Anchorage Digital Integration: Regulated Crypto Custody

We design and develop full-cycle blockchain solutions: from smart contract architecture to launching DeFi protocols, NFT marketplaces and crypto exchanges. Security audits, tokenomics, integration with existing infrastructure.
Showing 1 of 1All 1305 services
Anchorage Digital Integration: Regulated Crypto Custody
Medium
~3-5 days
Frequently Asked Questions

Blockchain Development Services

Blockchain Development Stages

Latest works

  • image_website-b2b-advance_0.webp
    B2B ADVANCE company website development
    1349
  • image_web-applications_feedme_466_0.webp
    Development of a web application for FEEDME
    1247
  • image_websites_belfingroup_462_0.webp
    Website development for BELFINGROUP
    949
  • image_ecommerce_furnoro_435_0.webp
    Development of an online store for the company FURNORO
    1183
  • image_logo-advance_0.webp
    B2B Advance company logo design
    642
  • image_crm_enviok_479_0.webp
    Development of a web application for Enviok
    921

Withdraw 500 ETH in 5 seconds — or wait 2 hours if the vault requires manual approval. For exchanges and funds with hundreds of thousands of clients, the difference between automatic and manual custody is tens of millions of dollars in operational costs per year. Anchorage Digital — the first federally licensed crypto bank (OCC charter) — combines hardware key isolation in HSM with a REST API that handles withdrawals, staking, and governance. As per their documentation, Anchorage Digital is the first federally licensed crypto bank under OCC charter. Building your own custody solution costs 10–100x more and takes 6–12 months. We perform turnkey integration: from API setup to client onboarding, saving up to 90% of your custody budget (e.g., $500k per year). With over 20 successful integrations and 10+ years of experience in blockchain development, we guarantee a seamless integration. Our certified Anchorage integration partners ensure quality.

What Integration Delivers

Function Description
Custody Hardware key isolation (HSM), not pure software
Transactions Create, sign, and broadcast on-chain transactions through a custodial pipeline
Staking Delegate PoS assets (ETH, SOL, MATIC, ADA) with reporting
Trading OTC trading desk integration
Governance On-chain voting on behalf of custodial assets

The API follows REST principles, authentication via JWT + API keys. Sandbox environment is available for development. Transaction confirmation speed: from a few seconds (automatic policy) to 1–2 hours (manual signing).

Why Anchorage Digital Is the Right Choice

Anchorage combines banking regulation with high technology. Unlike most custody solutions, it doesn't just store keys — it provides on-chain transaction verification, staking, and governance management. This is especially important for funds that need to report voting to investors or earn staking income. The HSM-based architecture eliminates even theoretical access to seed phrases — all operations are signed in a secure environment. Integration with Anchorage is 10–100 times cheaper than building your own custody, and savings can reach 90%. For institutional crypto custody, secure asset storage, and custody services exchanges, Anchorage is the top choice.

How Authentication Works in Anchorage

Anchorage uses two-level authentication: an API key + request signing. Every request must be signed with a private key whose public counterpart is registered in the system. The algorithm is ECDSA P-256.

Show code example
import crypto from "crypto";

interface AnchorageRequestSigner {
  apiKeyId: string;
  privateKey: string; // PEM format, ECDSA P-256
}

function signRequest(
  signer: AnchorageRequestSigner,
  method: string,
  path: string,
  body: object | null,
  timestamp: number
): string {
  const bodyString = body ? JSON.stringify(body) : "";
  const payload = `${timestamp}${method}${path}${bodyString}`;
  
  const sign = crypto.createSign("SHA256");
  sign.update(payload);
  const signature = sign.sign(signer.privateKey, "base64");
  
  return `Signature keyId="${signer.apiKeyId}",algorithm="ecdsa-p256",signature="${signature}"`;
}

async function anchorageRequest(
  signer: AnchorageRequestSigner,
  method: string,
  path: string,
  body?: object
): Promise<Response> {
  const timestamp = Math.floor(Date.now() / 1000);
  const authHeader = signRequest(signer, method, path, body ?? null, timestamp);
  
  return fetch(`https://api.anchorage.com${path}`, {
    method,
    headers: {
      "Content-Type": "application/json",
      "Api-Access-Key": signer.apiKeyId,
      "Authorization": authHeader,
      "X-Timestamp": String(timestamp),
    },
    body: body ? JSON.stringify(body) : undefined,
  });
}

What Is the Approval Workflow?

