Create Multisignature Keys

Overview

For self-custody multisignature wallets, you can create your own user and backup keys. Key creation occurs entirely client side. At no point does BitGo have access to your private user or backup keys for self-custody wallets. However, BitGo always creates and stores the BitGo key.

Note the following difference between keys for cold and hot wallets:

  • Cold wallets - Enhance your security by creating keys on an air-gapped machine, either programmatically (using the steps below) or through the Offline Vault Console (OVC). When you create a cold wallet, you send to BitGo only your public keys.
  • Hot wallets - Quickly create keys, client side, on an internet-connected machine. When you create a hot wallet, you send to BitGo your public key and versions of your private keys encrypted using your passphrase.

Note: If you want to store your own keys for your self-custody hot wallets, follow the steps in Set Up External-Signing Mode.

Prerequisites

Get Started

1. Create Public and Private Keys

Generate public/private key pairs.

  • SDK
  • Express
1 2 3 4 5 6 7 8 9 10 11 const BitGoJS = require('bitgo'); const bitgo = new BitGoJS.BitGo({ env: 'test' }); // Set your access token here const accessToken = 'v2xcbe8617bd58947a9ec41cc7a92e0a9a9d81dc2780669faa59eab3016ad5792ae'; // Set your coin of choice here const coin = 'tbtc'; bitgo.authenticateWithAccessToken({ accessToken }); let key = bitgo.coin(coin).keychains().create(); console.dir(key);

Step Result

  • JSON
1 2 3 4 { "pub": "xpub661MyMwAqRbcEq5qQLciVPfCyCvx9KstKVp71TxujjY9Kbapv6o2YjtRAV1tfYgQZxBaN6FfFfE3CD21ZRSsd4WkqkFWSZDTiDqf49qtkh7", "prv": "xprv9s21ZrQH143K2M1NJK5i8FiURB6TjsA2xGtWD5ZJBQ1ASoFgNZUmzwZwKC9WnyRaN2f4uAdHPdMmLbw2SsUKa6J2bWUEWihbMKcrhJSZueH" }

To create your backup key and BitGo key, repeat this step 2 more times.

Note: This step may appear to create the actual BitGo key. However, the pub and priv that you get for the BitGo key are only temporary. BitGo creates the actual public and private key pair for the BitGo key in the next step.

2. Upload Public Keys to BitGo

Upload an encrypted version of your private keys to BitGo.

Note: If you want to store your own keys for your self-custody hot wallets, follow the steps in Set Up External-Signing Mode.

  • JavaScript
  • API
1 2 3 4 5 6 7 8 9 10 11 // Creates user key let userKey = bitgo.coin("tbtc").keychains().create(); // Creates BitGo key let bitGoKey = bitgo.coin("tbtc").keychains().createBitGo(); // Creates backup key let backupKey = bitgo .coin("tbtc") .keychains() .createBackup({ provider: "coincover" });

Step Result

  • JSON
1 2 3 4 5 6 7 { "id": "62e18649381037000872496848a7939f", "pub": "xpub661MyMwAqRbcEq5qQLciVPfCyCvx9KstKVp71TxujjY9Kbapv6o2YjtRAV1tfYgQZxBaN6FfFfE3CD21ZRSsd4WkqkFWSZDTiDqf49qtkh7", "ethAddress": "0x9414569b0f0678b4eb6bacf99689fe596482473b", "source": "user", "type": "independent" }

You receive an id for each key that you will use when you create your wallets.

This call also triggers BitGo to create the actual public and private key pair for the BitGo key. This is stored by BitGo and isn't shared with you. Although you do use the id for the BitGo key to create a wallet, you can't use the BitGo key you created in step 1 to co-sign transactions.

Next

Use the id for each key when you Create Wallets.

See Also