Crate penumbra_custody

source ·
Expand description

Implementations of custody services responsible for signing transactions.

This crate currently focuses on the soft_kms implementation, a basic software key management system that can perform basic policy-based authorization or blind signing.


  • A set of basic spend authorization policies.
  • A basic software key management system that stores keys in memory but presents as an asynchronous signer.


  • A transaction authorization request submitted to a custody service for approval.


  • A pre-authorization packet. This allows a custodian to delegate (partial) signing authority to other authorization mechanisms. Details of how a custodian manages those keys are out-of-scope for the custody protocol and are custodian-specific.


  • A well-typed wrapper around the GRPC custody protocol that uses Rust domain types rather than proto types.