Private Keys
Secure enterprise blockchain operations with SettleMint's advanced private key management. Deploy HSM-grade security, hierarchical deterministic wallets, and enterprise-grade key governance for production blockchain applications with 99.9% security assurance.
Enterprise Private Key Management
Business Impact
ROI Metrics: Organizations using SettleMint's private key management achieve 99.9% transaction security, 95% reduction in key management overhead, and 90% faster secure deployment for enterprise blockchain applications.
Enterprise Blockchain Security Platform
Private key management forms the cornerstone of enterprise blockchain security, ensuring cryptographically secure transaction signing, ownership verification, and authentication across production environments. SettleMint's enterprise-grade platform provides multi-tiered security options from software-based solutions to Hardware Security Modules (HSMs), enabling organizations to meet diverse compliance and risk requirements while maintaining operational efficiency.
Enterprise Security Architecture
Accessible ECDSA P-256
- Software-based storage for rapid deployment
- Development-friendly with immediate access
- Cost-effective for low-risk applications
- Standard compliance with industry protocols
Hierarchical Deterministic (HD)
- Structured key derivation from master seeds
- Enterprise backup strategies with mnemonic recovery
- Multi-account management for complex organizations
- Advanced governance with derivation path control
Hardware Security Modules
- Tamper-resistant hardware for maximum security
- Regulatory compliance for financial institutions
- Enterprise-grade protection against advanced threats
- Audit-ready security with certified hardware
Each security tier integrates seamlessly with SettleMint's Transaction Signer, ensuring cryptographically secure execution of on-chain operations while maintaining enterprise operational efficiency and compliance standards.
Enterprise Security Imperatives
Mission-Critical Security
Enterprise Impact: Proper private key management prevents 99.9% of blockchain security incidents while enabling compliant, scalable blockchain operations for production environments.
Core Security Functions
Enterprise-Grade Protection
- Digital transaction signing with cryptographic proof of authenticity
- Public address generation for secure asset management
- Ownership verification with immutable blockchain records
- Cryptographic encryption providing enterprise-level security
Business Impact: 99.9% protection against unauthorized blockchain access
Audit & Governance
- Tamper-proof transaction records for regulatory reporting
- Cryptographic audit trails for compliance verification
- Enterprise governance controls for risk management
- Regulatory-ready security for financial institutions
Business Impact: 95% reduction in compliance verification overhead
Enterprise Operations
- Automated transaction signing for system integrations
- Secure asset custody for institutional blockchain operations
- Multi-signature capabilities for enterprise authorization workflows
- High-availability security for 24/7 operations
Business Impact: 90% improvement in operational security efficiency
Enterprise Risk Management
Critical Security Warning: Inadequate private key management can result in irreversible asset loss, unauthorized access to enterprise blockchain operations, and compromised business continuity. Enterprise organizations require robust key governance frameworks.
Enterprise Key Management Strategies
Strategic Key Management
Enterprise Flexibility: SettleMint supports multiple key storage and generation strategies to balance security, operational requirements, and regulatory compliance across diverse enterprise environments.
1. External Enterprise Key Integration
Hardware Wallet Integration
- Ledger/Trezor – Hardware-secured key storage with enterprise policies
- MetaMask Enterprise – Institutional-grade browser wallet integration
- Cold storage solutions – Air-gapped security for maximum protection
Enterprise Key Vaults
- AWS KMS – Cloud-native key management with enterprise controls
- Azure Key Vault – Microsoft enterprise security integration
- OpenSSL & CLI Tools – Custom enterprise key generation workflows
2. SettleMint Native Key Management
Integrated Security
Platform Advantage: Built-in private key generation eliminates external dependencies while maintaining enterprise-grade security and compliance standards.
Enterprise Capabilities:
- Multi-tier security options (ECDSA P-256, HD ECDSA P-256, HSM)
- Cross-network key management for multi-blockchain enterprise deployments
- Secure transaction signing with enterprise audit trails
- Zero external exposure of private key material
3. Advanced Enterprise Key Material
Hierarchical Deterministic Implementation
- 12/24-word mnemonic phrases for enterprise backup strategies
- Master seed derivation enabling structured enterprise key management
- Deterministic key generation for predictable enterprise operations
- Backup recovery protocols for business continuity planning
Enterprise Derivation Paths:
m/44'/60'/0'/0/0 (Ethereum Enterprise Standard)
m/44'/0'/0'/0/0 (Bitcoin Enterprise Standard)
Key Governance Framework
- Role-based key access aligned with organizational hierarchy
- Audit trail integration for compliance and security monitoring
- Key rotation policies for enhanced security posture
- Multi-signature workflows for enterprise authorization requirements
Enterprise HD Benefits: Multiple child keys from single master seed enable structured backups, organizational key hierarchies, and simplified enterprise key management at scale.
