DETAILED ACTION
Acknowledgements
This Office Action is in response to Applicant’s correspondence filed on 8/2/22.
The Examiner notes that citations to United States Patent Application Publication paragraphs are formatted as [####], #### representing the paragraph number.
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Status of Claims
Claims 21-40 are currently pending.
Claims 21-40 are rejected as set forth below.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .


Response to Arguments	
Claim Rejections - 35 U.S.C. § 112(b)
Applicant’s arguments with respect to claim(s) 31 have been fully considered are persuasive. The rejection (and corresponding rejections to its dependent claims, if applicable) is withdrawn.

Claim Rejections - 35 U.S.C. § 103
Applicant’s arguments with respect to claim(s) 21, 31, 40 have been fully considered but are not persuasive. The rejection (and corresponding rejections to its dependent claims, if applicable) is maintained.
Applicant contends Bennett fails to teach or suggest “(i) receiving "from a server computer of the cryptoasset custodial system, a requested operation description including data describing a cryptoasset transaction and an organization that owns a cryptoasset," (ii) determining "at least one reviewing entity required for approval of the cryptoasset transaction based at least in part on a policy map for the organization," and (iii) responsive to receiving an indication of the authentication of the at least one reviewing entity from the risk analysis module, signing . . . the cryptoasset transaction using a cryptographic key stored in the hardware security module". Applicant’s Remarks p13. In response to applicant's arguments against the references individually, one cannot show nonobviousness by attacking references individually where the rejections are based on combinations of references. See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986). Specifically, the basis for obviousness relies upon Bennett in combination with Arai, Baset, and Green.
Applicant contends none of the cited art teaches a server computer that performs the steps of transmitting to a computing device an approval request and performing a cryptoasset transaction. The Examiner respectfully disagrees. Arai teaches the client node including a communication device 46 for communicating with other nodes ([0041]). The aforementioned steps rely upon server computer such as the communication device to receive and transmit data. It is noted that performing a cryptoasset transaction is equivalent to broadcasting, or transmitting, a blockchain transaction to other nodes.
Applicant contends the combination of Arai, Baset, Green, and Bennett were combined using hindsight reconstruction. Applicant’s Remarks p15. The Examiner respectfully disagrees. In response to applicant's argument that the examiner's conclusion of obviousness is based upon improper hindsight reasoning, it must be recognized that any judgment on obviousness is in a sense necessarily a reconstruction based upon hindsight reasoning. But so long as it takes into account only knowledge which was within the level of ordinary skill at the time the claimed invention was made, and does not include knowledge gleaned only from the applicant's disclosure, such a reconstruction is proper.  See In re McLaughlin, 443 F.2d 1392, 170 USPQ 209 (CCPA 1971). Applicant has not clearly established that only knowledge gleaned from the applicant’s disclosure was used to establish the basis for obviousness.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 21-40 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-19 of U.S. Patent No. 11301849. Although the claims at issue are not identical, they are not patentably distinct from each other because the limitations of claim 1 in U.S. Patent No. 11301849 discloses the same functions/steps of claim 21 in the pending application. The only minor differences are that some of the limitations of claim 1 of U.S. Patent No. 11301849 were taken out and put into dependent claims of the pending application.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 21, 23-31, 33-40 is/are rejected under 35 U.S.C. 103 as being unpatentable over United States Patent Application Publication No. 20200074468 to Arai in view of United States Patent Application Publication No. 20050273442 to Bennett, United States Patent Application Publication No. 20200371833 to Baset, and United States Patent Application Publication No. 20200005296 to Green.
As per claims 21, 31, 40, Arai teaches:
receiving, by a security module of a cryptoasset custodial system (e.g. client node) from a server computer of the cryptoasset custodial system, a requested operation description (e.g. predetermined transaction) including data describing a cryptoasset transaction (e.g. txid) and an organization (e.g. org1) that owns a cryptoasset; (Fig 10-11, [0087]-[0095], “FIG. 10 is a sequence diagram illustrating an example of the agreement formation process. The agreement formation process is started by, for example, inputting predetermined information on a transaction to the client node 100 and by performing an automatic execution program of the transaction incorporated in the client node 100 in advance. Here, FIG. 11 is a diagram illustrating an example of the transaction data T200. The transaction data T200 are configured to include information of respective items of a transaction identifier T201 which is an identifier of a transaction; an issuer T202 which is an issuer of the transaction (any one of the participants in the consortium); a function T203 which is a smart contract function in a smart contract related to the transaction; and a smart contract argument T204 which is an argument in the smart contract function.”; [0041], “Each node includes:… a communication device 46 for communicating with other nodes.”)
determining, by the security module, at least one reviewing entity (e.g. approval node) required for approval of the cryptoasset transaction (e.g. transaction) based at least in part on a policy map (e.g. policy requirements) for the organization; responsive to receiving an indication of the determination from the security module, transmitting, by the server computer of the cryptoasset custodial system and to a computing device of the at least one reviewing entity (e.g. approval node), an approval request (e.g. approval request) for the cryptoasset transaction; ([0054], [0063]-[0066], [0091]-[0092], “The approval request transmission unit 135 transmits a predetermined approval request to a predetermined information processing device (that is, the approval node 200) which is associated with the approver of the transaction who is specified based upon the agreement policy P100 generated by the agreement policy calculation unit 133.”)
