Injective | Documentation
InjectiveGithub
Injective | Documentation
Injective | Documentation
  • About Injective
  • Getting Started
    • Wallet
      • Create a wallet
      • Accounts
      • Staking
      • Governance
      • Auction
    • Token Standards
      • INJ coin
      • Token Factory
      • CW20 Standard
    • Transactions
      • Gas and Fees
  • Guides
    • Create a Wallet
    • Bridge
      • From Ethereum
      • Using Wormhole
      • Using IBC
      • From Solana
    • Launch a Token
    • Launch a Market
    • Denom Metadata
    • Get INJ
  • Toolkits
    • injectived
      • Install injectived
      • Using injectived
      • Commands
    • Injective TS SDK
    • Injective Go SDK
    • Injective Python SDK
    • Injective CW SDK
    • Injective Rust
    • The Graph
  • References
  • Glossary
  • Developers
    • Getting Started
      • Guides
        • Testnet Proposals
        • Convert addresses
        • Calculations
          • Min Price Tick Size
          • Min Quantity Tick Size
        • Testnet Faucet Integration
    • Exchange Developers
      • Build a DEX
      • Provider Oracle
    • Cosmwasm Developers
      • Your First Smart Contract
      • Guides
        • Local Development
        • Mainnet Deployment
        • Whitelisting deployment address
        • Create your Swap Contract
        • Creating UIs
      • Using Injective Queries and Messages
      • CW20 Adapter
      • Injective Test Tube
    • Modules
      • Injective
        • Auction
          • State
          • Messages
          • EndBlock
          • Events
          • Params
          • Errors
        • Exchange
          • Derivative Markets Concepts
          • Spot Markets Concepts
          • Binary Option Markets Concepts
          • Other Concepts
          • State
          • State Transitions
          • Messages
          • Proposals
          • BeginBlock
          • EndBlock
          • Events
          • Params
          • MsgPrivilegedExecuteContract
          • Errors
        • Insurance
          • State
          • State Transitions
          • Messages
          • EndBlock
          • Events
          • Params
          • Improvements
          • Errors
        • OCR
          • Concepts
          • State
          • Messages
          • Proposals
          • BeginBlock
          • Hooks
          • Events
          • Params
          • Errors
        • Oracle
          • State
          • Keeper
          • Messages
          • Proposals
          • Events
          • Improvements
          • Errors
        • Peggy
          • Definitions
          • Workflow
          • State
          • Messages
          • Slashing
          • EndBlock
          • Events
          • Params
          • Relay Semantics
          • Improvements
          • Errors
        • Permissions
          • Concepts
          • State
          • State Transition
          • Errors
        • TokenFactory
          • Concepts
          • State
          • Messages
          • Events
          • Params
          • Errors
        • WasmX
          • Concepts
          • Data
          • Proposals
          • Messages
          • Params
          • Errors
        • Lanes
        • TxFees
      • Core
        • Auth
        • AuthZ
        • Bank
        • Consensus
        • Crisis
        • Distribution
        • Evidence
        • Feegrant
        • Gov
        • Group
        • Mint
        • NFT
        • Params
        • Slashing
        • Staking
        • Upgrade
        • Circuit
        • Genutils
    • dApps Documentation
  • Nodes
    • Getting Started
      • Interact with a node
      • Running a node
        • Setting up the keyring
        • Join a network
        • Cosmovisor
        • Upgrade your node
    • Validators
      • Mainnet
        • Peggo
        • Canonical Chain Upgrades
          • Upgrade to 10002-rc1
          • Upgrade to 10002-rc2
          • Upgrade to 10003-rc1
          • Upgrade to 10004-rc1
          • Upgrade to 10004-rc1-patch
          • Upgrade to 10005-rc1
          • Upgrade to 10006-rc1
          • Upgrade to 10007-rc1
          • Upgrade to 10008 - Camelot
          • Upgrade to 10009
          • Upgrade to v1.10
          • Upgrade to v1.11
          • Upgrade to v1.12.0 - Volan
          • Upgrade to v1.12.1
          • Upgrade to v1.13.0 - Altaris
          • Upgrade to v1.13.2
          • Upgrade to v1.13.3
          • Upgrade to v1.14.0
          • Upgrade to v1.14.1
          • Upgrade to v1.15.0
      • Testnet
        • Testnet Peggo
    • Public Endpoints
    • Premium Endpoints
    • Injective Indexer Setup
  • Traders
    • Getting Started
    • Documentation
    • API Reference
  • Useful Links
    • Injective 101
    • Injective Hub
    • Injective Explorer
    • Chain API Reference
    • Indexer API Reference
    • Testnet Faucet
Powered by GitBook
On this page
  • Available backends for the keyring
  • Adding keys to the keyring
Edit on GitHub
Export as PDF
  1. Nodes
  2. Getting Started
  3. Running a node

Setting up the keyring

PreviousRunning a nodeNextJoin a network

Last updated 6 months ago

This document describes how to configure and use the keyring and its various backends for an Injective node. injectived should be installed prior to setting up the keyring. See the for more information.

