DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement

The information disclosure statement (IDS) submitted on 10/23/2020, 01/29/2021, and 05/07/2021 are  in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Specification

Applicant is reminded of the proper content of an abstract of the disclosure.
A patent abstract is a concise statement of the technical disclosure of the patent and should include that which is new in the art to which the invention pertains. The abstract should not refer to purported merits or speculative applications of the invention and should not compare the invention with the prior art.
If the patent is of a basic nature, the entire technical disclosure may be new in the art, and the abstract should be directed to the entire disclosure. If the patent is in the nature of an improvement in an old apparatus, process, product, or composition, the abstract should include the technical disclosure of the improvement. The abstract should also mention by way of example any preferred modifications or alternatives. 
Where applicable, the abstract should include the following: (1) if a machine or apparatus, its organization and operation; (2) if an article, its method of making; (3) if a chemical compound, its identity and use; (4) if a mixture, its ingredients; (5) if a process, the steps.
Extensive mechanical and design details of an apparatus should not be included in the abstract. The abstract should be in narrative form and generally limited to a single paragraph within the range of 50 to 150 words in length.
See MPEP § 608.01(b) for guidelines for the preparation of patent abstracts.

The abstract of the disclosure is objected to because it does not meet the range of 50-150 word length and is less than the required amount.  Correction is required.  See MPEP § 608.01(b).


Claim Rejections - 35 USC § 112

The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.



Claims 3-5 is/are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as failing to set forth the subject matter which the inventor or a joint inventor, (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant) regards as the invention. 
In regards to Claim 3, the applicant recites the limitation “the private key ciphertext”, this is unclear because the private key cipher text has a lack of antecedent basis as it was never previously recited in the claims. This creates confusion as to which private key ciphertext the applicant is referring to. The specification states on Par. (0040) “In some implementations, the private key information uploaded by the client system 130 (e.g., from physical storage, cold storage, airgapped storage, etc.) to the cold storage system 120 includes p-ciphertext for the private key (which is encrypted with a first set of one or more keys), and the cold storage system 120 orchestrates the decryption of the p-ciphertext into a-shards”. Therefore it will be broadly and reasonably interpreted that the private key ciphertext is referring to ciphertext or seed values corresponding to the signing/private key. Examiner suggest using the phrase “a” in front of private key ciphertext to use proper claim language when first reciting a claim limitation and to eliminate confusion.

In regards to Claim 3 line 7, the applicant recites the limitation “a plurality of message signing key shards”, this is unclear because message signing key shards has already been previously recited in independent claim 1. This creates confusion as to which plurality of message signing key shards the applicant is referring to, if it is a new embodiment of message signing key shards or if it is the same message signing key shards recited earlier in the claims. The specification states on Par. (0025-0026) “a-shards (message signing key shards) are accessed (e.g., S43o). The a-shards can be accessed by decrypting encrypted versions of the a-shards (e.g., by sending the encrypted a-shards to users, and receiving decrypted a-shards back, wherein the encrypted a-shards are decrypted using keys held by the users, such as within an HSM),”. Therefore it will be broadly and reasonably interpreted that a plurality of message signing key shards is referring to the same message signing key shards recited previously independent claim 1. Examiner suggest amending the claims to recite “the message signing key shards” instead of “a plurality of message signing key shards” to recite consistent claim language when reciting a claim and to eliminate confusion.

In regards to Claim 4 line 3, the applicant recites the limitation “private key cipher text”, this is unclear because private key ciphertext has already been previously recited in claim 3. This creates confusion as to which private key ciphertext the applicant is referring to. The specification states on Par. (0063) “The a-key is used to generate the a-ciphertext during the key generation ceremony, and can optionally be used to decrypt the reconstructed a-ciphertext during message signing. The a-key is preferably a symmetric key, but can alternatively be an asymmetric keypair (e.g., wherein the public key is used to encrypt the message signing key into a-ciphertext and the private key is used to decrypt the reconstructed a- ciphertext).”. Therefore it will be broadly and reasonable interpreted that private key ciphertext is referring to the same private key ciphertext recited earlier in the claims. Examiner suggest amending the claims by using the phrase “the” in front of private key ciphertext to recite consistent claim language and to eliminate confusion.

Claim 5 is/are being additionally rejected for being dependent on a rejected base claim.
 
Claim Rejections - 35 USC § 103


In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.



Claims 1, 8-14 and 18-20, is/are rejected under 35 U.S.C. 103 as being unpatentable over Cheng et al. (U.S Pub. No. 20190280864, hereinafter referred to as “Cheng”) in further view of Ricotta et al. ( U.S. No. 11238164, hereinafter referred to as “Ricotta”)

