Why it matters
Key compromise may go undetected. An attacker might copy a key and wait for the right moment to act. Regular key rotation bounds this risk: even if a key was compromised months ago, funds moved to new keys are safe. Rotation converts a potentially catastrophic breach into a contained incident.
How it works
New keys are generated following secure procedures. Funds are transferred from addresses controlled by old keys to addresses controlled by new keys. The old keys are then decommissioned. For multisig setups, rotation might replace one key at a time while maintaining the signing threshold.
Example
An institution rotates one key in their 3-of-5 multisig quarterly. Each quarter, they generate a new key on a new hardware security module, update the multisig configuration, migrate funds to addresses using the new keyset, and securely destroy the retired key. Any compromise of the old key becomes irrelevant.
