Signing security, control and proof. Patent pending.

Digital asset custody without one key to steal.

Decern is a security control plane for digital asset signing. It splits approval authority, refreshes custody controls, and records evidence showing when a transaction was approved before it is signed.

The latest update seals stored custody key material with hybrid post-quantum plus classical protection, and the demo signs real Bitcoin signet transactions you can verify on a public explorer.

Live demo on Bitcoin signet. No real assets. Built for broader digital asset networks through chain-specific adapters. Implementation mechanics are shared only under a confidential technical briefing.

Live demonstration bitcoin signet
key_01holder A, signing
key_02holder B, signing
key_03holder C, idle

Signing quorum: 2 of 3 required. No single key can act alone. Runs are signed by the operator on Bitcoin signet; watch a replay of a real run, then verify every transaction yourself on a public explorer this page does not control.

Open the live demonstration

In plain terms

Split the control. Refresh it. Prove every move.

01

No single person, device, or company holds the whole key. It takes independent approvals to move funds, so one stolen laptop or one bad insider is not enough on its own.

02

The pieces that grant approval can be refreshed so old material stops working. Once material goes stale, it is refused before any signature work begins, and the Bitcoin address never changes while that happens.

03

Every signing decision leaves evidence bound to the exact transaction, designed for independent verification. Conventional custody asks you to trust the operator's internal logs. Decern's record is built to be checked from the outside.

How it works

The layer that decides whether a signature should exist, and proves it.

Conventional custody asks you to trust the operator. Decern is built so the operator can prove what happened instead.

Split the control

Distribute the authority

No single person can move the coins. It takes a quorum of independent approvals to authorize a transaction, which removes the single points of failure that insider compromise and stolen credentials rely on.

Refresh and seal

Stale pieces go cold, stored pieces stay sealed

Refresh of signing authority is implemented and tested: once material goes stale it is refused before any signature work begins, and the Bitcoin address never changes. Stored custody key material is sealed at rest with hybrid post-quantum plus classical protection.

Prove every action

Evidence bound to the exact transaction

Every signing decision produces a tamper-evident record bound to the exact transaction, designed for independent replay verification. Conventional custody relies on internal logs. Decern's evidence is built to hold up from the outside.

What is live today

What runs now, what is built, what comes next.

We keep these three lists separate on purpose. A capability appears in the first column only when it is running in the public demo.

Running in the live demo now
  • Threshold signing: 2 of 3 independent approvals on Bitcoin signet.
  • Sealed custody key material: the active keyfile is a sealed envelope with hybrid post-quantum plus classical protection at rest. The prior plaintext keyfile is no longer in the active path.
  • Fail-closed key loading: if sealed material fails validation, the service refuses to load it. There is no fallback to weaker storage.
  • Real signet broadcasts, verifiable on any public explorer.
  • Post-quantum attestation evidence for signing decisions, bound to the signing event and designed for reviewer-side verification.
Implemented and tested, not yet in the public demo
  • Proactive refresh of signing authority. Refresh is implemented and tested; the current public demo runs a single-epoch signet flow.
  • Stale-material rejection across refresh epochs, refused before any signature computation starts.
Next
  • Additional signing-policy controls in the signing path.
  • Group address rotation design.
  • A migration path toward future post-quantum capable output types as asset networks adopt them.

Last updated July 5, 2026.

What it feels like

To you, it is just “send.”

When you move your digital assets, it feels normal. You enter the amount and the destination and confirm, and the recipient receives funds the way they always do. Underneath, in the moment between your confirmation and settlement, the authority to release the funds is split across independent approvals, stored key material stays sealed at rest, and no single party ever holds the whole key. Every signing decision leaves evidence bound to the exact transaction.

If someone later asks whether it was done correctly, you do not have to argue. You can prove it.

Why it is different

Conventional custody asks you to trust the operator. Decern lets you prove it.

Conventional custody

Trust the operator's logs

Authorization happens behind closed doors, and the evidence that it was done correctly lives in the operator's internal logs. Verifying it means trusting the company and its servers.

You trust the operator's word.

Decern

Evidence that stands on its own

Authority is split, custody controls are refreshed, and every signing decision produces a tamper-evident record bound to the exact transaction, designed for verification without needing PriviNet's servers or cooperation.

