Custodial Wallet

In the custodial wallet model, Secubit takes full responsibility for the secure storage and use of the cryptographic signing key. The entire private key is generated and protected inside the Secubit HSM, where it never leaves in plaintext. Customers delegate custody of the signing key to Secubit, while still maintaining control through approval policies.

Each user enrolled in the system holds an approving private key. This key is protected by PassKey or biometrics on the user’s device in Secure Element and used to sign approval messages for transaction requests. When a transaction is initiated, the request is distributed to the approvers. Each approver signs it with their private key, creating a digital approval.

These approvals are sent to the HSM, which verifies their authenticity and checks that the required threshold policy (for example, 2-of-3 approvals) has been met. Only if the necessary quorum of approvals is satisfied will the HSM unlock access to the signing key for that specific transaction. The HSM then signs the transaction internally and outputs a valid blockchain signature, while the key itself never leaves the device.

This workflow ensures that while Secubit holds the signing key inside its secure HSM, no single party can authorize a transaction unilaterally. Both the customer’s approval workflow and the HSM’s hardware-enforced policies must align for a transaction to be signed. In this way, Secubit provides the convenience of custodial management with the security of strong cryptographic policy enforcement.

flowchart
    R["request"]
    R --> U1
    R --> U2
    R --> U3
    R --> TS

    subgraph U1["User 1"]
        AK1("🔑 approving privkey 1")
        AK1 --> S1
        S1(["sign"])
    end
    S1 --> A1 --> V1
    A1["approval 1"]

    subgraph U2["User 2"]
        AK2("🔑 approving privkey 2")
        AK2 --> S2
        S2(["sign"])
    end
    S2 --> A2 --> V2
    A2["approval 2"]

    subgraph U3["User 3"]
        AK3("🔑 approving privkey 3")
        AK3 --> S3
        S3(["sign"])
    end
    S3 --> A3 --> V3
    A3["approval 3"]

    subgraph HSM["Secubit HSM"]
        V1{"verify?"}
        V1 --> TH

        V2{"verify?"}
        V2 --> TH

        V3{"verify?"}
        V3 --> TH

        TH{"threshold?"}
        TH --> TS

        SK("🔑 signing key")
        SK --> TS
        TS(["sign"])
    end

    TS --> T
    T["transaction"]

The Secubit Whitepaper

Custodial Wallet