PRIVATE.ME PLATFORM

xDeed: Real-World Asset Tokenization Custody

Threshold custody for tokenized real-world assets. Signing keys for real estate, commodities, and securities tokens are Double XorIDA-split across independent custodians.

Financial COMING SOON XorIDA Powered

Section 01B

Developer Experience

Integration is transparent to application logic. Protected asset operations export the same interface as unprotected code.

Setup Integration

Developers configure threshold custody arrangements via CLI or programmatic API. The system automatically handles XorIDA splitting, share distribution, and custodian coordination.

Creating custody arrangements

import { createDeedCustodyManager } from '@private.me/xdeed';

// Initialize custody manager
const manager = createDeedCustodyManager();

// Store deed with 2-of-3 threshold custody
const result = await manager.storeDeed(propertyDeed, 2, 3, {
  custodians: ['did:key:alice', 'did:key:bob', 'did:key:charlie'],
  enableMPC: true,
  doubleXorida: true
});

Runtime Behavior

From the application's perspective, threshold signing works identically to single-key signing. The SDK handles custodian coordination, share fetching, threshold reconstruction, and signing automatically.

Application code unchanged

// Sign transfer transaction
const result = await manager.signTransfer(deedId, transfer, signers);

// Under the hood (2-of-3 threshold):
// 1. Retrieve 2 shares from custodians
// 2. HMAC verification on each share (~25µs per share)
// 3. Double XorIDA reconstruction (~1ms)
// 4. Sign transaction with reconstructed key
// 5. Memory purge (~20µs)
// Total: ~5ms (network-bound)

Zero refactoring required

Existing codebases require no architectural changes. Protected custody operations maintain the same type signatures, return values, and error handling. Tests run unchanged. The only difference is custody configuration and custodian credentials.

Section 01C

Fast Onboarding: 3 Acceleration Levels

Traditional asset tokenization custody requires manual custodian setup, share distribution configuration, and threshold policy definition. Xdeed collapses this to 15 seconds with zero-click accept, 90 seconds with one-line CLI, and 10 minutes with deploy buttons.

Level 1: Zero-Click Accept

15 seconds — Auto-accept invite from env var. No manual DID setup, no custodian network config.

Node.js/Deno/Bun

// .env file
XDEED_INVITE_CODE=XDEED-abc123

// Auto-accept on first use
import { createDeedCustodyManager } from '@private.me/xdeed';

const manager = createDeedCustodyManager();
const result = await manager.storeDeed(deed, 2, 3, {
  custodians: custodianDIDs,
  doubleXorida: true
});
// ✅ Invite auto-accepted, ready for custody

Level 2: One-Line CLI

90 seconds — Generates custodian DIDs, saves to .env, creates first custody arrangement.

CLI

# Install and initialize
npx @private.me/xdeed init

# Output:
# ✅ Custodian DIDs generated
# ✅ Saved to .env
# ✅ Custodian network configured
# Ready to create custody arrangements

# Create first custody
npx @private.me/xdeed custody \
  --asset property-deed-001 \
  --custodians alice,bob,charlie \
  --threshold 2-of-3

Level 3: Deploy Button

10 minutes — One-click deploys custodian network + share storage to Vercel/Netlify/Railway.

INCLUDED

✓ Custodian network (threshold signing)
✓ Share storage (AES-256-GCM)
✓ Asset registry dashboard
✓ Transfer audit trail

Example: Zero-Click Accept

Set invite code in environment, create custody arrangement on first use. No manual setup required.

Zero-Click Accept Example

// 1. Set environment variable
// .env file:
XDEED_INVITE_CODE=https://xdeed.private.me/invite/XDEED-abc123

