Key management
Product releases
go back

Hardware-backed signing for MetaMask developers

The CubeSigner Snap

September 12, 2023
written by
Aleksandar Milicevic
Founding Engineer
Andres Nötzli
Founding Engineer
Ann Stefan
Co-Founder & COO
Anthony Adams
Senior Software Engineer
Deian Stefan
Co-Founder & Chief Scientist
Fraser Brown
Co-Founder & CTO
Key management
Product releases
Today, MetaMask launched the first iteration of MetaMask Snaps to the public. Snaps are third-party features that expand MetaMask functionality and that MetaMask users worldwide can install directly into their wallet. Cubist’s Snap is included in the initial release of the <a href="" target="_blank">Snap Directory</a>! The <a href="" target="_blank">CubeSigner Snap</a>, which is available open-source on GitHub, lets Snap- or dapp-developers use CubeSigner, our secure key management system, to safely sign transactions on behalf of MetaMask users.<br> <br> We’d love to work with you to advance the security story for user-facing wallets!<br> <br> ## Why use the CubeSigner Snap?<br> <br> Today, building dapps or Snaps that run across different chains means taking on the liability of securely managing users’ keys. If developers mishandle keys, their end users lose money to attackers; if developers misplace keys, their end users lose money to the void. Cubist’s goal is to reduce these risks by moving cryptography _away_ from the UI and _into_ secure hardware—and, in the process, to abstract away the complexity of secure key management to a simple set of API endpoints.<br> <br> <blockquote>"We're thrilled to welcome CubeSigner as key builders within the MetaMask Snaps ecosystem. This partnership underscores our unwavering commitment to ensuring the utmost safety and security for web3 users in the decentralized realm. Cubist’s innovative approach to key management will not only enhance user safety but also provide a more seamless web3 experience for our users." <footer>-- <a href="" target="_blank">Christian Montoya</a>, MetaMask Snaps Product Lead</footer> </blockquote> <br> ## How does the CubeSigner Snap work?<br> <br> When you use the CubeSigner Snap, your users sign transactions in a browser-based UI, but their keys stay server-side, and never leave Cubist-managed secure hardware (specifically, HSM-sealed Nitro Enclaves). Since keys are stored in secure hardware _and_ sign in secure hardware, they’re never exposed in memory to attackers, and there’s no risk of accidentally leaking keys.<br> <br> Here’s a demo showing hardware-based signing for MetaMask transactions, powered by the CubeSigner Snap:<br> <br> <video controls width="100%"> <source src="" type="video/mp4" /> </video> <br> ## What chains does the CubeSigner Snap support?<br> <br> The CubeSigner Snap supports transaction signing for EVM-based chains like Ethereum, Avalanche and Polygon and non-EVM chains (for now, Bitcoin and Solana). CubeSigner supports other chains (e.g., Aptos and Sui) and features (e.g., APIs for managing users and keys), which will be available to Snap users in future releases.<br> <br> ## What’s on the CubeSigner Snap roadmap?<br> <br> The CubeSigner Snap only exposes a subset of the CubeSigner key management platform; we built the Snap to give you a glimpse of how CubeSigner can provide a robust security backend for users of browser-based wallets. In the future, we’ll roll out Snap features like multi-factor approvals, custom signing policies and authentication methods, and signing for more blockchains. If you’re interested in using these features today, you can use the CubeSigner TypeScript SDK. <a href="" target="_blank">Reach out for more information</a>.<br> <br> ## How do I get started?<br> <br> If you’d like to use the CubeSigner Snap to let your MetaMask users store their keys and sign transactions inside secure hardware, <a href="" target="_blank">please contact us here</a>. The Cubist team will help you set up a CubeSigner account and integrate the CubeSigner Snap and SDK into your Snap or dapp.<br> <br>

Read more

Cubist & EigenLabs anti-slasher collaboration

Cubist is excited to announce a new partnership: we are working with EigenLabs to build anti-slashers that will help honest operators avoid getting slashed on EigenLayer.

September 19, 2023

Intel SGX is broken (again)

Last week, security researcher Daniel Moghimi publicly announced the new Downfall attack that can steal private keys from Intel SGX hardware. In this post, we review the SGX architecture and discuss its underlying security problems. Then, we describe the process we used for evaluating which secure hardware to use in our key manager.

August 15, 2023

Your validator can get slashed even if you do everything by the book

This blog post outlines a handful of accidental slashing scenarios, and explains how you can protect yourself and your validators—even if something goes wrong.

July 6, 2023