fdctl keys command provides utilities for managing Agave-style validator identity keypairs.
Subcommands
keys pubkey
Prints the base58 encoding of the public key in the file at the specified path to standard output and exits.Usage
Arguments
Path to an Agave-style
identity.json key fileOutput
The command writes the base58-encoded public key tostdout and diagnostic messages from logs to stderr.
Example
keys new
Creates a new keypair from the kernel random number generator and writes it to the file specified at the path.Usage
Arguments
Path where the new keypair file will be created
Path to a configuration TOML file which determines the user creating the file
Behavior
The default user for the operation is the user running the command and should have write access to the specified path. The user can be changed by specifying it in the TOML configuration file.Configuration Example
user field is provided, the keypair will be created with that user’s permissions.
Example
- Basic Usage
- With Config
Create a keypair as the current user:
Key File Format
Both subcommands work with Agave-styleidentity.json keypair files. These files contain:
- The keypair in JSON format
- Compatible with Agave validator software
- Can be used interchangeably between Firedancer and Agave
Security Best Practices
Backup Your Keys
Always maintain secure backups of your validator identity keys in multiple locations.
Related Commands
- fdctl run - Run the validator with an identity key
- fdctl set-identity - Change a running validator’s identity