# Phantom Secrets™

> The core zero-custody key protocol. Private keys are never stored. They are reconstructed on demand from threshold shares inside a hardware security module (HSM or secure element), used for a single cryptographic operation, then destroyed.

## What It Is

Phantom Secrets™ is the cryptographic protocol that implements Zero Standing Secrets (ZSS) — the architectural principle that no private key exists at rest at any point in time. It composes threshold cryptography, hardware-bound reconstruction, a policy engine, and an ephemeral key lifecycle into a single deployable runtime.

## How It Works

1. The private key is split into N threshold shares; M of N are required to reconstruct it.
2. When a cryptographic operation is requested, the policy engine checks identity, context, and quorum conditions.
3. If satisfied, the shares are combined inside a certified HSM or secure element. The reconstructed key never crosses the hardware boundary.
4. The key performs a single cryptographic operation (sign, decrypt, authenticate).
5. The key is destroyed before the hardware boundary is exited. No persistence.

## Compatibility

Compatible with any key type — ECC, RSA, AES, Bitcoin secp256k1, Ethereum, Ed25519, and others — and algorithm-agile so post-quantum primitives can be substituted without redesign. Drops into existing wallet, custody, and HSM workflows without a full architectural rebuild.

## Key Properties

- No stored private key, anywhere, ever
- Reconstruction is conditional on identity + policy + context
- Reconstruction occurs only inside certified hardware
- Single-operation lifecycle with immediate destruction
- No escrow, no recovery key, no administrative override

## Related

- Architecture: /api/md/architecture
- Toughkey HSM: /api/md/products/toughkey
- Quantum resistance: /api/md/features/quantum-resistance
- Zero stored private keys: /api/md/features/private-keys