Overview
Fireblocks has partnered with CoinCover to offer a comprehensive Disaster Recovery Service (DRS) that includes backing up and securely holding your private key material. DRS enables you to maintain continuous access to your assets, even if you lose access to all of your key shares, or if Fireblocks suspends operations permanently due to a non-recoverable disaster.
What's included in the service
Workspace key backup
If you use a third-party DRS provider like CoinCover, you don't have to securely store and maintain an offline, air-gapped machine for reconstructing your private keys in case of a disaster. CoinCover does this for you, saving you time and resources for onboarding and maintenance. You only need to create an offline machine if a disaster occurs.
At any point, you can ask your third-party backup provider to destroy or replace your workspace key backup. You might request this if your workspace Owner forgets their recovery passphrase and wants to replace their recovery package without using their previous recovery passphrase as a component for recovering your key shares.
The diagram below provides an overview of the workspace key backup sent to CoinCover.
For workspace key recovery, you still need to remember your Owner's recovery passphrase. Requiring a full workspace key recovery is rarer than a key share recovery. If you forget your Owner's recovery passphrase, Fireblocks recommends resetting the passphrase and creating a new backup.
Key share backup for Owner users
CoinCover backs up your workspace Owner's key share with an auto-generated passphrase to enable recovery if you forget the Owner's key recovery passphrase and lose access to your Owner's key share. This can happen for any of the following reasons:
- You make changes to your device's biometric settings or lose your Fireblocks mobile app PIN code.
- You lose or damage your device.
- You are replacing your device.
- You delete the Fireblocks mobile app from your device.
When Fireblocks initiates a CoinCover backup, your workspace Owner needs to complete the backup on their Fireblocks mobile app.
The diagram below illustrates the structure of the key share backup with an auto-generated passphrase.
Onboarding to CoinCover
Step 1: Legal and commercial agreements
- Contact your Customer Success Manager to ask to onboard with CoinCover.
- Sign a Fireblocks Third Party Letter Agreement.
- Your Customer Success Manager provides you with CoinCover's Terms and Conditions to sign and a link to set up your Access Control List (ACL).
Step 2: Completion of workspace key backup with CoinCover
- Make sure the Owner's device is activated and fully enrolled with the MPC key share.
- Make sure the Owner's Fireblocks mobile app is updated to the latest version.
- Submit a Fireblocks Support ticket with the workspace name requiring backup.
- You receive a confirmation once CoinCover receives your workspace key backup from Fireblocks.
Step 3: Initiation and completion of key share backup with CoinCover
Once your workspace key backup is ready and sent to CoinCover, the Owner receives a notification on their mobile device. The notification, along with an action card in the mobile app, prompts the Owner to complete their key share backup:
- Tap the notification or the card to start the process.
- Tap Create backup.
- Enter your PIN.
- Authenticate your identity using your mobile phone's biometrics.
- A message confirms the backup is complete.
Your workspace Owner must complete the above steps manually. If they don't complete these steps, your key share backup is not complete. If the Owner recovery passphrase is reset, the workspace Owner was changed to a different user, or the Owner wants to initiate a test, contact Fireblocks Support to create a workspace key backup and key share backup for CoinCover.
Related articles
Fireblocks recommends reviewing these articles to understand the concepts of key share backup and recovery and workspace key backup and recovery.