Blog

Introducing Enterprise Disaster Recovery: Infrastructure your assets can depend on

Product
·
April 2, 2026
·
Summarize article

Enterprise Disaster Recovery with Turnkey

Import wallets into secure enclaves and restore full signing capability with access controls enforced from the moment of import.

What is the solution? Enterprise Disaster Recovery lets teams import wallet keys directly into Turnkey's secure enclaves, restoring full signing capability with access controls enforced from the moment of import.

What does it solve? Traditional recovery models force a tradeoff between speed and security. Assets are restored first, and access controls are configured as a follow-up step, creating an exposure window where recovered wallets are unprotected.

How does it solve this? Turnkey encrypts key material on the user's device before transmission, decrypts it only inside secure enclaves, and applies pre-configured policies the instant wallets are imported. Keys never exist in plaintext outside the enclave boundary.

Who is it built for? Enterprises managing digital assets that need a reliable, auditable recovery path to restore wallets and full signing capability without interruption.

Enterprise Disaster Recovery with Turnkey gives teams a secure, auditable path to import wallets and restore full signing capability, without exposing key material at any point in the process.

Keys are encrypted on your existing infrastructure, transmitted as encrypted bundles, and decrypted only inside Turnkey's secure enclaves. Pre-configured policies activate the moment wallets are imported, so recovered assets are never unprotected. A single import path covers Bitcoin, Ethereum, Solana, and all other chains built on the same underlying signing algorithms.

This article covers how the solution works, what it protects against, and how to get started.

What makes wallet recovery a security risk

Recovery is where custody models are most vulnerable. The operation that is supposed to restore access to assets is often the moment those assets are most exposed.

In most setups, recovery and security are handled sequentially. Wallet access is restored first, and access controls, quorum policies, and audit logging are configured after the fact. That gap, even if it lasts minutes, creates a window where recovered assets sit without protection.

Chain-specific recovery adds friction. Organizations holding assets across multiple networks often need separate recovery operations for each chain, each with its own tooling and procedures. This slows recovery time and increases the surface area for mistakes.

Audits are another problem. Standard log files can be modified by anyone with infrastructure access. When a recovery event is contested or reviewed for regulatory compliance, logs alone are not sufficient to prove what happened, when, and who authorized it.

Together, these constraints make wallet recovery less about restoring access and more about how risk, speed, and accountability are structured across the entire operation. For enterprises, this makes disaster recovery a core component of a broader business continuity strategy, instead of just an afterthought.

How to set up Enterprise Disaster Recovery with Turnkey

Enterprise Disaster Recovery separates key material, access control, and audit into distinct layers, with enforcement handled at the infrastructure level.

Here is a typical flow:

1. Set up your organization and recovery policies

Create a Turnkey organization and establish the security foundation. Create dedicated recovery users with scoped permissions, distribute authenticators across geographic locations, and define policies that restrict what recovered wallets can do, such as limiting fund movement to allowed addresses. 

2. Integrate the Turnkey SDK

Add Turnkey to your application using the NodeJS server SDK. This SDK  handles the entire import flow, including encryption and secure transport.

3. Import wallets into Turnkey's secure enclave

Behind the scenes, the SDK encrypts the private key to Turnkey using HPKE (Hybrid Public Key Encryption), a standard that ensures data can only be decrypted by the intended recipient.

The encrypted bundle is transmitted to the enclave, where it is decrypted and stored. 

What Enterprise Disaster Recovery delivers

Enterprise disaster recovery must do more than restore wallet access. It must define how risk is distributed, how access is controlled, how recovery is triggered, and how every step is verified.

Turnkey provides the infrastructure to support these requirements.

No single point of failure

Within your organization, quorum approval requirements distribute authority across multiple approvers, each holding their own independent credential. No single person can unilaterally trigger a recovery or move funds. If one key holder becomes unavailable, operations continue without interruption.

Access enforced by policy, not application code

All key access during recovery is enforced by Turnkey's policy engine at the infrastructure layer. Teams define exactly when and how recovered wallets can be used: who can sign, which addresses funds can move to, how many approvals are required, and under what conditions exports are permitted.

