Skip to content
LogoLogo

Sodot Crypto Vault

The secure control plane for all your crypto keys and governance. Generate, store, and use keys (exchange API secrets, custodian API keys, and on-chain keys) with zero key exposure, policy-driven signing, and a full audit trail. Self-hosted in your own cloud.

The Crypto Vault is not a custodian and not an execution venue. It is the security and governance layer that sits underneath them.

What it does

  • Manages all your keys. Import exchange API secrets without ever exposing them; generate Ed25519 and RSA keys with multi-party computation.
  • Governs who can do what. A deny-by-default Administrative Policy over users, groups, and actions.
  • Controls how keys sign. Ordered Signing Policies (Approve, Deny, External Rule Server).
  • Signs arbitrary payloads for machine users and AI agents over a signed REST API.
  • Freezes instantly. A kill switch at key, user, venue, or whole-system scope.
  • Proves everything. An exportable, SIEM-ready audit log.

Where to go next

You want toGo to
Understand how it worksHow it works
Operate the vault from the web appUser Guide
Integrate via the REST API or an agentDeveloper Guide
Browse every endpointAPI Reference
Deploy and run it in your own cloudDeployment
See what is coming nextComing soon