In regards to Claim 1, Cheng teaches a method for signing blockchain transactions, the method comprising: (Par. (0081) “the SFTSP includes Deterministic Derivation of Cryptocurrency Signing Keys with Split Master Seed and Enforcement of M-of-N Authentication Policy. This supports the SFTSP with innovations in Bitcoin, Ethereum and Blockchain, new service and product offerings in cryptocurrency. It includes splitting Bitcoin or Ethereum master private key into multiple key shares (e.g., into two halves)”; blockchain transaction (SFTSP system includes blockchain)), (Par. (0091) “in order to sign a transaction (e.g., to execute a fund transfer CLI program to transfer funds from a cold wallet to a hot wallet), multiple (e.g., three) operators may have to be present (e.g., physically present) to authenticate to a TSS and/or the HSMs”; signing blockchain transactions))
with a cold storage system operating within an on-line computing environment: (Par. (0275) “The SFTSP architecture may be deployed to both online and offline keys for hot (e.g., networked) and cold (e.g., non-networked) storage (e.g., runtime signing steps 1-3 describe online transaction signing with two key shares in hot storage), and to mixed online and offline keys for air-gapped cold storage transaction signing (e.g., runtime signing steps 11-16 describe offline transaction signing with three key shares in hot and cold storage).”; cold storage system (SFTSP architecture associated with cold storage) operating within an on-line computing environment (signing of online transactions mixed with offline storage))
receiving a blockchain transaction to be signed,  (Par. (0095) “the SFTSP may protect addresses used for receiving funds in transactions between paired cold and hot wallets. These addresses are derived from master keys in a similar way as the derivation of private keys used for transaction signing.”; receiving a blockchain transaction (receiving funds in transaction) to be signed (for transaction signing)), (Par. (0097-0098)” a client application 310 (e.g., utilized by a user via a client device) may send a transaction signing request (e.g., including transaction data [..] he HSM may utilize the master private key and the SFTS module to sign the transaction, and may respond with a signed transaction (e.g., ECDSA signature in Distinguished Encoding Rules (DER) format).”; receiving a blockchain transaction to be signed (send a transaction signing request with transaction data inside that is signed)), (Par. (0082) “the SFTSP may be utilized to provide multi-signature support for Externally Owned Account (EOA) transactions on Ethereum blockchain.”; blockchain transaction (SFTSP with transactions corresponding to blockchain)), (Par. (0357) “transaction signing request may be obtained as a result of a user utilizing a UI of an offline transaction signing runtime to request that a transaction (e.g., a fund transfer EOA transaction on Ethereum blockchain)”; blockchain transaction (transaction signing corresponding transaction on blockchain))) 
with a secure signing system operating within an off-line computing environment: (Par. (0275) “The SFTSP architecture may be deployed to both online and offline keys for hot (e.g., networked) and cold (e.g., non-networked) storage (e.g., runtime signing steps 1-3 describe online transaction signing with two key shares in hot storage), and to mixed online and offline keys for air-gapped cold storage transaction signing (e.g., runtime signing steps 11-16 describe offline transaction signing with three key shares in hot and cold storage).”; secure signing (transaction signing ) operating within an off-line computing environment (SFTSP corresponding to offline for cold storage storage))
accessing a ceremony key from a hardware security module (HSM) located in an offline secure processing facility, (Par. (0118-0121) “he TSS server may send a public key request message 529 to a HSM 510 to request a RSA public key from the HSM. In one implementation, the public key request message may be sent via a HSM Access Provider and may include data such as a request identifier, a transaction identifier, and/or the like. In one embodiment, the TSS server may provide the following example public key request message [..] RSA_public_key>RSA public key provided by the HSM”; accessing ceremony key from HSM (public key request message to an HSM [..] public key provided by HSM)) (Par. (0276) “the HSM-based key storage infrastructure may offer [..] backup in long-term offline storage locations for key recovery in case of disaster scenarios.”; located in an offline secure processing facility (HSM corresponding to offline backup locations))(Examiner notes: In the instant application nthe specification on Par. (0021) that a ceremony key is a public or symmetric or just a “key” therefore it will be broadly and reasonably interpreted as such))
accessing a message signing private key by using the message signing key shards and the ceremony key, (Par. (0105-0106) “user access rule for HSM activation and/or operation (e.g., 2-of-3 operation enforcement that allows access to the second master private key share if at least two out of three people provide their separate credentials to the second HSM)  [..] the second master private key share using the public key encryption key (e.g., associated with the first HSM), and may respond to the get master request by returning the encrypted second master private key share to the first HSM. [..] e.g., in implementations where the master private key is split into more than two shares and retrieved from multiple portable HSMs (e.g., to reassemble the master private key from three shares))”; accessing a message signing private key (allows access to second master private key) using the message signing key shards (master private key is split into more than two shares) and the ceremony key (public key corresponding to second master private key))
signing the blockchain transaction by using the message signing private key, and (Par. (0098) “The HSM may utilize the master private key and the SFTS module to sign the transaction, and may respond with a signed transaction (e.g., ECDSA signature in Distinguished Encoding Rules (DER) format). Sensitive operations, such as key derivation and transaction signing, are implemented inside the HSM appliance and master secret key materials”; signing the blockchain transaction using the message signing private key (master private key utilized to sign transaction))
providing the signed blockchain transaction to the cold storage system. (Par. (0278) “adThe signed transaction and the wrapped online cold key share three may be transferred via an external storage device 2315 (e.g., a USB drive) to the first cold HSM. The first cold HSM may unwrap online cold key share three using the unwrapping key C_RSA_priv of the cold RSA pair.”; providing the signed blockchain transaction to the cold storage system (the signed transaction being transferred to the first cold HSM storage))
However Cheng does not explicitly teach o	asynchronously accessing message signing key shards from a plurality of account managers, and o storing each message signing key shard and the blockchain transaction at a removable computer-readable storage medium; and o	accessing the message signing key shards and the blockchain transaction from the computer-readable storage medium,
Wherein Ricotta teaches  o asynchronously accessing message signing key shards from a plurality of account managers, and (Figure 4 labels 305, 304, 306, 402 and 350(1); message signing key shards (key with cipher data is sharded)), (Col. 6 lines 65-67 and Col. 7 lines 1-15 “Only permitted parties (e.g., actor 150) are allowed to access shards 350. Shards 350 that form one particular data set (e.g., cipher data 306, and thus data 302) may be referred to as an “information set”.”; accessing message signing key shards (only permitted users are allowed access to shards)), (Col. 9 lines 1-15 “ Data Access [..] To access any part or all of the information set (i.e., data 302), data cloaking module 106 searches immutable journal 108 for blocks corresponding to shards 350 of data 302. Data cloaking module 106 then determines a proper topology of keys 310 (not actual keys themselves) used to protect shards 350, and compares that journal to a graph 308 that represents the identity of the information requestor.”; accessing message signing key shards (to access the information [..] corresponding to shards)), (Figure 4 label Shard 350(1), Security Permissions; accessing message signing key shards (security permission corresponding to each shard)) (Col. 5 lines 1-45 “Platform 100 is formed of a plurality of nodes 102 that communication with each other via the computer network. Each node 102 is a computer that includes at least one processor, a memory comprising one or more of RAM, ROM, FLASH, magnetic media, optical media, and so on, and one or more interfaces for communication. Each node 102 operates to provide a service 198 to an actor 150, and thereby services 198 of platform 100 operate to store data received from one or more of the actors 150 [..] Trust (a central tenant of any security system) is managed on a peer-to-peer basis, where nodes 102 collectively manage trust.”; plurality of account managers (plurality of nodes that manage trust and provide service to actors))
storing each message signing key shard and the blockchain transaction at a removable computer-readable storage medium; and (Figure 4 labels 120(1-3) 106 (1-3) and 350(1-33); storing each message signing key shards (shard label 350 (1-3)) and the blockchain transaction (immutable journal label 106(1-3) at a removable computer readable storage medium (data store label 120)), (Col. 5 lines 50-57 “Immutable journal 108, implemented using BlockChain 199, is distributed across nodes 102 to provide a secure record of transactions that cannot be altered. Since immutable journal 108 is distributed across all nodes 102, each consensus trust model 104 in each node 102 is aware of, and may validate, all data transactions”; blockchain transactions (immutable journal corresponding to record of transactions)), (Fig. 4 labels 120; removable computer readable storage medium (data store label 120 that is external))
accessing the message signing key shards and the blockchain transaction from the computer-readable storage medium, (Figure 4 labels 305, 304, 306, 402 and 350(1); message signing key shards (key with cipher data is sharded)), (Col. 6 lines 65-67 and Col. 7 lines 1-15 “Only permitted parties (e.g., actor 150) are allowed to access shards 350. Shards 350 that form one particular data set (e.g., cipher data 306, and thus data 302) may be referred to as an “information set”.”; accessing message signing key shards (only permitted users are allowed access to shards)), (Col. 9 lines 1-15 “ Data Access [..] To access any part or all of the information set (i.e., data 302), data cloaking module 106 searches immutable journal 108 for blocks corresponding to shards 350 of data 302. Data cloaking module 106 then determines a proper topology of keys 310 (not actual keys themselves) used to protect shards 350, and compares that journal to a graph 308 that represents the identity of the information requestor.”; accessing message signing key shards (to access the information [..] corresponding to shards)), (Figure 4 label Shard 350(1), Security Permissions; accessing message signing key shards (security permission corresponding to each shard))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Ricotta within the teachings of Cheng to include asynchronously accessing message signing key shards from a plurality of account managers, storing and accessing each message signing key shard and the blockchain transaction at a removable computer-readable storage medium because of the analogous concept of blockchain technologies and the process of sharding or splitting key for secure storage. Ricotta includes a process of accessing and storing key shards associated with a transaction in the blockchain, this is important because by creating a method to access based on permissions and store shards of keys the signing process of cryptocurrency becomes even more securely protected from compromise of the keys, forgery or further harm. By initiating a sharding process and a way to store and access the shards it becomes that more difficult for malware attackers to predict or access the keys and in return provides a new way to manage of keys corresponding to the blockchain ledger. 

In regards to Claim 8, the combination of Cheng and Ricotta teach the method of claim 1, Cheng further teaches the method of Claim 1, further comprising: 
decoupling the computer-readable storage medium from the cold storage system; and (Par. (0328-0329) “the online TSS server may copy the transferable data 2749 and/or other data to an external storage device 2708. In various implementations, the external storage device may be a USB drive (e.g., a flash drive, a hard drive), [..] he user may move the external storage device from the online TSS server to the offline TSS server, and may utilize the offline TSS server (e.g., an offline transaction signing runtime) to request that the transaction be signed using the transferable data (e.g., resulting in the copying”; decoupling the computer readable storage medium from the cold storage system (external storage or USB being inserted or uninserted  and moving USB))
coupling the computer-readable storage medium to the secure signing system. (Figure 32 labels 3214 3202, 3226 (computer-readable storage medium (storage device label 3214) coupled to secure signing system (label 3202 with cryptographic processor)

In regards to Claim 9, the combination of Cheng and Ricotta teach the method of claim 1, Cheng further teaches the method of Claim 8, 
wherein providing the signed blockchain transaction to the cold storage system comprises: storing the signed blockchain transaction at a second removable computer-readable storage medium,( (Par. (0278) “adThe signed transaction and the wrapped online cold key share three may be transferred via an external storage device 2315 (e.g., a USB drive) to the first cold HSM. The first cold HSM may unwrap online cold key share three using the unwrapping key C_RSA_priv of the cold RSA pair.”; providing the signed blockchain transaction to the cold storage system (the signed transaction being transferred to the first cold HSM storage)), (Par. (0346) “the external storage device (e.g., or another USB storage device) containing the signed transaction has been inserted. In another implementation, a notification that the external storage device (e.g., or another USB storage device) has been inserted may be obtained from the operating system and the external storage device may be checked to determine whether removed the external storage device contains the signed transaction”; storing the signed blockchain transaction at second removable computer readable storage medium (another USB storage device that can be inserted containing signed transaction))
wherein the method further comprises: decoupling the second computer-readable storage medium from the secure signing system, and (Par. (Par. (0346) “the external storage device (e.g., or another USB storage device) containing the signed transaction has been inserted. In another implementation, a notification that the external storage device (e.g., or another USB storage device) has been inserted may be obtained from the operating system and the external storage device may be checked to determine whether the external storage device contains the signed transaction”; decoupling the second removable computer readable storage medium (another USB storage device that is an external storage device from the system that can be inserted or uninserted))
coupling the second computer-readable storage medium to the cold storage system. (Par. (0346) “the external storage device (e.g., or another USB storage device) containing the signed transaction has been inserted. In another implementation, a notification that the external storage device (e.g., or another USB storage device) has been inserted may be obtained from the operating system and the external storage device may be checked to determine whether the external storage device contains the signed transaction”; decoupling the second removable computer readable storage medium (another USB storage device that can be inserted to the cold storage system))

