# nklave

> nklave is an open-source policy-enforcing trust boundary for proof-of-stake validators. It sits between validator clients and signing keys, enforcing slashing-prevention rules (EIP-3076) and configurable policies before any signature is produced. MIT-licensed, written in Rust, Web3Signer-compatible.

nklave is the signing security layer for staking operators who need slashing to be a class of bug, not a class of incident. It supports Ethereum (BLS) and Cosmos / CometBFT (Ed25519). Keys live in local keystores, YubiHSM 2, AWS CloudHSM, or GCP KMS. Every decision is committed to a tamper-evident append-only log with Merkle-root checkpoints signed by a separate operator key.

## Docs

- [Home](https://nklave.cryptuon.com/): Overview, what the trust boundary enforces, threat model summary, install
- [About](https://nklave.cryptuon.com/about/): What nklave is, security model summary, project status
- [Blog](https://nklave.cryptuon.com/blog/): Technical deep-dives on slashing protection, audit logs, and policy

## Compare

- [vs Web3Signer](https://nklave.cryptuon.com/compare/web3signer/)
- [vs Dirk](https://nklave.cryptuon.com/compare/dirk/)

## Source

- [GitHub repository](https://github.com/cryptuon/nklave)
- [Documentation site](https://docs.cryptuon.com/nklave)

## Optional

- [RSS](https://nklave.cryptuon.com/rss.xml): Blog feed
- [llms-full.txt](https://nklave.cryptuon.com/llms-full.txt): Full content dump for LLM ingestion