Azure Key Vault Signer

Key Management Backed by Azure Key Vault

Kaleido makes it easy to utilize Azure Key Vault to manage keys and sign and submit transactions.

What it

Azure Key Vault Signer

is

What it is

Azure Key Vault Signer

The Azure Key Vault provides hardware security modules (HSM) that are maintained in the Azure Cloud. This allows client total control of their cryptographic materials in hardware and firmware without being exposed to any operators including Microsoft. Using an HSM based keys management provides the highest level of security.

Kaleido CloudHSM service supports using keys maintained by Azure Key Vault to sign transactions. The Kaleido service communicates with Azure Key Vault via HTTP over TLS to discover the list of signing accounts and sending it payload to sign. During the entire process the signing keys stay safe inside the customer's Azure Key Vault instance and are never shared with Kaleido.

Create and Configure a Kaleido CloudHSM Signer Service

Azure KeyVault Signer has the ability to interact with the Key Vault in Azure to sign and send transactions to an Ethereum node in the Kaleido environment.

Sign Transactions Using Azure Key Vault

Kaleido CloudHSM service supports using keys maintained by Azure Key Vault to sign transactions.

Total Control

Kaleido CloudHSM service supports using keys maintained by Azure Key Vault to sign transactions.

Announcement

Are You a ConsenSys Quorum Blockchain User?

Kaleido is the preferred migration partner working with ConsenSys to ensure continuation of the Quorum Blockchain service. If you’re interested in continuing your service by migrating to Kaleido, please contact our team and we'll be happy to assist.

Hyperledger Fabric at a glance

Permissions

Built for permissioned networks

Governance

Data isolation and strict governance enabled by Hyperledger Fabric certificate authority

Transaction Flow

Unique Execute-Order-Commit endorsement model where transactions are initially executed on a set of peers while ordering service handles packaging and delivery

Consensus Algorithms

Ordering can be switched based on the needs of the environment with pluggable consensus algorithms

Smart Contract Language

Go, Java, Node.js

What Is Hyperledger Fabric?

Since launching in 2015, Hyperledger Fabric has been a top choice for enterprises looking to build apps on permissioned blockchain networks. The modular architecture is capable of powering large-scale applications that require enterprise-grade data security.

The ability to protect certain details of peer transactions has made Hyperledger Fabric a go-to protocol for industries like financial services, supply chains, and the insurance industry. It works for complex use cases that involve personally identifiable information and proprietary business data.

Hyperledger Fabric is one of the many protocol choices available on Kaleido. With a full suite of plug and play services, flexible cloud deployment options, and powerful APIs, Kaleido is the easiest way to run a Fabric network anywhere.

Benefits of Hyperledger Fabric

Hyperledger Fabric is an open source project designed to handle enterprise-grade use cases. Key differentiators are its quick transaction throughput and its modularity, allowing for more innovation and optimization regardless of industry use cases. Other benefits include scalability and security, key pillars of any enterprise application.

Modular & Pluggable

Hyperledger Fabric is a modular blockchain framework that allows you to plug in different components, such as consensus algorithms and membership services, and tailor networks to your needs

Open source

Part of the Hyperledger project of the Linux Foundation, Hyperledger Fabric is an open source protocol that allows the enterprise to build custom applications and limit vendor risks

Security

With a high level of security for enterprise users, Fabric uses a permissioned network to prevent unauthorized access

Hyperledger Fabric certified service provider badge

Our Hyperledger Fabric Expertise

Kaleido is a Hyperledger Certified Service Provider (HCSP) with a deep expertise in helping enterprises successfully adopt Hyperledger tools. Our founding partners are also active with the Hyperledger Foundation. Sophia Lopez is a General Member representative on the Hyperledger Foundation Governing Board and Jim Zhang is a member of the Hyperledger Foundation Technical Oversight Committee.

Talk to an Expert

Benefits of Quorum

Quorum is a blockchain protocol specially designed for use in a private blockchain network, where there is only a single member owning all the nodes or a consortium blockchain network where multiple members each own a portion of the network.

Scalability

Quorum is designed to be highly scalable, with low transaction latencies and the ability to support a higher number of transactions per second than other blockchain protocols. This makes it well-suited for use in high-volume applications.

Security

Quorum includes a number of security features that are designed to protect sensitive or proprietary data, like private transactions that allow network participants to transact without revealing the details of their transactions to the rest of the network.

Flexibility

Quorum is based on the Ethereum protocol and can support a wide range of decentralized applications and smart contracts. It is also highly modular and customizable so that it can be tailored to the needs of specific use cases.

Gas-free transactions

There is no cost required to submit transactions to a Quorum network, unlike Ethereum, which requires the payment of high and unpredictable gas fees to submit transactions.

