What is the most straight forward way to implement remote signing for flow when using HSM?
I operate nodes for Foundry.
Across all of our protocols we try attain the highest possible levels of security.
We typically use a HSM for remote signing where possible. This is most easily done with
tendermint protocols, but I am wondering if there is a way to do this with Flow?
Things I want to know:
- encryption algorithms used
- key migration process
- latency required for signing
- are the key types different across different types of nodes (e.g. do verification and collection nodes use different types of keys
Let me know what you all think, or if anyone has done this already.