Custody Integration
Custody in CRYMBO Connect is designed to meet institutional standards for security, scalability, and regulatory alignment. The system supports integration with both internal and external custodians, enabling programmable control over wallet provisioning, segregation, and compliance enforcement.
Custodial integrations are at the heart of CRYMBO’s infrastructure, powering real-time identity-linked wallet management and compliant asset custody across supported blockchains.
Wallet Architecture
Each onboarded VASP or institutional user is provisioned with one or more wallet types:
- HOT Wallets – For high-frequency, lower-value transactions (e.g. retail).
- WARM Wallets – For programmatic withdrawals and internal settlements.
- COLD Wallets – Offline storage for long-term or high-value custody.
- TEMP Wallets – Used during identity validation or gasless flow setup.
🧠 Wallets are deterministically linked to user identities using secure mappings and optional encryption layers (ZK or AES).
Custodian Integration Models
CRYMBO supports multiple custody backends:
- Self-custody via integrated wallet services (Node/Fireblocks/BitGo-compatible)
- Third-party custodians via API (REST, WebSocket, or custom plugins)
- Hybrid models combining internal wallet management with compliance delegation
Each wallet is bound to the KYC/KYB record and permissioned via CRYMBO Oracle policies.
API Endpoints
Provisioning and management APIs allow full control over custodial lifecycle:
GET /deposits/:currency/:network/address– retrieve wallet by user & assetPOST /deposits/.../address/guest– create wallet for guest or temp usagePUT /deposits/.../guest/:deposit_id– update wallet metadata (e.g. transaction hash)
🔐 All endpoints are protected by access tokens or JWT and validated via CSRF/XSRF where applicable.
Security & Auditability
- All custody actions are logged with timestamped audit trails.
- Wallet access is gated by role-based permissions.
- All API interactions are monitored via Crymbo’s internal compliance engine.