklave-cli |
CLI tools for key management and operations |
# Health checks
GET /livez # Liveness probe
GET /readyz # Readiness probe
GET /health # Detailed health status
# Web3Signer API
GET /api/v1/eth2/publicKeys # List validator public keys
POST /api/v1/eth2/sign/:pubkey # Sign a message
# Admin
POST /reload # Reload keys from disk
GET /status # Server status
POST /admin/checkpoint # Force checkpointEnvironment variables:
| Variable | Default | Description |
|---|---|---|
NKLAVE_LISTEN_ADDR |
127.0.0.1:9000 |
Server listen address |
NKLAVE_KEYS_DIR |
./keys |
Validator keystores directory |
NKLAVE_DATA_DIR |
./data |
State and logs directory |
NKLAVE_KEYSTORE_PASSWORD |
- | Password for encrypted keystores |
NKLAVE_API_TOKENS |
- | Comma-separated bearer tokens |
NKLAVE_METRICS_ADDR |
- | Prometheus metrics endpoint |
RUST_LOG |
nklave=info |
Log level |
Full documentation at docs.cryptuon.com/nklave:
See ROADMAP.md for the project vision, milestones, and the cheapest path to a production deployment.
Contributions are welcome. Please open an issue to discuss significant changes before submitting a PR.
# Run tests
cargo test --all
# Run with coverage
cargo llvm-cov --all-features
# Run benchmarks
cargo bench -p nklave-coreMIT License - Cryptuon Research Β· contact@cryptuon.com
nklave is one of 20 open-source blockchain-infrastructure projects from Cryptuon Research β blockchain theory, shipped as protocols.
Related projects: Tesseract Β· Switchboard Β· StreamSync
Docs: docs.cryptuon.com/nklave Β· Contact: contact@cryptuon.com