Hyperledger Fabric certified service provider badge

Our Hyperledger Fabric Expertise

Kaleido is a Hyperledger Certified Service Provider (HCSP) with a deep expertise in helping enterprises successfully adopt Hyperledger tools. Our founding partners are also active with the Hyperledger Foundation. Sophia Lopez is a General Member representative on the Hyperledger Foundation Governing Board and Jim Zhang is a member of the Hyperledger Foundation Technical Oversight Committee.

Talk to an Expert
How it works

How it Works

Create a Kaleido Cloud HSM Service

Creation of Kaleido CloudHSM service in Kaleido is a two step process. First, you specify the type and access details to Azure Key Vault as a configuration under the environment. This can be referenced by one or more cloud HSM service instances created in the same membership. Next you create the CloudHSM service using the configuration created belo.

Create CloudHSM configuration for Azure Key Vault

The configuration for Azure Key Vault has the following mandatory parameters:

The following is a sample POST request to create an Azure key vault cloudhsm configuration:

Create Cloud HSM service

Using the configuration created above, cloud HSM service can be created using the request fields:

FieldUsagenameUser-defined name for the servicemembership_idID of membership under which this service is availableserviceType of service. Must be cloudhsmdetails-- cloudhsm_idID of the configuration created in the previous step

The following is a sample POST request to create a Cloud HSM service that uses an Azure Key Vault backend provider:

https://console.kaleido.io/api/v1/consortia/:consortia_id/environments/:environment_id/services

{
 "name": "cloudhsm-azure",
 "membership_id": "",
 "service": "cloudhsm",
 "details": {
   "cloudhsm_id": ""
 }
}

Transaction Signing with Azure Key Vault

Transactions can be sent to the Kaleido CloudHSM service by specifying a from address that corresponds to a SECP256K1 type key that is present in the Azure Key Vault. Any of RPC, WSS or the API Gateway interfaces can be used to send transactions. The URLs for the interfaces can be obtained by querying the service's /status route

A sample GET request to obtain the service status is as below:

https://console.kaleido.io/api/v1/consortia/:consortia_id/environments/:environment_id/services/:service_id/status

When a eth_sendTransaction request is received by the Kaleido CloudHSM service, it uses the from address to determine whether the configured backend cloud HSM contains the keys for the address. The Kaleido CloudHSM service sends a /sign request with the KEY ID of the from address and the transaction payload to Azure Key Vault to sign. If the request succeeds, Key Vault returns the signature, from which the Ethereum signature parameters - R, S and V are extracted, as well as making sure the S value is compatible with Ethereum's malleability protection rule, and included in the transaction before sending it to the Ethereum blockchain node in the Kaleido environment that the service is bound to.

Enterprise Use Cases
Run Better on Kaleido

Hyperledger Fabric is a private blockchain that allows developers to create subnets, or channels, meaning that certain proprietary or personal information can remain confidential. This makes Fabric a protocol of choice for industries like financial services, insurance, and supply chain management.

Supply Chains

Hyperledger Fabric networks can increase transparency and traceability of transactions within the network. This transparency can be used to monitor real-time location data, limit fraud and counterfeit goods, and track ESG efforts.

Digital Assets

Complex multi-party business networks built on Fabric can easily tokenize assets, transact instantly, share data, and eliminate cumbersome paperwork as financial business flows are automated.

Insurance

Moving insurance transactions to blockchain can eliminate fraud, automate claim processing, and digitize legacy systems. Hyperledger Fabric also allows stakeholders to automate Know Your Customer (KYC) processes via smart contracts.
Why Kaleido

Everything You Need to Build Enterprise-Grade Blockchain and Digital Asset Solutions on Azure

Try Truffle on Kaleido

Kaleido's blockchain platform makes it radically simple for businesses to create complete web3 networks and applications. With just a few clicks, you can launch a blockchain network, deploy it globally, set up governance, and start plugging in familiar services.

Quickly Launch Blockchain
Networks

Launch blockchain networks in minutes
Choose from leading protocols including Ethereum, Polygon Edge, Hyperledger Fabric and more
Select permissioned chains, appchains,  sidechains, or consortium chains
Deploy on AWS, Azure or on-prem
Stand up nodes worldwide in regions of your choice

Simplify Development to Get to
Production Fast

Access 40+ plug-and-play services for wallets, key management, storage, data, and more
Automate management and deployment with our fully API-enabled platform
Turn any smart contract into familiar APIs with our smart contract API generator
Make digital assets, NFTs, and consortiums easy with our dedicated solutions
Mint, manage, and burn tokens at scale with robust tooling

All Backed by Enterprise-Grade Infrastructure and Support

Modern cloud scale architecture
Built-in high availability and disaster recovery
ISO 27k and SOC 2 Type 2 certified
Integrate seamlessly with existing internal systems
Open source tech and no vendor lockin
24x7 support and SLAs

Enterprise Use Cases Run Better on Kaleido

Quorum is a protocol of choice for industries like financial services, insurance, and supply chain management where enterprise-grade.

Additional Resources
Learn More About
Azure Key Vault Signer
Ready to Get Started With
Azure Key Vault Signer
?