If at least one first computing device 210 becomes unavailable, the keys for the at least one second computing device 220 may be released to clients by another third party. According to some embodiments, system 200 includes at least one recovery escrow service 230 as the third party that may operate separately from the at least one first computing device 210 and/or at least one second computing device 220. The recovery escrow service 230 may be implemented on a separate hardware device (e.g., on an external computing device) and/or implemented as a separate software module at the at least one first computing device 210. In some embodiments, the recovery escrow service 230 stores the recovery private key, and instructions to publish the recovery private key may be provided by a third party.

In some embodiments, the recovery escrow service 230 is implemented as a software escrow service (e.g., such as escrow services provided by NCC, or the like) for instance in agreement regarding storage of cryptographic keys with the at least one first computing device 210. The recovery escrow service 230 may carry out at least one of: securely storing cryptographic keys, execution of custom tests to validate the keys, and conditional release of the keys (e.g., publication of the keys) under the defined terms. In some embodiments, the recovery escrow service 230 is implemented in accordance with at least one smart contract, such that when new keys are added the previous keys are not be removed.