Our team has conducted research on improving the security of Story validators, specifically the possibility of integrating remote signing for validators with secp256k1 key support via Horcrux, which is popular among many well-known validators. We identified key issues and compared two approaches: remote signing versus block signing by a validator using only one server.
On the “Economic Impact” slide, we provide calculations of potential IP losses in the case of double sign and slash events, clearly demonstrating the risks for validators in the event of a single point of failure. We also wrote recommendations on how to address this with the help of Story developers, the active developer community, or directly through the CTO of Strangelove, who responded to our colleague in the group chat that integrating secp256k1 support is not complicated and expressed openness to a pull request on GitHub.
I hope this will be useful; we have tried to present the information as structured as possible to make it clear, and that this research will positively impact Story in the future!
You can view the presentation here: