The platform behind the promise.
What runs today for the ecosystems we serve — described exactly as it operates.
Key custody
The audit key is created inside the enclave and never leaves — only a public part comes out, to configure the chain. Nobody gets the actual keys. Not even us.
Two enclaves, two jobs
One enclave safeguards the keys and opens only what a lawful request covers. The second runs analysis on that data. Results go re-encrypted straight to the authorized recipient.
Backup and continuity
Backup custody with Station 70. Recovery paths release keys to the customer — never to FPI. If you leave, the keys leave with you.
Scoped disclosure
A lawful request is answered with exactly what it covers — a specific transfer, a defined window — and nothing else. Everyone outside the scope stays private.
Screening at the boundary
Deposit screening with leading analytics providers, operated fail-closed: if screening is unavailable, nothing gets in. Continuous re-screening catches late flags.
A full audit trail
Every use of the key is logged. The issuer sees who approved and who downloaded, every time.
Key lifecycle
Rotation without forcing users to re-register wallets. Operator transition and managed exit are designed in from the start.
Solvency and integrity
Periodic cryptographic checks that the supply is exactly what it should be — catching a silent minting failure before it becomes a loss.
Key models: cryptographic viewing keys, per-asset or pool-wide. Authorization-key models. Access and replica models for permissioned networks like Canton. Different architectures — one operating discipline.
Deploy privacy. Stay compliant.
Live with StarkWare on Starknet. In operation on the Canton Network.
Contact us ››