The evidence is built to hold up on its own.

Why it matters

The losses come from the control layer, not the chain.

The large losses in digital asset custody do not come from breaking the cryptography. They come from compromised keys and signing processes: stolen credentials, insider access, and operational failure.

Over $3.4 billion in digital assets was stolen in 2025, with losses concentrated in key and signing compromise: the control layer, not the blockchain itself. The Bybit incident of February 2025, a signing-process compromise, accounted for $1.5 billion on its own. Decern is built for exactly that failure point. It splits and refreshes the authority to sign, and it produces evidence for every signing decision.

Source: Chainalysis Crypto Crime Report.

On quantum

Where post-quantum preparation fits, honestly.

No one can make Bitcoin's on-chain signatures post-quantum today. That would require changes to Bitcoin itself, and Decern does not change Bitcoin. Anyone claiming quantum-resistant Bitcoin signatures right now is overclaiming, so we will not.

Decern works on the custody layer around signing: how key material is stored, refreshed, checked, and evidenced before a transaction is broadcast. Two protections are live in the demo:

  • Signing decisions carry post-quantum attestation evidence bound to the signing event, producing records designed for reviewer-side verification even while Bitcoin's own signatures remain classical.
  • Stored custody key material is sealed at rest under a hybrid scheme that combines a post-quantum key encapsulation mechanism with a classical one, so harvested copies of sealed key files are designed to be harder to decrypt later as cryptographic threats evolve.

Sealing protects stored key material at rest. It is not a claim about live host compromise, and it is not a claim about Bitcoin's on-chain cryptography.

We do not claim post-quantum Bitcoin signatures today, because no one can. That honesty is the point.

Beyond one chain

Built for digital assets, demonstrated on Bitcoin signet.

Decern is not designed as a single-chain wallet. The architecture separates a chain-independent control core from thin per-chain adapters that supply transaction formats. The patent filing describes application beyond Bitcoin.

The live public demo uses Bitcoin signet because it is public, verifiable, and safe for testing. Each additional network needs its own adapter, testing, and review before it should be described as live.

Where it stands

Honest about the stage.

Decern is a research prototype. It runs on Bitcoin signet only, has never held or moved real assets, and is not production custody. External cryptographic review is being arranged to run alongside the build. Patent pending: a U.S. provisional application was filed in June 2026, with additional filings in preparation.

We will not describe a capability as live until it is.

Common questions

For partners and investors.

Is Decern only for Bitcoin?+

No. Decern is a security control plane intended for digital asset signing across networks. The current public demo is Bitcoin signet only. Other networks require chain-specific adapters, testing, and review before they can be described as live.

What about quantum computers?+

Decern does not claim to make Bitcoin's on-chain signatures post-quantum. That would require network-level changes. What the live demo shows today is custody-layer post-quantum preparation: post-quantum attestation evidence for signing decisions, and stored custody key material sealed at rest under hybrid post-quantum plus classical protection.

What happens if one of the key pieces is stolen?+

One piece is not enough: signing requires a quorum of independent approvals. Authority refresh is implemented and tested, and once material goes stale it is refused before any signature work begins. The Bitcoin address stays stable throughout.

Is my Bitcoin locked up or moved when the control refreshes?+

No. The address stays unchanged and funds remain available. Only the internal authority pieces rotate.

Is Decern ready for real funds?+

No. Decern is a research prototype on Bitcoin signet with no real assets. External cryptographic review is being arranged, and real-funds use is out of scope until that review and further hardening are complete.

What does the live demo prove?+

Two kinds of things, and we keep them separate. Independently verifiable by you: real Bitcoin signet transactions on a public explorer, from a group address that stayed unchanged through our key-storage migration. Reported by the running service: sealed key material in the active path, health status, and refusal of unauthenticated signing attempts.

Why is the full design kept private?+

Patent pending. A U.S. provisional application was filed in June 2026 and additional filings are in preparation. The demo shows behavior and evidence; the mechanism details stay private until filings and review support publishing more.

Evaluate it under NDA.

We invite qualified investors, custodians, and infrastructure partners to request a founder briefing. Or watch the control structure sign a real transaction live, on Bitcoin signet, right now.