US 12,475,454 B2
Digital asset platform with HSM verification
Takuya Nakaike, Yokohama (JP); Moriyoshi Ohara, Yokohama (JP); Christopher S. Smith, Boeblingen (DE); Angel Nunez Mencias, Stuttgart (DE); and Peter James De Meo, Singapore (SG)
Assigned to International Business Machines Corporation, Armonk, NY (US)
Filed by International Business Machines Corporation, Armonk, NY (US)
Filed on Sep. 21, 2021, as Appl. No. 17/480,446.
Prior Publication US 2023/0091686 A1, Mar. 23, 2023
Int. Cl. G06Q 20/38 (2012.01); H04L 9/00 (2022.01); H04L 9/08 (2006.01); H04L 9/32 (2006.01)
CPC G06Q 20/38215 (2013.01) [G06Q 20/3827 (2013.01); G06Q 20/3829 (2013.01); H04L 9/0825 (2013.01); H04L 9/0877 (2013.01); H04L 9/3242 (2013.01); H04L 9/50 (2022.05); H04L 2209/56 (2013.01)] 8 Claims
OG exemplary drawing
 
1. A system, comprising:
a blockchain; and
a host platform comprising:
a processor of a hardware security module (HSM) that, when executing instructions stored in an associated memory, is configured to:
create a plurality of pre-signatures using a private key corresponding to a policy service; and
generate a wallet key of a first digital wallet associated with a first user; and
a processor of a signing service that, when executing instructions stored in the associated memory, is configured to:
receive a blockchain transaction from the policy service, wherein the blockchain transaction comprises the plurality of pre-signatures;
verify the plurality of pre-signatures, based on a plurality of corresponding public keys of the policy service using the HSM; and
transmit, based on the verification of each of the plurality of pre-signatures is successful, a request to the HSM, wherein
the request comprises a plurality of identifiers,
the plurality of identifiers comprises a first identifier associated with the first digital wallet, a second identifier associated with a signing function of the HSM, and a third identifier associated with the policy service,
the processor of the HSM is further configured to:
 receive the request transmitted from the signing service;
 sign the blockchain transaction based on the plurality of identifiers of the request using the wallet key; and
 transmit the signed blockchain transaction to the signing service;
the processor of the signing service is further configured to:
 receive, from the HSM, the signed blockchain transaction; and
 send the signed blockchain transaction to the blockchain, via the first digital wallet; and
the signed blockchain transaction is sent to the blockchain to transfer an asset associated with the signed blockchain transaction to a second digital wallet of a second user different from the first user.