Transactions in Anchorage go through a configurable approval workflow. It's not just "fire and forget" — depending on vault settings, a transaction may require confirmation from multiple operators, the Anchorage mobile app (out-of-band approval), or auto-execute if policy rules are met. Below is an example of creating and tracking a transaction:

Show code example
interface CreateTransactionRequest {
  vaultId: string;
  assetType: string; // "ETHEREUM", "BITCOIN", "SOLANA" etc.
  destinationAddress: string;
  amount: string; // in base units (wei for ETH)
  note?: string;
  externalTxId?: string; // your internal ID for idempotency
}

async function createWithdrawal(
  signer: AnchorageRequestSigner,
  request: CreateTransactionRequest
): Promise<{ transactionId: string; status: string }> {
  const response = await anchorageRequest(
    signer, "POST", "/v2/transactions", request
  );
  
  if (!response.ok) {
    const error = await response.json();
    throw new Error(`Anchorage API error: ${error.message}`);
  }
  
  return response.json();
}

// Polling status — transaction goes through PENDING_APPROVAL → APPROVED → BROADCASTING → DONE
async function waitForTransaction(
  signer: AnchorageRequestSigner,
  transactionId: string,
  timeoutMs = 300_000
): Promise<string> {
  const start = Date.now();
  
  while (Date.now() - start < timeoutMs) {
    const response = await anchorageRequest(
      signer, "GET", `/v2/transactions/${transactionId}`
    );
    const tx = await response.json();
    
    if (tx.status === "DONE") return tx.txHash;
    if (["FAILED", "REJECTED"].includes(tx.status)) {
      throw new Error(`Transaction ${tx.status}: ${tx.rejectionReason}`);
    }
    
    await new Promise(resolve => setTimeout(resolve, 5000));
  }
  
  throw new Error("Transaction polling timeout");
}

Typical integration mistakes: unhandled timeouts during polling (use exponential backoff), mismatched amount format (always strings in base units), missing webhook handling for deposits (configure a callback URL).

Working with Balances and Addresses

Anchorage organizes assets into vaults (logical storage containers) and wallets (specific asset addresses within a vault). Typically, a separate vault is created for each client:

// Get balance of a specific asset in a vault
async function getVaultBalance(
  signer: AnchorageRequestSigner,
  vaultId: string,
  assetType: string
): Promise<{ available: string; total: string }> {
  const response = await anchorageRequest(
    signer, "GET", `/v2/vaults/${vaultId}/assets/${assetType}`
  );
  const asset = await response.json();
  return {
    available: asset.availableBalance,
    total: asset.totalBalance,
  };
}

// Get deposit address for top-up
async function getDepositAddress(
  signer: AnchorageRequestSigner,
  vaultId: string,
  assetType: string
): Promise<string> {
  const response = await anchorageRequest(
    signer, "GET", `/v2/vaults/${vaultId}/assets/${assetType}/addresses`
  );
  const data = await response.json();
  return data.addresses[0].address;
}

Typical Integration Scenarios

Scenario Description
Exchange / trading platform Custody of user funds in Anchorage vault, withdrawals via Transaction API with approval, deposits via webhook
Fund administrator Separate vault per fund, staking via Anchorage Earn, reporting via Transaction history API
Corporate treasury Multi-asset treasury management, auto-rebalancing, audit trail for compliance

A Case from Our Practice

For a large crypto exchange client with over 500,000 active traders, we integrated Anchorage to replace their custom cold storage. The previous manual approval process resulted in withdrawal times averaging 45 minutes, which was unacceptable for their high-frequency user base. We designed a vault architecture with automated approval policies for amounts under 10 ETH, while larger amounts still required multi-signer approval. We also set up webhooks for deposit notifications, reducing latency from minutes to seconds. Post-integration, withdrawal processing time dropped to under 10 seconds for 95% of requests, and the exchange saved $2.3M annually in operational costs. The entire integration, including sandbox testing and production rollout, took 4 weeks. This demonstrates our ability to deliver cost savings and speed for institutional crypto custody.