These controls activate the instant wallets are imported. There is no configuration window after recovery where assets sit unprotected. Traditional custody platforms restore access first and leave security as a follow-up step. With Turnkey, policies are inherited on import.

Recovery tied to user authentication

Key access during recovery is tied directly to user authentication. Support for email, passkeys and more allows teams to build recovery flows that are both secure and operationally familiar.

Authenticators can be distributed across geographic locations, so recovery is not dependent on a single device or facility. Every recovery action requires the authenticated user to be present, preventing unauthorized access even if other parts of the infrastructure are compromised.

Verifiable enclave isolation

All recovery operations run inside AWS Nitro Enclaves, dedicated isolated hardware environments where key material is never exposed outside the enclave boundary. Decryption happens exclusively inside the enclave. Turnkey's infrastructure only ever sees encrypted data.

Remote attestation allows teams to independently verify that the enclave is running unmodified, approved code. This is not a trust-based assurance. It is a cryptographic proof that anyone can check.

When teams use Enterprise Disaster Recovery

Enterprise Disaster Recovery applies wherever teams need to restore wallet access without sacrificing security or creating gaps in authorization. Some scenarios where this solution might come into play:

Example #1

A key holder becomes unavailable and treasury assets need to be recovered immediately.
Import wallet keys into Turnkey's secure enclave with quorum-controlled access. Define policies that restrict fund movement to pre-approved treasury addresses, so no single credential compromise can trigger unauthorized recovery.

Example #2

Migrating from another custody or key management provider with no plaintext exposure in transit.
Encrypt keys to Turnkey's secure enclave on a hardened machine and import directly. Full policy controls, including quorum approvals and signing restrictions, are inherited immediately upon import.

Example #3

A security incident or infrastructure failure requires immediate incident response and operations need to continue.
Import backup copies of critical wallet keys into Turnkey so a secondary signing path is always available. Recovered wallets are fully operational and policy-enforced from the moment of import.

In each case, the recovery path is the same: keys are encrypted at the source, imported directly into Turnkey's secure enclave, and fully operational with policies enforced from the moment they arrive.

Enterprise Disaster Recovery with Turnkey: Recovery without compromise

Enterprise Disaster Recovery with Turnkey gives teams the ability to restore wallet access and signing capability without creating an exposure window or forcing separate recovery processes per chain.

Teams get hardware-backed key isolation, configurable quorum policies, multichain support, and a cryptographic audit trail in a single infrastructure layer. They define their organization's recovery policies, authenticators, and authorization rules upfront. Turnkey handles the rest: secure import, policy enforcement, enclave isolation, and audit logging.

If you are ready to build disaster recovery into your infrastructure, explore the documentation to get started.

Start building with Turnkey today.

In this article
This is some text inside of a div block.

Related articles

Featuring Encryption Key Storage with Turnkey

With Encryption Key Storage, teams can separate sensitive data from the keys that protect it and enforce exactly how and when those keys can be used.

Product
March 26, 2026

Turnkey releases Solana Transaction Management and Gas Sponsorship

Turnkey Transaction Management now supports Solana, removing the need for Solana builders to create and maintain custom transaction infrastructure.

Product
March 25, 2026
Solutions
DeFi and TradingDeveloper ToolsPaymentsConsumer ApplicationsAI AgentsStablecoinsCustomers
Product
Embedded WalletsCompany WalletsKey ManagementTurnkey Verifiable Cloud
Features
OAuthPasskeysPoliciesDelegated AccessSessionsEmbedded Wallet Kit
Developer
DocumentationSecurityDemoGitHubSupportEngineering BlogWhitepaper
About
About UsCareersContactSecurityWhat is Turnkey
Resources
CustomersBlogStablecoin chain selectorTEE eBookVerifiability eBookReproducibility eBook Brand Kit
© Copyright Turnkey 2026
Cookie Preferences
Cookie PolicyPrivacy PolicyTerms of Service