DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

The terminal disclaimer filed on 11/16/2021 disclaiming the terminal portion of any patent granted on this application which would extend beyond the expiration date of US Patent Number 11100497 has been reviewed and is accepted.  The terminal disclaimer has been recorded.

EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given by Deborah Ku (Registration No 75,672), during a communication on November 16, 2021.

The claims have been amended as follows:
21.	(Currently Amended) A method comprising:
receiving, by a hardware security module of a cryptoasset custodial system, a requested operation description including data describing a cryptoasset transaction and an organization that owns a cryptoasset;

determining, by the hardware security module, that an endorsement of the cryptoasset transaction has been received from a plurality of endorser user devices corresponding to a plurality of endorsers in satisfaction of a quorum specified by the policy map, the plurality of endorsers different from the at least one reviewing entity;
responsive to the determination that the endorsement has been received, transmitting, by a server computer of the cryptoasset custodial system and to a computing device of the at least one reviewing entity, an approval request for the cryptoasset transaction;
authenticating, by a risk analysis module of the cryptoasset custodial system, the at least one reviewing entity based on a hardware security token security key originated from the computing device of the at least one reviewing entity, the hardware security token security key associated with a hardware security token of the at least one reviewing entity and indicating an approval of the cryptoasset transaction in accordance with risk parameters defined in the policy map;
responsive to the authentication of the at least one reviewing entity, signing, by the hardware security module, the cryptoasset transaction using a cryptographic key stored in the hardware security module, the cryptographic key being a private key of an asymmetric cryptographic key pair associated with the cryptoasset transaction; and
performing, by the server computer, the cryptoasset transaction of the cryptoasset using the cryptographic key.


one or more computer processors; and
a non-transitory computer-readable storage medium storing instructions executable by the one or more computer processors, the instructions when executed by the one or more computer processors cause the one or more computer processors to:
receive, by a hardware security module, a requested operation description including data describing a cryptoasset transaction and an organization that owns a cryptoasset;
determine, by the hardware security module, at least one reviewing entity required for approval of the cryptoasset transaction based at least in part on a policy map for the organization;
determine, by the hardware security module, that an endorsement of the cryptoasset transaction has been received from a plurality of endorser user devices corresponding to a plurality of endorsers in satisfaction of a quorum specified by the policy map, the plurality of endorsers being different from the at least one reviewing entity;
responsive to the determination that the endorsement has been received, transmit, by a server computer of the cryptoasset custodial system and to a computing device of the at least one reviewing entity, an approval request for the cryptoasset transaction;
authenticate, by a risk analysis module of the cryptoasset custodial system, the at least one reviewing entity based on a hardware security token security key originated from the computing device of the at least one reviewing entity, the hardware security token security key associated with a hardware security token of the at least one reviewing entity and indicating an approval of the cryptoasset transaction in accordance with risk parameters defined in the policy map;

perform, by the server computer, the cryptoasset transaction on the cryptoasset using the cryptographic key.

35.	(Currently Amended)  A non-transitory computer-readable storage medium storing instructions executable by one or more computer processors of a cryptoasset custodial system, the instructions when executed by the one or more computer processors cause the one or more computer processors to:
receive, by a hardware security module of the cryptoasset custodial system, a requested operation description including data describing a cryptoasset transaction and an organization that owns a cryptoasset;
determine, by the hardware security module, at least one reviewing entity required for approval of the cryptoasset transaction based at least in part on a policy map for the organization;
determine, by the hardware security module, that an endorsement of the cryptoasset transaction has been received from a plurality of endorser user devices corresponding to a plurality of endorsers in satisfaction of a quorum specified by the policy map, the plurality of endorsers being different from the at least one reviewing entity;

authenticate, by a risk analysis module of the cryptoasset custodial system, the at least one reviewing entity based on a hardware security token security key originated from the computing device of the at least one reviewing entity, the hardware security token security key associated with a hardware security token of the at least one reviewing entity and indicating an approval of the cryptoasset transaction in accordance with risk parameters defined in the policy map;
responsive to the authentication of the at least one reviewing entity, sign, by the hardware security module, the cryptoasset transaction using a cryptographic key stored in the hardware security module, the cryptographic key being a private key of an asymmetric cryptographic key pair associated with the cryptoasset transaction; and
perform, by the server computer, the cryptoasset transaction on the cryptoasset using the cryptographic key.

Reasons for Allowance
Claims 21-40 are allowed.

The following is an examiner’s statement of reasons for allowance: 
 Regarding the claimed terms, the Examiner notes that a "general term must be understood in the context in which the inventor presents it." In re Glaug 283 F.3d 1335, 1340, 62 USPQ2d 1151, 1154 (Fed. Cir. 2002). Therefore the Examiner must interpret the claimed terms Id. Using these definitions for the claims, the claimed invention was not reasonably found in the prior art. 
Cryptocurrencies have gained in popularity and value in recent years.  With the increasing use of cryptoassets comes the need for a trusted custodial system that can securely store very large quantities of cryptoassets and control access to those cryptoassets.  The instant claims attempt to address the need for a trusted custodial system that mitigates user risk by requesting approval of a cryptoasset transaction in accordance with a policy that is stored in a hardware security module of the cryptoasset custodial system.    
The instant claims attempt to mitigate risk issues of cryptoasset custodial systems.  The instant claims achieve this by receiving, by a hardware security module of a cryptoasset custodial system, a requested operation description including data describing a cryptoasset transaction and an organization that owns a cryptoasset; determining, by the hardware security module, at least one reviewing entity required for approval of the cryptoasset transaction based at least in part on a policy map for the organization; determining, by the hardware security module, that an endorsement of the cryptoasset transaction has been received from a plurality of endorser user devices corresponding to a plurality of endorsers in satisfaction of a quorum specified by the policy map, the plurality of endorsers different from the at least one reviewing entity; responsive to the determination that the endorsement has been received, transmitting, by a server computer of the cryptoasset custodial system and to a computing device of the at least one reviewing entity, an approval request for the cryptoasset transaction; authenticating, by a risk analysis module of the cryptoasset 
A system that receives a requested operation, authenticates the identity of approvers using encryption keys, and signs the cryptoasset transaction using cryptographic keys is conventional at the time of the invention as evidenced by the cited reference (US 2015/0287026 A1 to “Yang”). A system that assembles endorsements into a transaction payload and then broadcasts the transaction payload to multiple peers so that they can validate the transaction is also known at the time of the invention as evidenced by the cited reference (US 2020/0167338 A1 to Brock).  A hardware security module that stores keys is also known at the time of the invention as evidenced by the cited reference (US 2005/0273442 A1 to “Bennett”).  Endorser nodes located on a blockchain is also known at the time of the invention as evidenced by the cited reference (US 2020/0233858 A1 to “Deng”).  Policy data that is used to identify an appropriate approver is also known at the time of the invention as evidenced by the cited reference (US 20020087479 A1 to “Malcolm”).  The cited references, alone or in combination, do not teach the specific technique of receiving, by a hardware security module of a 
Any comments considered necessary by the Applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the 

Conclusion
Any inquiry of a general nature or relating to the status of this application or concerning this communication or earlier communications from the Examiner should be directed to TIMOTHY SAX whose telephone number is 571-272-0821.  The Examiner can normally be reached on M-F 9-5:30.  If attempts to reach the examiner by telephone are unsuccessful, the Examiner’s supervisor, Patrick McAtee can be reached at (571) 272-7575. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/T.P.S./Examiner, Art Unit 3685