In regards to Claim 10, Cheng teaches a method for signing blockchain transactions, the method comprising: with a secure signing system: (Par. (0081) “the SFTSP includes Deterministic Derivation of Cryptocurrency Signing Keys with Split Master Seed and Enforcement of M-of-N Authentication Policy. This supports the SFTSP with innovations in Bitcoin, Ethereum and Blockchain, new service and product offerings in cryptocurrency. It includes splitting Bitcoin or Ethereum master private key into multiple key shares (e.g., into two halves)”; blockchain transaction (SFTSP system includes blockchain)), (Par. (0091) “in order to sign a transaction (e.g., to execute a fund transfer CLI program to transfer funds from a cold wallet to a hot wallet), multiple (e.g., three) operators may have to be present (e.g., physically present) to authenticate to a TSS and/or the HSMs”; signing blockchain transactions))
accessing a ceremony key from a hardware security module (HSM) coupled to the secure signing system, 48 of 54COIN-P22-US (Par. (0118-0121) “he TSS server may send a public key request message 529 to a HSM 510 to request a RSA public key from the HSM. In one implementation, the public key request message may be sent via a HSM Access Provider and may include data such as a request identifier, a transaction identifier, and/or the like. In one embodiment, the TSS server may provide the following example public key request message [..] RSA_public_key>RSA public key provided by the HSM”; accessing ceremony key from HSM (public key request message to an HSM [..] public key provided by HSM)) (Par. (0276) “the HSM-based key storage infrastructure may offer [..] backup in long-term offline storage locations for key recovery in case of disaster scenarios.”; located in an offline secure processing facility (HSM corresponding to offline backup locations))(Examiner notes: In the instant application the specification on Par. (0021) that a ceremony key is a public or symmetric or just a “key” therefore it will be broadly and reasonably interpreted as such))
accessing the message signing private key by using the accessed message signing key shards and the ceremony key, (Par. (0105-0106) “user access rule for HSM activation and/or operation (e.g., 2-of-3 operation enforcement that allows access to the second master private key share if at least two out of three people provide their separate credentials to the second HSM)  [..] the second master private key share using the public key encryption key (e.g., associated with the first HSM), and may respond to the get master request by returning the encrypted second master private key share to the first HSM. [..] e.g., in implementations where the master private key is split into more than two shares and retrieved from multiple portable HSMs (e.g., to reassemble the master private key from three shares))”; accessing a message signing private key (allows access to second master private key) using the message signing key shards (master private key is split into more than two shares) and the ceremony key (public key corresponding to second master private key))
signing the blockchain transaction by using the message signing private key, and (Par. (0098) “The HSM may utilize the master private key and the SFTS module to sign the transaction, and may respond with a signed transaction (e.g., ECDSA signature in Distinguished Encoding Rules (DER) format). Sensitive operations, such as key derivation and transaction signing, are implemented inside the HSM appliance and master secret key materials”; signing the blockchain transaction using the message signing private key (master private key utilized to sign transaction)) (Par. (0097-0098)” a client application 310 (e.g., utilized by a user via a client device) may send a transaction signing request (e.g., including transaction data [..] he HSM may utilize the master private key and the SFTS module to sign the transaction, and may respond with a signed transaction (e.g., ECDSA signature in Distinguished Encoding Rules (DER) format).”; receiving a blockchain transaction to be signed (send a transaction signing request with transaction data inside that is signed)), (Par. (0082) “the SFTSP may be utilized to provide multi-signature support for Externally Owned Account (EOA) transactions on Ethereum blockchain.”; blockchain transaction (SFTSP with transactions corresponding to blockchain)), (Par. (0357) “transaction signing request may be obtained as a result of a user utilizing a UI of an offline transaction signing runtime to request that a transaction (e.g., a fund transfer EOA transaction on Ethereum blockchain)”; blockchain transaction (transaction signing corresponding transaction on blockchain)))
providing the signed blockchain transaction to a cold storage system. (Par. (0278) “adThe signed transaction and the wrapped online cold key share three may be transferred via an external storage device 2315 (e.g., a USB drive) to the first cold HSM. The first cold HSM may unwrap online cold key share three using the unwrapping key C_RSA_priv of the cold RSA pair.”; providing the signed blockchain transaction to the cold storage system (the signed transaction being transferred to the first cold HSM storage))
However Cheng does not explicitly teach •	accessing a blockchain transaction and a threshold number of a plurality of message signing key shards for a message signing private key from a removable computer-readable storage medium,
Wherein Ricotta teaches accessing a blockchain transaction and a threshold number of a plurality of message signing key shards for a message signing private key from a removable computer-readable storage medium, (Col. 7 lines 1-35 “Data Access [..] To access any part or all of the information set (i.e., data 302), data cloaking module 106 searches immutable journal 108 for blocks corresponding to shards 350 of data 302 [..] Immutable journal 108 is based on a cryptographically sound set of industry-standard protocols, providing the ability to have a secure record of transactions that cannot be altered, and be inherently distributed across the network providing a means of data protection..”; accessing a blockchain transaction (to access data [..] immutable journal)), (Fig 4 label 350 (1-3); threshold number of a plurality of message signing key shards (pre-set number (3) of key shards)) (Fig. 4 labels 120; removable computer readable storage medium (data store label 120 that is external))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Ricotta within the teachings of Cheng to include asynchronously accessing message signing key shards from a plurality of account managers, storing and accessing each message signing key shard and the blockchain transaction at a removable computer-readable storage medium because of the analogous concept of blockchain technologies and the process of sharding or splitting key for secure storage. Ricotta includes a process of accessing and storing key shards associated with a transaction in the blockchain, this is important because by creating a method to access based on permissions and store shards of keys the signing process of cryptocurrency becomes even more securely protected from compromise of the keys, forgery or further harm. By initiating a sharding process and a way to store and access the shards it becomes that more difficult for malware attackers to predict or access the keys and in return provides a new way to manage of keys corresponding to the blockchain ledger. 

In regards to Claim 11, the combination of Cheng and Ricotta teach the method of claim 10, Cheng further teaches the method of Claim 10, further comprising: 
 with a key generation computing system, and prior to signing the blockchain transaction, (Par. (0185) “key backup model for the SFTSP. In FIG. 10, a seed (e.g., master key) may be backed up using seed shares [..] For example, this may be done as part of a master key generation operation. A backup utility 1005 may request that a backup HSM 1010 (e.g., Gemalto's ProtectServer PCI-e HSM), which supports firmware module extensions and hosts SFTS module 1015, generate a RSA key pair and provide the generated public key.”; key generation computing system (master key generation of SFTSP)), (Par. (0103) “For example, this use case may be utilized for a cold wallet (e.g., corresponding to the cold wallet shown in FIG. 2B). In FIG. 4B, a client application 410 (e.g., utilized by a user via a client device) may send a transaction signing request (e.g., including transaction data to sign and a keychain path to be used for Bip32 key derivation) to a TSS 420.”; prior to singing the blockchain transaction (transaction signing request before steps below are performed))
generating the message signing private key; (Par. (0085) “FIG. 1B, two master private key (or seed) shares of a master private key (e.g., a 64-byte seed) were generated (e.g., via Shamir's Secret Sharing) and stored on HSMs”; generating the message singing private key))
encrypting the message signing private key by using the ceremony key to generate private key ciphertext; (Par. (0102) “The second HSM may encrypt the master private key using the public key encryption key (e.g., associated with the first HSM), and may respond to the get master request by returning the encrypted master private key to the first HSM. The first HSM may decrypt the master private key using the private key decryption key, may utilize the decrypted master private key and the SFTS module to sign the transaction, and may respond with a signed transaction”; encrypting the message signing private key by using the ceremony key (encrypt the master private key using the public key)), (Par. (0085-0089) “or seed) shares of a master private key (e.g., a 64-byte seed) were generated (e.g., via Shamir's Secret Sharing) and stored on HSMs. Seed share one (e.g., a 64-byte seed share) was generated and/or stored (e.g., with proper attributes) on Gemalto's ProtectServer PCI-e HSM. Seed share two (e.g., a 64-byte seed share) was generated and/or stored [..] whether a seed share is readable (e.g., can be revealed in plaintext) outside of HSM [..] attributes for seed share one may be set to make seed share one sensitive and not exportable. In another example, attributes for seed share two may be set to make seed share”; to generate private key ciphertext (seed of private key is generated))
splitting the private key ciphertext into the plurality of message signing key shards; (Par. (0106) “in implementations where the master private key is split into more than two shares and retrieved from multiple portable HSMs (e.g., to reassemble the master private key from three shares))”; splitting the private key ciphertext into a plurality (private key is split into shares)), (Par. (0211) “SplitSeed—this method receives a master key value, 512-bit number, and returns an array of master key secret shares. Generation of master key shares is implemented by the SFKB component. Temporary materials, including the decrypted master key value,”; splitting the private key ciphertext (seed corresponding to master private key is split into shares))
storing the ceremony key at the HSM; and (Par. (0092) “At 102, the public key RSApub may be exported from the PCI-e HSM to RAM of the TSS for the fund transfer CLI program. A”; store ceremony key at the HSM (public key exported to HSM))
providing a public key associated with the message signing private key to the cold storage system. (Par. (0293-0295) “A determination may be made at 2508 whether the obtained RSA public key is valid. For example, the fund transfer program may be configured to work with a specified set of HSMs, and the obtained RSA public key may have to be associated with one of the specified HSMs to be valid [..] If the obtained RSA public key is valid, the RSA public key may be provided to a second hot HSM at 2510. For example, the RSA public key may be utilized by the second hot HSM”; providing a public key to the cold storage(obtained public key is provided to HSM of cold storage system))
However Cheng does not explicitly teach encrypting each message signing key shard to a respective account manager; o storing each encrypted message signing key shard;
Wherein Ricotta teaches encrypting each message signing key shard to a respective account manager; (Col. 11 lines 5-20 “where each shard is placed into a secure ciphered (e.g., encrypted) container, randomly distributed across data stores 120, and periodically moved between data stores 120. Nodes 102 thereby cooperate to enable a high protective state on sensitive data sets”; encrypting each message singing key shard (each shard is placed (encrypted) to a respective account manager (Nodes)), (Col. 5 lines 1-45 “Platform 100 is formed of a plurality of nodes 102 that communication with each other via the computer network. Each node 102 is a computer that includes at least one processor, a memory comprising one or more of RAM, ROM, FLASH, magnetic media, optical media, and so on, and one or more interfaces for communication. Each node 102 operates to provide a service 198 to an actor 150, and thereby services 198 of platform 100 operate to store data received from one or more of the actors 150 [..] Trust (a central tenant of any security system) is managed on a peer-to-peer basis, where nodes 102 collectively manage trust.”; plurality of account managers (plurality of nodes that manage trust and provide service to actors))
storing each encrypted message signing key shard; (Col. 11 lines 5-20 “where each shard is placed into a secure ciphered (e.g., encrypted) container, randomly distributed across data stores 120, and periodically moved between data stores 120. Nodes 102 thereby cooperate to enable a high protective state on sensitive data sets”; storing the encrypted message singing key shard (each shard is placed (encrypted) distributed across data stores)),
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Ricotta within the teachings of Cheng for the reasons discussed in independent claim 10 stated above.

