HSM Key Management

Key management is the foundation of Secubit’s custody platform, and Hardware Security Modules (HSMs) serve as the trusted anchor for every critical operation. To protect against external attacks, insider misuse, and catastrophic failures, Secubit employs a layered key management strategy that combines resilient online operations, secure offline backups, and strict role-based governance.

Online HSMs provide the primary signing and policy enforcement functions, distributed across multiple datacenters with redundancy and automatic synchronization to ensure high availability. Even under hardware or datacenter failures, the architecture guarantees continuity of service while maintaining cryptographic integrity.

For disaster recovery scenarios, Secubit maintains offline air-gapped backup HSMs. These devices store encrypted copies of keys under strict multi-factor authorization, ensuring that even the complete loss of online infrastructure does not result in loss of assets. Recovery from backups also incorporates Merkle root verification to preserve the integrity of wallets' state.

All sensitive operations on HSMs are controlled through clearly defined roles, enforced by physical USB tokens, secure PIN pads, and multi-factor ceremonies. Every action — from key generation to backup to recovery — requires explicit role authorization and is performed in official, recorded ceremonies, creating a transparent and auditable chain of trust.

Together, these mechanisms form Secubit’s HSM Key Management framework: highly available, recoverable, auditable, and cryptographically secure, designed to meet the requirements of institutional-grade custody.