Sodot Crypto Vault
The secure control plane for all your crypto keys and governance. Generate, store, and use keys (exchange API secrets, custodian API keys, and on-chain keys) with zero key exposure, policy-driven signing, and a full audit trail. Self-hosted in your own cloud.
The Crypto Vault is not a custodian and not an execution venue. It is the security and governance layer that sits underneath them.
What it does
- Manages all your keys. Import exchange API secrets without ever exposing them; generate Ed25519 and RSA keys with multi-party computation.
- Governs who can do what. A deny-by-default Administrative Policy over users, groups, and actions.
- Controls how keys sign. Ordered Signing Policies (Approve, Deny, External Rule Server).
- Signs arbitrary payloads for machine users and AI agents over a signed REST API.
- Freezes instantly. A kill switch at key, user, venue, or whole-system scope.
- Proves everything. An exportable, SIEM-ready audit log.
Where to go next
| You want to | Go to |
|---|---|
| Understand how it works | How it works |
| Operate the vault from the web app | User Guide |
| Integrate via the REST API or an agent | Developer Guide |
| Browse every endpoint | API Reference |
| Deploy and run it in your own cloud | Deployment |
| See what is coming next | Coming soon |