Overview
The Midnight Glacier Drop is a large-scale token distribution by the Midnight network, allocating NIGHT governance tokens to eligible addresses across eight major blockchains based on a snapshot of eight blockchains:
- Cardano (ADA)
- Bitcoin (BTC)
- Ethereum / EVM (ETH, BNB & BAT)
- Solana (SOL)
- Avalanche (AVAX)
- Ripple (XRP)
Claimants must prove control over their eligible addresses and provide an unused Cardano address to receive their tokens. Initially, all claimed tokens are “frozen” and become available gradually over a one-year thawing (unlocking) schedule, ensuring a more equitable and secure distribution process. After claiming, users can also redeem thawed NIGHT tokens according to Midnight's unlock schedule.
Fireblocks enables eligible users to securely claim, redeem, monitor, and manage Midnight’s NIGHT tokens via the external SDK or desktop application, allowing users to connect their Fireblocks accounts and participate in NIGHT token claims with full auditability, compliance, and industry-leading MPC security.
Before you begin
To use either the SDK or the desktop app solution, you must have Raw Signing enabled in your Fireblocks workspace. Please contact your Customer Success Manager for more information.
Our solutions
The Fireblocks solution provides two interfaces for NIGHT claims, each sharing infrastructure and security features. Both options ensure that only authorized workspace users can access, claim, redeem, and manage NIGHT allocations.
Option 1: SDK with REST API
Ideal for technical teams and integrators, and providing direct programmatic access to all NIGHT endpoints, the NIGHT SDK enables developers to:
- Fetch vault addresses from Fireblocks
- Check addresses for eligibility for claiming NIGHT tokens
- Submit a claim transaction using Typed Messaging or Raw Signing
- Redeem NIGHT tokens
- Transfer NIGHT tokens between addresses
- Retrieve claims history for an address
Option 2: Desktop UI application
Recommended for non-technical users, this Electron-based local application provides an intuitive interface to:
- View vault accounts and balances
- Claim NIGHT tokens for eligible wallets
- Redeem NIGHT tokens
- Transfer NIGHT tokens
- Monitor transaction history
Currently available on macOS and Linux.
Installation & Setup
To request the activation of this feature, please reach out to your Customer Success Manager. Please note that the Raw Signing capability is classified as a premium feature and may incur an additional platform fee if enabled.
Additionally, it is essential to recognize that the Raw Signing feature can introduce potential security vulnerabilities. You must strictly follow all Fireblocks security guidelines and best practices when utilizing RAW signing to minimize associated risks.
Learn more about Fireblocks Raw Signing here. For detailed information or assistance, please contact the Fireblocks team at any time.
To claim the Midnight Glacier Drop, eligible wallets are required to sign a specific claim message, which is structured according to the requirements set by the Midnight Foundation. The SDK or Desktop application takes care of generating these messages and submitting them to your Fireblocks workspace for signing.
Depending on the blockchain asset, the signature request will use either the Typed Message Signing or Raw Signing operation. For example:
- For networks like Ethereum, Avalanche, BAT, Binance Smart Chain, and Bitcoin, Fireblocks supports the Typed Message Signing mechanism and will use it for these claims.
- On the other hand, claims for Solana and Cardano require Raw Signing, as these assets are not supported under the Typed Message Signing method in Fireblocks.
To enable either of these signing operations, your workspace must have a dedicated Policy rule in place for each signing method to ensure the claim process can proceed successfully.
Typed Message Signing Policy rule
- You must create a dedicated Typed Message Policy rule in Fireblocks. The rule specifies which users/groups, vaults, and assets can sign such messages.
- Typed Message rules do not include destination or amount restrictions, since off-chain messages do not “move value” or go to a specific address.
- When a user or API client tries to sign a Typed Message, the Policy Engine checks for a matching Typed Message rule and its parameters (initiator, source, asset). If no matching rule exists, the attempt is blocked (“Blocked by Policy”).
- In the Fireblocks Console and mobile app, the signed message is shown in a human-readable format for review and approval, which boosts security.
