Concordium Client keys file format

I would like to use my own keys file for concordium client. The CLI doc says I can use a file when deploying a module.

Usage: concordium-client module deploy 


  --keys KEYS              Any number of sign/verify keys specified in a JSON file.

What is the format of that file? I can pass in an account address directly for --sender but how do I format the corresponding secret key info in that file?

I don’t think that’s very practical.

This is an encrypted file that will have the format

   "0": {
       "0": {
  "encryptedSignKey": {
    "cipherText": "...",
    "metadata": {
      "encryptionMethod": "AES-256",
      "initializationVector": "4zvUYv1ysOn2zr3NFNbglw==",
      "iterations": 100000,
      "keyDerivationMethod": "PBKDF2WithHmacSHA256",
      "salt": "xKpBsI+LCw12l9bFR75m2w=="
  "schemeId": "Ed25519",
  "verifyKey": "..."

with possibly more keys than 0,0, depending on how many credentials you have on your account.

The inner object is the same format as the keys the client stores in its configuration.

On linux this is at .config/concordium/accounts/$ACCOUNT/$CREDENTIAL/keypair$I.json

1 Like

I agree, that is not practical. Well, in that case I will leverage that you store the keys in an encrypted fashion and store the encryption password in my secrets manager for automation. Thanks.