DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This written action is responding to the amendment dated May 18, 2022.
In the amendment dated May 18, 2022, claims 1, 7 and 13 have been amended, 3 has been canceled.
Claims 1-2 and 4-16 are allowed.


EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below.  Should the changes and/or additions be unacceptable to Applicant, an amendment may filed as provided by 37 CFR 1.312.  To ensure consideration of such an amendment, it MUST be submitted no later than the payment of issue fee.
Authorization for this examiner’s amendment was given in a telephone interview with Mr. Carder W. Brooks of registration number 75,456, on May 24, 2022.  During the telephone conference, Mr. Brooks has agreed and authorized the examiner to further amend Claims 1-2 and 4-16 on the amendment dated on May 18, 2022.

Claims
Replacing Claims 12 and 4-16 of the amendment dated on May 18, 2022 with the following:
1. 	A method of performing a transaction over a blockchain network, the method comprising:
receiving instructions for executing a blockchain transaction;
ensuring that the instructions are authorized;
on the basis of the received instruction, generating a command to collect signatures for the blockchain transaction;
transmitting the command using a secure air-gapped process to multiple Data Center Hardware Security Modules (DC HSMs), wherein each DC HSM contains a corresponding private key for signing the blockchain transaction;
validating an authenticity of the received command at each of the multiple DC HSMs;
securely signing the blockchain transaction inside each of the multiple DC HSMs using a signing technique and transferring signatures back using the secured air-gapped process;
building a multi-signed transaction from collected DC HSM signatures; and
transmitting the multi-signed transaction to a destination,
wherein the secure air-gapped process uses near field communication (NFC) interfaces and NFC Radio Frequency Identification (RFID) tags, and
wherein the NFC interfaces are physically shielded.

2. 	The method of claim 1, wherein the destination comprises a blockchain network.

3. 	(Canceled)

4. 	The method of claim 3, wherein the NFC interfaces are physically shielded to resist side channel attacks.

5. 	The method of claim 2, further comprising ensuring that at least M of N DC HSMs sign the blockchain transaction before transmitting the multi-signed transactions to the blockchain network, where N = a total number of DC HSMs, and M ≤ N, for integers N and M.

6. 	The method of claim 5, wherein the signing technique comprises Elliptic Curve Digital
Signature Algorithm (ECDSA), Edwards-Curve Digital Signature Algorithm (EdDSA), RSA,
or any combination thereof.

7. 	A cold storage system for storing digital assets comprising:
a. an integration server, including a processor and a memory, coupled to an external network;
b. a central control center comprising a request handler and a command handling Hardware Security Module (HSM); and
c. multiple distributed data centers each comprising:
i. an associated Data Center (DC) HSM for managing cryptographic keys;
ii. a processor
iii. a dedicated remote controlled server coupled to the integration server; and
iv. [[an]]a physically shielded near field communication (NFC) adapter pair having a Radio Frequency Identification (RFID) tag forming an air-gapped communication channel between the remote controlled server and the processor coupled to the associated DC HSM.

8. 	The cold storage system of claim 7, wherein each of the NFC adapter pairs comprises NFC devices and tags physically shielded to avoid side channel attacks, data skimming, or both.

9. 	The cold storage system of claim 8, wherein each of the NFC adapter pairs comprises NFC devices having both read/write capabilities comprising NFC tags between the NFC devices.

10. 	The cold storage system of claim 7, wherein the external network comprises the Internet or a virtual private network.

11. 	The cold storage system of claim 7, wherein the request handler is configured to receive raw instructions to execute blockchain transactions from the integration server and to send the raw instructions to the command handling HSM over the air-gapped channel.

12. 	The cold storage system of claim 11, wherein the raw instruction is authorized by the command handling HSM through a multiple factor authentication protocol.

13. 	The cold storage system of claim 7, wherein each of the multiple processors of the distributed data centers 

14. 	The cold storage system of claim 7, wherein each of the multiple associated DC HSMs is configured to verify an authenticity of received commands using digital signatures and pre-installed certificates of the command handling HSM.

