Skip to main content

Fireblocks Onboarding Guide

  • Updated

Overview

This article aims to help you complete the Fireblocks onboarding process and start using your workspace as quickly and efficiently as possible. The onboarding process varies depending on your specific use case.

Here are common use cases for Fireblocks:

  • Retail: This use case applies if you are using Fireblocks as an infrastructure for scaling retail operations for your customers. Typically, businesses with a retail use case have a high transaction frequency and a high number of wallet addresses.
    • Examples: Fintech companies, crypto exchanges, and banks
  • Custody: This use case applies if you are using Fireblocks for holding customer funds or storing your own assets in a secure infrastructure. Typically, custodians have a low transaction frequency and a low number of vault accounts.
    • Examples: Venture Capital firms and commercial/investment/custodial banks
  • Trading: This use case applies if you are using Fireblocks for trading digital assets and connecting to counterparties. Typically, trading firms have an average transaction frequency, and they utilize whitelisted addresses and integrated accounts.
    • Examples: Over-the-Counter (OTC) trading desks, hedge funds, trading firms, and brokers

Use the onboarding guide for the use case that most closely corresponds with your business needs. You can always come back to this article at a later time to use instructions from other use cases.

Note

Video tutorials are available in many of the articles linked below. You can also visit the Video Hub for all of our videos.

online rounded corner.svg = This icon appears next to items that have step-by-step tutorials in the Fireblocks Console. Click the icon to access the tutorial.

Retail onboarding guide

  1. After receiving your invitation, follow the user setup guide to access your Fireblocks workspace and complete the registration process. Note that your Fireblocks Console sessions will timeout after one hour of inactivity, and you will be automatically logged out. This one-hour timeout period is fixed, so you cannot request to change it.
  2. Review the available user roles for your workspace.
  3. Add Console users online rounded corner.svg.
  4. Create vault accounts online rounded corner.svg and asset wallets online rounded corner.svg to form a Sweep-to-Omnibus Vault structure. This structure uses vault accounts for each end client and a central vault account where funds are swept.
    • You can quickly set up vault accounts for a large number of clients and automate the movement of funds when receiving deposits from customers.
    • Example
  5. Connect your exchange accounts online rounded corner.svg and fiat accounts online rounded corner.svg.
  6. Connect to counterparties using whitelisted addresses online rounded corner.svg and the Fireblocks Network online rounded corner.svg.
  7. Learn how to withdraw and deposit assets online rounded corner.svg.
  8. Learn how to track incoming transactions using the List Transactions API call or webhooks.
  9. Update the Admin Quorum online rounded corner.svg to your preferences.
  1. Read the REST API developer guide to learn more about available endpoints and view code examples.
  2. Add API users.
  3. Set up your API Co-Signer so you can automate transaction signing and approvals for workspace changes.
  4. Configure a server for your API Co-Signer.
  5. Determine your preferred transaction flow. You can initiate or sign transactions with your API using one of the following transaction flows:
    • In a semi-automated transaction flow, an API user (Editor or Non-Signing Admin) initiates transactions, and a Fireblocks Console user signs the transaction with their mobile device.
    • In a fully automated transaction flow, an API user (Signer or Admin) initiates transactions, and the API co-signer automatically signs the transaction. There are two setups for a fully automated transaction flow:
      1. Simple setup (usually for testing): One API user (Signer or Admin) is used to initiate transactions and connect to your API Co-Signer.
      2. Production setup (recommended for mainnet usage): One API user (Editor) initiates transactions and a second API user (Signer or Admin) is deployed on your API Co-Signer machine (secured within the SGX enclave) for signing transactions.
  6. If needed, set up additional API users for actions other than initiating or signing transactions.
    • API users with the Approver role can approve certain transactions according to the Transaction Authorization Policy (TAP) as part of a 2-tier approval process.
    • API users with the Viewer role have read-only access to the workspace, can audit workspace activity and transaction logs, and receive webhook events.
  7. Follow these API best practices:
  1. Review the following articles about the Transaction Authorization Policy (TAP):
  2. Build and publish your TAP.
  3. After you receive confirmation that your workspace Owner and Admin Quorum have approved your TAP, test the transaction policies by withdrawing funds.
  1. Learn about accessing Web3 applications using Fireblocks.
  2. Review the Fireblocks Smart Contract API for Web3 operations.
  3. Set up your Web3 connections using WalletConnect, the Fireblocks Chrome Extension, or MetaMask Institutionalonline rounded corner.svg
  4. Learn more about NFT support on Fireblocks.
  5. Apply an amount cap on contract calls.
  6. Review the DeFi security best practices article.
  7. Make sure your TAP accommodates Web3 and Decentralized Finance (DeFi).
  1. Enable the One-Time Address feature, then send transactions to one-time addresses using the Create a transaction endpoint.
  2. Enable the AML feature for transaction screening and monitoring.
  3. Enable the Gas Station feature.

