Backup & Recovery

Suggest Edits

As outlined within the Backup and Recovery guide, this functionality enables the creation of an encrypted copy of the end-user key share, which can be transmitted to Fireblocks for safekeeping. This process becomes essential in scenarios where a user may lose access to their device or need to transition to a new one.

The recovery passphrase needed for AES encryption of the end-user key share must be generated either by the application or by the user themselves. It is of utmost importance that the end-user securely preserves this passphrase. This precaution ensures that in the event of a recovery situation, the encrypted key share can be decrypted, granting the user access to their key and enabling them to operate as usual.

Backing up the passphrase can be accomplished through various methods, and Fireblocks does not mandate any specific approach. For instance, the user can opt to store the recovery passphrase in their iCloud account or on Google Drive. Furthermore, they may choose to download and keep it locally on their device.

Backup

await fireblocksNCW.backupKeys(passphrase);

// create a symmetric key for the encryption of the backup
var backupEncryptionKey = fireblocksSdk.generateRandomPassPhrase();

// store the backupEncryptionKey somewhere (user’s iCloud/Google, d/l, convert to seed phrase or other)

// backup the keys (including encryption)
fireblocks.backupKeys(backupEncryptionKey) {
   Timber.d("Backup keys result: $it")
}


let passphrase = Fireblocks.generateRandomPassPhrase()
// using concurrency
let result = await instance.backupKeys(passphrase: passphrase)

<--- OR --->

// using callback
try instance?.backupKeys(passphrase: passphrase, callback: { [weak self] result in
//handle result
})

Recovery

await fireblocksNCW.recoverKeys(passphrase);

// recover the backed up keys. We will use the given backupEncryptionKey to decrypt the keys
fireblocks.recoverKeys(backupEncryptionKey) {
    Timber.d("Recover keys result: $it")
}


// using concurrency 
let result = await instance.recoverKeys(passphrase: passphrase)

<--- OR --->
    
// using callback
try instance.recoverKeys(passphrase: passphrase, callback: { [weak self] result in
	//handle result
})

Updated about 1 month ago