Traceable key block-chain ledger

What is claimed is: 1. A computer-implemented key management method comprising: creating a cryptographic key at a key source; generating a genesis block for a key block-chain ledger corresponding to the cryptographic key; securely modifying the genesis block to include metadata describing the key source; performing a first key transaction with the cryptographic key; generating a first transaction block corresponding to the first key transaction with the cryptographic key and adding the first transaction block to the key block-chain ledger; and securely modifying the first transaction block to include metadata describing the first key transaction with the cryptographic key. 2. The key management method of claim 1 , wherein the securely modifying the first transaction block comprises modifying the first transaction block using at least one of a block-chain emend and amend functionality to include metadata describing the first key transaction with the cryptographic key. 3. The key management method of claim 1 , the method including: detecting an attack on data or a system associated with the cryptographic key; using metadata of the transaction blocks in the key block-chain ledger to trace the cryptographic key to a point of attack; determining a transaction block corresponding to the point of attack; and generating an alert indicating the point of attack with metadata from the transaction block corresponding to the point of attack. 4. The key management method of claim 1 , wherein: the first key transaction with the cryptographic key comprises rotating the cryptographic key; and the metadata describing the first key transaction comprises metadata describing the rotation of the cryptographic key. 5. The key management method of claim 1 , wherein the metadata describing the first key transaction includes one or more of data the cryptographic key was applied to, an operation performed on the cryptographic key, a library utilizing the cryptographic key, a machine where the operation was performed on the cryptographic key or a machine where the cryptographic key resides. 6. The key management method of claim 1 , the method including: performing a second key transaction with the cryptographic key; generating a second transaction block corresponding to the second key transaction with the cryptographic key and adding the second transaction block to the key block-chain ledger; and securely modifying the second transaction block to include metadata describing the second key transaction with the cryptographic key. 7. The key management method of claim 1 , the method including: broadcasting the first transaction block to a plurality of nodes; computing a validation solution for the first transaction block in one of the plurality of nodes; and broadcasting the validation solution for the first transaction block to at least one other of the plurality of nodes to validate the transaction block on the key block-chain ledger. 8. The key management method of claim 1 , the method including: validating the first key transaction block in an authorized central control node; and broadcasting validation of the first transaction block to a plurality of nodes. 9. A system for key management, the system comprising: one or more processors; and one or more memory devices in communication with the one or more processors, the memory devices having computer-readable instructions stored thereupon that, when executed by the processors, cause the processors to: create a cryptographic key at a key source; generate a genesis block for a key block-chain ledger corresponding to the cryptographic key; securely modify the genesis block to include metadata describing the key source; perform a first key transaction with the cryptographic key; generate a first transaction block corresponding to the first key transaction with the cryptographic key and add the first transaction block to the key block-chain ledger; and securely modify the first transaction block to include metadata describing the first key transaction with the cryptographic key. 10. The key management system of claim 9 , wherein the system securely modifies the first transaction block by modifying the first transaction block using at least one of a block-chain emend and amend functionality to include metadata describing the first key transaction with the cryptographic key. 11. The key management system of claim 9 , the system is configured to operates to: detect an attack on data or a system associated with the cryptographic key; use metadata of the transaction blocks in the key block-chain ledger to trace the cryptographic key to a point of attack; determine a transaction block corresponding to the point of attack; and generate an alert indicating the point of attack with metadata from the transaction block corresponding to the point of attack. 12. The key management system of claim 9 , wherein: the first key transaction with the cryptographic key comprises rotating the cryptographic key; and the metadata describing the first key transaction comprises metadata describing the rotation of the cryptographic key. 13. The key management system of claim 9 , wherein the metadata describing the first key transaction includes one or more of data the cryptographic key was applied to, an operation performed on the cryptographic key, a library utilizing the cryptographic key, a machine where the operation was performed on the cryptographic key or a machine where the cryptographic key resides. 14. The key management system of claim 9 , where the system is configured to operate to: perform a second key transaction with the cryptographic key; generate a second transaction block corresponding to the second key transaction with the cryptographic key and add the second transaction block to the key block-chain ledger; and securely modify the second transaction block to include metadata describing the second key transaction with the cryptographic key. 15. The key management system of claim 9 , where the system is configured to operate to: broadcast the first transaction block to a plurality of nodes; compute a validation solution for the first transaction block in one of the plurality of nodes; and broadcast the validation solution for the first transaction block to at least one other of the plurality of nodes to validate the transaction block on the key block-chain ledger. 16. The key management system of claim 9 , where the system is configured to operate to: validate the first key transaction block in an authorized central control node; and broadcast validation of the first transaction block to a plurality of nodes. 17. A computer storage medium having computer executable instructions stored thereon which, when executed by one or more processors, cause the processors to execute a key management method comprising: creating a cryptographic key at a key source; generating a genesis block for a key block-chain ledger corresponding to the cryptographic key; securely modifying the genesis block to include metadata describing the key source; performing a first key transaction with the cryptographic key; generating a first transaction block corresponding to the first key transaction with the cryptographic key and adding the first transaction block to the key block-chain ledger; and securely modifying the first transaction block to include metadata describing the first key transaction with the cryptographic key. 18. The computer storage medium of claim 17 , wherein the securely modifyin