Important

Backing up your private key is essential. This process must be completed within 14 days of workspace creation as agreed in your contract with Fireblocks. Setting up the offline backup is required for reconstructing your private key in the event of a disaster. Complete the backup process before engaging in any significant financial activity.

  1. Learn about your backup and recovery options.
  2. Complete the Key Share Backup for your mobile key shares. Your mobile device stores your MPC key share used for signing transactions.
  3. Complete the Workspace Keys Backup. This process can be completed using a self-serve option or a third-party Disaster Recover Service (DRS).
  4. If you completed the Workspace Keys Backup using the self-serve option, learn how to load your private keys to third-party wallets. Recovery is only necessary in the event of a disaster.

You must complete both Key Share Backup and Workspace Keys Backup before receiving funds into your Fireblocks Vault.

Custody onboarding guide

  1. After receiving your invitation, follow the user setup guide to access your Fireblocks workspace and complete the registration process. Note that your Fireblocks Console sessions will timeout after one hour of inactivity, and you will be automatically logged out. This one-hour timeout period is fixed, so you cannot request to change it.
  2. Review the available user roles for your workspace.
  3. Add Console users online rounded corner.svg.
  4. Create vault accounts online rounded corner.svg and asset wallets online rounded corner.svg to form a Segregated structure. With this structure, assets are stored in individual vault accounts until the end client requests to withdraw funds.
    • You may find this useful for rehypothecating funds in your custody. This structure can also be useful for internal treasury purposes.
  5. Set up wallet addresses for the native tokens and ERC-20 assets you intend to custody.
  6. Connect your exchange accounts online rounded corner.svg and fiat accounts online rounded corner.svg.
  7. Connect to counterparties using whitelisted addresses online rounded corner.svg and the Fireblocks Network online rounded corner.svg.
  8. Learn how to withdraw and deposit assets online rounded corner.svg.
  9. Learn how to track incoming transactions using List Transactions API call or webhooks.
  10. Update the Admin Quorum online rounded corner.svg to your preferences.
  1. Review the following articles about the Transaction Authorization Policy (TAP):
  2. Build and publish your TAP.
  3. After you receive confirmation that your workspace Owner and Admin Quorum have approved your TAP, test the transaction policies by withdrawing funds.
  1. Learn about accessing Web3 applications using Fireblocks.
  2. Review the Fireblocks Smart Contract API for Web3 operations.
  3. Set up your Web3 connections using WalletConnect, the Fireblocks Chrome Extension, or MetaMask Institutional. online rounded corner.svg
  4. Learn more about NFT support on Fireblocks.
  5. Apply an amount cap on contract calls.
  6. Review the DeFi security best practices article.
  7. Make sure your TAP accommodates Web3 and Decentralized Finance (DeFi).
  1. Enable the One-Time Address feature, then send transactions to one-time addresses using the Create a transaction endpoint.
  2. Enable the AML feature for transaction screening and monitoring.
  3. Enable the Gas Station feature.

