Were you unable to attend Transform 2022? Check out all of the summit sessions in our on-demand library now! Watch here.

Institutional custody often involves the management of substantial amounts of cryptocurrencies, often belonging to several users. The total value managed is often in billions. While cryptocurrency keys can be managed inside hardware security modules (HSMs), which are highly secure, the application that interacts with the HSM using an API key is often in an environment that is much less secure.

The Secret Zero Problem

If this application misbehaves or is compromised and the API key is stolen, a custodian could see heavy losses. This is an instance of the famous Secret Zero Problem; while most of the secrets can be protected inside secure environments, there is at least one secret that remains in an environment that may be considered less secure.