Skip to main content

Verifying a recovery package

  • Updated

Important: You must perform this procedure on an offline machine.

 

To verify your recovery package:

  1. Open the Recovery Utility on an offline machine, then select Verify Recovery Kit. You can also select Verify on the left menu.
  2. Complete the following fields:
    1. Recovery Kit: Drop or select the full recovery kit ZIP file that you generated or that you received from Fireblocks.
    2. Recovery Private Key: Drop or select the private key file corresponding to the public key used to encrypt the recovery package.
    3. Mobile App Recovery Passphrase: Enter the workspace Owner's recovery passphrase.
    4. Recovery Private Key Passphrase: Enter the passphrase set for the private key file.
  3. Select Verify Recovery Kit.
  4. After you verify the recovery package, you will see the ECDSA and EdDSA extended public keys and verification codes (see note below). Since extended public keys are considered sensitive information, you must compare the verification code for each extended public key with the ones you see in the console.

    Note:

    Verification codes are SHA-256 checksums of the extended public keys of the workspace used for securely verifying the integrity of the backups.


    Recovery Utility view    :

    FBConsole_ExtendedPublicKeys.png

  5. In your Console, go to the Settings > Key Backup > In-house backup section and select Verify backup. A dialog will appear, including your verification codes:

  6. Once you confirm the verification codes match between the Recovery Utility and the Console, mark all the checkboxes and select Verify to complete the backup process.

  7. If your in-house backup is already in completed state, you can select the three-dot menu and Show verification codes to see your verification codes:

Use auto-generated passphrase

If you auto-generated a passphrase during your workspace's initial setup, select the Use auto-generated passphrase checkbox. Selecting this option causes the following changes:

  • The Mobile App Recovery Passphrase field changes into the Auto-Generate Private Key Passphrase field.
  • The Auto-Generated Passphrase Private Key field appears.

In the Auto-Generate Private Key Passphrase field, enter the auto-generated passphrase set for the private key file.

In the Auto-Generated Passphrase Private Key field, drop or select the private key file corresponding to the public key used to encrypt the auto-generated passphrase file.

Learn about recovering private key material here.

Was this article helpful?
2 out of 2 found this helpful

Related Articles