Backup and Recovery

🚧

Key backup configuration

Key backups are required by default in Fireblocks workspaces. If you want to make them optional, submit a request to Fireblocks Support (requires a Fireblocks Help Center login).

Please note that when key backups are not required, end users can start using their wallets without a backup (but can create one later). Fireblocks highly recommends users create backups since it helps to ensure they will have access to their funds.

As outlined within the Backup and Recovery guide, this functionality enables the creation of an encrypted copy of the end-user key share, which can be transmitted to Fireblocks for safekeeping. This process becomes essential when a user may lose access to their device or need to transition to a new one.

The recovery passphrase needed for AES encryption of the end-user key share must be generated either by the application or by the user. It is of utmost importance that the end-user securely preserves this passphrase. This precaution ensures that the encrypted key share can be decrypted in the event of a recovery situation, granting the user access to their key and enabling them to operate as usual.

Backing up the passphrase can be accomplished through various methods, and Fireblocks does not mandate any specific approach. For instance, the user can opt to store the recovery passphrase in their iCloud account or on Google Drive. Furthermore, they may download and keep it locally on their device.

Backup

await fireblocksNCW.backupKeys(passphrase, passphraseId);
// create a symmetric key for the encryption of the backup
var backupEncryptionKey = fireblocksSdk.generateRandomPassPhrase();

// store the backupEncryptionKey somewhere (user’s iCloud/Google, d/l, convert to seed phrase or other)

// backup the keys (including encryption)
fireblocks.backupKeys(passphrase, passphraseId) {
  Timber.d("Backup keys result: $it")
  callback.invoke(it)
}


let passphrase = Fireblocks.generateRandomPassPhrase()
// using concurrency
let result = await instance.backupKeys(passphrase: passphrase)

<--- OR --->

// using callback
try instance?.backupKeys(passphrase: passphrase, callback: { [weak self] result in
//handle result
})

Recovery

await fireblocksNCW.recoverKeys(passphraseResolver);
// recover the backed up keys. We will use the given backupEncryptionKey to decrypt the keys
Fireblocks.getInstance(deviceId).recoverKeys(passphraseResolver = passphraseResolver) {
	Timber.d("Recover keys result: $it")
  callback.invoke(it)
}

// using concurrency 
let result = await instance.recoverKeys(passphrase: passphrase)

<--- OR --->
    
// using callback
try instance.recoverKeys(passphrase: passphrase, callback: { [weak self] result in
	//handle result
})