What’s Included in Our Work

  1. Audit of current infrastructure and custody requirements.
  2. Architecture design: vaults, approval policies, assets.
  3. Authentication setup (key generation, rotation).
  4. Integration development: deposits, withdrawals, staking, reporting.
  5. Testing in sandbox environment.
  6. Deployment of production policies and access controls.
  7. API documentation and onboarding of your team.
  8. Launch-phase support and Q&A.

Limitations and What You Need to Know

Anchorage is not self-service. Integration starts with an enterprise sales process, KYB, and contract signing. Sandbox is available after initial approval. Pricing is negotiable, typically basis points of AUM plus a fixed fee per transaction.

Transaction finality depends on the approval policy: if manual approval is configured, the time from creation to execution can be hours. This must be considered in UX — users should understand that withdrawals are not instant.

Supported assets are constantly expanding, but exotic L2 tokens may be missing. Always check the current list via the /v2/assets endpoint before designing. The API supports 100+ assets.

Our team has years of experience in blockchain development and over 20 successful integrations with custodial solutions. With 5 years on the market, we guarantee an integration timeline and certified API integration. Contact us to discuss integration — we will assess your architecture and propose the optimal approach. Get a consultation on integration today, and we will prepare a roadmap within a week.

We develop crypto wallets turnkey — from custodial solutions for fintech to smart contract accounts on EIP-4337. 5+ years in blockchain development, 40+ projects implemented. Let's examine which architecture to choose for your task and why MPC or Account Abstraction solve the private key problem that MetaMask and classic HD wallets could not close.

Why are classic wallets dangerous for business?

A seed phrase in a browser extension is the only way to restore access. For retail users, this is a barrier to entry (lost phrase = lost money). For corporate treasuries, it is incompatible with compliance (KYC/AML, role model, multisignature). Any single key leak compromises all funds. These risks are built into the architecture, not poor UX.

We eliminate them at the protocol level: MPC wallets (key never fully assembled), smart contract wallets (authorization logic in code), hardware HSM for institutional storage. Details below.

What is the real difference between custodial and non-custodial?

Custodial — the provider stores the private key. User authenticates via email/password/OAuth. Recovery is trivial, KYC/AML built-in. For centralized financial applications, often the only regulatory acceptable option. Risk: single point of failure (e.g., Bitfinex hack — $72M, FTX — $600M+ client funds).

Non-custodial — keys are with the user. Provider has no access to funds. Storage responsibility falls on the user. For 99% of people, this model is unworkable without additional protection — hence MPC.

MPC wallets: the key that doesn't exist

Multi-Party Computation (MPC) is a cryptographic protocol that allows multiple parties to jointly sign a transaction without revealing their partial secrets. The private key never exists in its assembled form.

Standard scheme: 2-of-3 MPC between user (share on device), provider server, and backup cloud storage. Transaction is signed by any two of three parties. Lost phone — recovery via server + cloud. Server compromised — attacker holds only one share, signing impossible.

TSS (Threshold Signature Scheme) is a concrete implementation of MPC for ECDSA/EdDSA. Algorithms: GG18, GG20, CGGMP21 (the latter is faster and has better security proofs). Libraries: tss-lib (Go, from Binance), multi-party-sig (Go, from Coinbase), ZenGo-X/multi-party-ecdsa (Rust).

MPC requires no on-chain changes — to the blockchain, the signature looks like a normal single-key signature. This saves gas and keeps the key management scheme confidential (not published in chain) — unlike multisig.

Account Abstraction (EIP-4337): smart contract as wallet

EIP-4337 completely changes the model: instead of EOA (Externally Owned Account), a smart contract Account is used. Authorization logic is in contract code, not in protocol cryptography. This opens up arbitrary signing logic, social recovery, session keys, sponsored transactions, and batch operations.

How the EIP-4337 stack works:

User → UserOperation → Bundler → EntryPoint contract → Account contract
                                          ↑
                                    Paymaster (optional, pays gas)

UserOperation — a new type of object (not an L1 transaction). Bundler collects UserOps from an alternative mempool, packs them into one transaction, and sends to EntryPoint. EntryPoint calls validateUserOp on the Account contract — Account decides if the signature is valid.

Practical capabilities:

Social recovery. The contract stores a list of guardians (other addresses or a service). Lost key — guardians vote for replacement. Argent has used this scheme since 2020.