Arai does not explicitly teach, but Bennett teaches:
a hardware security module (e.g. HSM); (Fig 2, [0060]-[0067], “The authentication module 116 may include or be associated with an authentication application 111, a history database 109, a channel user mapping database 110, external communication engines 113 and an HSM 112.”)
cryptographic keys (e.g. signing keys) stored in the hardware security module (e.g. HSM); ([0061], “The HSM 112 may store the signing keys in a secure manner and may communicate with the authentication application 111.”)
One of ordinary skill in the art would have recognized that applying the known technique of Bennett to the known invention of Arai as modified would have yielded predictable results and resulted in an improved invention. It would have been recognized that the application of the technique would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate such cryptography features into a similar invention. Further, it would have been recognized by those of ordinary skill in the art that modifying the security module in th ecryptoasset custodial system to be a hardware security module for storing cryptographic keys results in an improved invention because applying said technique increases the security of the systems by protecting the data from being stolen.
Arai as modified does not explicitly teach, but Baset teaches:
authenticating, by the risk analysis module (e.g. application of the client), the at least one reviewing entity (e.g. the application of the client inspects/verifies the endorsing peers signatures); ([0062]-[0064], “In response, the application of the client 260 inspects/verifies the endorsing peers signatures and compares the proposal responses to determine if the proposal response is the same.”)
One of ordinary skill in the art would have recognized that applying the known technique of Baset to the known invention of Arai would have yielded predictable results and resulted in an improved invention. It would have been recognized that the application of the technique would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate such cryptography features into a similar invention. Further, it would have been recognized by those of ordinary skill in the art that modifying the cryptoasset custodial system to include a risk analysis module for authenticating the at least one reviewing entity results in an improved invention because applying said technique ensures that the reviewing entities can be trusted, thus improving the security of the invention.
Arai as modified does not explicitly teach, but Green teaches:
based on a hardware security token security key (e.g. OTP) received from the computing device of the at least one reviewing entity in response to the approval request (e.g. proposal), the hardware security token security key associated with a hardware security token (e.g. hardware token) of the at least one reviewing entity and indicating an approval (e.g. confirm) of the cryptoasset transaction in accordance with risk parameters defined in the policy map; ([0028], [0032], “The refrigerator device is authorized to place orders from the online grocery store but may not have authorization to make a purchase or confirm an order without additional permissions. The authorization for the order is received from the user device by one of many different approaches. In one example, the user may wave a one-time password (OTP) token device against the refrigerator device, and via near-field communication (NFC), Bluetooth, radio frequency identification (RFID), etc., the authentication may be authorized.”)
responsive to receiving an indication of authentication of the at least one reviewing entity, signing (digitally signing), by the security module, the cryptoasset transaction (e.g. transaction) using a cryptographic key (e.g. private key); performing, by the server computer (e.g. the physical infrastructure, the module 612, and the module 614 may include one or more computers, servers, processors, memories, and/or wireless communication devices), the cryptoasset transaction of the cryptoasset using the cryptographic key (e.g. transaction is added to the blockchain);  ([0032], [0053], [0057], “To confirm the order, the user device 110 may transfer an OTP 112 to the refrigerator 120 by proximity communication via a NFC and/or RFID enabled OTP hardware token that is sent from the user device 110 and received by the IoT device 120. The OTP is wirelessly transferred from a smartphone or other communication device, such as a wearable device. Another option would be to identify the OTP, such as a time changing microcontroller display device and reading the OTP details aloud via voice and having the IoT device 120 identify the words and enter the data for authorization. A user may also enter the OTP on a screen via a touchpad interface. The IoT device 120 may submit the blockchain transaction and sign the transaction with a private key before distributing the transaction to the blockchain. The IoT device may then create a blockchain transaction 422, digitally sign the transaction 424, add a verifiable hash 426 to the transaction for further authorization and security purposes and forward the finalized blockchain transaction to a third party for fulfillment of the assets 428. The transaction may then be forwarded 432 to the blockchain 430 for commitment.”)
One of ordinary skill in the art would have recognized that applying the known technique of Green to the known invention of Arai as modified would have yielded predictable results and resulted in an improved invention. It would have been recognized that the application of the technique would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate such cryptography features into a similar invention. Further, it would have been recognized by those of ordinary skill in the art that modifying the hardware security module of the cryptoasset custodial system to utilize hardware security token security keys of a hardware security token for authenticating a blockchain transaction in response to receiving an indication of authentication of the reviewing entity from the risk analysis module results in an improved invention because applying said technique reduces the overall risk of unauthorized transactions (Green, [0033]).
As per claims 23 and 33, Green further discloses:
wherein the cryptographic key is a private key (e.g. private key) of an asymmetric cryptographic key paid associated with the cryptoasset transaction (Section [0032]). Note: the limitation “wherein the cryptographic key is a private key of an asymmetric cryptographic key paid associated with the cryptoasset transaction” does not distinguish over the prior art because it is describing the cryptographic key which does not affect the steps/functions of the claim in a manipulative sense.

