Frequently Asked Questions

Signing Authority & Custody

Who controls the signing process?

You do. Carabaas provides cryptographic infrastructure only — it cannot independently authorize, execute, or block transactions. Signing authority rests entirely with the merchant through governance policies and the merchant's own cosigner. Carabaas acts as an ICT infrastructure provider, not a custodian.

Does Carabaas ever have access to a complete private key?

No. A complete private key is never instantiated — not in memory, not on disk, not in transit — at any stage of the lifecycle. This is a mathematical property of the MPC protocol, not a policy control. No individual, system, or vendor component can reconstruct or export a complete key.

How is this different from traditional custody?

In traditional custody, a third party holds your keys. Here, you retain full signing authority. Carabaas participates with one mathematical share in a 2-of-2 threshold scheme — this share cannot produce a signature or move assets. You control the governance, approval policies, and transaction authorization.

Exit & Recovery

What if Carabaas goes offline or ceases operations?

Two independent recovery mechanisms ensure you are never locked in:

Per-vault recovery (all plans): Request export of a specific vault's MPC share, encrypted with your public credential, with a 24-hour security delay.
Full seed backup (enterprise): An encrypted backup held by a third-party escrow — you hold the decryption key and can recover all vaults without any cooperation from Carabaas.

How long does exit/migration take?

Per-vault ejection: 24 hours (security delay) plus ~1 hour technical
Full seed recovery via escrow: 1–5 business days (escrow process) plus ~1 hour technical
Full migration to a new provider: 1–2 weeks including testing

Can I test the exit process before I need it?

Yes. Annual exit drills are recommended for enterprise merchants. Carabaas provides a test environment with representative key material and supports your team through the drill.

Operations

What happens if one cosigner goes offline?

The 2-of-2 threshold requires both cosigners for signing. If one goes offline, transaction signing pauses until both are operational. Vault creation and address generation are also paused. Balance tracking and deposit detection continue independently.

How long does a transaction take?

MPC signing takes a few seconds. Add approval time if quorum is configured. Then blockchain confirmation:

Network	Confirmation Time
Bitcoin	~10 minutes
Ethereum	~12 seconds
Polygon	~2 seconds
Solana	~400 ms

If the source address has insufficient funds, the platform waits up to 72 hours for the balance to be replenished before cancelling.

Can I use one vault for multiple blockchains?

Yes. A single vault can manage addresses across all 60+ supported networks. Use @eth-like to generate one address that works across all EVM chains.

Security & Compliance

What happens if the cosigner's server is physically compromised?

In production, the cosigner runs inside an AWS Nitro Enclave — a hardware-isolated VM whose memory is inaccessible to the host OS, cloud operator, or Carabaas personnel. Even with full root access to the host, an attacker gains zero key material. All secrets on disk are encrypted with multiple independent layers (AES-256-GCM + KMS + Argon2id).

What regulatory frameworks does this model align with?

EU MiCA (Article 75 — custody safeguarding), DORA (Articles 28–30 — ICT third-party risk and exit planning), EBA outsourcing guidelines, and U.S. state custody expectations. The merchant remains the regulated entity; Carabaas is classified as an ICT infrastructure provider.

Is there an audit trail?

Yes. All key lifecycle events, signing operations, access control changes, and API calls are recorded as structured JSON logs. Sensitive data (keys, passwords, mnemonics) is never included in log output. Audit logs are retained for a minimum of 5 years.

Pricing & Limits

What are the transaction fees?

Blockchain network fees are passed through at cost. Platform fees vary by volume — contact sales for details.

Is there a minimum balance requirement?

No minimum balance required, but ensure sufficient funds for network fees on each chain you use.

What are the API rate limits?

Standard: 100 requests/minute. Burst: 1,000 requests/hour. Rate limit info is returned in response headers.

Signing Authority & Custody​

Who controls the signing process?​

Does Carabaas ever have access to a complete private key?​

How is this different from traditional custody?​

Exit & Recovery​

What if Carabaas goes offline or ceases operations?​

How long does exit/migration take?​

Can I test the exit process before I need it?​

Operations​

What happens if one cosigner goes offline?​

How long does a transaction take?​

Can I use one vault for multiple blockchains?​

Security & Compliance​

What happens if the cosigner's server is physically compromised?​

What regulatory frameworks does this model align with?​

Is there an audit trail?​

Pricing & Limits​

What are the transaction fees?​

Is there a minimum balance requirement?​

What are the API rate limits?​