Overview
The Custody domain encompasses wallet operations, key management systems (KMS), hardware security modules (HSM), and governance controls required for institutional digital asset custody.Key Focus: Secure key management with regulatory access controls, freeze/blacklist capabilities, asset segregation, recovery mechanisms, and post-trade hook integration.
Core Requirements
Key Management
KMS/HSM integration with threshold signatures and secure key generation/storage
Governance Controls
Multi-party approval workflows, freeze mechanisms, and blacklist enforcement
Segregation
Asset segregation across clients with cryptographic separation guarantees
Recovery
Key recovery procedures with governance controls and audit logging
Technical Considerations
Selective Disclosure for Regulators
Selective Disclosure for Regulators
Implement view keys or zero-knowledge proofs that allow regulated disclosure of holdings and transactions to authorized parties without compromising general privacy.
Post-Trade Hooks
Post-Trade Hooks
Integrate custody systems with smart contract hooks that enforce compliance checks, settlement confirmations, and regulatory reporting requirements automatically after trade execution.
Evidence Logging
Evidence Logging
Maintain tamper-evident logs of all custody operations (key usage, approvals, freezes) with cryptographic commitments for regulatory audit and dispute resolution.
Threshold Cryptography
Threshold Cryptography
Use threshold signatures (TSS) or multi-party computation (MPC) to eliminate single points of failure in key management while maintaining operational efficiency.
Cross-Domain Nature
Custody is a foundational domain referenced across Payments, Trading, and Funds & Assets workflows. Nearly all institutional operations require integration with custody infrastructure.Primary Use Cases
Custody patterns are embedded within domain-specific use cases rather than standing alone. See Payments and Funds & Assets flows for custody integration examples.
Shortest-Path Patterns
These patterns provide proven approaches for institutional custody requirements:Selective Disclosure (View Keys + Proofs)
Grant regulators access to specific transaction details without compromising overall privacy
Atomic DvP via ERC-7573
Custody integration with atomic settlement guarantees
Adjacent Vendors
Kaleido Paladin
Enterprise privacy and custody orchestration layer with HSM integration
Integration Points
Payments Integration
Payments Integration
Custody systems must authorize and sign payment transactions while maintaining private key security. View key disclosure enables payment audit without compromising custody security.
Trading Integration
Trading Integration
Trade execution requires custody approval workflows and post-trade settlement hooks. Atomic DvP patterns coordinate custody systems across counterparties.
Compliance Integration
Compliance Integration
Custody operations must enforce KYC/AML policies, freeze sanctioned addresses, and provide evidence for regulatory inquiries through selective disclosure.
Related Domains
Payments
Custody authorization for stablecoin and cash movements
Trading
Key management for trade execution and settlement
Identity & Compliance
Governed regulator access and credential verification
Custody is not typically a standalone use case but rather a critical component integrated throughout institutional workflows. Review domain-specific use cases for custody implementation details.