a demo

Composable Deployments

Configure digital asset
security with flexibility

Key management services that offer the modularity to meet all regulatory and internal compliance requirements via local deployments and developer-friendly setups.

Trusted by
Pioneering composable key management for web3
wallets created
wallets hacked
transactions secured
monthly transactions
Determine your degree of sovereignty

Avoid design lock-ins,
manage keys with total freedom

Protect your organization from regulatory shifts or supplier takeovers
and prevent business disruptions in fast-growing markets.



Configure your setup to prevent Dfns from accessing any key shares, policies, or other parts of your infrastructure. Take control by hosting the key material on-prem or in a hybrid setup to ensure sovereignty over digital assets.

Request a demo


Integrate Dfns at any level of the stack to maintain the type of autonomy you need, ideal for institutions valuing complete control over keys, policies, and infrastructure, and eliminating operational co-dependencies and third-party risk concerns.

Request a demo


Securing key shares is crucial for custody, whether regulated or self-hosted. Howerer, don't integrate with monolithic KMS. Chose a wallet provider that can support your growth while complying with fast-changing markets and regulations.

Request a demo
A suite of self-hosted software for web3 wallets

Discover a wide range
of capabilities offered by Dfns

Flexible custodianship

Dfns offers both custodial ("org-controlled") and non-custodial ("user-controlled") wallet configuration options, offering clients the flexibility to meet security or regulatory requirements.

Customizable wallets

Dfns' platform adapts to your needs: segregated wallets for custodians, unique wallets for fintech users, or omnibus wallet structures for exchanges aiming to reduce transaction fees.

Composable deployments

Take control of your private keys, policies, and infrastructure with zero vendor dependencies. Dfns adapts to locations, cloud setups, hardware options, and custom deployment schemes.

Extensive signing groups

Dfns' advanced MPC protocols support deploying multiple partial keys in various instances, allowing multiple entities (e.g., employees, organizations, servers) to participate in key hosting and signing.

Adjustable threshold

Dfns' cutting-edge TSS for ECDSA and EdDSA supports flexible quorums (e.g., 2:3, 3:5, 5:7) and hierarchical signing orders, enabling organizations to align workflows with internal business logic.

Configurable recovery

Define the criteria that qualify as a disaster and use a dedicated, organization-specific recovery layer to retrieve your key material within Dfns' multi-tiered Disaster Recovery Protocol (DRP).

Personalized experience

Design a seamless wallet recovery UX for your end-users and employees with diverse 2FA options, such as cross-device passkey credentials, PDF recovery codes, KYC-locked keys, and more.

Compatible cryptography

Harness the power of versatile key management, offering support for diverse cryptographic primitives, curves, algorithms (e.g., ECDSA, EdDSA, STARK, Schnorr), and derivations (e.g., BIP32, SLIP10).

Key export options

Access the "break-the-glass" key export feature at all levels, from end-users to developers and organization-owned keys, safely ejecting private keys and associated digital assets from Dfns.

Composability means freedom of choice

Composable deployments built
for adaptive risk management

Streamline and secure your key deployment scheme
with our advanced automations and APIs.


Entrust key hosting to Dfns' decentralized KMS, maintaining complete wallet control via passkey authentication to the API. All key material within the Dfns environment are stored in  secure T3+/T4 data centers.


Achieve optimal security and flexibility with co-controlled wallets. Secure a subset of keys on-prem while choosing where the other Dfns-hosted keys are deployed in the geographic areas of your choice.


Deploy all the key material and services locally on-prem in secure enclaves like AWS Nitro or in FIPS 140-3 HSMs like Intel SGX, Azure AMD, Thales Luna Network or other similar solutions.

Select key deployment options leveraging TEEs in T3+/4 data centers and MPC security.

Thanks to their collaborative team and institutional-grade wallet platform, we've enhanced our operational capabilities and widened our business lines. Our security framework has also been reinforced by their state-of-the-art MPC cryptography. Dfns has proven to be an invaluable partner in our mission to provide reliable crypto custody services.”
Alexandre Chateauneuf
Chief Executive Officer

Dux Reserve

Regulated Crypto Custodian
Top features
State-of-the-art zero trust wallet systems

Security reinforcement for enterprises
with cutting-edge key management

Battle-tested MPC

Multi-party computation is the ideal choice for decentralized, flexible key deployments, but MPC is complex and not all protocols are equal. Dfns uses an audited and open-sourced Rust implementation of CGGMP21, the industry's most popular MPC protocol.

Tamperproof HSM

Local key deployment is available to organizations with a history of proven compliance to standard security practices. Key shares must reside in isolated enclaves or FIPS 140 certified HSM within T3+/4 data centers, and align with ISO 27001 controls.

Real-time observability

Elevate root-level control over access privileges by using enclaves and public key signing to selectively engage in key management workflows any developer or employee of your organization, enabling precise resource access controls.

Root-level controls

Elevate root-level control over access privileges by using enclaves and public key signing to selectively engage in key management workflows any developer or employee of your organization, enabling precise resource access controls.

Disaster recovery

Dfns' DR protocol offers a four-tier structure, inspired by IANA, enabling organizations to customize key recovery based on criticality levels and trigger criteria. Optionally, Dfns can integrate with backup providers like Station70, Coincover, etc.

Agile software for future-proof wallets

Face shifting digital asset regulations
with adaptive key security systems

Get ready for geo-sensitive regulations

Different regulations require different key storage approaches. Some blur the lines between storage and custody, others require storage on national soil, while some allow CLOUD Act-compliant data centers. With Dfns, you can deploy keys securely anywhere.

Integrate essential third-party services

Dfns integrates with core banking systems (e.g., Temenos, Finastra, FIS, Sopra), KYT compliance solutions (e.g., Sardine, Chainalysis, Elliptic), on/off-ramp options (e.g., Moonpay, Ramp, Banxa) and other essential applications for compliant financial operations.