In regards to Claim 12, the combination of Cheng and Ricotta teach the method of claim 10, Cheng further teaches the method of Claim 10, further comprising: 
 with the cold storage system, and prior to signing the blockchain transaction: 49 of 54COIN-P22-US (Par. (0103) “For example, this use case may be utilized for a cold wallet (e.g., corresponding to the cold wallet shown in FIG. 2B). In FIG. 4B, a client application 410 (e.g., utilized by a user via a client device) may send a transaction signing request (e.g., including transaction data to sign and a keychain path to be used for Bip32 key derivation) to a TSS 420.”; cold storage system (cold wallet)) prior to singing the blockchain transaction (transaction signing request before steps below are performed))
receiving the blockchain transaction to be signed, (Par. (0095) “the SFTSP may protect addresses used for receiving funds in transactions between paired cold and hot wallets. These addresses are derived from master keys in a similar way as the derivation of private keys used for transaction signing.”; receiving a blockchain transaction (receiving funds in transaction) to be signed (for transaction signing))
However Cheng does not explicitly teach o	accessing the threshold number of the plurality of message signing key shards from a plurality of account managers, and o	storing each accessed message signing key shard and the blockchain transaction at the removable computer-readable storage medium.
Wherein Ricotta teaches accessing the threshold number of the plurality of message signing key shards from a plurality of account managers, and (Col. 7 lines 1-35 “Data Access [..] To access any part or all of the information set (i.e., data 302), data cloaking module 106 searches immutable journal 108 for blocks corresponding to shards 350 of data 302 [..] requesting shard 350(1) from data store 120(1), and retrieves shard 350(2) from data store 120(2). Once the necessary shards 350 are received, data cloaking module 106 uses the appropriate portion of cipher stream 304 to decipher shards 350 to form data 704..”; accessing plurality of message signing key shards (to access data [..] requested shards)), (Fig 4 label 350 (1-3); threshold number of a plurality of message signing key shards (pre-set number (3) of key shards)), Col. 5 lines 1-45 “Platform 100 is formed of a plurality of nodes 102 that communication with each other via the computer network. Each node 102 is a computer that includes at least one processor, a memory comprising one or more of RAM, ROM, FLASH, magnetic media, optical media, and so on, and one or more interfaces for communication. Each node 102 operates to provide a service 198 to an actor 150, and thereby services 198 of platform 100 operate to store data received from one or more of the actors 150 [..] Trust (a central tenant of any security system) is managed on a peer-to-peer basis, where nodes 102 collectively manage trust.”; plurality of account managers (plurality of nodes that manage trust and provide service to actors))
storing each accessed message signing key shard and the blockchain transaction at the removable computer-readable storage medium. (Figure 4 labels 120(1-3) 106 (1-3) and 350(1-33); storing each message signing key shards (shard label 350 (1-3)) and the blockchain transaction (immutable journal label 106(1-3) at a removable computer readable storage medium (data store label 120)), (Col. 5 lines 50-57 “Immutable journal 108, implemented using BlockChain 199, is distributed across nodes 102 to provide a secure record of transactions that cannot be altered. Since immutable journal 108 is distributed across all nodes 102, each consensus trust model 104 in each node 102 is aware of, and may validate, all data transactions”; blockchain transactions (immutable journal corresponding to record of transactions)), (Fig. 4 labels 120; removable computer readable storage medium (data store label 120 that is external))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Ricotta within the teachings of Cheng for the reasons discussed in independent claim 10 stated above.

In regards to Claim 13, the combination of Cheng and Ricotta teach the method of claim 10, Cheng further teaches the method of Claim 12, wherein the cold storage system operates within an on- line computing environment, and (Par. (0275) “The SFTSP architecture may be deployed to both online and offline keys for hot (e.g., networked) and cold (e.g., non-networked) storage (e.g., runtime signing steps 1-3 describe online transaction signing with two key shares in hot storage), and to mixed online and offline keys for air-gapped cold storage transaction signing (e.g., runtime signing steps 11-16 describe offline transaction signing with three key shares in hot and cold storage).”; cold storage system (SFTSP architecture associated with cold storage) operating within an on-line computing environment (signing of online transactions mixed with offline storage))
wherein the secure signing system operates within an off-line computing environment. ((Par. (0275) “The SFTSP architecture may be deployed to both online and offline keys for hot (e.g., networked) and cold (e.g., non-networked) storage (e.g., runtime signing steps 1-3 describe online transaction signing with two key shares in hot storage), and to mixed online and offline keys for air-gapped cold storage transaction signing (e.g., runtime signing steps 11-16 describe offline transaction signing with three key shares in hot and cold storage).”; secure signing (transaction signing ) operating within an off-line computing environment (SFTSP corresponding to offline for cold storage storage))

In regards to Claim 14, Cheng does not explicitly teach the method of Claim 12, wherein the cold storage system asynchronously accesses the threshold number of the plurality of message signing key shards from the plurality of account managers.
Wherein Ricotta teaches the method of Claim 12, wherein the cold storage system asynchronously accesses the threshold number of the plurality of message signing key shards from the plurality of account managers. (Col. 7 lines 1-35 “Data Access [..] To access any part or all of the information set (i.e., data 302), data cloaking module 106 searches immutable journal 108 for blocks corresponding to shards 350 of data 302 [..] requesting shard 350(1) from data store 120(1), and retrieves shard 350(2) from data store 120(2). Once the necessary shards 350 are received, data cloaking module 106 uses the appropriate portion of cipher stream 304 to decipher shards 350 to form data 704..”; accessing plurality of message signing key shards (to access data [..] requested shards)), (Fig 4 label 350 (1-3); threshold number of a plurality of message signing key shards (pre-set number (3) of key shards)), (Col. 5 lines 1-45 “Platform 100 is formed of a plurality of nodes 102 that communication with each other via the computer network. Each node 102 is a computer that includes at least one processor, a memory comprising one or more of RAM, ROM, FLASH, magnetic media, optical media, and so on, and one or more interfaces for communication. Each node 102 operates to provide a service 198 to an actor 150, and thereby services 198 of platform 100 operate to store data received from one or more of the actors 150 [..] Trust (a central tenant of any security system) is managed on a peer-to-peer basis, where nodes 102 collectively manage trust.”; plurality of account managers (plurality of nodes that manage trust and provide service to actors))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Ricotta within the teachings of Cheng for the reasons discussed in independent claim 10 stated above.

In regards to Claim 18, Cheng teaches a system comprising a secure signing system comprising: 
at least one processor; and (Fig 32 label 3227, 3203)
at least one storage device that includes machine-executable instructions, that when executed by the at least one processor, control the secure signing system to: (Fig. 32 label 3214)
The remainder of the limitations recite similar limitations to independent claim 1 and are thereby rejected under the same grounds.

In regards to Claim 19, claim 19 is a system claim that recites similar limitations to dependent claim 12 and the teachings of Cheng and Ricotta address all the limitations discussed in claim 12 and are thereby rejected under the same grounds.

In regards to Claim 20, the combination of Cheng and Ricotta teach the system of claim 18, Cheng further teaches  the system of Claim 19, wherein the cold storage system operates within an on- line computing environment, and (Par. (0275) “The SFTSP architecture may be deployed to both online and offline keys for hot (e.g., networked) and cold (e.g., non-networked) storage (e.g., runtime signing steps 1-3 describe online transaction signing with two key shares in hot storage), and to mixed online and offline keys for air-gapped cold storage transaction signing (e.g., runtime signing steps 11-16 describe offline transaction signing with three key shares in hot and cold storage).”; cold storage system (SFTSP architecture associated with cold storage) operating within an on-line computing environment (signing of online transactions mixed with offline storage))
wherein the secure signing system operates within an off-line computing environment, and (Par. (0275) “The SFTSP architecture may be deployed to both online and offline keys for hot (e.g., networked) and cold (e.g., non-networked) storage (e.g., runtime signing steps 1-3 describe online transaction signing with two key shares in hot storage), and to mixed online and offline keys for air-gapped cold storage transaction signing (e.g., runtime signing steps 11-16 describe offline transaction signing with three key shares in hot and cold storage).”; secure signing (transaction signing ) operating within an off-line computing environment (SFTSP corresponding to offline for cold storage storage))
However Cheng does not explicitly teach wherein the cold storage system asynchronously accesses the threshold number of the plurality of message signing key shards from the plurality of account managers.
Wherein Ricotta teaches wherein the cold storage system asynchronously accesses the threshold number of the plurality of message signing key shards from the plurality of account managers. (Col. 7 lines 1-35 “Data Access [..] To access any part or all of the information set (i.e., data 302), data cloaking module 106 searches immutable journal 108 for blocks corresponding to shards 350 of data 302 [..] requesting shard 350(1) from data store 120(1), and retrieves shard 350(2) from data store 120(2). Once the necessary shards 350 are received, data cloaking module 106 uses the appropriate portion of cipher stream 304 to decipher shards 350 to form data 704..”; accessing plurality of message signing key shards (to access data [..] requested shards)), (Fig 4 label 350 (1-3); threshold number of a plurality of message signing key shards (pre-set number (3) of key shards)), (Col. 5 lines 1-45 “Platform 100 is formed of a plurality of nodes 102 that communication with each other via the computer network. Each node 102 is a computer that includes at least one processor, a memory comprising one or more of RAM, ROM, FLASH, magnetic media, optical media, and so on, and one or more interfaces for communication. Each node 102 operates to provide a service 198 to an actor 150, and thereby services 198 of platform 100 operate to store data received from one or more of the actors 150 [..] Trust (a central tenant of any security system) is managed on a peer-to-peer basis, where nodes 102 collectively manage trust.”; plurality of account managers (plurality of nodes that manage trust and provide service to actors))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Ricotta within the teachings of Cheng for the reasons discussed in independent claim 1 stated above.




