Recover Fordefi Platform Share

In the unlikely event that the Fordefi platform is permanently inaccessible, you can extract the Fordefi share and run the MPC protocols yourself. To extract the Fordefi server share, use the recover-platform-share command:

Usage

recovery-tool recover-platform-share [flags]

Flags

  • --key-type: Key type to recover: ecdsa-secp256k1 | eddsa-ed25519 | ecdsa-stark.
  • --platform-backup-type: Platform's backup type: public-key | key-share.
  • --platform-encrypted-share: Platform encrypted shares for the key. Whether it contains one or two shares depends on the backup type. This data can be retrieved using the Get End User API.
  • --platform-backup-private-key-mnemonic: [Optional] Mnemonic of the private key of platform's backup. Two mnemonics are expected.
  • --platform-backup-private-key-path: [Optional] Private key of platform's backup. File path to key in PEM format for public-key backup.
  • --output: [Optional] File path to output the recovered private key. Stdout if not specified.

Here's an example:

./recovery-tool recover-platform-share \
  --key-type ecdsa-secp256k1 \
  --platform-backup-type key-share \
  --platform-backup-private-key-mnemonic "critic abandon elbow citizen elephant vast cute road public basic clean token" \
  --platform-backup-private-key-mnemonic "toe increase spatial eyebrow edge odor fabric exhaust dutch vault response dignity" \
  --platform-encrypted-share "eyJlbmNyeXB0ZWRfc2Vzc2lvbl9rZXkiOiJFVmo2VEIxc09RTnZNems3c2xwUXlzTExPd2phZ01XdmFvZ2o5UG80U3ZlZlVtYnNjR05Fbmo0NDlxTGhpNmpWWDQ5LzVBRW4xUEYreHdpM0pOY0NlbGRVNno3enREeGcvVSt1dEpINWZjU3pHd1ZQZmZMeWJsc0VmdGJqbjl1NTZKekNTa2g0SGlDbGNEVnJsY0dwUW9EcURGMVFxMEVFV2d4QnBMWVk3TXFTTlNjai9EM0RxUDEvTW4ydDcvU0FEWTdQOS9ZMVk1UnZaeDNLN2hpeWpBWTJRV0ZHaXlKZUFWU0dVZGhRWjRrdUYva0N5STlRQnlreXUrbFVuVkx3dUdZcFFYVnpXQUlLajFTZWJtdFNhc25CbCs4YURjRk55Mk1VZDFoeTlHRzRqcTFxMWF1NGlRTlFlMXBVNm9peko2ZExFYkRjMVEwS2QvR0k4V3orNEE9PSIsIm5vbmNlIjoiQnlYRHFhbndHY0NmS0Y3TCIsImNpcGhlcnRleHQiOiJMcVdtWmRrcU5BWW9qbXpVRTRPM25odm1DTE5qbHRWVEQ2d3NabUJMaVlXeXVXanZTdHhIUUdKMDF4R3ZEcVBiRVBIcHpIWTM4RTdkaXpTNkVmNmx1Y3JubW93Y1VXVFhua3c9In0=" \
  --platform-encrypted-share "eyJlbmNyeXB0ZWRfc2Vzc2lvbl9rZXkiOiJNamF2dGJMa084YTM1RjNoUzZsZzhnZzY4bmMybXhGNldsN1MzVURCY2NiK2lHUkU4VlpTKy8wV3Z3aWhWSXJvVVZjclJBNjU4azA2UG9PKzZKdUs5K3VaZU5wMkdRN1VOd2h2V29wYUd1c0srSHBZS2xTVitMaDRIVjJtVHhtcVF4TTY3REt5UXhqOUhaODVDSnhXNjNBTmJtcW4rYWtiK3NwbmNrTjhDcC9kWW9PTXBuTjJJL2NvK21CL3B1UGJIZGtKejVNTmlVRmhaM2x5bDh0WVkwT2ZRWFllMGpvd0hqV0EzT2RTRWVkZTE4Y1I4Z3hmdkk4SS9nSmtyWmJ2M0s0R3lsN096dlJOTFZqVEx0U1FOUkN5dWRPYzFZV1EwUG53UDUwMS85cU9TVXZZZmZ2TGxoamI0T2p0eCs4dkVIdHU1WUNnU3JQR2NoUkh4ak5heFE9PSIsIm5vbmNlIjoiaEFSdmczRjJlM0R0K2hDVSIsImNpcGhlcnRleHQiOiJYd0NnVTFnWlNIL0pSWHNkTVhBYVlGZENiMnBsd2liN0JWOVRiVEF3djRmOGxhc1lzaGNUdFN1M2p6Y2xXV3JwaytOdzM3MFNvcGlieDdyZzRqSGt2dUNBR0N6NGg1TnViZWs9In0="

Here is the possible output:

{"platform_key_share_base64":"BrCofqjFnG/aNWoRomyx1zq4sayZvbpR4CsvX8EXf5g="}