Import Keys

Many traders have locked positions in various wallets - that could be due to staking, holding specific tokens, or participating in certain smart contracts. Without the ability to import their private keys, traders would be forced to manage multiple wallets, complicating their asset management and paying for multiple solutions.

By supporting private key imports, Fordefi ensures that you maintain your positions and investments without having to unstake or move the funds. Moreover, supporting the import of a private key from another crypto wallet allows you to consolidate your assets into a single wallet solution or run another in parallel.

Using Fordefi's Import Key solution, you never need to reconstruct your key or run any scripts - you can upload the encrypted shares to Fordefi and decrypt the shares using the passphrase on your mobile device, keeping the integrity of the MPC protocol.

Import keys

Dedicated workspace for imported keys

Imported keys are managed in a dedicated workspace. Contact Fordefi Support to create it.

  1. Upload encrypted key material:

    To start the import process, you will need to gather the relevant key material which can include the encrypted shares package and decryption key. You can either:

    • Contact support to initiate the import process.
      OR

    • Call the Import Key API.
      Here's a sample payload:

      {  
      "type": "fireblocks",  
      "backup_zip_content": "<BASE64 ENCODED CONTENT OF YOUR BACKUP ZIP FILE>"",  
      "rsa_pem": "<BASE64 ENCODED CONTENT OF YOUR BACKUP DECRYPTION KEY IN PEM FORMAT>",  
      "rsa_pem_password": "<THE PASSWORD FOR THE BACKUP DECRYPTION KEY>"  
      }

      You can upload the rsa_pem to be used to decrypt the enclave shares within the backup_zip_content.

      Alternatively, you can use the following fixed public key to encrypt the shares, in which case you need to omit the rsa_pem and rsa_pem_password fields. The Fordefi enclave holds the corresponding private key.

      -----BEGIN PUBLIC KEY-----
      MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAxcYhWPOSYwV0zC1286Gd
      2c7ptH/4atHqlRDxxsNr/1h3+F1EmjBXB0TdEiETHoEDvFrVTtkU2U9wwqxnFC1V
      NOWI3aOECgV93TaKeqvFQobB7xsfZ6Wi+dpTIMBSQGvxGI9RvVusdEF/1pveeYUt
      UDFl8/wZcvX74a2T3Kk02F4dt4JmH8hLD2XQhBhMdXFnYYGXaFLpzSovkCG0VHlz
      Y9j5YJH2Tvn2wlleCAoB+y/Nrbd6hHeUXLWJWgNwT06x8xJ6Nn6CBa37/aJbCPul
      F5lCQuD+zBHCPdVs3e6cakWA+bVinj/Ea/rfvQs1MuNdKxg6TRx/AVK77XRETJW2
      R+F7ThJmBMI2g5y8wcY0zmnhNB6jsyI7Xd3AHCxkNgSajqTwg31AwJVDpo9KqbiD
      JT+njNOuRXHToIrZyU/sjO15XoX8j/6Q5i4UExiMOVE2b4shWg22Z9zMhSLpvwIr
      p3nCtTSVRqJySqBfwkjHdhNGZwSMGcEAAFRdvCUiJy5nAgMBAAE=
      -----END PUBLIC KEY-----
  2. Decrypt and run the MPC protocol:

    After you upload the key, one of the approvers must perform the following: when prompted by the Fordefi mobile application, enter the mobile passphrase that will decrypt the mobile share.

    Fordefi then loads the MPC shares into its secure enclaves and mobile device to be used in the platform.

Create imported vaults

To create a vault using an imported key, you will need to pass the derivation path of the vault supplied by the external provider. Pass the derivation path in the Create Vault API call. If required, Fordefi Support will create it for you.

  • There is no backup in the Fordefi platform for imported workspaces, as the import key process can reoccur at any given time.
  • Currently, there is no support for imported BTC Vaults.
  • Currently, there is no support for testnets.
  • On some EVM chains, you will need to manually add assets with their balances, as you do for custom EVM chains.
  • Fordefi does not show past transactions for imported vaults.