Lock yourself out of your users’ keys

Reduce your own liability by avoiding custody: never sign for your users, never see their keys. You won’t mishandle, leak, or lose a key, because you simply can’t. Secure hardware lets you create wallets for users and set policies on those wallets without access to key material and without the ability to sign on the users' behalf.

Keep reading: Why Cubist uses secure hardware.^↗

Empower your users by giving them custody of their own keys

Offload risk by using CubeSigner with a qualified custodian/trustee

Or learn more about taking custody yourself

Case Study

Core seedless wallet

—built on CubeSigner

Ava Labs chose Cubist's authentication and key management infrastructure to power their multi-chain consumer wallet. Core delivers a seamless Web2-like experience across mobile, web, and browser extension without cutting security corners.

Core integrates CubeSigner features for social login (e.g., Google, Apple) and multi-factor authentication (e.g., Passkeys, YubiKeys, authenticator apps) to make it easy for novice users to onboard and recover their accounts without seed phrases. The Core team also used CubeSigner to configure a secure key export protocol for their users, with extra authentication factors and waiting periods to protect against scams and phishing.

Learn more

“Security is one of the indispensable pillars that Ava Labs has built our business on, and Cubist’s key management solution allows us to deliver products to our customers that are both secure and user-friendly. We are excited to continue to leverage Cubist’s top-of-the-line security technology as we launch and scale products our customers love.”

Nick Mussallem

Head of Product at Ava Labs

Build web2-like experiences

Make raw keys, addresses, and seed phrases invisible to your users—or hide the fact that they’re using a wallet at all. Conceal web3 complexity by authenticating with social login and familiar UX, so everyone can safely use what you build.

CubeSigner social login (Google, X, Facebook, GitHub, and more) and 2FA (YubiKey, Google Authenticator, Duo, and more)

Evolve the security UX with your user

At the beginning, optimize for conversion; your new users don’t have many assets anyway. As their wallets grow, add security policies, flag suspicious transactions, and require second factors like TOTP (e.g., Google Authenticator) or FIDO (e.g., YubiKeys).

Graph showing addition of new security factors as wallet value grows over time

Sign in milliseconds, not (tens of) seconds

Stop frustrating your users with eternal login times, game interruptions, and slow UX. With CubeSigner, you generate wallets, sign transactions, and mint NFTs at web2 speeds because you don’t have to wait on convoluted cryptography.

Let users safely recover encrypted keys

Offer your users safe and simple key export from the secure hardware enclave directly to their own cold storage—and let them guard export behind multiple authentication factors. No more backups in zip files, cloud accounts, or other approaches that expose key material in plain sight.

Separate key management from your UI

Just because the user experience is in the browser doesn’t mean that keys have to be, too. Managing your users’ keys in hardware keeps them safe from remote attackers who can exfiltrate browser data.

Read more about why handling keys in the browser puts assets at risk.^↗

UX or security?
Have both.

Lock yourself out of your users’ keys

Case Study

Build web2-like experiences

Evolve the security UX with your user

Sign in milliseconds, not (tens of) seconds

Let users safely recover encrypted keys

Separate key management from your UI

Tell us what keeps you up at night.

UX or security?Have both.

Lock yourself out of your users’ keys

Case Study

Build web2-like experiences

Evolve the security UX with your user

Sign in milliseconds, not (tens of) seconds

Let users safely recover encrypted keys

Separate key management from your UI

Tell us what keeps you up at night.

UX or security?
Have both.