Tendermint Key Management System (KMS) , a.k.a. tmkms
, is a consensus signature service with support for Hardware Security Modules (HSMs), such as YubiHSM2 . It’s intended to be run alongside Cosmos Validators, ideally on separate physical hosts, providing defense-in-depth for online validator signing keys, double signing protection, and functioning as a central signing service that can be used when operating multiple validators in several Cosmos Zones.
We’ve just released v0.13: a maintenance/bugfix release with upgraded dependencies that adds support for secp256k1 consensus keys and also drops support for legacy Amino-related functionality. We are currently running this release in production at iqlusion.
Full changelog here: v0.13.0 by tony-iqlusion · Pull Request #796 · iqlusioninc/tmkms · GitHub