Introduction

Secubit is a Wallet-as-a-Service (WaaS) platform designed to provide secure, cost-efficient, and flexible custody for institutional crypto assets. Built on modern cryptographic techniques, tamper-proof Hardware Security Modules (HSMs), Multi-Party Computation (MPC), and standards such as FIPS 140-3 and PassKey, Secubit delivers a custody framework that combines bank-grade security with self-sovereign flexibility.

This introduction outlines the system’s design goals, its core entities, and the custodial modes supported by the platform.

Design Goals

Lower Cost

Traditional custody solutions are costly and centralized. Secubit introduces a commoditized HSM wallet model with cost-sharing and mass-scaling methods, enabling institutions of all sizes to benefit from secure custody. By shifting risk into a self-sovereign paradigm, organizations reduce dependency on third parties while maintaining institutional-grade assurance.

Bank-Grade Security

Secubit adopts the same cryptographic standards banks have used for decades:

  • Tamper-resistant true random number generation (TRNG)
  • Secure Key generation and protected key storage
  • In-HSM signing and policy execution
  • MPC-based threshold approvals for distributed trust
  • FIPS 140-3 Level 3 certified HSMs
  • SOC-2 certified datacenter infrastructure

These measures ensure protection against both physical and logical attacks, delivering the strongest possible custody foundation.

Full Key Ownership

Secubit is built around the principle: “Not your keys, not your coins.”

The platform ensures:

  • Client-controlled threshold authorizations with MPC
  • Censorship resistance, ensuring independence from unilateral third-party controls
  • Flexible custody models: from fully custodial to self-sovereign non-custodial setups

Easy Integration

Secubit is designed to integrate seamlessly into existing workflows:

  • Rich developer APIs and SDKs for backend integration
  • Universal Passkey support for secure authentication directly with HSM
  • Smooth integration with web and mobile platforms

System Entities

The diagram illustrates the high-level architecture of Secubit’s Wallet-as-a-Service (WaaS) platform and the interaction between its core entities.

flowchart LR
    N{{"Blockchain </br> Nodes"}}
    HSM("🔒 Secubit HSM")
    S("☁️ </br> Secubit </br> Cloud Service")
    C("Customer </br> System")
    U1("🔑 User")
    U2("🔑 User")
    U3("🔑 User")
    
    N --- S
    HSM --- S
    S -- Secubit API --- C
    C -- approve --- U1
    C -- approve --- U2
    C -- approve --- U3

At the center of the system is the Secubit Cloud Service, which acts as the coordination layer between the secure hardware, the blockchain networks, and the customer’s infrastructure. The cloud service provides a unified API surface for wallet creation, transaction management, policy enforcement, and integration with customer applications.

Behind the cloud service, the Secubit HSM Network provides bank-grade security for cryptographic operations. Private keys are never exposed outside the HSM, and all signing and policy logic are executed inside the tamper-resistant environment. This ensures compliance with standards such as FIPS 140-3 and enables strong protections against both external and insider threats.

The cloud service also maintains a trusted connection to blockchain nodes, enabling reliable transaction broadcasting and state queries. This connection abstracts away the complexity of running and maintaining blockchain infrastructure, allowing customers to focus on business logic while benefiting from secure, highly available blockchain connectivity.

On the customer side, the Customer System integrates directly with Secubit via the Secubit API. This system may represent a treasury platform, exchange backend, or fund management application. Individual user participate in approval workflows by authenticating with Passkeys or secure elements. These users enforce threshold-based policies in an approval quorum, ensuring that no single actor has unilateral control over funds.

Together, these components establish a custody framework that combines bank-grade cryptographic assurance with the flexibility of a self-sovereign model, empowering institutions to operate securely at scale.

Custodial Modes

Secubit supports flexible operational models that allow institutions to balance convenience, control, and compliance.

Custodial Wallet

In custodial mode, Secubit manages the entire private key lifecycle inside its FIPS 140-3 Level 3 HSMs. Keys are never exported; they remain locked within the secure boundary of the HSM at all times.
Transaction signing is only performed when the HSM verifies a quorum of approvals from authorized users, based on policies defined by the client (e.g., 2-of-3 multi-approver). This ensures that even though Secubit holds the keys, control is always governed by client-defined rules.
This model is particularly suited for organizations that prefer the simplicity of managed custody with the assurance of policy-enforced, bank-grade security.

Non-Custodial Wallet

In non-custodial mode, Secubit enables a self-sovereign custody model by splitting control across two independent shares using MPC (Multi-Party Computation).

  • One share is held securely within the Secubit HSM network.
  • The other share is managed by the client on their own infrastructure.

The client-side share can be protected in multiple ways:

  • Bound to one or a quorum of user using Passkey (WebAuthn) controlled by user biometrics on trusted devices.
  • Delegated to one or more trading bot, enabling automated execution strategies.

When a transaction needs to be signed, both shares must participate. The HSM will only complete the operation if the client-side share collaborates, ensuring Secubit cannot unilaterally access or move client funds.

This model offers maximum censorship resistance and aligns with the principle of “Not your keys, not your coins”, while still benefiting from Secubit’s secure infrastructure for coordination, signing, and blockchain connectivity.