Claims 2, is/are rejected under 35 U.S.C. 103 as being unpatentable over Cheng et al. (U.S Pub. No. 20190280864, hereinafter referred to as “Cheng”) and Ricotta et al. ( U.S. No. 11238164, hereinafter referred to as “Ricotta”) in further view of Langschaedel et al. ( U.S. Pub. No. 20150262171, hereinafter referred to as “Langschaedel”)

	In regards to Claim 2, Cheng does not explicitly teach The method of Claim 1, wherein asynchronously accessing message signing key shards from a plurality of account managers comprises:  •	identifying a source address of the blockchain transaction as being associated with a reusable cold key (RuCK) pair that includes the message signing private key, by using reusable cold key (RuCK) information stored by the cold storage system, •	in response to identifying the source address as being associated with the RuCK pair, accessing the message signing key shards for the message signing private key by using the RuCK information, which identifies account managers for each message signing key shard.
	Wherein Ricotta teaches the method of Claim 1, wherein asynchronously accessing message signing key shards from a plurality of account managers comprises: 45 of 54COIN-P22-US Figure 4 labels 305, 304, 306, 402 and 350(1); message signing key shards (key with cipher data is sharded)), (Col. 6 lines 65-67 and Col. 7 lines 1-15 “Only permitted parties (e.g., actor 150) are allowed to access shards 350. Shards 350 that form one particular data set (e.g., cipher data 306, and thus data 302) may be referred to as an “information set”.”; accessing message signing key shards (only permitted users are allowed access to shards)), (Col. 9 lines 1-15 “ Data Access [..] To access any part or all of the information set (i.e., data 302), data cloaking module 106 searches immutable journal 108 for blocks corresponding to shards 350 of data 302. Data cloaking module 106 then determines a proper topology of keys 310 (not actual keys themselves) used to protect shards 350, and compares that journal to a graph 308 that represents the identity of the information requestor.”; accessing message signing key shards (to access the information [..] corresponding to shards)), (Figure 4 label Shard 350(1), Security Permissions; accessing message signing key shards (security permission corresponding to each shard)) (Col. 5 lines 1-45 “Platform 100 is formed of a plurality of nodes 102 that communication with each other via the computer network. Each node 102 is a computer that includes at least one processor, a memory comprising one or more of RAM, ROM, FLASH, magnetic media, optical media, and so on, and one or more interfaces for communication. Each node 102 operates to provide a service 198 to an actor 150, and thereby services 198 of platform 100 operate to store data received from one or more of the actors 150 [..] Trust (a central tenant of any security system) is managed on a peer-to-peer basis, where nodes 102 collectively manage trust.”; plurality of account managers (plurality of nodes that manage trust and provide service to actors))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Ricotta within the teachings of Cheng to include asynchronously accessing message signing key shards from a plurality of account managers, storing and accessing each message signing key shard and the blockchain transaction at a removable computer-readable storage medium because of the analogous concept of blockchain technologies and the process of sharding or splitting key for secure storage. Ricotta includes a process of accessing and storing key shards associated with a transaction in the blockchain, this is important because by creating a method to access based on permissions and store shards of keys the signing process of cryptocurrency becomes even more securely protected from compromise of the keys, forgery or further harm. By initiating a sharding process and a way to store and access the shards it becomes that more difficult for malware attackers to predict or access the keys and in return provides a new way to manage of keys corresponding to the blockchain ledger. 
	However Cheng and Ricotta do not explicitly teach •	identifying a source address of the blockchain transaction as being associated with a reusable cold key (RuCK) pair that includes the message signing private key, by using reusable cold key (RuCK) information stored by the cold storage system, •	in response to identifying the source address as being associated with the RuCK pair, accessing the message signing key shards for the message signing private key by using the RuCK information, which identifies account managers for each message signing key shard.
Wherein Langschaedel teaches identifying a source address of the blockchain transaction as being associated with a reusable cold key (RuCK) pair that includes the message signing private key, by using reusable cold key (RuCK) information stored by the cold storage system, (Par. (0084) “The first wallet (Wallet A) also includes a number of Bitcoin addresses (Bitcoin address 1; Bitcoin address 2) that have been created due to respective transfers or purchases (Transfer 1; Transfer 2). The first Bitcoin address (Bitcoin address 1) is created due to a purchase (Transfer 1) from a master wallet of the first host computer system 14 (First Host) and is recorded for a value in an amount in bitcoin.”; source address of the blockchain transaction (first wallet with first bitcoin address)), (Par. (0033) “detecting [..] the first and second messages sent to the first and second addresses, and instructing the transaction processor to transfer the amount of bitcoin out of the vault only if both the first and second authorization instructions are detected.”; identifying a source address of the blockchain transaction ( first and second addresses are detected)), (Par. (0201) “For purposes of this discussion, the block chain checker 567 checks the block chain to determine whether there are any new transactions for the bitcoin addresses 502 and 510 stored in association with the button ID 460. If the block chain checker 567 finds any further transactions, the block chain checker 567 notifies the bit updater 568. At 572, the bit updater 568 updates the bits 480 that are associated with the respective bitcoin address 502 or 510.”; identifying a source address of the blockchain transaction (determine whether the bitcoin addresses)), (Par. (0008) “The wallet stores the public key of the Bitcoin address and its associated private key.”; as being associated with a reusable cold key (cold wallet with public/private key pair corresponding to address of blockchain transaction)), (Par. (0014) “Bitcoin transacting requires the use of a public key and a private key. The private key is used to sign an authorization and the public key is used to verify the signature.”; message signing private key (private key corresponding to address used to sign)), (Par. (0107-0108) “are used for cold storage of value of bitcoin, including a local storage 56, a local controller 58, a vault 64, a splitter 66,[..] The vault 64 has a Bitcoin address 80 with a private key 79. The private key 79 is, for purposes of illustration, shown as a nine digit sequence of characters that are provided to the splitter 66. For purposes of illustration, the splitter 66 splits the nine digits of the private key 79 into seven overlapping codes”; by using reusable cold key information stored in a cold storage system ( cold storage of bitcoin with vault that has address and private key information that is split))
in response to identifying the source address as being associated with the RuCK pair, accessing the message signing key shards for the message signing private key by using the RuCK information, which identifies account managers for each message signing key shard. (Par. (0107-0108) “are used for cold storage of value of bitcoin, including a local storage 56, a local controller 58, a vault 64, a splitter 66,[..] The vault 64 has a Bitcoin address 80 with a private key 79. The private key 79 is, for purposes of illustration, shown as a nine digit sequence of characters that are provided to the splitter 66. For purposes of illustration, the splitter 66 splits the nine digits of the private key 79 into seven overlapping codes”; accessing the message signing key shards (private key in cold storage vault that is split)), (Par. (0112-0116) “access can be gained to the private key 79 that has now been split and distributed, it is not possible to access the value of the Bitcoin addresses 76 and 78. It is now possible for a user to which the wallet 42 is registered to use the Bitcoin address 74 f  [..] The private key 79 of the Bitcoin address 80 in the local storage 56 is used to access the vault 64. The local controller 58 then restores the private key 79 from the local storage into the vault for association with the Bitcoin address. The block chain will know whether the private key 79 that has been restored is the same private key 79 that was previously associated with the Bitcoin address”; accessing the message signing key shards (access to vault with private key that has been split)), (Par. (0144) “managing bitcoin wherein a personal vault is created for a user. At 220, the user already has an account that the user can log into using a website. The account has a first email (electronic communication) address.”; which identifies account managers for each message (user managing account corresponding to personal vault)), (Par. (0149) “the first host computer system 14 makes a determination whether all the additional email addresses are associated with other accounts within the first host computer system 14. If all the additional email addresses are associated with other accounts, then the first host computer system 14 proceeds at 248 to update the account represented at 220 with a vault that includes”; account managers))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Langschaedel within the teachings of Cheng and Ricotta to include identifying a source address of the blockchain transactions associated with the cold keys and accessing the message signing key shards in a response to it because of the analogous concept of key fragmentation, sharding or splitting for secure storage. Langschaedel includes a process of identifying a source of the blockchain transaction that is linked to the reusable cold keys and in response accessing the signing key shards after identifying the source address. This is important because it provides a detection mechanism and alerts other users in the key management process the valid and correct address of the blockchain that correlates to the access of the key shards. This prevents illegitimate entities from tampering, intercepting or modifying the key generation process as prevents harm from the signing of blockchain transactions that are not authentic. 

