Hi,
I just sucessfully setup defender relay to run kp3r jobs. And I also plan to bond some amount of kp3r to the relay. Maybe not necessary, but I have some concerns if my bonded fund is safe , any other people coudl access my relay private key? And the relay private key can be used to recover fund in other wallets just in case I have to do?
Thanks in advance!
Best Regards,
Li
Hi @wangli,
Welcome to the community 
All private keys are stored in the AWS Key Management Service. Keys are generated within the KMS and never leave it, i.e., all sign operations are executed within the KMS.
_From: https://docs.openzeppelin.com/defender/relay#security-considerations_
Thanks for the feedback! I will think about it.
Hi @wangli,
Feel free to ask all the questions that you need.
Let me know if we can improve the documentation or Defender to help with this explanation.
hi @abcoathup,
So the ECDSA signature is performed in the KMS vault ? I didn’t know they were supporting that algorithm, sounds great!
Yep, it’s supported since Nov 2019! https://aws.amazon.com/blogs/security/digital-signing-asymmetric-keys-aws-kms/
Hello,
I've a question about the security architecture
How do you make sure that only the client/user who owns the private key stored in KMS is able to sign transactions using that key?
Thanks in advance!
Hey @lgalant! We use dynamically-generated AWS IAM policies to restrict access to resources, such as KMS key usage, on a per-team basis. We had that setup audited by a 3rd party security team.
Where is the audit located, Would be great to have it when relying on it in prod. 
hey @spalladino thanks for your answer!
Is all this public/open source info? Would you be willing to share some details of the architecture or a github repo?
Defender is closed source, but you can take a look at the security considerations for Relayer documented here in case they help. I'll also follow up with other material via DM.
@spalladino can you share the link to the Relayer audit?