To be able to sign transactions using the Utila CLI and the co-signer, a device and key shares are needed.
This guide will walk you through the creating of a device, and the download of the key shares.
1. Create a Device
Each device requires a key pair.
You can either provide an existing private key (for example, re-use the private key that is used for the service account) or let the CLI generate a new one automatically.
To register a new device, use the utila devices register command.
Example
Creating a device using an existing private key:
utila devices register --vault-id <vault-id> --private-key-path <private-key-file-path>
Example
Creating a device with a newly generated key:
utila devices register --vault-id <vault-id> --generate-key
The device private key is getting stored in the local configuration directory.
After running this command, the device will be created but must still be approved by the Admin Quorum before it can be used. The command will output the fingerprint of the device's private key, be sure to share the fingerprint with the admin who is going to sign the device.
2. Approve the Device
The new device must be approved by the admin quorum. Use the Utila mobile app to approve and sign the service account's device.
Once approved, encrypted wallet key shares are generated and uploaded to Utila for the device.
3. Download the key shares
Now that the device has been approved and signed by the admin quorum, and the encrypted wallet key shares were generated and uploaded for the new device, run the utila keys download command to download and decrypt the key shares.
Example
Downloading the key shares of the device:
utila keys download --vault-id <vault-id> --device-id <device-id>
These key shares are required for signing transactions with the Utila CLI.
Now your device is fully set up, and you’re ready to start signing transactions.