Tendermint Key Management System (KMS) , a.k.a. tmkms
, is a signature service with support for Hardware Security Modules (HSMs), such as YubiHSM2. It’s intended to be run alongside Cosmos Validators, ideally on separate physical hosts, providing defense-in-depth for online validator signing keys, double signing protection, and functioning as a central signing service that can be used when operating multiple validators in several Cosmos Zones.
We’ve just released v0.10 with initial support for the forthcoming Stargate upgrade along with other Tendermint v0.34 chains. It retains full backwards compatibility with older Tendermint chains. We are presently running this release in production at iqlusion.
You can view the full release notes along with upgrade instructions for Stargate here:
One important note is the Ledger application for Tendermint consensus signing (which is separate from and not related to the Cosmos wallet application) has not yet been updated to support the new message formats used by Stargate. Please see this tracking issue if you are interested in Ledger support.