Pell Network
  • Introduction
    • Welcome to Pell Network
    • Pell Network Architecture
    • Pell Chain Intro
    • Official Links
  • PELL Tokenomics
  • Restaking Guides
    • Restaking Guides
    • Restaking Mechanism
    • Delegation Mechanism
    • Clarification of Staker and Operator Roles
    • Support Networks
    • Support Assets
    • FAQ
  • DVS Developer Guides
    • Introduction
    • DVS Use Cases
    • How to build an DVS on Pell?
    • DVS Rewards
    • DVS Onboarding
    • DVS Node Specification
    • Resources
      • Essential Security Practices for DVS Developers
      • Critical Security Guidelines for Developers
  • Node Operator Guides
    • Introduction
    • Installation(Draft)
    • Keyring
    • Operator Onboarding?
    • Essential Security Practices for Node Operators
  • Points System
    • Restaked Points
    • Point Campaign: Epochs 1
    • Point Campaign: Epochs 2 (Coming Soon)
  • Security
    • Bug Bounty Program
    • Audits
    • Contracts Address
  • Litepaper
  • Testnet
    • How to Get Gas from the Pell Discord/BNB/Core/Mantle/exSat Faucet
    • How to Claim Testnet Tokens
    • How to Restake Testnet Tokens on Pell Testnet
    • How to Delegate Testnet Tokens on Pell
    • Testnet FAQ(English)
    • Testnet FAQ (Chinese)
Powered by GitBook
On this page

Was this helpful?

  1. DVS Developer Guides
  2. Resources

Essential Security Practices for DVS Developers

PreviousResourcesNextCritical Security Guidelines for Developers

Last updated 8 months ago

Was this helpful?

Least Privilege:

Containers should run with the minimum required privileges, which should be specified by the DVS developer team. If not specified, operators should consult the DVS developer team directly.

Security and Maintenance:

  • Emit runtime logs, including security events.

  • Use minimal base images, such as , to reduce the attack surface.

  • Release updated images with security patches regularly.

  • Ensure DVS-related ECDSA keys are used only for non-fund-holding updates (e.g., modifying IP and port details in a smart contract).

Container Management:

  • Do not store key material on containers; refer to key management documentation.

  • User IDs should be formatted as DVS-NAME-random to avoid conflicts with the host.

Image and Software Management:

  • DVS developer teams should for releases and upgrades, with Docker displaying a verified badge for signed images.

  • Tag new releases via updated images and ensure clear release notes explaining new features and breaking changes.

  • Operators should control their software upgrades, avoiding automated upgrade mechanisms.

Communication:

Establish direct communication channels (e.g., Discord, Telegram) with operators to coordinate upgrades smoothly.

ko Go containers
sign their images