	In regards to Claim 3, the combination of Cheng and Ricotta teach the method of claim 3, Cheng further teaches The method of Claim 2 further comprising, generating the RuCK pair, wherein generating the RuCK pair comprises: (Par. (0092) “an RSA key pair (e.g., a RSA public key RSApub, and a RSA private key RSApriv) may be generated on the PCI-e HSM as wrapping/unwrapping keys. At 102, the public key RSApub may be exported from the PCI-e HSM to RAM of the TSS for the fund transfer CLI program. At 103, the fund transfer CLI program may import the public key RSApub into the USB HSM.”; generating the RuCK pair)), (Par. (0096) “A cold wallet (e.g., holding the majority of funds offline), is using an offline (e.g., PCI-e) HSM hosting a SFTS component, a first cold wallet master private key share, and a RSA private key used for decrypting a second cold wallet master private key share retrieved from a portable HSM. The portable (e.g., USB-connected) HSM hosts the second cold wallet master private key share and the RSA public key matching the RSA private key stored in the offline (e.g., PCI-e) HSM”; RuCK pair (cold wallet corresponding to the public/private key pair))
 generating the message signing private key of the RuCK pair; (Par. (0085) “FIG. 1B, two master private key (or seed) shares of a master private key (e.g., a 64-byte seed) were generated (e.g., via Shamir's Secret Sharing) and stored on HSMs”; generating the message singing private key))
 generating a public key of the RuCK pair; (Par. (0092) “an RSA key pair (e.g., a RSA public key RSApub, and a RSA private key RSApriv) may be generated on the PCI-e HSM as wrapping/unwrapping keys.”; generating a public key))
encrypting the message signing private key of the RuCK pair by using the ceremony key to generate the private key ciphertext; (Par. (0102) “The second HSM may encrypt the master private key using the public key encryption key (e.g., associated with the first HSM), and may respond to the get master request by returning the encrypted master private key to the first HSM. The first HSM may decrypt the master private key using the private key decryption key, may utilize the decrypted master private key and the SFTS module to sign the transaction, and may respond with a signed transaction”; encrypting the message signing private key by using the ceremony key (encrypt the master private key using the public key)), (Par. (0085-0089) “or seed) shares of a master private key (e.g., a 64-byte seed) were generated (e.g., via Shamir's Secret Sharing) and stored on HSMs. Seed share one (e.g., a 64-byte seed share) was generated and/or stored (e.g., with proper attributes) on Gemalto's ProtectServer PCI-e HSM. Seed share two (e.g., a 64-byte seed share) was generated and/or stored [..] whether a seed share is readable (e.g., can be revealed in plaintext) outside of HSM [..] attributes for seed share one may be set to make seed share one sensitive and not exportable. In another example, attributes for seed share two may be set to make seed share”; to generate private key ciphertext (seed of private key is generated))
splitting the private key ciphertext into a plurality of message signing key shards; (Par. (0106) “in implementations where the master private key is split into more than two shares and retrieved from multiple portable HSMs (e.g., to reassemble the master private key from three shares))”; splitting the private key ciphertext into a plurality (private key is split into shares)), (Par. (0211) “SplitSeed—this method receives a master key value, 512-bit number, and returns an array of master key secret shares. Generation of master key shares is implemented by the SFKB component. Temporary materials, including the decrypted master key value,”; splitting the private key ciphertext (seed corresponding to master private key is split into shares))
generating at least a portion of the RuCK information; (Par. (0085) “As shown in FIG. 1B, two master private key (or seed) shares of a master private key (e.g., a 64-byte seed) were generated”; at least a portion of RuCK information (shares of private key are generated)), (Par. (0106) “where the master private key is split into more than two shares and retrieved from multiple portable HSMs (e.g., to reassemble the master private key from three shares)),”; at least a portion of RuCK information (two shares of private key)) (Examiner notes: the instant application states in the specification on Par. (0079) that RuCK information is information that identifies the public key. Therefore Examiner will broadly and reasonably interpreted portion of the RuCK information as shares of re-usable cold key that contains information to identify the key. Examiner suggest further amending the claims to define what portion of RuCK information represents to further enhance the scope of the claim))
providing the generated RuCK information and the public key to the cold storage system;  (Par. (0105) “may store a second master private key share (e.g., an ECDSA private key share) 444 and a public key encryption key (e.g., an RSA public key that corresponds to the RSA private key stored in the first HSM's tamper-proof storage) 446.”; providing the generated RuCK information (private key share) and the public key (public key) to the cold storage system first HSM in the cold wallet system))
deleting the private key of the RuCK pair, the private key ciphertext, …….. (Par. (0093) “wrapped seed share two, unwrapped seed share two, the recovered master private key, and the BIP-32 derived private key may be deleted from memory of PCI-e HSM. At 110, RSApub and wrapped seed share two may be deleted from memory of USB HSM and/or TSS”; deleting the private key, the private key ciphertext (master private key and unwrapped seed share may be deleted))
However Cheng does not explicitly teach •	encrypting each message signing key shard to a respective account manager; •	storing each encrypted message signing key shard; and the message signing key shards.
Wherein Ricotta teaches splitting the private key ciphertext into a plurality of message signing key shards; (Col. 1 lines 35-50 “ciphering received data; sharding the ciphered data into equally sized shards and storing each of the shards on at least one of the data stores; and sending each of the shards to another of the plurality of nodes”; splitting (sharding) the private key ciphertext into a plurality of message signing key shards)), (Figure 4 labels 305, 306, 302 and 350 (1-3)); key label 305 and cipher data label 306 is sharded into plurality of shards label 350(1-3)), (Col. 6 lines 40-65 “creates a cipher stream 304 (a type of one-time pad) prior to receiving data 302. For example, cipher stream 304 is generated from a nonce stream and a cryptographic key 310. [..] a sharder 402 that divides cipher data 306 into a plurality of shards 350. In certain embodiments, shards 350 are of equal size, where a final shard 350 may be null filled (padded) when not filled by cipher data 306. Data cloaking module 106 uses multi-key management to protect each shard 350”; splitting the private key ciphertext into a plurality (cryptographic key corresponding to cipher data is sharded into a plurality of shards))
encrypting each message signing key shard to a respective account manager; (Col. 11 lines 5-20 “where each shard is placed into a secure ciphered (e.g., encrypted) container, randomly distributed across data stores 120, and periodically moved between data stores 120. Nodes 102 thereby cooperate to enable a high protective state on sensitive data sets”; encrypting each message singing key shard (each shard is placed (encrypted) to a respective account manager (Nodes)), (Col. 5 lines 1-45 “Platform 100 is formed of a plurality of nodes 102 that communication with each other via the computer network. Each node 102 is a computer that includes at least one processor, a memory comprising one or more of RAM, ROM, FLASH, magnetic media, optical media, and so on, and one or more interfaces for communication. Each node 102 operates to provide a service 198 to an actor 150, and thereby services 198 of platform 100 operate to store data received from one or more of the actors 150 [..] Trust (a central tenant of any security system) is managed on a peer-to-peer basis, where nodes 102 collectively manage trust.”; plurality of account managers (plurality of nodes that manage trust and provide service to actors))
storing each encrypted message signing key shard; and (Col. 11 lines 5-20 “where each shard is placed into a secure ciphered (e.g., encrypted) container, randomly distributed across data stores 120, and periodically moved between data stores 120. Nodes 102 thereby cooperate to enable a high protective state on sensitive data sets”; storing the encrypted message singing key shard (each shard is placed (encrypted) distributed across data stores)),
and the message signing key shards. (Col. 8 lines 32-55 “and data cloaking module 106(1) deletes shard 350(3) from data store 120(1) and generates and stores a block 304(8), corresponding to deleted shard 350(3), within immutable journal 108(1). Step 2: Data cloaking module 106(2) sends a copy of shard 350(1) to node 102(1), data cloaking module 106(1) generates and stores a block 304(9), corresponding to storing shard of 350(1), within immutable journal 108(1), and data cloaking module 106(2) deletes shard 350(1) from data store 120(2) and generates and stores a block 304(10), corresponding to deleted shard 350(1), within immutable journal 108(2) [..] corresponding to deleted shard 350(2),”; deleting the message signing key shards (deleting shards 350(1-2))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Ricotta within the teachings of Cheng for the reasons discussed in dependent claim 2 stated above.
Claims 4-5 and 16-17, is/are rejected under 35 U.S.C. 103 as being unpatentable over Cheng et al. (U.S Pub. No. 20190280864, hereinafter referred to as “Cheng”), Ricotta et al. ( U.S. No. 11238164, hereinafter referred to as “Ricotta”) ,Langschaedel et al. ( U.S. Pub. No. 20150262171, hereinafter referred to as “Langschaedel”) and Rozman et al. ( U.S. Pub. No. 20160337124, hereinafter referred to as “Rozman”) in further view of Lepoint et al. ( U.S. Pub. No. 20190394020, hereinafter referred to as “Lepoint”)

