Blockchain Key Management

Unbound protects the blockchain by securing ledger keys and transaction keys

( let’s talk )

Blockchain Key Management:
A Great Challenge

Blockchain, with its application of the cryptographic distributed ledger architecture, is bringing exciting disruption across industries from cryptocurrency to supply chain management, real estate, asset tracking and more. However, we must not overlook the risk. For the first-time, private keys are directly tokenized into assets such as digital currencies, stocks, real estate & energy—and if the keys are lost or stolen, so are the assets.

However, traditional hardware-based key protection solutions used in high-trust use cases don’t work for well blockchain.

Among the many challenges:

Blockchain uses non-standard crypto (e.g. ECDSA secp256k1, Schnorr signatures) which most hardware solutions don’t support

Upgrading HW to support new cryptographic schemes requires lengthy developments and complex upgrades

Protection is now required not only for private keys but also for the seed (e.g. BIP 0032 HD wallets)

Multi-sig architectures require managing massive amounts of keys on the server side

Quorum authentication schemes used for ledger operations require approvers to hold keys in cumbersome, external hardware

Unbound Key Protection Built for the Present and Future Blockchain

Unbound offers a creative and unique solution for key security and key governance in blockchain. Freeing organizations from the burden of hardware, Unbound is a software-only key management platform that gives you hardware-level protection for transaction and ledger signing keys on public and private ledgers.

Secured Wallets

Strong seed and private key protection built directly into the app to secure wallets across all BYOD makes/models

Secured Ledgers

Protects both the transaction signing keys and the ledger signing keys on private and public ledgers

Crypto Agile

Continuously expanded to support new blockchain cryptographic algorithms and quorum authentication schemes

Anywhere & Any Scale

Supports any environment including hybrid/cloud. Scales up indefinitely

Pure SW Solution

No hardware tokens, no HSMs – same level of trust, just without the hassle

Solution Description

In this example, a typical multi-sig transaction signing model is being used, where both the wallet key and the corresponding server side key are protected. The wallet key is protected using Unbound Crypto-of-Things (CoT) on the endpoint devices, while the server side key is protected using Unbound Key Control (UKC) on any public/private cloud, on-premises or hybrid cloud environment.

Unbound can be used to create a simplified and more secure single-sig model to protect transaction signing keys, where the wallet keys are guaranteed to never exist in the clear either on the wallet or on the CoT server. Compromising a key would require breaching both the endpoint and the server simultaneously.

See it in Action

Learn how our you can use our Unbound vHSM technology is used to protect and manage blockchain ledger and wallet keys

 ( Request a Demo )

Related Articles

MPC Primer

Get an in-depth explanation of how Unbound uses MPC, a mathematically proven method to secure keys on any device.

( Download )

How to Go Beyond BYOK with CYOK

Control Your Own Keys in the Cloud (CYOK) can ensure your sensitive assets remain secure even in the event of a breach.

( Watch )

Unbound Key Control

Learn how Unbound Key Control, the first secure-as-hardware key management system can protect your crypto keys anywhere.

( Download )

Securing Data in Multi-Cloud Environments

Learn more about how two major banks are using Unbound to reinvent data reinvent data protection in the Digital Banking age.

( Watch )