Why Alluvial Spearheaded NORS: Developing the Node Operator Risk Standard

Alluvial played a key role in the NORS certification’s industry-led development.

• The Node Operator Risk Standard (NORS) is a third-party certification built to meet institutional diligence expectations, demonstrating that a professional node operator meets an enterprise-grade standard for Ethereum validator risk management.
• The need for diligence to be audited by a third-party, certified auditing firm, one that meets the existing requirements for security certifications, has become acute in the context of growing institutional involvement in public blockchain networks.
• While existing standards like SOC1 or ISO27001 cover enterprise diligence for operational security and information security, there has never been a custom attestation specific to the considerations of operating proof of stake validators, which carry significant and unique operational risks, like slashing.
• Alluvial spearheaded the development of NORS, and facilitated the industry-led NORS development working group, to meet this need for ​​a standard that professionalizes the staking ecosystem and enables mainstream proof of stake adoption.

Today, a group of industry-leading organizations announced the Node Operator Risk Standard (NORS): a certification that a node operator meets an enterprise-grade standard for Ethereum validator risk management. A third-party certification built to meet institutional diligence expectations, with attestation from auditors at Big-4 firms including KPMG, NORS was collaboratively developed and hardened by a broad working group, led and facilitated by Alluvial for Liquid Collective, including Aon, Blockdaemon, Chainproof, Coinbase, DV Labs, Eigen Labs, Figment, Galaxy, Nexus Mutual, Staked, and others.

Together, we gathered insights from experts in the finance, auditing, insurance, and proof of stake ecosystems who collectively saw the need to align on a comprehensive certification of validator risk management—one that met the requirements to be accepted and adopted by leading enterprises and institutions.

“At Alluvial, we are focused on enabling mainstream adoption and participation in proof of stake blockchains. Spearheading the development of NORS was a natural choice, not only in our efforts to establish a trusted and secure staking standard via Liquid Collective, but to broaden institutional adoption across the industry," said Mara Schmiedt, CEO of Alluvial. "By establishing rigorous, enterprise-grade criteria, NORS empowers stakeholders to evaluate staking technologies through a risk-adjusted lens, ensuring that security and transparency align with institutional expectations.”

The origins of NORS: the need for institutional diligence in staking

Alluvial works with industry leaders to shepherd the product development and growth of the Liquid Collective protocol. Within Liquid Collective’s guiding principles is a focus on collaboration, and the development of industry standards to drive collective growth and resilience.

From Alluvial’s earliest days supporting Liquid Collective’s development, the onchain evaluation of validator performance was top-of-mind as a means to develop objective, benchmarked standards for expanding an enterprise-grade active set. It quickly became clear that both the vectors of validator consensus performance and validator risk profile would need to be evaluated to ensure that the active set’s resilience and security could not be sacrificed in pursuit of higher staking reward rates.

When evaluating existing solutions for objective node operator risk measurement, the team identified a gap: the need for diligence to be audited by a third-party, certified auditing firm, one that meets institutions’ existing requirements for security certifications.

This need has become acute in the context of growing institutional involvement in public blockchain networks, including the growth of BTC and ETH ETFs and movement toward staking-backed ETFs. While existing standards like SOC1 or ISO27001 cover enterprise diligence for operational security and information security, there has never been a custom attestation specific to the considerations of operating proof of stake validators, which carry significant and unique operational risks, like slashing.

We’re proud to have spearheaded NORS’ development to meet this need for objective verification of a node operator's ETH validator risk management, one that meets the due diligence expectations of institutions, including attestation from licensed auditors at reputable firms.

Why does NORS matter?

Shared metrics to evaluate participation through a risk-adjusted lens are tablestakes in traditional finance. While staking participation is rapidly expanding, there has remained a lack of a shared language for objectively evaluating node operators through a risk-adjusted lens.

Developing this shared understanding is critical for the proof of stake ecosystem’s continued growth and maturity. How node operators manage the risks specific to staking has real implications, from the long-term viability of a service provider’s effective network staking reward rate (SRR), to the comparative risk that a node operator may be subject to losses due to a slashing incident resulting from their own infrastructure management.

Beyond overall shared standards for evaluating staking participation, true participation in public blockchain networks can’t go mainstream unless the risks specific to staking can be understood and mitigated. This supports the expansion of staking in multiple ways.

• Professionalization: The launch of the NORS certification by industry leaders signifies the maturation and professionalization of the Ethereum staking space.
• Operational excellence: NORS enables professional node operators to be evaluated not just on the ETH staking reward rate they provide, but on the ETH network rewards they provide in relation to the level of risk their infrastructure operations present.
• Product differentiation: NORS will allow node operators to differentiate themselves while helping stakers and service providers to outsource and streamline due diligence.
• Industry standardization: Aligning security, diversity, and operational best practices, a standard set of criteria for measuring and attesting to the risk mitigations of an Ethereum node operator is a crucial development for expanding the integrity and trustworthiness of ETH staking infrastructure.

For all of these reasons, the launch of the NORS certification represents a significant step forward in the maturation and professionalization of the Ethereum staking ecosystem. By establishing a standardized framework for evaluating validator risk management, NORS promotes transparency, security, and operational excellence within the industry. This not only benefits individual node operators but also instills greater confidence in institutional investors building up participation in the growing proof of stake ecosystem.

Ultimately, Alluvial's goal is that the widespread adoption of NORS will foster trust, resilience, and security in ETH staking infrastructure on a global scale, paving the way for mainstream adoption of proof of stake blockchains.

To learn more about the Node Operator Risk Standard and how to get involved, visit nors.global. You can stay up-to-date with Alluvial’s latest work developing next-generation staking for businesses by following Alluvial on X or LinkedIn.

About NORS

The Node Operator Risk Standard (NORS) promotes enterprise-grade security and operational excellence for Ethereum node operators, through rigorous staking risk management standards and third-party certification.
nors.global

About Liquid Collective

Liquid Collective is the trusted and secure staking standard: designed to meet the needs of enterprises, built and supported by a broad and dispersed collective of industry leaders.
liquidcollective.io

About Alluvial

Alluvial is a software development company offering a suite of enterprise-grade staking products and services. We’re focused on enabling mainstream adoption and participation in proof of stake blockchains.
alluvial.finance