{"id":13513480,"url":"https://github.com/square/subzero","last_synced_at":"2025-06-13T01:39:51.052Z","repository":{"id":33417133,"uuid":"144076009","full_name":"square/subzero","owner":"square","description":"Block's Bitcoin Cold Storage solution.","archived":false,"fork":false,"pushed_at":"2025-03-17T20:28:24.000Z","size":11120,"stargazers_count":693,"open_issues_count":41,"forks_count":98,"subscribers_count":26,"default_branch":"master","last_synced_at":"2025-03-30T07:02:12.308Z","etag":null,"topics":["bitcoin","btc","cold-storage","crypto","cryptocurrency","hardware-security-module","hsm"],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/square.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-08-08T22:58:11.000Z","updated_at":"2025-03-28T04:32:45.000Z","dependencies_parsed_at":"2023-09-25T22:37:03.881Z","dependency_job_id":"c2eae458-37fa-4b81-8d1a-899ee84a62fb","html_url":"https://github.com/square/subzero","commit_stats":null,"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/square%2Fsubzero","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/square%2Fsubzero/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/square%2Fsubzero/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/square%2Fsubzero/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/square","download_url":"https://codeload.github.com/square/subzero/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246407149,"owners_count":20772074,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bitcoin","btc","cold-storage","crypto","cryptocurrency","hardware-security-module","hsm"],"created_at":"2024-08-01T05:00:27.887Z","updated_at":"2025-03-31T02:32:27.440Z","avatar_url":"https://github.com/square.png","language":"C","readme":"[![Build Status](https://github.com/square/subzero/actions/workflows/codeql-analysis.yml/badge.svg)](https://github.com/square/subzero/actions/workflows/codeql-analysis.yml)\n[![Static Analysis](https://github.com/square/subzero/actions/workflows/clang-static-analysis.yml/badge.svg)](https://github.com/square/subzero/actions/workflows/clang-static-analysis.yml)\n[![Integration Test](https://github.com/square/subzero/actions/workflows/signtx-test.yml/badge.svg)](https://github.com/square/subzero/actions/workflows/signtx-test.yml)\n\n[![Documentation Status](https://readthedocs.org/projects/subzero/badge/?version=master)](https://subzero.readthedocs.io/en/master/?badge=master)\n[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://github.com/square/subzero/blob/master/LICENSE)\n\n\u003cimg src=\"logo.png\" width=\"100\"\u003e\n\n# HSM Cold Storage\n\nFor security, Square stores a reserve of Bitcoins in an offline setting. By having these funds offline, we\nreduce attack surface and risk of theft.\n\nSquare's solution is unique, specifically, we leverage FIPS certified Hardware Security Modules (HSMs) to protect the\nprivate key material. We decided to use such HSMs because we already own, operate, and trust these devices for other payment-related needs.\n\nFunds can be sent from online systems to the cold storage at any time. Moving funds out of cold storage requires a\nmulti-party signing ceremony. In addition, the offline HSMs are able to enforce business logic rules, for instance we\nonly allow sending funds to Square-owned addresses. Such a scheme is usually called defense in depth or an onion model.\nWe maintain the online/offline isolation by importing transaction metadata and exporting signatures using QR codes.\n\nHSMs have the ability to share key material. This enables the ability to store our backups in encrypted form and\nrestore a wallet at any location.\n\nThis repo contains our design documents as well as specific technical information. We are sharing our source code, with\nthe caveat that the code is currently only useful if you have the exact same hardware setup. We are willing to make the\ncode more modular over time, as long as the broader community shows interest to implement support for additional\nhardware vendors.\n\nSee also [Open Sourcing Subzero (blog post)](https://developer.squareup.com/blog/open-sourcing-subzero)\n\n# Documentation\n\n[https://subzero.readthedocs.io](https://subzero.readthedocs.io)\n\n# License\n\n\n    Copyright 2018 Square, Inc.\n\n    Licensed under the Apache License, Version 2.0 (the \"License\");\n    you may not use this file except in compliance with the License.\n    You may obtain a copy of the License at\n\n       http://www.apache.org/licenses/LICENSE-2.0\n\n    Unless required by applicable law or agreed to in writing, software\n    distributed under the License is distributed on an \"AS IS\" BASIS,\n    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n    See the License for the specific language governing permissions and\n    limitations under the License.\n","funding_links":[],"categories":["C","Java"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsquare%2Fsubzero","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsquare%2Fsubzero","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsquare%2Fsubzero/lists"}