- You can enforce approval requirements, such as multi-approver or designated signer, by configuring policy parameters.
Raw Message Signing Policy rule
- All Raw Signing transactions are blocked by default. You must create Policy rules to explicitly allow the Raw transaction type.
- You should specify who can initiate and who can approve Raw transactions. Best practice is to require a two-tier setup (initiator and a human approver) or use an API user plus a human validator. For better security, avoid initiator rules with Any as the initiator when possible.
- Limit rules to only the source vault accounts, and ideally, the specific assets and derivation paths needed for your workflow.
- Raw Signing rules do not support amount caps or destination controls. This is a major risk compared to normal transfer/contract call rules.
- Raw Signing should be tightly scoped and temporary where possible. Remove or update RAW rules immediately after use if the need is one-off.
- Always set up multi-approver or designated signer flows for additional oversight.
- Avoid using the Any vault or Any user values unless necessary. More granular = more secure.
- Educate all users on the risks. Raw Signing can bypass most usual controls and is equivalent to signing a “blank check.”
- Consider using an API Co-signer with a Callback Handler for programmatic and additional business logic validation.
To get started with the SDK, clone our public repository.
The repository's README.md file contains all setup and deployment instructions, as well as TypeDoc documentation. Follow those steps to complete your local or Docker-based environment.
The Fireblocks x NIGHT Desktop Application provides a full-featured, user-friendly interface for managing NIGHT token claims.
Designed for users who prefer not to work with code, the application offers secure local access to your Fireblocks vaults and transaction signing workflows via Typed Messages and Raw Signing. It includes biometric authentication, claim and transaction history, address management, and real-time updates.
Key features
- Secure authentication: Uses your system's biometric authentication (Touch ID on Mac) to protect access.
- Vault account management: View and create vault accounts.
- NIGHT token management: Check balances, claim, redeem, and transfer NIGHT tokens securely.
- Claim & Transaction history: View NIGHT claim and transaction details and history per vault account.
- Real-time updates: Monitor pending actions with notifications.
Prerequisites
- Fireblocks RAW signing feature enabled
- Fireblocks API user
- Policy rule in place
Getting started
Download the app
Download the app from our GitHub repo here.
First launch
If this is your first time opening the app after downloading it directly from the developer, you may need to right-click the app icon and select Open to bypass security warnings.
- Double-click the Fireblocks x NIGHT app icon.
- When prompted, authenticate using Touch ID (on Mac) or your system's configured authentication method.
- After the welcome screen introduces the application, select Get Started to begin setting up your credentials.
Setting up your API keys
The application requires two types of credentials to function: Fireblocks API credentials (connects to your Fireblocks account) and a Blockfrost Project ID (optional, required for NIGHT token transfers).
On the API Key Setup screen, you can:
- Generate a new Certificate Signing Request (CSR): Click through the guided steps to generate an RSA key and CSR. Then, download the CSR file and upload it to your Fireblocks account. Enter your API key from Fireblocks when prompted.
- Use existing credentials: If you already have credentials, then you can enter them directly. Simply follow the on-screen instructions to complete the process.
Once your credentials are validated, the app will securely store them in the system's keychain and move to the next setup screen.
Setting Up Blockfrost Project ID (optional)
- First, you need to obtain a Blockfrost user and Project ID (free of charge).
- On the Blockfrost Project ID setup screen, enter the Project ID that you received from the Blockfrost dashboard.
- Select Save and Continue to validate and store the key.
Once your Project ID is validated, you will be redirected to the main dashboard.
Main dashboard
The main dashboard shows all your Fireblocks Vault accounts.
Key elements
- Header: Contains the app title, notification bell, and Settings button.
- Search bar: Filter Vault accounts by name or ID.
- Filter toggle: Show only accounts with ADA wallets or NIGHT balances.
- Refresh button: Refresh the list of Vault accounts and the NIGHT balances.
- Create button: Add new Vault accounts.
- Vault account list: Shows your Vault accounts and their balances.