15. 	The cold storage system of claim 7, wherein each of the associated DC HSMs is configured for determining whether an associated one or more command execution constraints are met.

16. 	The cold storage system of claim 15, wherein the command execution constraints comprise velocity of requests, time bound expiry, or both.

Allowable Subject Matter
Claims 1-2 and 4-16 are allowed.

Examiner’s Statement of Reasons for Allowance
The following is an examiner’s statement of reasons for allowance:
Independent claim 1 is allowable based on the amendment presented in the amendment dated on May 18, 2022 and the examiner’s amendment dated on May 29, 2022.
Specifically, the independent claim 1 now recites limitations as follows:
“A method of performing a transaction over a blockchain network, the method comprising:
receiving instructions for executing a blockchain transaction;
ensuring that the instructions are authorized;
on the basis of the received instruction, generating a command to collect signatures for the blockchain transaction;
transmitting the command using a secure air-gapped process to multiple Data Center Hardware Security Modules (DC HSMs), wherein each DC HSM contains a corresponding private key for signing the blockchain transaction;
validating an authenticity of the received command at each of the multiple DC HSMs;
securely signing the blockchain transaction inside each of the multiple DC HSMs using a signing technique and transferring signatures back using the secured air-gapped process;
building a multi-signed transaction from collected DC HSM signatures; and
transmitting the multi-signed transaction to a destination,
wherein the secure air-gapped process uses near field communication (NFC) interfaces and NFC Radio Frequency Identification (RFID) tags, and
wherein the NFC interfaces are physically shielded”.

