Bridge uses same key custody for >30% validators

Lombard Finance's assessment for RD-F-156 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

15 diverse institutional members. Cubist is both a Consortium member (1/15 = 6.7% vote weight) and the operator of Bascule infrastructure and CubeSigner key management system. CubeSigner is Cubist's HSM product used for BTC key management. If CubeSigner manages the Consortium signing keys for multiple Consortium members beyond Cubist's own member key, the effective single-custodian share could exceed 30% of the validator set. Cannot confirm or deny from public sources whether other Consortium members use CubeSigner for their own signing keys. Yellow: Cubist dual-role (Consortium member + key infrastructure provider) is a structural concentration concern; >30% single-custodian threshold cannot be ruled out without explicit disclosure.

Sources #

Docs
Lombard Finance — LBTC DesignLombard LBTC design — CubeSigner HSMs for BTC key managementretrieved 2026-05-05
URL
Cubist — Bascule DrawbridgeCubist Bascule blog — Cubist as key management providerretrieved 2026-05-05
Docs
Lombard Finance — Consortium MembersLombard consortium members — Cubist listed as memberretrieved 2026-05-05

Methodology #

Determine whether >30% of bridge validators share a single key custodian.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol lombard factor RD-F-156 score yellow collected_at 2026-05-05 12:03:08