In regards to Claim 4, the combination of Cheng and Ricotta teach the method of claim 1, Cheng further teaches the method of Claim 3, wherein accessing the message signing private key by using the message signing key shards and the ceremony key comprises:  (Par. (0105-0106) “user access rule for HSM activation and/or operation (e.g., 2-of-3 operation enforcement that allows access to the second master private key share if at least two out of three people provide their separate credentials to the second HSM)  [..] the second master private key share using the public key encryption key (e.g., associated with the first HSM), and may respond to the get master request by returning the encrypted second master private key share to the first HSM. [..] e.g., in implementations where the master private key is split into more than two shares and retrieved from multiple portable HSMs (e.g., to reassemble the master private key from three shares))”; accessing a message signing private key (allows access to second master private key) using the message signing key shards (master private key is split into more than two shares) and the ceremony key (public key corresponding to second master private key))
However Cheng, Ricotta and Langschaedel do not explicitly teach •	combining the message signing key shards to generate private key ciphertext, and •	decrypting the private key ciphertext by using the ceremony key to generate the message signing private key. 
Wherein Rozman teaches combining the message signing key shards to generate private key ciphertext, and (Par. (0047-0055) “Recovery unit 22 may then combine the received decrypted recovery portions 17 to reconstruct snapshot protection key 48 [..] together with identification information (ID) of the user, using that helper's public key, to generate a ciphertext for the helper. To this, encrypter 16 may add the associated helper's ID to produce the associated recovery portion 17 for that helper and may combine the portions together,”; combining the message signing key shards (combine the portions) to generate private key ciphertext (to generate a ciphertext)), (Par. (0018) “one helper enables his or her associated portion to be decrypted using his or her private key and sent back to the message exchange service, splitting the protection key into at least one portion per an associated helper, and encrypting each portion with the associated helper's public key.”; (message signing key shards (portions corresponding to private key/protection key))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Rozman within the teachings of Cheng, Ricotta and Langschaedel to include combining the message signing key shards to generate private key ciphertext because of the analogous concept of key splitting, sharding and fragmentation and secure storage upon generation. Rozman includes a process of combining the shards to generate ciphertext, this is important because by splitting or sharding the keys and later combining it enhances the key generation process and discourages attackers from interception or compromise because of the complexity of the sharding and combining. 
However Cheng, Ricotta, Langschaedel and Rozman do not explicitly teach •	decrypting the private key ciphertext by using the ceremony key to generate the message signing private key.
Wherein Lepoint teaches decrypting the private key ciphertext by using the ceremony key to generate the message signing private key. (Par. (0011) “ and generate one or more secret keys using the master security and one or more security attributes or security policies [..] to decrypt the ciphertext of the one or more data subgroups within in the unstructured data container collection of data of the ciphertext using [..] the one or more public keys.”; decrypting the ciphertext using the ceremony keys (decrypting the cipher text using one or more public keys) to generate the signing private key (generate one or more secret keys)), (Par. (0062) “Encrypt k using Encrypt.sub.pk and pk to obtain ct.sub.pk; [0066] Output the hybrid ciphertext ct=(ct.sub.pk, ct.sub.sk).”; private key ciphertext (ciphertext with secret key (sk))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Lepoint within the teachings of Cheng, Ricotta and Langschaedel and Rozman to include decrypting the private key ciphertext by using the ceremony key to generate the message signing private key because of the analogous concept of key generation ad secure exchange. Le point includes a process in which the ciphertext is decrypted and a generation of ta private key is executed. This is significant because the decryption of the ciphertext must correlated to the newly generated singing key this provides clarity to the system and allows user to be assured the decryption process was not tampered or modified.

In regards to Claim 5, the combination of Cheng and Ricotta teach the method of claim 1, Cheng further teaches the method of Claim 4, wherein generating the RuCK pair further comprises: (Par. (0092) “an RSA key pair (e.g., a RSA public key RSApub, and a RSA private key RSApriv) may be generated on the PCI-e HSM as wrapping/unwrapping keys. At 102, the public key RSApub may be exported from the PCI-e HSM to RAM of the TSS for the fund transfer CLI program. At 103, the fund transfer CLI program may import the public key RSApub into the USB HSM.”; generating the RuCK pair)), (Par. (0096) “A cold wallet (e.g., holding the majority of funds offline), is using an offline (e.g., PCI-e) HSM hosting a SFTS component, a first cold wallet master private key share, and a RSA private key used for decrypting a second cold wallet master private key share retrieved from a portable HSM. The portable (e.g., USB-connected) HSM hosts the second cold wallet master private key share and the RSA public key matching the RSA private key stored in the offline (e.g., PCI-e) HSM”; RuCK pair (cold wallet corresponding to the public/private key pair))
securely storing the ceremony key at the HSM; and (Par. (0096) “The portable (e.g., USB-connected) HSM hosts the second cold wallet master private key share and the RSA public key matching the RSA private key stored in the offline (e.g., PCI-e) HSM”; storing the ceremony key (public key) at the HSM (public key stored in the offline HSM)
deleting the ceremony key from the secure signing system. (Par. (0093) “At 109, RSApub, RSApriv, wrapped seed share two, unwrapped seed share two, the recovered master private key, and the BIP-32 derived private key may be deleted from memory of PCI-e HSM. At 110, RSApub and wrapped seed share two may be deleted from memory of USB HSM and/or TSS.”; deleting the ceremony key (deleting the RSApub from HSM)), (Par. (0151) “In another implementation, an action may be triggered based on a specified condition (e.g., invalid RSA public key obtained three times). For example, the triggered action may be to erase data associated with the wallet.”; deleting the ceremony key (RSA public key invalid three times corresponding to erased data)) 

In regards to Claim 16, claim 16 recites similar limitations to dependent claim 4 and the teachings of Cheng, Ricotta and Langschaedel, Rozman and Lepoint address all the limitations discussed in claim 6 and are thereby rejected under the same grounds.

In regards to Claim 17, the combination of Cheng and Ricotta teach the method of claim 10, Cheng further teaches the method of Claim 16, 
wherein providing the signed blockchain transaction to the cold storage system comprises: storing the signed blockchain transaction at a second removable computer-readable storage medium, (Par. (0278) “adThe signed transaction and the wrapped online cold key share three may be transferred via an external storage device 2315 (e.g., a USB drive) to the first cold HSM. The first cold HSM may unwrap online cold key share three using the unwrapping key C_RSA_priv of the cold RSA pair.”; providing the signed blockchain transaction to the cold storage system (the signed transaction being transferred to the first cold HSM storage)), (Par. (0346) “the external storage device (e.g., or another USB storage device) containing the signed transaction has been inserted. In another implementation, a notification that the external storage device (e.g., or another USB storage device) has been inserted may be obtained from the operating system and the external storage device may be checked to determine whether removed the external storage device contains the signed transaction”; storing the signed blockchain transaction at second removable computer readable storage medium (another USB storage device that can be inserted containing signed transaction))
wherein the method further comprises: 
decoupling the second computer-readable storage medium from the secure signing system, and (Par. (Par. (0346) “the external storage device (e.g., or another USB storage device) containing the signed transaction has been inserted. In another implementation, a notification that the external storage device (e.g., or another USB storage device) has been inserted may be obtained from the operating system and the external storage device may be checked to determine whether the external storage device contains the signed transaction”; decoupling the second removable computer readable storage medium (another USB storage device that is an external storage device from the system that can be inserted or uninserted))
coupling the second computer-readable storage medium to the cold storage system.( Par. (0346) “the external storage device (e.g., or another USB storage device) containing the signed transaction has been inserted. In another implementation, a notification that the external storage device (e.g., or another USB storage device) has been inserted may be obtained from the operating system and the external storage device may be checked to determine whether the external storage device contains the signed transaction”; decoupling the second removable computer readable storage medium (another USB storage device that can be inserted to the cold storage system))


Claims 6 and 15 , is/are rejected under 35 U.S.C. 103 as being unpatentable over Cheng et al. (U.S Pub. No. 20190280864, hereinafter referred to as “Cheng”), Ricotta et al. ( U.S. No. 11238164, hereinafter referred to as “Ricotta”) ,Langschaedel et al. ( U.S. Pub. No. 20150262171, hereinafter referred to as “Langschaedel”) and Iyer et al. ( U.S. Pub. No. 20190207754, hereinafter referred to as “Iyer”) in further view of Choi  et al. ( U.S. Pub. No. 20200213107, hereinafter referred to as “Choi”)

