Create Multisignature Keys

Overview

For self-managed multisignature wallets, you can create your own user and backup keys. Key creation occurs entirely client side. At no point does BitGo have access to your private user or backup keys for self-managed wallets. However, BitGo always creates and stores the BitGo key.

Note the following difference between keys for cold and hot wallets:

• Cold wallets - Enhance your security by creating keys on an air-gapped machine, either programmatically (using the steps below) or through the Offline Vault Console (OVC). When you create a cold wallet, you send to BitGo only your public keys.
• Hot wallets - Quickly create keys, client side, on an internet-connected machine. When you create a hot wallet, you send to BitGo your public key and versions of your private keys encrypted using your passphrase.

Note: If you want to store your own keys for your self-managed hot wallets, follow the steps in Set Up External-Signing Mode.

Prerequisites

Get Started

1. Create Public and Private Keys

Generate public/private key pairs.

Copy code block
1
2
3
4
5
6
7
8
9
10
11
const BitGoJS = require('../../../src/index.js');
const bitgo = new BitGoJS.BitGo({ env: 'test' });

// Set your access token here
const accessToken = 'v2xcbe8617bd58947a9ec41cc7a92e0a9a9d81dc2780669faa59eab3016ad5792ae';
// Set your coin of choice here
const coin = 'tbtc';

bitgo.authenticateWithAccessToken({ accessToken });
let key = bitgo.coin(coin).keychains().create();
console.dir(key);

Step Result

Copy code block
1
2
3
4
{
  "pub": "xpub661MyMwAqRbcEq5qQLciVPfCyCvx9KstKVp71TxujjY9Kbapv6o2YjtRAV1tfYgQZxBaN6FfFfE3CD21ZRSsd4WkqkFWSZDTiDqf49qtkh7",
  "prv": "xprv9s21ZrQH143K2M1NJK5i8FiURB6TjsA2xGtWD5ZJBQ1ASoFgNZUmzwZwKC9WnyRaN2f4uAdHPdMmLbw2SsUKa6J2bWUEWihbMKcrhJSZueH"
}

To create your backup key and BitGo key, repeat this step 2 more times.

Note: This step may appear to create the actual BitGo key. However, the pub and priv that you get for the BitGo key are only temporary. BitGo creates the actual public and private key pair for the BitGo key in the next step.

2. Upload Public Keys to BitGo

Upload an encrypted version of your private keys to BitGo.

Note: If you want to store your own keys for your self-managed hot wallets, follow the steps in Set Up External-Signing Mode.

Copy code block
1
2
3
4
5
6
7
8
9
10
11
// Creates user key
let userKey = bitgo.coin("tbtc").keychains().create();

// Creates BitGo key
let bitGoKey = bitgo.coin("tbtc").keychains().createBitGo();

// Creates backup key
let backupKey = bitgo
  .coin("tbtc")
  .keychains()
  .createBackup({ provider: "coincover" });

Step Result

Copy code block
1
2
3
4
5
6
7
{
    "id": "62e18649381037000872496848a7939f",
    "pub": "xpub661MyMwAqRbcEq5qQLciVPfCyCvx9KstKVp71TxujjY9Kbapv6o2YjtRAV1tfYgQZxBaN6FfFfE3CD21ZRSsd4WkqkFWSZDTiDqf49qtkh7",
    "ethAddress": "0x9414569b0f0678b4eb6bacf99689fe596482473b",
    "source": "user",
    "type": "independent"
}

You receive an id for each key that you will use when you create your wallets.

This call also triggers BitGo to create the actual public and private key pair for the BitGo key. This is stored by BitGo and isn't shared with you. Although you do use the id for the BitGo key to create a wallet, you can't use the BitGo key you created in step 1 to co-sign transactions.

Next

Use the id for each key when you Create Wallets.

See Also

• API Reference: Create Key
• API Reference: Create Key
• Concept: BitGo Wallet Types
• Concept: Offline Vault Console