Custodiex powers secure custody for digital assets. Secure, scalable, and built for institutions.
Cold storage keeps assets safe but slows business down. Hot storage enables speed but exposes assets to hackers. For regulated institutions, such risks are no longer acceptable.
Custodiex removes the trade-off. Private keys are secured in FIPS-certified Hardware Security Modules (HSMs) within air gapped environments. Keys never leave the hardware unencrypted yet remain available to securely sign transactions in real time.
Private keys are generated inside certified HSMs in air gapped environments. Once created, they are wrapped (encrypted) and stored securely outside the HSM, only accessible by being re-imported and unwrapped inside the HSM.
Multiple automated security checks within the cold environment confirm transaction legitimacy without human intervention.
When a transaction is requested, a secure process prepares it without ever exposing private keys.
The transaction is published to the blockchain immediately, while maintaining the full protection of true cold storage.
This comparison reflects online MPC implementations. Offline MPC can improve security, but does not support real-time availability.
Custodiex is built to adapt as standards evolve.
Supports current cryptographic standards and can adopt new ones as they are approved.
Custodiex uses NIST-standardized, quantum-safe cryptography to protect all private keys. Designed to remain adaptable, ready to adopt future algorithms as new standards emerge.
Supports an unlimited number of vaults and a wide range of digital assets.
Custodiex can operate as a standalone custody layer or connect directly into broader infrastructures. Partners can integrate through standards based interfaces and build governance or workflows on top of the secure vault foundation.
Custodiex ruled out the use of MPC from the start because we wanted to build a solution with qualities that MPC cannot provide. Our solution uses FIPS certified hardware and NIST approved algorithms in-line with banking standards, enables highly flexible authorisation schemes, is long-term asset agnostic and crypto agile, and is cold-grade yet fully automated with limitless scalability. Crucially, our solution provides full custody, without requiring the customer to safeguard shards of the asset.
In the Custodiex solution there is clear separation between the keys used to sign requests and the actual blockchain keys under custody. This contrasts sharply with competing solutions that use MPC, where the customer uses a shard of an actual blockchain private key to sign requests, and is responsible for the self-custody of that shard, which if lost can result in direct and irretrievable loss of assets. Such solutions utilise proprietary cryptographic algorithms (non-NIST-approved) where the key material cannot be protected by FIPS-assured cryptographic hardware when in use. MPC solutions are also tightly coupled to specific blockchain cryptographic algorithms and lack the agility that will be required when blockchains move to post-quantum cryptography.
An air gap segregates computer networks into online and offline (“cold”) environments, ensuring that no network traffic can pass between them. This makes the cold environment immune to network-based attacks. However, being offline, systems in a cold environment have traditionally relied on manual processes. These processes are slow and introduce additional risks related to human involvement, including insider threats and accidental errors. By contrast, the Custodiex air gap operates in real time, delivering the security guarantees of cold systems without the associated human risks, while retaining the straight-through processing speed of a hot environment.
Blockchain private keys are generated and used exclusively within our cold environment, inside FIPS 140-3 Level 3-assured HSMs. Keys never leave the HSMs in the clear. The HSMs operate in their standard, FIPS-assured configuration and have not been modified in any way, such as through the introduction of custom firmware, providing the highest level of assurance for asset protection.
The HSMs are deployed within high-security cabinets, located at accredited former Ministry of Defence secure locations. Encrypted backups of private keys are automatically and securely maintained across geographically separate sites to support durability and resilience.
Manual processes relating to the management of HSM hardware and master keys are performed under formal key-management ceremony conditions, in accordance with documented procedures. These activities are conducted by personnel with extensive experience in managing cryptographic keys and HSMs within regulated financial services and government environments.
Requests to the API are authorised by attaching JSON Web Signature(s), according to customer-defined policies. These signatures are verified in the Custodiex cold environment. The customer could employ practically any kind of signing keys to create these signatures, including ECDSA, EdDSA, RSA, and new quantum-safe types like Dilithium. This flexibility enables the customer to deploy key types aligned to their own cryptographic standards, and to manage these keys in line with their own compliance requirements.
Custodiex policies enable the customer to define authorisation schemes of unparalleled flexibility. For example, an authorisation scheme may include practically any number of human or machine signers, or it may specify automatic approval in certain circumstances; it can take into account conditions and context such as the type of transaction (e.g. sending currency vs staking), the value of a transaction, the time of day and day of the week; it can also specify time delays, and more. Policy is enforced within the cold environment, ensuring it cannot be bypassed, overridden, or externally influenced.