	In regards to Claim 6, the combination of Cheng and Ricotta teach the method of claim 1, Cheng further teaches The method of Claim 2, wherein accessing the ceremony key from the HSM comprises: (Par. (0149-0151) “A RSA public key may be requested from a HSM at 606. In one implementation, a public key request message may be sent to the HSM to request the RSA public key. [..] if the obtained RSA public key is valid, the RSA public key may be provided to a portable HSM at 610. For example, the RSA public key may be utilized”; access the ceremony key from the HSM ( public key requested from a HSM and obtained then utilized))
using passphrase shards accessed from respective passphrase shard HSMs to assemble an HSM passphrase, and (Par. (0101) “In one embodiment, the second HSM may include a split credentials PIN entry device (PED) to provide for multiple-person (e.g., M-of-N) user access rule for HSM activation and/or operation (e.g., 2-of-3 operation enforcement that allows access to the master private key if at least two out of three people provide their separate credentials to the second HSM).”; using passphrase shards accessed from passphrase shard HSM ( HSM may split a credential PIN) to assemble an HSM passphrase ( user access rule for HSM allows access if two out of three people provide their separate credentials that were split))
However Cheng, Ricotta and Langschaedel do not explicitly teach using the assembled HSM passphrase to unlock the HSM and access the ceremony key.
Wherein Iyer teaches using the assembled HSM passphrase to unlock the HSM …. (Par. (0014) “the two or more random token segments, access the one or more static random token tables, retrieve the two or more encrypted data segments from the one or more static random token tables for each of the two or more random token segments, combine the two or more encrypted data segments”; using the assembled HSM passphrase ( token segments and combining the two or more encrypted token segments)), (Par. (0044) “The random token  [..] the ideal number of characters in a split segment may be set to a specific number. For instance, the system may be configured to split the data in to segments containing an ideal number of 6 characters. For a numerical data string containing 14 digits, the system would split the data string into 3 data segments, the first containing 6 digits, the second containing 6 digits, and the third containing only 2 digits.”; assembled HSM passphrase (token that is segmented/split into a number)), (Par. (0052) “may be split into two or more groupings of tokens. Each grouping of tokens may utilize a different encryption method and/or key in order to provide additional security to the storage of the randomized token tables”; assembled HSM passphrase ( split token that is grouped)), (Par. (0043) “ the HSM 116 may include a dedicated partition for the tokenization [..] accessing the HSM 116 must be registered offline using mutual authentication, and this operation must be completed before accessing HSM at runtime. In some embodiments, the tokenization module 102 uses Public-Key Cryptographic Standards (PKCS#11), API standard and a cryptoki.dll library for accessing HSM at runtime.”; to unlock he HSM (accessing the HSM at runtime corresponding to partitioned or segmented tokens))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Iyer within the teachings of Cheng, Ricotta and Langschaedel to include assembling the passphrase and unlocking the HSM because of the analogous concept of secure protection of cryptographic keys. Iyer includes a process of assembling an HSM passphrase to then unlock the HSM, this is important because it securely protects the cryptographic key generation and exchange from harm because of the enhanced process of only unlocking the HSM device after subsequent assembly and combination of the portions of passphrases. This discourages attackers from modifying or forging access into the HSM because only authorized entities with the corresponding segments of the passphrase combined can be granted access. 
However Cheng, Ricotta, Langschaedel and Iyer do not explicitly teach .. and access the ceremony key.
Wherein Choi teaches and access the ceremony key. (Par. (0057) “that the security API for accessing the symmetric key of the mounted HSM 15 may operate.”; accessing the ceremony key (accessing the symmetric key)), (Par. (0022) “The determining of whether to permit access to the HSM comprises receiving a key identifier of the symmetric key;”; to unlock the HSM ( permit access to the HSM))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Choi within the teachings of Cheng Ricotta, Langschaedel and Iyer to include access to the ceremony key to unlock the HSM because of the analogous concept of secure protection of cryptographic keys. Choi includes a process in which access to the ceremony key corresponds to the unlocking or access of an HSM. This creates regulator system that only permits entry or unlocking of the HSM device in correlation to the keys. This protects the HSM from tampering, compromise or harm because of the access control polices associated with the keys. 

In regards to Claim 15, claim 15 recites similar limitations to dependent claim 6 and the teachings of Cheng, Ricotta, Langschaedel, Iyer and Choi address all the limitations discussed in claim 6 and are thereby rejected under the same grounds.



Claims 7 , is/are rejected under 35 U.S.C. 103 as being unpatentable over Cheng et al. (U.S Pub. No. 20190280864, hereinafter referred to as “Cheng”), Ricotta et al. ( U.S. No. 11238164, hereinafter referred to as “Ricotta”) ,Langschaedel et al. ( U.S. Pub. No. 20150262171, hereinafter referred to as “Langschaedel”), Iyer et al. ( U.S. Pub. No. 20190207754, hereinafter referred to as “Iyer”) and Choi  et al. ( U.S. Pub. No. 20200213107, hereinafter referred to as “Choi”) in further view of Zhang et al. ( U.S. Pub. No. 20190238550, hereinafter referred to as “Zhang”)

In regards to Claim 7, the combination of Cheng and Ricotta teach the method of claim 1, Cheng further teaches The method of Claim 6, wherein accessing the message signing key shards for the message signing private key by using the RuCK information comprises: (Par. (0105-0106) “user access rule for HSM activation and/or operation (e.g., 2-of-3 operation enforcement that allows access to the second master private key share if at least two out of three people provide their separate credentials to the second HSM)  [..] the second master private key share using the public key encryption key (e.g., associated with the first HSM), and may respond to the get master request by returning the encrypted second master private key share to the first HSM. [..] e.g., in implementations where the master private key is split into more than two shares and retrieved from multiple portable HSMs (e.g., to reassemble the master private key from three shares))”; accessing a message signing private key (allows access to second master private key) using the message signing key shards (master private key is split into more than two shares) and the ceremony key (public key corresponding to second master private key))
sending a shard request to each account manager by using the RuCK information, and (Col 7 lines 1-25 “the information requestor. Data cloaking module 106 then determines a current location (i.e., one or more nodes 102 and/or data store 120) of each shard 350 needed for the requested data, and then sends a message 702 to each corresponding node 102 to requests those shards from the determined locations. Where the data is stored local to data cloaking module 106, it is retrieved directly from the data store 120. For example, based upon blocks 304, data cloaking module 106(1) sends message 702 to node 102(1) requesting shard 350(1) from data store 120(1), and retrieves shard 350(2) from data store 120(2). Once the necessary shards 350 are received”; sending a shard request (requested shard) using the RuCK information (block/information/ data corresponding to shard)) (Col. 5 lines 1-45 “Platform 100 is formed of a plurality of nodes 102 that communication with each other via the computer network. Each node 102 is a computer that includes at least one processor, a memory comprising one or more of RAM, ROM, FLASH, magnetic media, optical media, and so on, and one or more interfaces for communication. Each node 102 operates to provide a service 198 to an actor 150, and thereby services 198 of platform 100 operate to store data received from one or more of the actors 150 [..] Trust (a central tenant of any security system) is managed on a peer-to-peer basis, where nodes 102 collectively manage trust.”; plurality of account managers (plurality of nodes that manage trust and provide service to actors))
However Cheng, Ricotta, Langschaedel, Iyer and Choi do not explicitly teach •accessing information from at least a threshold number of account managers.
Wherein Zhang teaches accessing information from at least a threshold number of account managers. (Par. (0065) “account accesses data, the permission of the account configured to the user node will be confirmed, so that the user node is controlled in accessing and reading, etc., and data in the blockchain”; accessing information (accessing data corresponding to permission of the account)), (Par. (0015-0016) “an administrator node and a user node, wherein the administrator node is a node configured with an administrator account in a blockchain network; [..] the administrator node is configured to write a preset correspondence between account roles and permissions into a block of a blockchain; determine a role of a target account”; account managers (administrator node corresponding to management or defining roles of accounts on blockchain)), (Par. (0071) “, a preset number of administrator nodes can be predetermined in a blockchain network. Predetermining here refers to assigning an administrator account to a user node to make it an administrator node. The preset number of administrator nodes establish a P2P connection with each other to form an initial blockchain network. According to the above embodiments, the preset number of administrator nodes store at least one block,”; threshold number of account managers (preset number of administrator nodes))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Zhang within the teachings of Cheng Ricotta, Langschaedel, Iyer and Choi to include accessing information from a threshold number of account managers because of the analogous concept of blockchain technologies and access control of data exchanged through multiple users. Zhang includes a process in which a threshold number of account managers are accessing information. This is important because by implementing a preset or determined number of account managers corresponding to access control of information it prevents susceptibility to harm or exposure of information that may lead to compromise because of the unregulated roles of the access associated with the account managers. By defining a preset number of account managers who have the roles and privileges for accessing information it protects the system from unauthorized users attempting to modify or tamper and maintains the integrity of the communications as a whole. 


Relevant Prior Art

The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.

BESTLER; Caitlin (U.S Pub. No. 20160191250) “Read-Modify-Write Processing Of Chunks At The Storage Server Level In A Distributed Object Storage System”. Considered this reference because it addressed a similar concept of sharding and a distributed storage.

Alness; Andrew E. (U.S Pub. No. 20160344543) “SECURITY SYSTEM FORMING PART OF A BITCOIN HOST COMPUTER”. Considered this application because it relates to a ceremony key and bitcoin technologies that are used to signing of transactions and encryption techniques similar to the instant application.

Gallancy; Daniel H. (U.S Pub.  No. 20190288840) “PASSWORDLESS SECURITY SYSTEM FOR DATA-AT-REST”. Considered this application because it addressed key sharding a secure storage as well as encryption techniques and combining the key shards.

Conclusion


Any inquiry concerning this communication or earlier communications from the examiner should be directed to HASSAN A HUSSEIN whose telephone number is (571)272-3554. The examiner can normally be reached on 7:30am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni Shiferaw can be reached on (571)272-3867. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/H.A.H./Examiner, Art Unit 2497

/Jeremy S Duffield/Primary Examiner, Art Unit 2498