The keyring holds the private/public keypairs used to interact with the node. For instance, a validator key needs to be set up before running the Injective node, so that blocks can be correctly signed. The private key can be stored in different locations, called "backends", such as a file or the operating system's own key storage.

Available backends for the keyring

The os backend

The os backend relies on operating system-specific defaults to handle key storage securely. Typically, an operating system's credential sub-system handles password prompts, private keys storage, and user sessions according to the user's password policies. Here is a list of the most popular operating systems and their respective passwords manager:

  • macOS (since Mac OS 8.6):

  • Windows:

  • GNU/Linux:

GNU/Linux distributions that use GNOME as default desktop environment typically come with . Users of KDE based distributions are commonly provided with . Whilst the former is in fact a libsecret convenient frontend, the latter is a kwallet client.

os is the default option since operating system's default credentials managers are designed to meet users' most common needs and provide them with a comfortable experience without compromising on security.

The recommended backends for headless environments are file and pass.

The file backend

The file stores the keyring encrypted within the app's configuration directory. This keyring will request a password each time it is accessed, which may occur multiple times in a single command resulting in repeated password prompts. If using bash scripts to execute commands using the file option you may want to utilize the following format for multiple prompts:

# assuming that KEYPASSWD is set in the environment
yes $KEYPASSWD | injectived keys add me
yes $KEYPASSWD | injectived keys show me
# start injectived with keyring-backend flag
injectived --keyring-backend=file start

The first time you add a key to an empty keyring, you will be prompted to type the password twice.

The pass backend

The password store must be set up prior to first use:

pass init <GPG_KEY_ID>

Replace <GPG_KEY_ID> with your GPG key ID. You can use your personal GPG key or an alternative one you may want to use specifically to encrypt the password store.

The kwallet backend

The test backend

The test backend is a password-less variation of the file backend. Keys are stored unencrypted on disk.

Provided for testing purposes only. The test backend is not recommended for use in production environments.

The memory backend

The memory backend stores keys in memory. The keys are immediately deleted after the program has exited.

Provided for testing purposes only. The memory backend is not recommended for use in production environments.

Adding keys to the keyring

You can use injectived keys for help about the keys command and injectived keys [command] --help for more information about a particular subcommand.

You can also enable auto-completion with the injectived completion command. For example, at the start of a bash session, run . <(injectived completion), and all injectived subcommands will be auto-completed.

To create a new key in the keyring, run the add subcommand with a <key_name> argument. For the purpose of this tutorial, we will solely use the test backend, and call our new key my_validator. This key will be used in the next section.

$ injectived keys add my_validator --keyring-backend test

# Put the generated address in a variable for later use.
MY_VALIDATOR_ADDRESS=$(injectived keys show my_validator -a --keyring-backend test)

This command generates a new 24-word mnemonic phrase, persists it to the relevant backend, and outputs information about the keypair. If this keypair will be used to hold value-bearing tokens, be sure to write down the mnemonic phrase somewhere safe!

By default, the keyring generates a eth_secp256k1 keypair. The keyring also supports ed25519 keys, which may be created by passing the --algo ed25519 flag. A keyring can of course hold both types of keys simultaneously.

The pass backend uses the utility to manage on-disk encryption of keys' sensitive data and metadata. Keys are stored inside gpg encrypted files within app-specific directories. pass is available for the most popular UNIX operating systems as well as GNU/Linux distributions. Please refer to its manual page for information on how to download and install it.

pass uses for encryption. gpg automatically invokes the gpg-agent daemon upon execution, which handles the caching of GnuPG credentials. Please refer to gpg-agent man page for more information on how to configure cache parameters such as credentials TTL and passphrase expiration.

The kwallet backend uses KDE Wallet Manager, which comes installed by default on the GNU/Linux distributions that ships KDE as default desktop environment. Please refer to for more information.

Install injectived page
Keychain
Credentials Management API
libsecret
kwallet
Seahorse
KDE Wallet Manager
pass
GnuPG
KWallet Handbook