Azure confidential containers

Policy Nodes can now run in Azure ACI Confidential Containers with private DNS, internal NATS load balancing, and ARM template deployment, providing hardware-backed isolation for policy evaluation.

Reliability

An in-memory LRU cache prevents duplicate processing of the same transaction event, reducing redundant work during high-throughput periods.

Deployment

Azure customer deployments support customizable Terraform variable overrides. Container image population uses the linux/amd64 platform explicitly, ensuring consistent builds across host architectures.

Canton CIP-56 tokens

Canton CIP-56 utility tokens can now be registered, expanding the supported Canton asset types beyond standard Amulet holdings.

Observability and reliability

Wallet and Policy Node log levels are configurable through the deployment configuration file. Policy Node software is upgraded to v8.24.9.

Solana

Solana SPL token amounts display correctly in the Cold Wallet interface.

Policy Engine V2 restrictions

Transaction and configuration restriction management is available through new dedicated tabs in the policy UI (behind a feature flag). Operators can add, edit, and delete restrictions for both transaction and configuration policies, with column layout selection and browser-persisted preferences.

Canton on Azure

Canton is now configurable for Azure customer environments, enabling Canton-based workflows on Azure infrastructure alongside existing AWS deployments.

Polkadot chain migration

Westend and Polkadot mainnet chain references migrate to Asset Hub variants (assethub-westend, assethub-polkadot), aligning with the Polkadot ecosystem's relay-to-parachain transition.

Solana improvements

SPL token activity is polled independently from main address history, improving indexing reliability. Fixes address SPL token registration, cold-wallet batch signing for multiple Solana transactions from a single account, and correct SPL filtering behavior. Staking and unstaking operations use CAIP-19 asset identifiers.

Icons and UI

Asset icons use CAIP-19 identifiers across the application for consistent display. Accounts page load time is improved, and transfer-fund dialogs render icons correctly from all entry points.

Policy Nodes and transfer policies

Policy Node software is upgraded to v8.24.0. Transfer requests include the protocol field. A fix prevents transactions from remaining stuck when a policy blocks them, and the v1 transfer policy destination-type selector renders internal and external inputs correctly.

Security and infrastructure

gRPC and DeepDiff dependencies are patched to address reported vulnerabilities. The configurator supports raw key/value secret storage for AWS Secrets Manager and Azure Key Vault, and ECS configuration generation works with multi-account deployments.

WalletConnect and custodial endpoints

The wallet frontend uses dedicated custodial wallet provider endpoints for WalletConnect pairing, disconnect, and session listing, aligning browser traffic with the supported API surface.

Solana indexing

SPL token activity is indexed by polling associated token accounts on a regular cycle, improving visibility of token movements for Solana wallets.

Canton and audit

Audit log entries carry richer context, including fee rate on transaction detail where applicable and the set of users who approved or rejected an operation.

Policy Nodes and reliability

Policy Node software is upgraded to v8.23.5. The Policy Node listener surfaces errors to callers instead of failing silently, improving diagnosability of integration issues.

Canton and assets

Canton utility tokens can be activated using only the instrument identifier. ERC-20 “check transfer” style restrictions are deprecated in favor of updated policy flows. Solana cold-account asset selection hides SPL tokens until backend support is available, and Solana transaction indexing covers additional operation types.

Audit log

Audit logging moves onto shared domain models with a refactored list experience, improving consistency and query behavior for compliance and operations teams.

Self-hosted AWS

Flat configuration file parsing is available for AWS on-premises installs, alongside existing configuration patterns.

Chains and staking

Unstaking is blocked when a validator has not been active long enough, and Solana transfers respect minimum lamport retention after potential fees.

Batches, APIs, and settings

Transaction batch creation runs asynchronously for better responsiveness. Raw transfer flows map to the correct operation type for Policy Node callbacks. Unused fields are removed from legacy transfer APIs.

Operations and wallet API

Operations are modeled with clearer domain objects, subject-based tracking, and a dedicated cancel path so long-running flows can be revoked from the wallet. Related APIs and UI now surface operation types and status more consistently, including user-initiated cancellation where policies allow.

Solana: nonce accounts and cold workflows

The platform indexes Solana create_account flows used for durable nonce setup, and the wallet UI supports adding Solana to cold accounts with nonce accounts, payer selection, and policy-aware confirmation. Fee and nonce handling improvements reduce edge-case failures when creating nonce accounts or adjusting fees interactively.

AWS self-hosted deployment

Load balancer and certificate concerns move into long-lived infrastructure, and more of that stack is importable for repeatable Terraform-based installs. Flat configuration file parsing is supported for AWS on-premises deployments alongside existing patterns.