Important

Backing up your private key is essential. This process must be completed within 14 days of workspace creation as agreed in your contract with Fireblocks. Setting up the offline backup is required for reconstructing your private key in the event of a disaster. Complete the backup process before engaging in any significant financial activity.

  1. Learn about your backup and recovery options.
  2. Complete the Key Share Backup for your mobile key shares. Your mobile device stores your MPC key share used for signing transactions.
  3. Complete the Workspace Keys Backup. This process can be completed using a self-serve option or a third-party Disaster Recover Service (DRS).
  4. If you completed the Workspace Keys Backup using the self-serve option, learn how to load your private keys to third-party wallets. Recovery is only necessary in the event of a disaster.

You must complete both Key Share Backup and Workspace Keys Backup before receiving funds into your Fireblocks Vault.

Trading onboarding guide

  1. After receiving your invitation, follow the user setup guide to access your Fireblocks workspace and complete the registration process. Note that your Fireblocks Console sessions will timeout after one hour of inactivity, and you will be automatically logged out. This one-hour timeout period is fixed, so you cannot request to change it.
  2. Review the available user roles for your workspace.
  3. Add Console users online rounded corner.svg.
  4. Create vault accounts online rounded corner.svg and asset wallets online rounded corner.svg to form a Segregated structure. With this structure, assets are stored in individual vault accounts until the end client requests to withdraw funds.
    • This structure allows you to separate proprietary assets from your customer assets. Further, you can create vault accounts for separating assets into additional classes, such as vault accounts for each portfolio manager, for withdrawals or deposits, or per corporate client.
  5. Connect your exchange accounts online rounded corner.svg and fiat accounts online rounded corner.svg.
  6. Connect to counterparties using whitelisted addresses online rounded corner.svg and the Fireblocks Network online rounded corner.svg.
  7. Learn how to withdraw and deposit assets online rounded corner.svg.
  8. Learn how to track incoming transactions using List Transactions API call or webhooks.
  9. Update the Admin Quorum online rounded corner.svg to your preferences.
  1. Review the following articles about the Transaction Authorization Policy (TAP):
  2. Build and publish your TAP.
  3. After you receive confirmation that your workspace Owner and Admin Quorum have approved your TAP, test the transaction policies by withdrawing funds.
  1. Learn about accessing Web3 applications using Fireblocks.
  2. Review the Fireblocks Smart Contract API for Web3 operations.
  3. Set up your Web3 connections using WalletConnect, the Fireblocks Chrome Extension, or MetaMask Institutional. online rounded corner.svg
  4. Learn more about NFT support on Fireblocks.
  5. Start staking assets.
  6. Apply an amount cap on contract calls.
  7. Review the DeFi security best practices article.
  8. Make sure your TAP accommodates Web3 and Decentralized Finance (DeFi).
  1. Enable the One-Time Address feature, then send transactions to one-time addresses using the Create a transaction endpoint.
  2. Enable the AML feature for transaction screening and monitoring.
  3. Enable the Gas Station feature.

Important

Backing up your private key is essential. This process must be completed within 14 days of workspace creation as agreed in your contract with Fireblocks. Setting up the offline backup is required for reconstructing your private key in the event of a disaster. Complete the backup process before engaging in any significant financial activity.

  1. Learn about your backup and recovery options.
  2. Complete the Key Share Backup for your mobile key shares. Your mobile device stores your MPC key share used for signing transactions.
  3. Complete the Workspace Keys Backup. This process can be completed using a self-serve option or a third-party Disaster Recover Service (DRS).
  4. If you completed the Workspace Keys Backup using the self-serve option, learn how to load your private keys to third-party wallets. Recovery is only necessary in the event of a disaster.

You must complete both Key Share Backup and Workspace Keys Backup before receiving funds into your Fireblocks Vault.

Additional reading

We recommend reading the following articles to learn more about the Fireblocks platform:

Was this article helpful?
3 out of 5 found this helpful

Related Articles