🔑Private Key Management

Othentic CLI supports numerous operations requiring ECDSA signatures.

Intro

The CLI is compatible with both JSON wallets (recommended) and raw private keys, and provides multiple methods for each format.

Supplying In Runtime [default]

In the absence of a user-provided ECDSA signature to run an operation, a prompt will appear requesting the private key in raw format.

This prompt appears in cases when no private key is provided using command flags or env variables.

note that "operator register" and "operator deposit" commands support only this method

JSON wallets are stored in an encrypted JSON file protected by a password. If you do not have a JSON wallet, our CLI supports creating one using either an existing private key or a random private key.

Generate JSON wallet [optional]

The following command generates a JSON wallet:

othentic-cli wallet encrypt [--private-key <RAW_PRIVATE_KEY>] [--keystore-dir <KEYSTORE_DIR>]

For this command, both --private-key and --keystore are optional. The CLI randomly generates a new private key if a private key is not provided. By default --keystore-dir directs the path .keystore

Run Commands with JSON wallet

othentic-cli [SUB-COMMAND-1] [SUB-COMMAND-2] --keystore <KEYSTORE_PATH> --keystore-password <DECRYPT_PASSWORD>

or using env variables

# .env
....
WALLET_KEYSTORE_PATH=.keystore/c54b33db-311c-4e32-9ed3-375e5c0b6f0c
WALLET_KEYSTORE_PASSWORD=123
...

If --keystore path is chosen without a password, a prompt will ask the user for the password:

Using Raw Private Key

othentic-cli [SUB-COMMAND-1] [SUB-COMMAND-2] --private-key <RAW_PRIVATE_KEY>

For example:

othentic-cli node aggregator --private-key 81da2278784f2d3011513661fe5d7bebf7c6514d64667c4bf33a5b81221c5b37

Or by using env variables:

# .env file
...
PRIVATE_KEY=81da2278784f2d3011513661fe5d7bebf7c6514d64667c4bf33a5b81221c5b37
...

Last updated