Access, groups, and governance

Users can belong to multiple groups, with validation aligned between the UI and Policy Nodes for names and identifiers. Administrative authorization for selected custodial wallet provider endpoints is tightened, and staking reporting uses an updated API revision.

Reliability, streaming, and Policy Nodes

Event streaming includes a liveness check; WalletConnect idle-aware health behavior from recent maintenance releases is included. Policy Node software is upgraded (v8.23.2) with logging adjustments so notification delivery issues do not fail underlying operations.

Extended Blockchain Protocol Support

Solana integration now includes full SPL token support for broader token management and DeFi operations, with consistent security and policy controls.

Canton Gateway Signer

Added Canton Gateway Signer driver to support transaction signing through Canton Gateway.

Cancellable pending transactions

Users can now cancel transactions while they’re still pending approval.

Frontend hosted on Cloudflare workers

The Institutional Vault frontend is now hostable on Cloudflare Workers with performance optimizations for faster delivery.

Extended Blockchain Protocol Support

Added native support for Canton Network and Base chain, expanding the wallet's blockchain compatibility to include enterprise-grade distributed ledger technology and Coinbase's Layer 2 solution.

Bring Your Own Identity Provider (BYOIDP)

Standardized authentication framework based on OpenID Connect (OIDC) protocol, enabling customers to integrate their existing enterprise Identity Providers for user authentication to the Institutional Vault UI. This implementation supports major providers including Microsoft Azure Entra ID, Okta, and any OIDC-compliant identity platform, allowing organizations to maintain centralized user management, enforce existing security policies, and leverage established authentication workflows without requiring migration to a proprietary identity system.

API v2 Enhancements

Extended the v2 API to support direct smart contract deployment through the Transfer API, streamlining complex contract interaction workflows. Added explicit transaction nonce and gas parameter controls to enable Replace-By-Fee (RBF) scenarios, providing institutions with precise control over transaction prioritization and fee optimization strategies during network congestion.

ClientSDK Code Generation

Introduced OpenAPI specification-based code generation for client SDKs across TypeScript, Java, Go, Python, and C#. This standardized approach ensures type-safe API integration, reduces integration complexity, and accelerates development cycles by providing native library support for all major enterprise programming languages.

MPA Horizontal Scalability

Implemented horizontal scaling capabilities for Multi-Party Authorization (MPA) nodes. This distributed architecture enhances system throughput, provides fault tolerance through node redundancy, and ensures consistent performance under high-load conditions for mission-critical operations.

AWS RDS IAM Authentication

Enhanced database security through AWS RDS IAM authentication with automatic token rotation, eliminating static credential storage and reducing credential compromise risks. This implementation maintains backward compatibility with existing deployments while providing a seamless migration path to identity-based access control for database connections.

Cold Wallet MPC Node Separation

Implemented architectural improvements that physically separate MPC nodes from the cold wallet infrastructure. This enhanced security design provides improved isolation between components, reducing the attack surface and enabling more granular risk management controls for high-security deployments.

Private EVM Chain Support

Extended blockchain compatibility to include support for private Ethereum Virtual Machine (EVM) chains. This enables institutions to deploy and operate the wallet on custom, permissioned blockchain networks while maintaining full feature parity with public chain support.

Smart Contract Execution via Transfer API

Enhanced the Transfer API to support direct smart contract execution capabilities. This extension enables complex transaction workflows including contract interactions, multi-step operations, and advanced DeFi integrations while maintaining the security and policy controls of the wallet infrastructure.

Asset Pricing API Integration

Integrated real-time asset pricing data through the Blockdaemon Asset Pricing API. This integration provides accurate, up-to-date market valuations for portfolio assets, enabling precise financial reporting, risk assessment, and investment decision-making based on current market conditions.

ERC-1404 & ERC-3643 Token Support

Added comprehensive support for regulated security token standards including ERC-1404 and ERC-3643. This enables compliant handling of real-world asset (RWA) tokens with built-in transfer restriction evaluation to ensure all token movements adhere to regulatory requirements and issuer-defined rules.

WalletConnect v2

Integrated WalletConnect v2 protocol to enable seamless connectivity with decentralized applications (DApps). This implementation includes full session management capabilities, allowing users to securely interact with the Web3 ecosystem while maintaining institutional-grade security controls.

Event Streams

Implemented real-time blockchain event streaming infrastructure for continuous transaction monitoring and notifications. This system provides instant updates on blockchain activities, enabling proactive monitoring and rapid response to on-chain events.

Transaction Risk Assessment

Deployed an integrated compliance and risk assessment framework that evaluates transactions before execution. This system analyzes multiple risk factors and compliance requirements to provide automated transaction screening and decision support.