Enterprise Transaction Signing Infrastructure
Production-Ready Signing
Enterprise Integration: SettleMint's signing proxy provides secure, scalable transaction execution with enterprise-grade audit trails and seamless development tool compatibility.
Secure Transaction Workflow
Transaction Capture
eth_sendTransaction
interception via JSON-RPC endpoints- Enterprise logging for audit trail compliance
- Transaction validation with business rule enforcement
Secure Key Selection
- Appropriate private key selection from enterprise key management
- Role-based authorization for transaction signing
- Multi-signature support for enterprise workflows
Blockchain Delivery
- Cryptographically signed transaction execution
- Guaranteed delivery to blockchain nodes
- Real-time monitoring for enterprise operations
Enterprise Development Integration
Direct Blockchain Node Access
- Standard Ethereum JSON-RPC endpoints for universal compatibility
- Enterprise security with transparent signing proxy
- Full API compatibility with existing blockchain tools
- Production-ready scaling for high-volume operations
Enterprise Development Workflows
- Remote transaction signing for secure development environments
- Production configuration with enterprise key management
- Seamless deployment pipelines for blockchain applications
- Development-to-production continuity with consistent security
Enterprise Security Considerations
Security Framework
Enterprise Decision Matrix: Choose the appropriate security tier based on regulatory requirements, risk tolerance, and operational complexity for optimal enterprise blockchain security posture.
Security Tier Analysis
Accessible ECDSA P-256
- Software memory storage for rapid development and testing
- Cost-effective solution for low-risk enterprise applications
- High performance with immediate key access for development workflows
- Standard compliance with industry cryptographic protocols
Enterprise Use Cases: Development environments, testing workflows, low-value transactions
Hierarchical Deterministic Keys
- Single mnemonic seed generates unlimited child keys for enterprise scale
- Structured backup strategies with deterministic recovery capabilities
- Enterprise key hierarchy supporting complex organizational structures
- Advanced governance with derivation path control for security policies
Enterprise Use Cases: Multi-department organizations, structured asset management, enterprise backup strategies
Hardware Security Modules
- Tamper-resistant hardware providing maximum security assurance
- Regulatory compliance meeting financial institution requirements
- Enterprise audit capabilities with certified security standards
- Zero compromise protection against advanced persistent threats
Enterprise Use Cases: Financial institutions, regulated industries, high-value asset custody
Enterprise Security Decision Matrix
Security Method | Security Level | Compliance Level | Enterprise Use Cases |
---|---|---|---|
Software ECDSA | Standard | Basic | Development, testing, low-risk operations |
HD Wallets | Enhanced | Advanced | Multi-account management, enterprise backups |
HSM Protection | Maximum | Regulatory | Financial services, regulatory compliance, high-value custody |
Enterprise Recommendation
Best Practice: Implement a tiered security approach using HSMs for production assets, HD wallets for operational management, and software keys for development environments.
Enterprise Security Best Practices
Enterprise Security Framework
Comprehensive Protection: Implement layered security controls combining technical safeguards, organizational policies, and continuous monitoring for robust enterprise blockchain security.
Enterprise Security Controls
Technical Safeguards
- Encrypted air-gapped storage for critical key material backup
- Hardware Security Modules for maximum protection of production keys
- Multi-signature workflows for enterprise authorization requirements
- Zero-knowledge architecture minimizing key exposure
Operational Controls
- Multi-Factor Authentication (MFA) for all key management operations
- Role-based IAM policies aligned with organizational hierarchy
- Regular key rotation following enterprise security schedules
- Comprehensive audit logging for compliance and security monitoring
Enterprise Governance Framework
Enterprise Access Management
- Role-based permissions aligned with business functions and risk levels
- Principle of least privilege limiting access to necessary operations only
- Time-bound access with automatic expiration for enhanced security
- Emergency access procedures for business continuity scenarios
Implementation: IAM integration with enterprise directory services
Continuous Security Surveillance
- Real-time transaction monitoring with automated anomaly detection
- Security event alerting for suspicious key usage patterns
- Compliance reporting for regulatory audit requirements
- Incident response workflows for rapid security threat mitigation
Tools: SIEM integration, automated alerting, compliance dashboards
Enterprise Recovery Strategies
- Disaster recovery procedures for key material and access restoration
- Geographic distribution of backup key material for resilience
- Regular recovery testing to validate business continuity procedures
- Documentation and training for security incident response teams
Compliance: Regular recovery drills, documented procedures, staff training
Enterprise Risk Management
Critical Security Protocols: Unauthorized key access can result in irreversible financial loss and compromised business operations. Enterprise organizations must implement comprehensive security governance frameworks.