// 2. Create custody arrangement (auto-accepts invite)
import { createDeedCustodyManager } from '@private.me/xdeed';

const deed = {
  id: 'deed-001',
  propertyId: 'prop-12345',
  owner: 'did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK',
  legalDescription: 'Lot 42, Block 7, Springfield Estates',
  tokenAddress: '0x1234567890abcdef',
  metadata: {
    address: '742 Evergreen Terrace, Springfield',
    propertyType: 'residential',
    assessedValue: 50000000,
    currency: 'USD'
  }
};

const custodians = [
  'did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK',
  'did:key:z6MkqRYqQiSgvZQdnBytw86Qbs2ZWUkGv22od935YF4s8M7V',
  'did:key:z6Mks8mvCnVx4HQcoq7ZwvpTbMnoRGudHSiEpXhMf6VW8XMg'
];

const manager = createDeedCustodyManager();
const result = await manager.storeDeed(deed, 2, 3, {
  custodians,
  doubleXorida: true,
  onProgress: (percent, msg) => console.log(`[${percent}%]`, msg)
});

if (result.ok) {
  console.log('✅ Deed custody established');
  console.log('✅ Shares distributed to custodians');
  console.log('✅ Custody metadata encrypted');
}

// What happened:
// 1. Invite auto-accepted from XDEED_INVITE_CODE env var
// 2. Custodian DIDs generated and saved to .env
// 3. Signing key split via Double XorIDA (2-of-3)
// 4. Shares distributed to custodians
// 5. Custody metadata encrypted with AES-256-GCM
// Total time: ~15 seconds

Example: CLI Setup

One command generates custodian DIDs, saves credentials, and creates your first custody arrangement.

CLI Example

# Step 1: Install CLI globally
npm install -g @private.me/xdeed

# Step 2: Initialize (generates custodian DIDs, saves to .env)
xdeed init

# Output:
# Generating custodian DIDs...
# ✅ Custodian A DID: did:key:z6Mk...
# ✅ Custodian B DID: did:key:z6Mk...
# ✅ Custodian C DID: did:key:z6Mk...
# ✅ Saved to .env
# ✅ Custodian network configured: https://xdeed.private.me
# Ready to create custody arrangements

# Step 3: Create first custody arrangement
xdeed custody \
  --asset property-deed-001 \
  --custodians alice,bob,charlie \
  --threshold 2-of-3 \
  --double-xorida

# Output:
# ✅ Signing key split (2-of-3)
# ✅ Shares distributed to custodians
# ✅ Custody metadata encrypted
# ✅ Ready to sign: xdeed sign --asset property-deed-001

Viral Growth Mechanics

Fast onboarding drives network effects. Invite codes auto-provision custodian infrastructure (network + storage). Each new custodian reduces setup time for next asset. 3-custodian network created in 15s enables instant custody for 100+ subsequent assets.

Section 01

The Problem

Real-world asset tokenization is projected to reach $16 trillion by 2030, but custody of signing keys for asset tokens remains a single point of failure.

A single custodian holding the signing keys for tokenized assets can be compromised, coerced, or act maliciously. The assets at stake — real estate deeds, commodity certificates, securities — are worth billions.

Traditional multisig provides some protection, but each signer still holds a complete key share that can be individually targeted. Information-theoretic threshold custody eliminates this weakness.

The Old Way

Section 02

The PRIVATE.ME Solution

xDeed uses Double XorIDA to split asset signing keys across independent custodians with fault tolerance. No single custodian holds enough information to sign a transaction.

Signing keys are Double XorIDA-split: pass 1 creates K-of-N security shares, pass 2 adds erasure coding for fault tolerance. Custodians are geographically and jurisdictionally distributed.

Transaction signing requires threshold reconstruction via xLock push-auth. Each custodian verifies the transaction independently before releasing their share. HMAC-chained audit logs record every custody event.

The New Way

Section 03

How It Works

xDeed combines Double XorIDA split custody with threshold authorization and xKey cryptographic key management for tokenized asset protection.

Key Security Properties

Double XorIDA provides both security (K-of-N threshold) and fault tolerance (erasure coding). Custodians can fail without losing the key. No single custodian can sign transactions.

Section 04

Use Cases

🏠

Real Estate

Property Token Custody

Split signing keys for tokenized real estate across independent custodians.

Real Estate

💰

Commodities

Commodity Token Keys

Threshold custody for tokenized gold, oil, and agricultural commodity certificates.

Commodities

📈

Securities

Security Token Custody

Institutional-grade custody for tokenized equities and bonds.

