Create MPC Keys
Overview
For self-custody MPC hot wallets, you can create a key share by exchanging a public share and an encrypted-private share of a key between all parties (user, backup, and BitGo). Unlike multisignature wallets, the backup can't be managed by a key recovery service (KRS) - you must manage it yourself. For example:
- User exchanges shares with the backup and BitGo.
- Backup exchanges shares with the user and Bitgo.
- Bitgo exchanges shares with the user and backup.
Key-share creation completes once each party exchanges its shares with a different party member and each member verifies they can derive the same common key.
Note: If you want to store your own keys for your self-custody hot wallets, follow the steps in Set Up External-Signing Mode.
ECDSA or EdDSA
The elliptic curve of the asset determines how the keys are generated. Select the elliptic curve for the asset you want to create keys for:
Prerequisites
1. Create Keys
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42
import * as dotenv from "dotenv"; dotenv.config(); import { EnvironmentName } from "bitgo"; import { BitGoAPI } from "@bitgo/sdk-api"; import { Hteth } from "@bitgo/sdk-coin-eth"; const config = { USERNAME: process.env.USERNAME as string, PASSWORD: process.env.PASSWORD as string, ENV: process.env.ENV as EnvironmentName, OTP: process.env.OTP as string, ENTERPRISE_ID: process.env.ENTERPRISE_ID as string, }; const bitgo = new BitGoAPI({ env: config.ENV }); bitgo.register("hteth", Hteth.createInstance); const coin = bitgo.coin("hteth"); async function auth() { await bitgo.authenticate({ username: config.USERNAME, password: config.PASSWORD, otp: config.OTP, }); } async function main() { await auth(); const keychains = await coin.keychains().createMpc({ multisigType: "tss", passphrase: config.PASSWORD, enterprise: config.ENTERPRISE_ID, }); console.log(keychains); /** * Note: the userKeychain and backupKeychain fields have a very large encryptedPrv * Note: the reducedEncryptedPrv field is the same as what exists on KeyCards generated in the web UI * Or if the result of this is passed into the @bitgo/key-card package */ } main().catch((err) => console.error(err));
Step Result
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
{ "userKeychain": { "id": "6674a960bb9d6a5d41228bfcf8d15724", "source": "user", "type": "tss", "commonKeychain": "032ba30f224e85a300fdc94eb28b37c83d0435e706389db33e0b977ad15b94edbc63b15dee6045330287bc9ccd33522a6e50c90a5f7e845e6dbc6299556e3619c6", "encryptedPrv": "string", "reducedEncryptedPrv": "string" }, "backupKeychain": { "id": "6674a96064bda5f82a6f95efc7ad656e", "source": "backup", "type": "tss", "commonKeychain": "032ba30f224e85a300fdc94eb28b37c83d0435e706389db33e0b977ad15b94edbc63b15dee6045330287bc9ccd33522a6e50c90a5f7e845e6dbc6299556e3619c6", "encryptedPrv": "string", "reducedEncryptedPrv": "string" }, "bitgoKeychain": { "id": "6674a95f38be1dec30ce8f2ae40489c4", "source": "bitgo", "type": "tss", "commonKeychain": "032ba30f224e85a300fdc94eb28b37c83d0435e706389db33e0b977ad15b94edbc63b15dee6045330287bc9ccd33522a6e50c90a5f7e845e6dbc6299556e3619c6", "isBitGo": true } }
Next
Use the id
for each key when you Create Wallets.