As per claims 24 and 34, Green further discloses:
wherein the approval request is configured to cause the computing device of the at least one reviewing entity to prompt the at least one reviewing entity to approve the cryptoasset transaction (e.g. the proposal for the purchase order may then be sent to the user device for confirmation of the order and confirmation of the purchase) (Section [0032]). Note: the limitation “wherein the approval request is configured to cause the computing device of the at least one reviewing entity to prompt the at least one reviewing entity to approve the cryptoasset transaction” does not distinguish over the prior art because it is describing the intended use of the approval request. What the computing device does once it receives the approval request is outside the scope of the claim and is not positively recited as a step/function of the claims. Further, the description of what the approval request causes the computing device to do does not affect the positively recited steps/functions of the claim in a manipulative sense.)

As per claims 25 and 35, Baset further discloses:
wherein the hardware security token (e.g. endorser node) is one of a plurality of hardware security tokens (e.g. endorser nodes), each hardware security token (e.g. endorser node) of the plurality of hardware security tokens (e.g. endorser nodes) generating a different security key (e.g. digital signature) (Section [0052] and [0062]-[0064]);
wherein each hardware security token (e.g. endorser node) is associated with a different reviewing entity (e.g. endorser) of a plurality of reviewing entities (e.g. endorsers) of the cryptoasset custodial system, the plurality of reviewing entities including the at least one reviewing entity (Section [0052] and [0062]-[0064]).
Green further discloses:
hardware security token (e.g. hardware token) (Section [0028], [0032], and [0052]);
security key (e.g. OTP) (Section [0028], [0032], and [0052]).
Arai and Baset disclose that multiple endorsers are required to endorse a transaction as defined in an endorsement policy. The endorsers of Baset are authenticated based on a digital signature that is provided with their endorsement. Green discloses that a user endorses a transaction with a OTP that is generated by a hardware token. It would be obvious to one of ordinary skill in the art to utilize a hardware token that generates a OTP for each endorser/approver of Arai and Baset since Green discloses that OTP can be used to approve a transaction and if multiple approvers are required then each approver can use a OTP to approve the transaction.

