Cubist Launches Wallet-as-a-Service Platform for Millisecond Latency Remote Signing Inside Secure Hardware
Expands Cubist’s Leading Key Management Platform, Which Supports Companies Including Ava Labs, Everstake, Ankr, Redacted, and More
Follows Cubist’s Anti-Slashing Collaboration with EigenLayer and Babylon
SAN DIEGO–(BUSINESS WIRE)–Cubist, a key management company founded by renowned computer security professors and an experienced fintech operator, today announced the public release of the CubeSigner Wallet-as-a-Service (“WaaS”). CubeSigner is the first WaaS with the speed, convenience, and security to support everything from loyalty programs to market makers. Applications request signatures via simple API calls, and CubeSigner signs from within secure hardware—where keys are safe from prying eyes.
Since the start of 2023, over $350 million has been lost as a result of key compromise and access control exploits. Engineering teams across the entire digital asset space have faced a ruinous tradeoff, forced to choose between making keys instantly available in memory (and therefore exposed to attackers) and trying to keep keys safe (at serious latency and engineering cost). Some teams, for example, use hot wallets for trading or gaming, since the latency of popular MPC-based solutions is orders of magnitude too slow. Other teams opt for convenient in-browser signing at the risk of revealing their keys to remote attackers. While these choices may seem reasonable at a glance, they’ve been the root cause of million-dollar hacks—hacks that would have been prevented by a convenient and safe key management solution.
CubeSigner is that key manager: it keeps keys both constantly safe and instantly available, even in the presence of insider threats and breaches. CubeSigner lets users request signatures through revocable signing sessions instead of giving direct access to raw keys. Users can’t accidentally leak their keys and attackers can’t steal keys because key material stays locked in secure hardware, during both generation and signing. CubeSigner’s use of bank-grade Hardware Security Modules (HSMs) cryptographically sealed to AWS Nitro Enclaves offers millisecond latency, scales to hundreds of millions of wallets, and supports arbitrary chains. Finally, companies that use CubeSigner—or their end-users—can export encrypted signing keys to cold storage at any time using a hardware-to-hardware cryptographic protocol.
CubeSigner is already in production as a first-of-its-kind key manager for Ethereum validators, where security and performance are both critical. This launch makes CubeSigner available to teams building wallets, consumer loyalty programs, games, trading platforms, custody platforms, and more, across virtually any chain. CubeSigner currently supports Secp256k1, Ed25519, BLS, and Stark curve signing and is easily extended to support new signature schemes.
“We built CubeSigner so that no one has to choose between fast, safe, and easy to use,” said Riad Wahby, Co-Founder and CEO of Cubist. “As a result of the Cubist team’s decades of academic and industry work securing production systems, CubeSigner protects keys with best-in-class security. At the same time, it improves user experience with its unbeatable responsiveness—it’s literally a hundred times faster than competing products. With its flexible social login, built-in minting services, powerful key recovery, and broad chain support, CubeSigner represents a quantum leap for the Web3 ecosystem.”
Through collaborations with customers across many verticals, CubeSigner has evolved to support a wide variety of custody setups. The system, for example, makes self-custody easy for organizations, and alternatively lets customers offload risk by looping in a qualified custodian or trustee. Customers can also build Web2-like wallets in which end users control their own keys, using CubeSigner’s primitives for social login, minting-as-a-service, seedless account recovery, and security guardrails that evolve with users’ needs. Finally, any application can set per-key usage policies (e.g., require two-factor approval for large transactions), and every CubeSigner deployment comes with real-time monitoring for suspected session compromises, suspicious activity, and signing requests that violate usage policies.
“The launch of CubeSigner is a significant step towards making Web3 more approachable, accessible, and safe,” said Luke Pearson, General Partner at Polychain Capital. “CubeSigner brings the sophistication of some of the world’s most renowned security experts to the fingertips of Web3 users, enabling them to comfortably and safely control their own assets with a level of customization, scalability, and trust that is truly unmatched. We are excited to finally use a wallet that marries safety and convenience, and look forward to continually supporting the talented Cubist team.”
“Security is one of the indispensable pillars that Ava Labs has built our business on, and Cubist’s key management solution allows us to deliver products to our customers that are both secure and user-friendly,” said Nicholas Mussallem, SVP of Product at Ava Labs. “We are excited to continue to leverage Cubist’s top-of-the-line security technology as we launch and scale products our customers love.”
“As both a customer of and personal investor in Cubist, I have been fortunate enough to witness, first-hand, the continued value that Cubist is delivering to the broader Web3 ecosystem through their security products,” said Ryan Fang, Co-Founder of Ankr. “Leaning on their combined decades of experience securing some of the most complex and important technological systems, Cubist is building game-changing and differentiated products, including their latest Wallet-as-a-Service solution. They are addressing some of the most critical issues in Web3 by creating a safe and simple path to absolute capital efficiency.”
The CubeSigner launch follows several recent launches from the Cubist team. Since September, MetaMask selected the CubeSigner Snap to be included in the initial release of the Snap Directory, and Cubist announced anti-slashing partnerships with EigenLayer and Babylon.
About Cubist:
Cubist is a key management infrastructure company founded in 2022 and funded by investors including Polychain, dao5, Amplify, Blizzard, and Paxos. The company’s founders include a former fintech COO and professors from Carnegie Mellon University and the University of California San Diego who have published more than 80 peer-reviewed papers broadly related to security. Members of the Cubist team have designed and specified the cryptography underlying e.g., Ethereum and Avalanche, deployed fine-grained isolation in Firefox, discovered serious bugs in Google Chrome and Linux, and built the automated reasoning tools that companies like Amazon and Certora rely on. Learn more at https://cubist.dev.
Contacts
Sam Cohen
Gasthalter & Co.
(212) 257-4170