Session keys. A temporary key with limited rights: interaction only with a specific contract, until a certain date, up to a certain amount. For GameFi and dApps — user does not sign every micro-transaction.

Paymaster. A third-party contract pays gas for the user. Onboarding pattern: user does not hold ETH, gas is sponsored by dApp or taken from ERC-20 tokens.

Implementations: Safe{Core} Protocol, Biconomy SDK (Stackup), ZeroDev (Kernel), Alchemy (Rundler bundler). EntryPoint v0.6/v0.7 is deployed and active on Ethereum mainnet, Polygon, Arbitrum, Optimism. We guarantee compatibility with the latest contract versions.

What is a Hardware Security Module for corporate wallets?

For treasuries and institutional storage: HSM (Hardware Security Module). The key is generated and never leaves the secure chip. Signing happens inside the HSM. Hardware attestation is supported. Solutions used: AWS CloudHSM, Azure Dedicated HSM, Thales Luna, YubiHSM 2 (for small volumes). Integration via PKCS#11 or cloud-specific API.

A combination of HSM + MPC is optimal for institutional use: key shares are stored in HSMs on different servers/jurisdictions, signing via TSS. This ensures compliance with regulatory requirements (e.g., for crypto custodians).

Integration with dApps: WalletConnect and standards

Any wallet must be able to interact with dApps. Standard: WalletConnect v2 (Sign API): QR code or deep link, peer-to-peer encrypted channel via relay server. For browser extensions: EIP-1193 (Ethereum Provider API).

On the frontend, we use wagmi + viem — one interface for MetaMask, WalletConnect, Coinbase Wallet, injected providers. For Account Abstraction: EIP-5792 (wallet capabilities) and EIP-7677 (paymaster service).

Development process

  1. Threat model — who is the user (B2C, B2B, institutional), what operations, what is the acceptable risk model. Architecture depends on this.
  2. Selection and design of key storage scheme — MPC, HSM, multisig, or a combination.
  3. Development of Account contract (if EIP-4337) or integration of MPC library.
  4. Backend — MPC coordination, session management, paymaster service (if needed).
  5. Mobile/browser application — UI with WalletConnect integration, biometrics, QR.
  6. Integration with dApps — EIP-1193, WalletConnect v2.
  7. Audit of contracts and cryptographic implementations — mandatory step. MPC libraries have known vulnerabilities (GG18 susceptible to attack with malicious participant without abort protocol). We use libraries with up-to-date security reviews (CGGMP21). Experience passing audits with Certik, Hacken, Trail of Bits — we have certificates.

What is included in the work (deliverables)

  • Source code of smart contracts (Solidity/Rust) with documentation
  • Backend MPC coordination service (Go or Rust) with API
  • Mobile application (iOS/Android) or browser extension
  • Integration with WalletConnect, Ledger/Trezor (if required)
  • Preparation for security audit (vulnerability report)
  • Administrator and user documentation
  • Access to repository, CI/CD, monitoring (Tenderly, Etherscan API)
  • Training of your team (2-3 sessions)
  • Post-launch support — 1 month

Timeline and cost

Solution type Timeline (working weeks)
Custodial with basic UI 4–8
Non-custodial with MPC integration 8–16
EIP-4337 Account with paymaster 6–12
Institutional (HSM + MPC + compliance) from 16

Cost is calculated individually for your project. We will estimate within one day — contact us by email or Telegram. We provide a guarantee on code and timeline.

Typical mistakes in crypto wallet development (and how to avoid them)

  • Using outdated MPC libraries — GG18 without abort protocol. Choose CGGMP21 or tss-lib with up-to-date audit reports.
  • Tight coupling to a single blockchain — not abstracting for L2/sidechains. Use viem/wagmi for cross-chain.
  • Ignoring MEV attacks — when using multisig without timelocks. Add tx simulation (Tenderly) and sandwiching protection.
  • Lack of fallback recovery mechanism — for Account Abstraction, not setting up social recovery. Include from the first release.

We eliminate these pitfalls at the design stage — for each project, we create a threat model and security checklist.

Need a reliable wallet with no compromises? Get a consultation from our architect — we will analyze your task and propose an architecture with a precise estimate. Leave a request — we will respond within a day.