Lock yourself out of your users’ keys

Reduce your own liability by avoiding custody: never sign for your users, never see their keys. You won’t mishandle, leak, or lose a key, because you simply can’t. Secure hardware lets you create wallets for users and set policies on those wallets without access to key material and without the ability to sign on the users' behalf.

Keep reading: Why Cubist uses secure hardware.

Empower your users by giving them custody of their own keys

Offload risk by using CubeSigner with a qualified custodian/trustee

Or learn more about taking custody yourself

Build web2-like experiences

Make raw keys, addresses, and seed phrases invisible to your users—or hide the fact that they’re using a wallet at all. Conceal web3 complexity by authenticating with social login and familiar UX, so everyone can safely use what you build.

CubeSigner social login (Google, X, Facebook, GitHub, and more) and 2FA (YubiKey, Google Authenticator, Duo, and more)

Evolve the security UX
with your user

At the beginning, optimize for conversion; your new users don’t have many assets anyway. As their wallets grow, add security policies, flag suspicious transactions, and require second factors like TOTP (e.g., Google Authenticator) or FIDO (e.g., YubiKeys).

Graph showing addition of new security factors as wallet value grows over time

Sign in milliseconds, not (tens of) seconds

Stop frustrating your users with eternal login times, game interruptions, and slow UX. With CubeSigner, you generate wallets, sign transactions, and mint NFTs at web2 speeds because you don’t have to wait on convoluted cryptography.

Art illustrating fast transaction signing

Let users safely recover encrypted keys

Offer your users safe and simple key export from the secure hardware enclave directly to their own cold storage—and let them guard export behind multiple authentication factors. No more backups in zip files, cloud accounts, or other approaches that expose key material in plain sight.

Process diagram showing social login and 2FA and hardware-based export of encrypted private keys

Separate key management from your UI

keys illustration

Just because the user experience is in the browser doesn’t mean that keys have to be, too. Managing your users’ keys in hardware keeps them safe from remote attackers who can exfiltrate browser data.