# Hierarchical Signatures

> Multi-party approval workflows enforced cryptographically. Approval hierarchies (CFO must sign, quorum of board members required) are encoded in policy and enforced by mathematics, not procedure.

## The Problem with Procedural Approval

Conventional multi-party approval relies on procedural enforcement — a workflow tool, a checklist, a four-eyes process. It can be bypassed by anyone with sufficient privilege, social-engineered, or ignored under operational pressure.

## The Cryptographic Solution

Phantom Secrets™ encodes the approval policy directly into the threshold reconstruction conditions. The signing key cannot be reconstructed unless the required parties have produced the required signatures, in the required order, within the required context. The approval is not a control on the key — it is a precondition for the key to exist.

## Example Policies

- Treasury transfers above a threshold require CFO + COO co-signature
- Production deployment requires quorum of 3 of 5 SREs plus security team approval
- Board-level decisions require quorum of board members within a defined window
- Custody transfers require client approval, compliance approval, and operations approval

## Properties

- Approval workflows are tamper-evident by construction
- Bypass is mathematically impossible, not procedurally discouraged
- Audit evidence is cryptographic, not log-based

## Related

- Phantom Secrets™: /api/md/products/phantom-secrets
- Banking and Finance solution: /api/md/solutions/banking-finance
- Enterprise Security solution: /api/md/solutions/enterprise-security