Disaster Recovery for Fireblocks Key Share

TSI understands the importance of business continuity and asset accessibility, even in unforeseen circumstances. To address potential disruptions, TSI provides a disaster recovery plan with Fireblocks' tool kit, ensuring that your assets remain secure and accessible even if Fireblocks' services become unavailable.

Fireblocks Disaster Recovery Kit

Fireblocks provides a Disaster Recovery Kit that allows TSI to regenerate the Fireblocks key share (Key Share #1) in the event that Fireblocks ceases to exist or experiences a significant service disruption. This kit is designed to ensure that users can still access and manage their funds, even if Fireblocks is no longer operational.

How It Works

  1. Kit Generation: After TSI's onboarding with Fireblocks, a Disaster Recovery Kit is generated. This kit contains the master key of the Fireblocks workspace, which is essentially a seed used to generate key shares.

  2. Encryption and Storage: The kit is encrypted using a public key provided by TSI and then securely transmitted to TSI. TSI stores this encrypted kit separately from the corresponding private key.

  3. Key Reconstruction: In a disaster recovery scenario, TSI uses the Fireblocks Recovery Tool and the following components to reconstruct the necessary key share:

    • The encrypted Disaster Recovery Kit

    • The corresponding RSA private key

    • The wallet identifier of the specific wallet being recovered

With this information, the Fireblocks Recovery Tool can decrypt the kit, use the wallet identifier, and generate the corresponding Key Share #1.

User Key Recovery

Once TSI has recovered Fireblocks' key share (#1), users can combine it with their own key share (#2) to reconstruct their full private key. This allows them to access and manage their funds independently of the TSI platform, if necessary.

Important Notes

  • The Disaster Recovery Kit is designed specifically for recovering Fireblocks' key share. Users are still responsible for securely storing their own key share (#2) and passphrase.

  • TSI will communicate the disaster recovery process to users in the event of a Fireblocks service disruption.

  • This process ensures that users maintain access to their funds even in unforeseen circumstances, demonstrating TSI's commitment to security and business continuity.

Reference: https://ncw-developers.fireblocks.com/docs/disaster-recovery

PreviousFull Key RecoveryNextMPC Key Generation

Last updated