Hey everyone,
I’m Madrafrec, based in France, French/English speaking. I’ve spent 15+ years in datacenter infrastructure worldwide – from tier-3/4 colocation facilities to hyperscaler (Azure, AWS, Oracle, Salesforce, and more), HDS under strict regulatory frameworks, SOC 1/2, PCI DSS, ISO 27001 / 22301 / 9001 and more audited environments and certified operations. Compliance, uptime, and incident management aren’t buzzwords for me – they’re the job. I’ve managed critical infrastructure where downtime wasn’t an option and where every change went through proper process.
Outside of work, I’m a father – before anything – I’ve been in the blockchain space for years running Substrate and Cosmos nodes, operating RPCs across multiple chains, and holding DOT since the early days. I understand both sides: the infrastructure side where reliability is everything, and the crypto side where decentralization is the whole point.
I decided to run my own Polkadot validator because I believe the network needs more independent operators on dedicated hardware, in diverse geographies, run by people who actually know how to operate infrastructure professionally. Not because existing validators aren’t doing a good job – but because geographic and provider diversity is what protects against correlated failures. One more bare metal node in France, operated by someone with real ops experience, makes the network a little more resilient. When you look at the numbers below, almost 45% of validators are running on virtual machines – that’s a significant share of the network exposed to the same hypervisor-level risks and correlated failures. (source telemetry.polkadot)
Why NOW? Why DAP?
DAP Phase 1 is what made me take the leap. The framework is clear and transparent: meet the requirements, put real skin in the game, let the community decide through nominations. I appreciate that model – it rewards commitment and lets operators prove themselves through their track record rather than through a selection process. That aligns with how I think infrastructure trust should work: you earn it by showing up every day, being transparent when things go wrong, and letting your metrics speak.
What specifically resonates with me about Polkadot: the idea that shared security shouldn’t require trust in a single implementation, that governance belongs on-chain to the people who have skin in the game, and that infrastructure diversity isn’t a nice-to-have – it’s the whole point.
Hardware
Dedicated bare metal server — not cloud, not VPS, not shared.
| Spec | Detail |
|---|---|
| Provider | OVH Dedicated (Gravelines, France) |
| CPU | Intel Xeon-E 2288G — 8c/16t, 3.7 GHz / 5.0 GHz |
| RAM | 128 GB DDR4 ECC |
| Storage | 2× 1,92To NVMe SSD (Software RAID 1) |
| Network | Dedicated 1 Gbit/s |
| OS | Ubuntu 24.04 LTS x86_64 |
Security hardening
This is my day job for 15+ years. The node is locked down:
-
SMT: disabled (PVF execution isolation)
-
NUMA balancing: disabled
-
Firewall: strict allowlist – only P2P port (30333) open inbound. RPC/WS closed to outside.
-
SSH: key-only authentication, root login disabled, non-standard port
-
Seccomp: enabled
-
Auto-updates: unattended-upgrades for security patches
-
Monitoring: Prometheus + Grafana, alerting on block production, peer count, disk, CPU
-
No unnecessary services: minimal install, attack surface reduced to the strict minimum
Benchmark
Polkadot reference hardware benchmark: all 6 checks passed.
On-chain setup
| Stash | 16Pb7ykJ1X1gB8HtsH7JqX5E6brjMqAqxhWEHRByGwhuv9nu |
| Identity | Tech-dc | Validator 01 — Verified (Reasonable) |
| Self-stake | 10,481 DOT (for now) |
| Commission | 0% until march 14th → 10% (DAP minimum) |
| Rewards | Auto-compound (staked) |
| Proxy | Non-transfer proxy for operations — stash stays cold on Ledger |
What I commit to
-
OpenGov participation: vote on referendum and publish reasoning.
-
Commission stability: 10% (DAP minimum). 7 days public notice before any change. Currently at 0% until March 14th
-
Transparent incidents: if something breaks, I’ll post about it here, on Twitter, and on Element. No silent downtimes.
What are my plans for the future?
If I make it to the active set, the goal is to expand to new locations in new metros – always the same idea: more decentralized, more resilient.
What I’m honest about
This is a single dedicated server. If the hardware fails, there’s downtime until OVH replaces the component – typically a few hours. I have auto-restart for software issues, 24/7 monitoring with alerts, and RAID 1 for disk redundancy. But I’m not going to claim five nines.
That said – independent validators on diverse providers and diverse geographies are exactly what prevents correlated failures across the network. That’s the tradeoff, and it’s the right one.
Links
-
Website: tech-dc.fr — live metrics, full specs, status endpoint
-
Subscan: Validator page
-
Twitter/X: @madrafrec
-
Element/Matrix: @madrafrec:matrix.org
Happy to answer any questions. Technical deep-dives welcome.
– Madrafrec