Skip to main content

Key Synchronization & Publishing

Encryption key synchronization is essential for enabling secure, encrypted identity exchange between VASPs in the CRYMBO network.

Wallets, dApps, and backend services must ensure that public encryption keys are published and kept in sync with the CRYMBO registry.

What is Key Syncing?

Key syncing refers to the process of:

Generating or rotating an encryption key pair (e.g. X25519)
Publishing the public key to CRYMBO
Ensuring it is retrievable by other VASPs and the Oracle

Why It's Critical

Without a valid public key on record:

A VASP cannot receive encrypted PII
Identity data requests will fail
Compliance flow cannot proceed

How to Publish Keys

Keys can be published via:

1. CRYMBO Connect Portal

Secure upload of public keys for VASP-level association

2. REST API

POST /api/keys/publish
Authorization: Bearer <token>
Content-Type: application/json

Body:

{
	"type": "X25519",
	"publicKey": "<base64-encoded-key>"
}

3. Wallet Integration (Advanced)

Allow end users to sign and publish keys via their wallet interface
Support key export/import workflows

Key Expiry & Rotation

Keys should be rotated periodically for best security practices
CRYMBO supports multiple active keys per VASP
Old keys can be deprecated but still resolved for in-flight exchanges

📌 Next Step: Explore System Compatibility

What is Key Syncing?
Why It's Critical
How to Publish Keys
Key Expiry & Rotation