How a large trading exchange uses Vault to encrypt at scale
Dec 07, 2018
A large exchange doing millions of trades per day at a total amortized contract value of trillions needed a solution to do cryptographic signing operations for those trades on a massive scale.
VP Worldwide Solutions Engineering, HashiCorp, HashiCorp
An interesting customer use case of ours is a large financial company that focuses on trading options and futures. Now, their scale is immense in that they're doing millions and millions of trades per day at a total amortized contract value of trillions. The exciting part about that is they lean on Vault to be able to do all of their encryption and cryptographic signing operations for those trades.
When you're at that scale, you need to be able to ensure that you have resiliency in your secrets management solution. They leverage performance standbys to be able to horizontally scale their Vault cluster to meet the needs of their cryptographic signing operations and encryption.
They're also a multi-data center. So by leveraging replication, they're able to replicate those encryption keys to all the different data centers that they're their trading in so that, if they were to have a catastrophic failure in one data center, they're still up and available in the other. By leveraging the HSM Auto-unseal, they're able to keep their Vault clusters unsealed—if they do go down and come back up—without having a human involved.