By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.Privacy Policy
cordial treasury

Run your own MPC wallet solution in-house.

Self hosted. Zero Trust architecture. Source available code.
See a demo
"Not your policies, not your keys"
Introduction

Our customers understand what it means to follow a risk-based approach to third party management and appreciate Zero Trust principles as a security framework. They want to be provided with security conscious tools that can be used in-house to protect their private keys and workflows with minimal external dependancies. In addition to safety and ownership of key shares, institutions need to have high assurances on key use.

Key Shares
How do I know a vendor performs key share generation safely?
Policies
What prevents a vendor from changing policies?
Availability
How do I guarantee business continuity without a vendor?
Recovery
Can I quickly recover from a backup without a vendor?
SOLUTION

Cordial Treasury

Cordial Treasury is the first fully self custodial solution. Nothing else empowers customers to run 100% of the custody processes locally. It is your own private MPC + governance for securing any digital asset, designed to run in your own data centre or private cloud, and to be self administered by the customer's team. Cordial Systems, or any number of operating partners, can also be invited as a node on the network during setup for further distribution and redundancy - pick the Responsibility & Ownership model that works for you.

Deployment

Multiple deployment models exist, from a single node instance acting as a remote signing service for trading systems needing high performance, or running a quorum of 'm' nodes with 'n' signing threshold (m-of-n) which provides distributed service and redundancy. Each node should be run by independent client teams or admins and all configurations are by default self hosted, however Cordial Systems can host a node as part of the setup.

Secure Appliance

Each node runs a policy engine and signer, collectively the Secure Appliance. The signer maintains end-to-end encryption to other signers on the customer's Cordial Treasury network and has its own MPC key share. Each node has a co-located policy engine which it independently checks during operations.

Policy Engine

In a distributed setup, e.g. 3 of 4, we set the foundations. The policy engine allows for the setting of more stringent business logic and access rules in a byzantine fault tolerant manner. Each node runs a policy engine which provides distributed consensus on deciding what the current policy rules are and independently enforces them. MPC without distributed authentication & authorization is no better than plain secret keys. 

Identity & Access

There are also more classical IAM rules around resource access requests. The web UI and REST API take browser based credentials as a first line of defence, and use the more cryptographically robust HTTP Message Signatures. The permissions and role of the user are further checked for authorization purposes, along with multiple signature requests from "approvers" or other team members. The multiple layers protect against access abuse, replay attacks, and man-in-the-middle attacks.

Easy Maintenance

Treasury is designed to be incredibly lightweight and robust. It comes included with it's own secure, self-update mechanism. Administers can remotely apply signed updates. Setup the infrastructure once, then only need to apply updates as needed. Customers can deploy in the most isolated secure environments, but safely stay on track for new blockchains, tokens, and staking releases.

network support

Store. Send. Stake. On almost 40 Blockchains.

Customers can self-serve and add any blockchain they want.
Simply refer to our open source library, Crosschain.

Crosschain
Take back control.
Join the growing number of organizations opting out of pure SaaS wallets and taking control of their security back in-house.
Success! One of the team will be in touch.
Oops! Something went wrong while submitting the form.