Viewing Vault account details & Transaction history
The Vault Account table shows each Vault account's name and ID, its total NIGHT token balance, and any status indicators for pending transactions. Select any Vault account to view its details page, which includes:
- Account information
- Vault account name and ID
- NIGHT token balance information
From a Vault account's details page, you can also:
- Make claims: Verify and claim NIGHT tokens through a modal interface
- Transfer NIGHT: Transfer NIGHT tokens (requires Blockfrost Project ID)
- Show addresses: Display wallet addresses for the vault account
- Transaction history: View detailed claim & transaction history for the account
Creating a new Vault account
- Select Create Vault Account.
-
Enter the required information.
- If you want to associate the Vault account with a customer reference ID for Anti-Money Laundering (AML) purposes, enter that ID in the Customer Reference ID field. Otherwise, leave it blank.
- If you want the Vault account to be hidden from the Fireblocks Console, toggle on Hidden from UI. Otherwise, leave it off.
- If you want your workspace's Gas Station to auto-fuel the Vault account, toggle on Auto-Fuel. Otherwise, leave it off.
- Select Create Account. A BSV wallet will automatically be created in your new Vault account.
Claiming NIGHT
To claim NIGHT tokens:
- Go to the appropriate Vault account's details page and select Make Claims.
- On the claim window, choose which blockchain asset (ADA, BTC, etc.) you want to claim NIGHT tokens from using the dropdown menu. In case of a UTXO asset, a new dropdown menu will appear to let you choose a specific address.
-
Pick whether to send claimed tokens to:
- Vault Account: Another vault within your Fireblocks workspace. This action will create a new ADA address.
- ADA Address: An external ADA wallet address. Note that this address has to be unused (fresh).
- Check the transaction summary showing source, destination, and claimable amount, then select Confirm Transaction. Note that NIGHT claims will initially appear with the "In process" status until they are approved by the Midnight API.
- Authenticate with Touch ID when prompted.
- After the confirmation appears, indicating the claim has been submitted, sign the transaction using the Fireblocks mobile app.
Redeeming NIGHT
Redeeming allows you to make NIGHT tokens fully available according to Midnight's vesting schedule. To redeem NIGHT tokens:
- Navigate to the relevant Vault account details page.
- Select Redeem NIGHT & View Addresses.
-
In the open window, review the list of addresses associated
with
the Vault account and select the address from which you want
to redeem NIGHT tokens. Addresses with redeemable tokens
will
show a
Redeemablestatus. - Select Redeem.
- Review the redemption details to verify the destination address and redeemable amount.
- Confirm the transaction.
Settings & Security
To access the app's settings, select the gear icon in the top-right corner of the app.
Security settings
- Authentication Lock Time: Set how long the app stays authenticated before requiring reauthentication. Enter the number of minutes (1-60), then select Save to apply the new timeout value. The next time your session expires, you'll have to reauthenticate with Touch ID.
Credentials management
- Change Fireblocks API Credentials: Remove the current credentials and enter new ones.
- Change Blockfrost Project ID: Remove the current Blockfrost Project ID and enter a new one.
- Log Out: Exit your current session and remove all credentials from the system's keychain. To log back in, you will have to go through the initial setup process again.
Troubleshooting
Some common issues with the Fireblocks x NIGHT desktop app can include the following.
Authentication problems
- Touch ID not working: Ensure Touch ID is properly set up in your system preferences.
- Authentication timeout too short: Increase the timeout value in Settings.
- Balance not updating: Select the Refresh button on the Vault accounts list or the Transaction History.
-
Pending transactions: Some transactions
may take time to
be confirmed on the blockchain.
Connection issues: Check your internet connection and restart the app.
API connection errors
- Invalid API key: Verify your Fireblocks API key is correct and has the appropriate permissions.
- Invalid Blockfrost Project ID: Verify your Blockfrost Project ID is correct.
Transaction failed
- Insufficient balance: Ensure you have enough tokens for the transaction plus fees.
- Network issues: The Midnight API may be experiencing congestion.
Getting app support
If you continue to experience one or more of these issues after troubleshooting, contact your Fireblocks Customer Success Manager and ask for assistance from the Professional Services team.