Skip to main content

Crypto Wallet Automated Execution with VaultCode

The VaultCode Demo Wallet showcases how an automated approval can be setup for any signing request. The following workflow demonstrates how VaultCode can approve the request based on some customer defined business logic. If the logic rejects the request, it is forwarded to predefined employees, who can decide to approve or reject in turn.

VaultCode - Automated Approval Use

  1. Load a JAR file to VaultCode and generate SKA-key (k1) with approver policy k2 OR k3 OR k4.
  2. Application makes a signing request to TSB with SKA-key (k1).
  3. TSB fetches SKA policy and creates approval tasks in TSB.
  4. SKA-key (k1) requests approval from keys k2 or k3 or k4 and forwards the request to VaultCode.
  5. VaultCode executes logic based on metadata from signing request (step 1).
  6. If executable logic result is positive, access is granted to approver key k2 for signing the authorization task, otherwise it rejects the approval.
  7. VaultCode returns logic result to TSB.
  8. If the approval was rejected by VaultCode (k2), request manual approval by k3 or k4.
  9. If enough approvals are collected, send request to HSM and sign by k1.
  10. TSB returns signed request to Application.

Crypto wallet showcase

The Securosys Crypto Wallet demonstrates the use of a VaultCode with automated approval logic.

In this setup, a signing request is made to the HSM for a crypto transaction. Based on the size of the transaction, the executable in VaultCode automatically approves or rejects the signing request. If the request is valid, but the amount is too high, the Transaction Security Broker sends the request Securosys Authorization App, where onboarded approvers have to manually approve the transaction.

Using the HSM-backed wallet is simple:

  • You create a new key pair on the HSM
  • Make a transaction request for a set amount
  • Verify the transaction with SegWit on the Bitcoin testnet.

During key creation you can choose the approval policies, which determine who can approve your transaction requests when the amount exceeds the threshold. For example, if you add the Automated Approval executable and 2 manual approvers, you can define a 1-of-3 policy. In this setup, either the executable in VaultCode needs to approve the transaction, or the finance officers.

See the SKA Authorization Policy documentation for more details on the policies that you can build.

Approval Policies

Get started withCloudHSM for free.
Other questions?Ask Sales.
Last updated on
Feedback
Need help?