The cited reference by Cheng et al. (US PGPUB. # US 2018/0367316) discloses, in FIG. 6A a logic flow diagram illustrating embodiments of a secure firmware transaction signing (SFTS) component for the SFTSP. In FIG. 6A, a SFTS API call may be obtained at 601. For example, the SFTS API call may be obtained as a result of a call from a HSM associated with the SFTS component. It is to be understood that although the SFTS component is described with regard to an API method to sign a transaction (e.g., signMessageHash). (Fig. 6A(601), ¶116). he TSS may forward the transaction signing request to a first HSM 430. For example, the first HSM may be a PCIe HSM (e.g., installed in a TSS (e.g., machine)). The first HSM's tamper-proof storage (e.g., the first HSM's firmware) may store a private key decryption key (e.g., an RSA private key) 434 and a SFTS module 436. (Fig. 4A(430, 434, 440), ¶88). If a portable HSM is not being utilized, a master private key may be retrieved at 613. In one implementation, the master private key may be determined using a PKCS#11 function (e.g., C_FindObjectsInit( . . . )). In another implementation, the master private key may be determined via an internal call on a HSM environment setting configured externally at HSM deployment time. If a portable HSM is being utilized, an encrypted master private key may be obtained at 617. In one implementation, the portable HSM may be queried to obtain the encrypted private master key. For example, the private master key may be encrypted using a public key encryption key (e.g., associated with the HSM) stored by the portable HSM. A private key decryption key for the HSM may be retrieved at 621. In one implementation, the private key decryption key may be determined using a PKCS#11 function (e.g., C_FindObjectsInit( . . . )). In another implementation, the private key decryption key may be determined via an internal call on a HSM environment setting configured externally at HSM deployment time. (Fig. 6A(609, 617), ¶131-¶132).  FIG. 8 where two operators, each holding an encrypted key on a USB memory stick, one after another insert their USB key into an authentication entry device attached to a HSM and confirm their ownership of the key by entering a PIN associated with the key in order to start a business application operation. Authentication to the HSM may be tightly integrated in HSM firmware for access control and protection of key objects stored on the HSM through a key hierarchy of user keys on the USB token and master encryption keys on the HSM. (Fig. 8, ¶174). The first HSM may send a get master request to a second HSM 440. For example, the second HSM may be a portable USB HSM. The second HSM's tamper-proof storage (e.g., the second HSM's firmware) may store a master private key (e.g., an ECDSA private key) 444 and a public key encryption key (e.g., an RSA public key that corresponds to the RSA private key stored in the first HSM's tamper-proof storage) 446. In one embodiment, the second HSM may include a split credentials PIN entry device (PED) to provide for multiple-person (e.g., M-of-N) user access rule for HSM activation and/or operation (e.g., 2-of-3 operation enforcement that allows access to the master private key if at least two out of three people provide their separate credentials to the second HSM). See FIGS. 8 and 9 for additional details regarding M-of-N authentication. The second HSM may encrypt the master private key using the public key encryption key (e.g., associated with the first HSM), and may respond to the get master request by returning the encrypted master private key to the first HSM. The first HSM may decrypt the master private key using the private key decryption key, may utilize the decrypted master private key and the SFTS module to sign the transaction, and may respond with a signed transaction (e.g., ECDSA signature in DER format). Sensitive operations, such as key derivation and transaction signing, are implemented inside the first HSM appliance and secret key materials are encrypted when transferred between the two HSMs. (¶89-¶90). A signing private key for the specified keychain path may be generated at 629. In one implementation, the signing private key may be generated in accordance with a deterministic key derivation procedure as described in Bip32. The transaction may be signed at 633. In one implementation, the generated signing private key may be used to sign the transaction hash in accordance with the hashing algorithm utilized by the Bitcoin protocol (e.g., RIPE160(SHA256(SHA256(message)))). Temporary private key data may be wiped from memory at 637. In one implementation, the master private key obtained from the portable HSM and/or the generated signing private key may be wiped from memory of the HSM associated with the SFTS component. The signed transaction may be returned at 641. In one implementation, the Elliptic Curve Digital Signature Algorithm (ECDSA) signature in DER format may be returned. (Fig. 6A(641), ¶135-¶136).
The reference by Martin et al. (US PGPUB. # US 2019/0318356) discloses, as shown in FIG. 2, restoring the stored information S700 functions to reconstruct the fragmented, multiple-encrypted information for use, example shown in FIG. 7. For example, when the stored information is the cryptocurrency private key, S700 includes restoring the cryptocurrency private key, functions to reconstruct the fragmented, multiple-encrypted cryptocurrency private key for use (e.g., to sign a transaction). S700 is preferably performed and/or coordinated by the secure computing system, but can alternatively be performed or coordinated by any suitable system. S700 can be performed in response to: receipt of a transaction request S710; receipt of a retrieval request (e.g., wherein the retrieval request identifies the cryptocurrency private key); at a predetermined frequency; receipt of a restoration request from an associated account (e.g., management or key holder account); or upon occurrence of any suitable event. The transaction request preferably includes an unsigned transaction, but can be any other suitable request. The transaction request can include: the cryptocurrency address, an endpoint cryptocurrency address, transaction information (e.g., asset quantity to be