As per claims 27 and 37, Green further discloses:
wherein the hardware security token security key is an asynchronous one-time security key (e.g. asynchronous one time password) generated by the hardware security token (e.g. hardware token) using a cryptographic algorithm (Section [0050] and [0052]).

As per claim 28, Green further discloses:
wherein the hardware security token comprises at least one of a smart card (e.g. smart cards), a universal serial bus token, or a hardware dongle (Section [0052)).

As per claims 29 and 38, Green further discloses:
receiving, by the server computer (e.g. server), the hardware security token security key (e.g. OTP) associated with the hardware security token of the at least one reviewing entity (Section [0053] and [0057]); Note: Green in section [0057] discloses that the physical infrastructure and modules can include one or more computers, servers, processors, Memories, and/or wireless communication devices.
obtaining, by the risk analysis module, the hardware security token security key (e.g. OTP) (Section [0028], [0032], [0053] and [0057]).

As per claims 30 and 39, Green further discloses:
wherein subsequent to authenticating the at least one reviewing entity, obtaining, by the hardware security module, a notification that the risk analysis module has authenticated the at least one reviewing entity (e.g. responsive to receiving the authorization) (Section [0055], [0056], and Fig. 5B).
Claims 26 and 36 are rejected under 35 U.S.C. 103 as being unpatentable over United States Patent Application Publication No. 20200074468 to Arai in view of United States Patent Application Publication No. 20050273442 to Bennett, United States Patent Application Publication No. 20200371833 to Baset, and United States Patent Application Publication No. 20200005296 to Green, and further in view of United States Patent Application Publication No. 20120192260 to Kontsevich.

As per claims 26 and 36, Arai as modified discloses using hardware security token security keys that are asynchronous one-time security keys (see rejection of claim 21)
Arai as modified does not explicitly teach, but Kontsevich teaches:
wherein the hardware security token security key is a synchronous dynamic security key (e.g. synchronous dynamic passwords) generated by the hardware security token (e.g. security tokens often designed as key fobs) and indexed by a timer of the hardware security token (Section [0004]).
Since each individual element and its function are shown in the prior art, albeit shown in separate references, the difference between the claimed subject matter and the prior art rests not on any individual element or function but in the very combination itself that is in the substitution of the synchronous dynamic security key of Kontsevich for the asynchronous one-time security key of Arai as modified. Thus, the simple substitution of one known element for another producing a predictable result renders the claim obvious.

Allowable Subject Matter
Claims 22 and 32 contain allowable subject matter.
The following is a statement of reasons for the indication of allowable subject matter: Baset discloses an endorsement policy that specifies a plurality of endorser nodes that must endorse a transaction in order for the transaction to be added to the blockchain. However the combination of Arai/Baset/Green/Bennett do not specifically disclose that the endorser user devices are separate from the reviewing entities and that the approval request is sent to the reviewing entity for approval in response to the determination that the endorsement has been received from the plurality of endorser user devices.
As allowable subject matter has been indicated, applicant's reply must either comply with all formal requirements or specifically traverse each requirement not complied with. See 37 CFR 1.111(b) and MPEP § 707.07(a).


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
United States Patent Application Publication No. 20150287026 to Yang discloses a hot wallet service system including: a manager server configured to receive a cryptocurrency transaction request identifying at least a hot wallet accountholder identifier and to determine a first set of authentication servers to authenticate the cryptocurrency transaction request; the authentication servers, each configured to independently authenticate the cryptocurrency transaction request by verifying a requester of the cryptocurrency transaction request against an accountholder profile associated with the hot wallet accountholder identifier; wherein the authentication servers are configured to approve, independently from each other, the cryptocurrency transaction request by cryptographically signing approval messages to send to an aggregation server using respective private authentication keys stored respectively in the authentication servers when the requester is verified; and the aggregation server configured to aggregate cryptographic signatures of the cryptocurrency transaction request from the authentication servers to publish the cryptocurrency transaction request into a cryptocurrency network.
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JAY HUANG whose telephone number is (408)918-9799. The examiner can normally be reached 9:00a - 5:30p PST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Anita Coupe can be reached on (571) 270-3614. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/JAY HUANG/Primary Examiner, Art Unit 3619