Skip to content

Use CoinCover

The following are instructions in backing up an organization's private keys with CoinCover.

CoinCover has partnered with Fordefi to provide secure backup and recovery solutions for institutional digital asset management.

With this method, CoinCover generates a private-public key pair. CoinCover sends you the public key, which you upload to Fordefi. Fordefi uses the public key to encrypt your backup. CoinCover securely stores the corresponding private key. Later, if you need to recover your backup, you can request the private key from CoinCover and use it to decrypt the backup.

Perform backup

  1. Reach out to CoinCover through their website or through a Fordefi customer support staff member.
  2. CoinCover requires the following information to create a backup for your Fordefi workspace:
    • The name of your legal entity
    • Your contact email(s)
    • Your Fordefi Organization ID (ask Fordefi for help to obtain this ID)
  3. CoinCover will provide you with a public key (in PEM format). Upload this public key in the Fordefi console and set an email address to which your encrypted backup package will be sent. Learn more.
Provide your email

This should be your own email as you’re ultimately responsible for managing the encrypted backup package file.

  1. After uploading your public key and confirming the backup on your Fordefi mobile app, Fordefi will email the encrypted backup package to the backup email you specified in the Fordefi console.
  2. When you receive the backup package, contact CoinCover to confirm its receipt.
  3. CoinCover will validate with Fordefi that the correct public key was uploaded and send you a successful completion email with information on how to store your backup package securely.

Recover private keys

  1. First contact support@coincover.com to request a recovery.
  2. In response, CoinCover will notify all ACL (Access Control List) members and arrange an ID verification call. The recovery process will begin after the successful completion of the verification call.
Access Control List

The ACL is a security measure ensuring only authorized, KYC-verified individuals can request a recovery. It consists of at least three members, with customizable quorum rules (for example four of seven). Any member can initiate a recovery but all are notified and a majority must approve. Approved requestors then join a video call with CoinCover to verify their identities. Modifying the ACL is subject to the same majority approval and verification process.

  1. CoinCover will now request a public GPG key which you'll need to generate. CoinCover will provide instructions to help you generate that key.

  2. Send your public GPG to CoinCover. This key will be used to ensure the secure transfer of your Fordefi private backup decryption key.

    CoinCover will retrieve the backup decryption key from storage, encrypt it with your GPG key and send it back to you.

  3. Use your private GPG key to decrypt the decryption key in the clear.

    You can now use the backup decryption key and Fordefi's publicly available recovery tool to decrypt your Fordefi backup file and retrieve your Vaults’ private keys. Learn more.

  4. Upon completion of the recovery, notify support@coincover.com to confirm that the recovery was successful.

Previous page
Next page