transferred, asset type, etc.), or any other suitable information. (Fig. 2(S710), ¶103). Retrieving the beta shards from storage S720 functions to temporarily bring the beta shards online (e.g., temporarily convert the beta shards into a virtual format). S720 is preferably performed in response to receipt of the transaction request S710, but can additionally or alternatively be performed after retrieval confirmation receipt from the management account or a key holder account (e.g., wherein a retrieval confirmation query or multi-factor authentication request can be sent to the management account or a key holder account associated with the cryptocurrency address), in response to receipt of a beta shard retrieval request (including the beta shard identifier, private key identifier, secondary encryption key identifier, key holder identifier, etc.) from a key holder (e.g., via the key holder interface), or performed at any suitable time. S720 is preferably performed based on the cryptocurrency private key identifier (e.g., cryptocurrency address) identified within the transaction request, but can alternatively or additionally be performed based on the management account (e.g., a management entity identifier), or be performed based on any other suitable information. S720 preferably retrieves all beta shards associated with the cryptocurrency address, but can alternatively retrieve a portion of the beta shards. S720 can be performed manually, automatically or otherwise performed. In one example, the method includes: receiving a transaction request, including a cryptocurrency address, from a client service at the secure computing system S710, and transmitting the cryptocurrency address to a custodian (human or robotic), wherein the custodian identifies and retrieves the physical beta shard representations associated with the cryptocurrency address and virtualizes the beta shards (e.g., by scanning the physical representation, reading the beta shard values off the physical storage device, etc.). However, S720 can be otherwise performed. The method can optionally include discarding or destroying the physical beta shard representations after beta key restoration (e.g., by shredding, burning, erasing, etc.); putting the physical beta shard representations back into storage; or otherwise managing the physical beta shard representations. (¶105). S730 is preferably performed after S720, but can be performed at any suitable time. S730 is preferably performed after the key holder is verified, but can alternatively be performed after receipt of a transaction request, or be performed at any suitable time. S730 is preferably performed for at least the minimum number of beta shards required for encrypted cryptocurrency private key reconstruction (k), but can alternatively be performed for any suitable number of beta shards. Multiple instances of S730 (e.g., for each beta shard) can be performed concurrently, serially, based on key holder interface availability, or otherwise performed. Determining the alpha shards can include: decrypting the alpha shards using the secondary encryption keys, calculating the alpha shards from the beta shards, or otherwise determination the alpha shards. The secondary encryption key is preferably the private secondary encryption key corresponding to the public secondary encryption key used to encrypt the respective alpha shard resulting in the beta shard, but can alternatively or additionally be a secondary symmetric encryption key (e.g. wherein the beta shard is encrypted using the secondary symmetric encryption key), or be any suitable set of encryption keys. (Fig. 7, ¶108-¶109). 
The reference by Di Iorio et al. (US PGPUB. # US 2019/0354970) discloses, an intermediate computing device 102, as an intermediary, may communicate with components 104 and 106 via a communication network (108) such as a wide area network (WAN), a public network (e.g. the Internet) or via a private network or a combination of same. Communications within cryptographic transaction processing system 104 may be via a private network and/or public network. Any of the communications between these components 102, 104 and 106 may be via wired or wireless means. These devices typically communicate electronically using wire or radio (wireless) components using well known protocols (e.g. Internet Protocols (IP)). Device 102 is typically configured as a client computing device, as further described below, capable of communicating transaction data for a cryptographic transaction. Components 102, 104 and 106 are typically dispersed in different physical (geographical) locations and are not local to one another. Components which comprise systems 104 and 106 may also be geographically remote from one another. Such components 102, 104 and 106 are often connected to a network or networks for long periods of time and may engage in various communications over the network. Software applications, operating systems and other configurations as well as user behaviour can make these components susceptible to malicious attacks or other malicious activity. It may be desirable to store certain data, such as a private key, on a computing device to sign cryptographic transactions, where the computing device storing such data remains isolated from the communication network 108. (Fig. 1(102, 104, 108), ¶38).  Intermediate computing device 102 is shown in communication with a transaction signing device 112. Signing device 112 comprises an “air gapped” computing device having a special configuration as described further herein. Broken lines between device 102 and signing device 112 represent an optical over the air (OTA) communication path. Signing device 112 is configured to receive unsigned transaction data optically OTA, sign the data using a private key stored on signing device 112 and transmit signed transaction data optically OTA to device 102. In this way, signing device 112 is isolated from other communication networks, particularly communication networks such as 108. Signing device 112 is configured without additional communication components for external communications, for example without antenna or external bus connectors, etc. as further described. In one example, the optical OTA communication comprises displaying an image on an optical output device 114 (e.g. a display screen) of device 102 and capturing an image using an optical input device 116 (e.g. a camera) of signing device 112. Signing device 112 may communicate to device 102 by displaying an image on optical output device 118 (e.g. a display screen) for capture by an optical input device 120 (e.g. s camera). In another example, the optical input devices 116, 120 and optical output devices 114, 118 may be infrared sensors and transmitters. (¶39).
