"Not your policies, not your keys"
Our customers deeply understand what it means to follow a risk-based approach to third party management and appreciate Zero Trust principles as a security framework. As a result they want to be provided with security conscious tools that can be used in-house to protect their private keys and workflows with minimal external dependancies. In addition to safety and ownership of key shares, institutions need to have high assurances on key use:
Cordial Treasury is the first fully self custodial solution. Nothing else empowers customers to run 100% of the custody processes locally. It is your own private blockchain for securing any digital asset, designed to run in your own data centre or private cloud, and to be self administered by the customer's team. Cordial Systems, or any number of operating partners, can also be invited as a node on the network during setup for further distribution and redundancy - pick the Responsibility & Ownership model that works for you.
Multiple deployment models exist, from a single node instance acting as a remote signing service for trading systems needing high performance, or running a quorum of 'm' nodes with 'n' signing threshold (m-of-n) which provides distributed service and redundancy. Each node should be run by independent client teams or admins and all configurations are by default self hosted, however Cordial Systems can host a node as part of the setup.
Each node runs a policy engine and signer, collectively the Secure Appliance. The signer maintains end-to-end encryption to other signers on the customer's Cordial Treasury network and has its own MPC key share. Each node has a co-located policy engine which it independently checks during operations.
In a distributed setup, e.g. 3 of 4, we set the foundations. The policy engine allows for the setting of more stringent business logic and access rules in a byzantine fault tolerant manner. Each node runs a policy engine which provides distributed consensus on deciding what the current policy rules are and independently enforces them. MPC without equivalently distributed authentication & authorization is no better than plain secret keys.