Securities

🔒

Custody

Fault-Tolerant Keys

Double XorIDA ensures key survivability even if custodians go offline.

Resilience

Section 05

Integration

Quick Start

import { AssetCustody } from '@private.me/xdeed';

const custody = await AssetCustody.create({
  assetId: 'property-deed-0x1234',
  custodians: [custA, custB, custC, custD, custE],
  threshold: { k: 3, n: 5 },
  doubleXorida: true
});

AssetCustody.create(opts): Promise<Result<AssetCustody, CustodyError>>

Creates a Double XorIDA custody arrangement for tokenized asset signing keys with threshold authorization.

Section 06

Security Properties

Property	Mechanism	Guarantee
Key protection	Double XorIDA	✓ Security + fault tolerance
Signing	Threshold reconstruction	✓ K-of-N required
Authorization	xLock push-auth	✓ Per-custodian approval
Audit	HMAC-chained log	✓ Tamper-evident custody

$16T

RWA by 2030

Double

XorIDA

K-of-N

Threshold

VERIFIED BY XPROVE

Verifiable Data Protection

Every operation in this ACI produces a verifiable audit trail via xProve. HMAC-chained integrity proofs let auditors confirm that data was split, stored, and reconstructed correctly — without accessing the data itself.

XPROVE AUDIT TRAIL

Every XorIDA split generates HMAC-SHA256 integrity tags. xProve chains these into a tamper-evident audit trail that proves data was handled correctly at every step. Upgrade to zero-knowledge proofs when regulators or counterparties need public verification.

Read the xProve white paper →

GET STARTED

Ready to deploy xDeed?

Talk to Ren, our AI sales engineer, or book a live demo with our team.

Book a Demo

VERIFIABLE WITHOUT CODE EXPOSURE

Ship Proofs, Not Source

xDeed generates cryptographic proofs of correct execution without exposing proprietary algorithms. Verify integrity using zero-knowledge proofs — no source code required.

XPROVE CRYPTOGRAPHIC PROOF

Download proofs:

Tier 1 HMAC (~0.7KB)
Tier 2 Commit-Reveal (~0.5KB)
Tier 3 IT-MAC (~0.3KB)
Tier 4 KKW ZK (~0.4KB)

Verify proofs online →

Use Cases

🏛️

REGULATORY

FDA / SEC Submissions

Prove algorithm correctness for distributed systems without exposing trade secrets or IP.

Zero IP Exposure

🏦

FINANCIAL

Audit Without Access

External auditors verify secure operations without accessing source code or production systems.

FINRA / SOX Compliant

🛡️

DEFENSE

Classified Verification

Security clearance holders verify distributed systems correctness without clearance for source code.

CMMC / NIST Ready

🏢

ENTERPRISE

Procurement Due Diligence

Prove security + correctness during RFP evaluation without NDA or code escrow.

No NDA Required

Deployment Options

🌐

SaaS Recommended

Fully managed infrastructure. Call our REST API, we handle scaling, updates, and operations.

Zero infrastructure setup
Automatic updates
99.9% uptime SLA
Enterprise SLA available

View Pricing →

📦

SDK Integration

Embed directly in your application. Runs in your codebase with full programmatic control.

npm install @private.me/xdeed
TypeScript/JavaScript SDK
Full source access
Enterprise support available

Get Started →

🏢

On-Premise Upon Request

Enterprise CLI for compliance, air-gap, or data residency requirements.

Complete data sovereignty
Air-gap capable deployment
Custom SLA + dedicated support
Professional services included

Request Quote →

Enterprise On-Premise Deployment

While xDeed is primarily delivered as SaaS or SDK, we build dedicated on-premise infrastructure for customers with:

Regulatory mandates — HIPAA, SOX, FedRAMP, CMMC requiring self-hosted processing
Air-gapped environments — SCIF, classified networks, offline operations
Data residency requirements — EU GDPR, China data laws, government mandates
Custom integration needs — Embed in proprietary platforms, specialized workflows

Includes: Enterprise CLI, Docker/Kubernetes orchestration, RBAC, audit logging, and dedicated support.

Contact sales for assessment and pricing →