Blockdaemon Blog

Blockdaemon Integrates With Hashicorp Vault

Dec 17, 2024
By:
Frank
Wiener
&
Blockdaemon and HashiCorp have partnered to integrate and approve Blockdaemon Builder Vault for use with HashiCorp Vault, providing flexible and secure Root of Trust services. Builder Vault incorporates Blockdaemon’s Multi-Party Computation (MPC) technology through a Public Key Cryptography Standard (PKCS) #11 plug-in.

Blockdaemon and HashiCorp have partnered to integrate and approve Blockdaemon Builder Vault for use with HashiCorp Vault, providing flexible and secure Root of Trust services. Builder Vault incorporates Blockdaemon’s Multi-Party Computation (MPC) technology through a Public Key Cryptography Standard (PKCS) #11 plug-in. It generates, stores, and uses Master keys to seal and unseal HashiCorp Vault, without relying on hardware security appliances or cloud HSM service providers (CSPs).

The key benefits of using Builder Vault to securely seal and unseal HashiCorp Vault include:

  • CSP independence - avoid vendor lock-in and dependencies.
  • Data sovereignty - maintain complete control over master key hosting.
  • Enhanced scalability and availability - improve application performance.
  • Cost efficiencies - reduce operational expenses.
  • Seamless cloud infrastructure integration - for continuous innovation and automation.
  • Enhancing overall security - eliminating single point of key failure vulnerabilities. 

“HashiCorp Vault provides incredibly powerful, identity-based secrets, data, and systems management,” said Helen Chen, VP of Product at Blockdaemon. “At the request of a major global service provider, we integrated Builder Vault to generate, store, and use master keys that seal and unseal HashiCorp Vaults using MPC. The result is enhanced Root of Trust security with improved operational efficiency and flexibility.” 

​​“We are delighted to welcome Blockdaemon to the HashiCorp partner program,” said Asvin Ramesh, Sr. Director of Alliances at HashiCorp. “The integration between Blockdaemon Builder Vault and HashiCorp Vault enhances security with tamper-resistant key storage, an automated seal/unseal process, and ensures regulatory compliance. The partnership between HashiCorp and Builder provides customers with a powerful solution for the protection of their most sensitive secrets.”

Builder Vault Enhances HashiCorp Vault Security via PKCS #11

Traditional PKCS #11 implementations store a centralized copy of a key and other attributes, typically including the permission criteria for key usage. Security can be defeated if a malicious party accesses the centralized key or if the permission criteria becomes compromised, creating single points of failure.

Builder Vault uses multiple distributed MPC nodes under different administrative domains, to generate, store, and use MPC shares of a master key, avoiding single points of failure. Builder Vault’s PKCS #11 implementation also stores a copy of the key attributes - excluding the key-related values - in each MPC node’s database. This distributed and redundant approach to attributes mitigates single point of failure risks for permissions. 

Builder Vault MPC nodes can be hosted on-premises, in public or private clouds, or in secure cloud compute environments. Running nodes in diverse, secure environments, Builder Vault offers industry-leading security for the master key that wraps and unwraps the HashiCorp Vault Root of Trust key, without relying on hardware security appliances or cloud hosted HSM services.  

Simple, Automated Deployment via AWS Marketplace or Direct Purchase

Blockdaemon Builder Vault is available for licensing and self-hosting directly from Blockdaemon, or as a subscription with automated deployment via AWS Marketplace. 

Free 30-day trials of Builder Vault are available via AWS Marketplace, making evaluation and production deployment of Builder Vault MPC nodes quick, easy, and secure. Learn more at https://blockdaemon.com/builder_vault_enterprise.  

Share

Get Started with Blockdaemon Today!

Contact us to learn how we can help you power your blockchain business.
Unparalleled Security & Compliance
Seamless Integration & Scalability
Dedicated Customer Support
Let's build together! →
mpc wallets & vaults
Institutional Wallet
Builder Vault
Enterprise KMS
Nodes & APIs
Chain Watch
Verify
Wallet Transact
RPC API
Dedicated Nodes
DeFi API
Staking
Staking APIs
Staking App
Restaking
Liquid Staking
Reporting API
Validators
Protocols
Aleo
Algorand
Aptos
Arbitrum
Astar
Audius
Avalanche
Axelar
BNB Chain
BSN
All Protocols
Company
Foundations
About Us
Careers
Partnership Program
Expertise
Security
Infrastructure
Buzz
Blog
Resources
Newsletter
Press
Press Kit
documentation
REST APIs
Institutional Wallet
Builder Vault
RPC API
DeFi API
All Documentation
Support
FAQs
Contact Support
Connect with blockdaemon
Terms & Conditions
Cookie Policy
Privacy Policy
Newsletter

Sign up for our newsletter to receive the latest news and product updates.

Thanks! Look out for our next Newsletter!
Oops! Something went wrong while submitting the form.