Enterprise Integration Resources
Technical Documentation
Blockchain Integration
- Ethereum JSON-RPC API - Standard blockchain integration protocols
- Hardhat Configuration - Enterprise development frameworks
Enterprise Security Solutions
- AWS Key Management Service - Cloud-native enterprise key vaults
- Ledger Enterprise Solutions - Hardware security modules for institutions
Enterprise Private Key Creation
Flexible Key Management
Enterprise Options: Organizations can leverage external enterprise wallet solutions (MetaMask Enterprise, hardware wallets) or utilize SettleMint's integrated key management for streamlined operations and enhanced security.
SettleMint's integrated signing proxy architecture captures eth_sendTransaction
calls, applies appropriate enterprise security policies, and executes transactions with the designated private keys. This enterprise-grade infrastructure supports both direct JSON-RPC integration and development framework compatibility (Hardhat, Truffle) configured for remote signing operations.
Create a private key
Navigate to your application, click Private keys in the left navigation, and then click Create a private key. This opens a form.
Follow these steps to create the private key:
-
Choose a private key type:
- Accessible ECDSA P256: Standard Ethereum-style private keys with exposed mnemonic
- HD ECDSA P256: Hierarchical Deterministic keys for advanced key management
- HSM ECDSA P256: Hardware Security Module protected keys for maximum security
-
Choose a name for your private key
-
Select the nodes on which you want the key to be active
-
Click Confirm to create the key
# Create Accessible ECDSA P256 key
settlemint platform create private-key accessible-ecdsa-p256 my-key \
--application my-app \
--blockchain-node node-123
# Create HD ECDSA P256 key
settlemint platform create private-key hd-ecdsa-p256 my-key \
--application my-app
# Create HSM ECDSA P256 key
settlemint platform create private-key hsm-ecdsa-p256 my-key \
--application my-app
import { createSettleMintClient } from '@settlemint/sdk-js';
const client = createSettleMintClient({
accessToken: 'your_access_token',
instance: 'https://console.settlemint.com'
});
// Create private key
const createKey = async () => {
const result = await client.privateKey.create({
name: "my-key",
applicationUniqueName: "my-app",
privateKeyType: "ACCESSIBLE_ECDSA_P256", // or "HD_ECDSA_P256" or "HSM_ECDSA_P256"
blockchainNodeUniqueNames: ["node-123"] // optional
});
console.log('Private key created:', result);
};
Manage private keys
- Navigate to your application's Private keys section
- Click on a private key to:
- View details and status
- Manage node associations
- Check balances
- Fund the key
# List all private keys
settlemint platform list private-keys --application <app-name>
# View specific key details
settlemint platform read private-key <private-key-unique-name>
# Restart a private key
settlemint platform restart private-key <private-key-unique-name>
// List private keys
const listKeys = async () => {
const keys = await client.privateKey.list("your-app-name");
};
// Get key details
const getKey = async () => {
const key = await client.privateKey.read("key-unique-name");
};
// Restart key
const restartKey = async () => {
await client.privateKey.restart("key-unique-name");
};
Fund the private key
For networks that require gas to perform a transaction, your private key should contain enough funds to cover the gas price.
- Click the private key in the overview to see detailed information
- Open the Balances tab
- Click Fund
- Scan the QR code with your wallet/exchange to fund the key
Ensure your private key has sufficient funds before attempting transactions on networks that require gas fees.
Custom Deployment
Deploy enterprise applications with SettleMint's Custom Deployment platform. Run Docker containers at scale, integrate custom domains, and reduce deployment complexity by 90% for production blockchain applications with enterprise-grade infrastructure.
User Wallets
Scale enterprise blockchain operations with SettleMint's User Wallets. Deploy unlimited HD wallets, enhance user privacy, enable parallel transaction processing, and reduce wallet management costs by 95% for enterprise blockchain applications.