Yaldin et al. (US # 2020/0044863) discloses, techniques for securing digital signatures using multi-party computation. A method includes generating at least one first secret share by a first system, wherein at least one second secret share is generated by one of at least one second system; signing data based on the at least one first secret share when a signing policy is met, wherein the signing is part of an interactive signing process including running a multi-party computation protocol by the first system and the at least one second system, wherein the signed data corresponds to a public key generated based on the plurality of secret shares, wherein the signing policy requires a minimum number of secret shares, wherein shares of one system alone are not sufficient to meet the signing policy, wherein no portion of shares of one system are revealed to the other system during the interactive signing process. (Abstract).
 Gancarz (US # 2020/0028675) discloses, a first module with a communication interface to a public network; and a controller to handle a transaction with a Blockchain network or a transaction server accessible at the public network. The system also includes a second module with a random number generator; and a secure controller to generate seed words and private keys. The system further includes a bridge module with a controller; and a switch to selectively connect the data interface of the bridge module to either the data interface of the first module or the data interface of the second module such that the data interface of the first module is never connected with the data interface of the second module. (Abstract).
Winklevoss et al. (US # 10,068,228) discloses, methods for securely storing digital assets using a secure portal are disclosed. Using an isolated computer within an electronic isolation chamber, a plurality of digital asset accounts may be generated, and one or more private keys and a digital asset account identifier corresponding to each of the digital asset accounts may be obtained. A respective reference identifier may be associated with each digital asset account. At least one of the one or more private keys corresponding to each digital asset account may be divided into a plurality of private key segments and written to a card along with the respective reference identifier to create sets of collated cards, wherein each set comprises cards corresponding to different private keys. (Abstract).
Shin et al. (US # 2018/0157841) discloses, a method for secure boot of an engine management system, in which the system for secure boot of an engine management system, comprises a memory in which a boot code and at least one application are stored, a host CPU for sending a start-up command to a hardware security module HSM when a start-on or reset event occurs, and transmitting a remaining memory area authentication command to the HSM after executing the boot code when boot code authentication success is received from the HSM, and the HSM for starting up and performing authentication of the boot code stored in the memory as the start-up command is received, sending a boot code authentication result to the host CPU, and performing authentication of the rest of the memory excluding the boot code when the remaining memory area authentication command is received. (Abstract).
Osborne et al. (US # 2012/0324230) discloses, a method for enabling digital signature auditing. The method includes the steps of: receiving at least one signature request issued by at least one application, forwarding a first data corresponding to the received at least one signature request to at least one signing entity for subsequent signature of the first data, storing an updated system state that is computed using a function of: i) a reference system state and ii) a second data corresponding to the received at least one signature request, where the reference system state and the updated system state attest to the at least one signature request, and repeating the above steps, using the updated system state as a new reference system state, where the steps of the method are executed at a server of a computerized system. (Abstract).

However, each of the cited references or reference from the updated search, at least, fails to teach or suggest the limitations regarding “…………building a multi-signed transaction from collected DC HSM signatures; and transmitting the multi-signed transaction to a destination,wherein the secure air-gapped process uses near field communication (NFC) interfaces and NFC RFID tags, and wherein the NFC interfaces are physically shielded..”, in combination with the rest of the limitations recited in the independent claim(s).
None of the previous cited prior art references or reference(s) from the updated search yield any specific references that would reasonably, either singularly or in combination with previous cited reference, result a reasonable and proper rejection for each of the cited feature limitations of the independent claim 1 under 35 U.S.C. 102 or 35 U.S.C. 103 with proper motivation.
Claims 7 is a system claim of above method claim 1, and therefore, they are also allowed.
Claims 2 and 4-6 depend on the allowed claim 1, and therefore, they are also allowed.
Claims 8-16 depend on the allowed claim 7, and therefore, they are also allowed.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled "Comments on Statement of Reasons for Allowance".

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DARSHAN I DHRUV whose telephone number is (571)272-4316. The examiner can normally be reached M-F 9:00 AM-5:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on 571-272-8878. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/DARSHAN I DHRUV/Primary Examiner, Art Unit 2498