Back Up Private Keys - Recovery Phrases Method

Back up an organization's private keys using key shareholders' recovery phrases.

Suggest Edits

A backup enables an organization to access its assets even if it loses its private keys—independently of Fordefi.

Learn more about multi-party computation (MPC) in Fordefi.

The backup process is performed in two phases:

  • In the Fordefi web console: You select the key share holders and backup email.
  • On admins' mobile devices: Admins generate recovery phrases and share them

In the Fordefi web console

  1. In the side menu, click Settings and then click the Backup tab.

  2. In the key share holders section, select the names or emails of the two admins designated to share the backup encryption keys.

  3. In the backup email address section, enter a backup email address and click Initiate backup process.
    An updated backup snapshot of the metadata and an encrypted copy of the organization's private keys is sent as a .json file to the backup email address.

📘

Note

Opening the .json file requires the combined recovery phrase of the designated admins.

  1. Click Initiate backup process. A backup request is sent to the mobile devices of the designated admins.

On admins' mobile devices

To continue the backup process, the designated admins must do the following in the Fordefi mobile app.

  1. Go to Management > Inbox.

  2. Tap Backup request to view the backup details.

  3. Tap Create key.

    The designated admins receive a recovery phrase comprising 12 random words and displayed in a numbered list. Something like this:

    • Each admin receives a unique recover phrase.
    • The designated admins should write down the recovery phrases in the correct order.
    • The recovery phrases should be stored in a secure location and not shared with anyone.

  4. Click Continue.

  5. In the window that is displayed, enter the recovery phrase in the correct order, and click Confirm.

    When the designated admins click Confirm, the following occurs:

    • A message informs the designated admins that a backup key has been successfully shared.

    • An updated backup snapshot of the metadata, and an encrypted copy of the organization's private key is sent as a .json file to the backup email address.

      📘

      Note

      Opening the .json file requires the combined recovery phrase of the designated admins.

🚧

Warning

  • Do not share a recovery phrase with anyone.
  • Store the recovery phrase in a secure location.

Updated 3 months ago