top of page

DOUBLE AIRGAP PSBT 
TRUE ISOLATION FOR SIGNING

An AirGap separates systems to reduce risk.

However, a single AirGap is not sufficient when transaction preparation and signing take place within the same domain.

Cuvex implements a Double AirGap PSBT, fully separating:

  • Transaction preparation

  • The use of the secret for signing

CUVEX_PSBT.png

WHAT IS AN AIRGAP?

An AirGap is the physical or logical separation between systems designed to prevent information leakage.

Many devices claim to be air-gapped, yet still rely on indirect dependencies that undermine true isolation.

EL PROBLEMA DEL SINGLE AIRGAP

In a classic workflow:

 

  1. The device receives data

  2. It accesses the secret

  3. It signs

 

This concentrates risk within a single trust domain.

mock_PSBT.png

THE CUVEX DOUBLE
AIRGAP FLOW

  1. The transaction is prepared in a watch-only app

  2. The unsigned PSBT is transferred to the device

  3. The encrypted seed is consumed through a separate channel (NFC or USB-C)

  4. Signing occurs without exposing the secret

Transaction preparation and signing never share the same context.

THREATS MITIGATED

The Double AirGap reduces:

Key

extraction

Metadata

leakage

Correlation

attacks

Human

error

WHY THIS MATTERS

Most self-custody incidents do not occur due to broken cryptography, but rather because of poor architecture.

The Double AirGap PSBT addresses the problem at the design level.

bottom of page