ARCHIVE/xrpl-dev-portal
1
0
Fork 0
mirror of https://github.com/XRPLF/xrpl-dev-portal.git synced 2026-02-06 23:15:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: ARCHIVE:rewrite_send_multisigned_tutorial
Branches Tags
ARCHIVE:master ARCHIVE:rewrite_set_up_multisigning_tutorial ARCHIVE:rewrite_remove_regular_key_tutorial ARCHIVE:rewrite_disable_master_tutorial ARCHIVE:rewrite_send_multisigned_tutorial ARCHIVE:tutorials-iav4 ARCHIVE:xrpl-brand-update-2026 ARCHIVE:dependabot/npm_and_yarn/isaacs/brace-expansion-5.0.1 ARCHIVE:qa-carousel-feature-image ARCHIVE:section/icon-card ARCHIVE:prettier ARCHIVE:community/divider ARCHIVE:dependabot/npm_and_yarn/mdast-util-to-hast-13.2.1 ARCHIVE:revert_redocly_upgrade ARCHIVE:kennyzlei/lend-devnet-faucet ARCHIVE:dependabot/npm_and_yarn/_code-samples/build-a-browser-wallet/js/vite-5.4.21 ARCHIVE:txtype-landing ARCHIVE:timed_escrow_tutorial ARCHIVE:events-updates-2025-10-08 ARCHIVE:blog-ai-on-xrpl-for-agentic-finance ARCHIVE:payment-channel ARCHIVE:clio-full-history ARCHIVE:events-json-contentful-gh-actions ARCHIVE:contentful-integration ARCHIVE:gh-pages
ARCHIVE:dactyl-based-master-27feb2024 ARCHIVE:dactyl-based-master-13feb2024 ARCHIVE:freeze-dactyl-based-site ARCHIVE:redocly-migration-0.1 ARCHIVE:2019-design-last ARCHIVE:TLCKPT-2020-01-28 ARCHIVE:ripple-dev-portal-old-last ARCHIVE:RippleAPI-v0.17.2-1 ARCHIVE:rippled-v0.32.0-1 ARCHIVE:rippled-v0.31.2-3 ARCHIVE:rippled-v0.31.2-2 ARCHIVE:rippled-v0.31.2-1 ARCHIVE:DataAPI-v2.2.0-1 ARCHIVE:DataAPI-v2.1.0-5 ARCHIVE:DataAPI-v2.1.0-4 ARCHIVE:DataAPI-v2.1.0-3 ARCHIVE:DataAPI-v2.1.0-2 ARCHIVE:DataAPI-v2.1.0-1 ARCHIVE:v2015-01-12 ARCHIVE:v2014-10-30 ARCHIVE:v2014-10-27 ARCHIVE:v2014-10-20 ARCHIVE:v2014-10-08-2 ARCHIVE:v2014-10-08 ARCHIVE:v2014-10-03 ARCHIVE:v2014-09-25 ARCHIVE:v2014-09-24 ARCHIVE:v2014-09-23-2 ARCHIVE:v2014-09-23 ARCHIVE:v2014-09-18 ARCHIVE:v2014-09-12 ARCHIVE:v1.002
..
compare: ARCHIVE:tutorials-iav4
Branches Tags
ARCHIVE:rewrite_set_up_multisigning_tutorial ARCHIVE:rewrite_remove_regular_key_tutorial ARCHIVE:rewrite_disable_master_tutorial ARCHIVE:rewrite_send_multisigned_tutorial ARCHIVE:tutorials-iav4 ARCHIVE:master ARCHIVE:xrpl-brand-update-2026 ARCHIVE:dependabot/npm_and_yarn/isaacs/brace-expansion-5.0.1 ARCHIVE:qa-carousel-feature-image ARCHIVE:section/icon-card ARCHIVE:prettier ARCHIVE:community/divider ARCHIVE:dependabot/npm_and_yarn/mdast-util-to-hast-13.2.1 ARCHIVE:revert_redocly_upgrade ARCHIVE:kennyzlei/lend-devnet-faucet ARCHIVE:dependabot/npm_and_yarn/_code-samples/build-a-browser-wallet/js/vite-5.4.21 ARCHIVE:txtype-landing ARCHIVE:timed_escrow_tutorial ARCHIVE:events-updates-2025-10-08 ARCHIVE:blog-ai-on-xrpl-for-agentic-finance ARCHIVE:payment-channel ARCHIVE:clio-full-history ARCHIVE:events-json-contentful-gh-actions ARCHIVE:contentful-integration ARCHIVE:gh-pages
ARCHIVE:dactyl-based-master-27feb2024 ARCHIVE:dactyl-based-master-13feb2024 ARCHIVE:freeze-dactyl-based-site ARCHIVE:redocly-migration-0.1 ARCHIVE:2019-design-last ARCHIVE:TLCKPT-2020-01-28 ARCHIVE:ripple-dev-portal-old-last ARCHIVE:RippleAPI-v0.17.2-1 ARCHIVE:rippled-v0.32.0-1 ARCHIVE:rippled-v0.31.2-3 ARCHIVE:rippled-v0.31.2-2 ARCHIVE:rippled-v0.31.2-1 ARCHIVE:DataAPI-v2.2.0-1 ARCHIVE:DataAPI-v2.1.0-5 ARCHIVE:DataAPI-v2.1.0-4 ARCHIVE:DataAPI-v2.1.0-3 ARCHIVE:DataAPI-v2.1.0-2 ARCHIVE:DataAPI-v2.1.0-1 ARCHIVE:v2015-01-12 ARCHIVE:v2014-10-30 ARCHIVE:v2014-10-27 ARCHIVE:v2014-10-20 ARCHIVE:v2014-10-08-2 ARCHIVE:v2014-10-08 ARCHIVE:v2014-10-03 ARCHIVE:v2014-09-25 ARCHIVE:v2014-09-24 ARCHIVE:v2014-09-23-2 ARCHIVE:v2014-09-23 ARCHIVE:v2014-09-18 ARCHIVE:v2014-09-12 ARCHIVE:v1.002

6 Commits
rewrite_se ... tutorials-

Author SHA1 Message Date
Rome Reginelli
29ac742444 Merge pull request #3466 from XRPLF/rewrite_key_tutorials 
Rewrite "Assign Regular Key Pair" tutorial.
 2026-02-05 13:09:26 -08:00
Rome Reginelli
068f6dee25 More changes per review 
Co-authored-by: Maria Shodunke <maria-robobug@users.noreply.github.com>
 2026-02-05 11:45:20 -08:00
Rome Reginelli
5d56a2f90d Remove emoji from code sample per @maria-robobug review 
Co-authored-by: Maria Shodunke <maria-robobug@users.noreply.github.com>
 2026-02-05 11:41:32 -08:00
mDuo13
b09fbdd82a Slight rephrasings re: changing regular key 2026-01-29 17:11:47 -08:00
mDuo13
5bf310d357 Add Python sample code for assign regular key 2026-01-27 12:39:40 -08:00
mDuo13
d127b1aad2 Rewrite 'Assign a Regular Key Pair' tutorial w/ JS code sample 2026-01-22 17:49:38 -08:00
14 changed files with 1022 additions and 1207 deletions
Expand all files Collapse all files

3
_code-samples/assign-regular-key/README.md Normal file
View File

@@ -0,0 +1,3 @@
# Assign a Regular Key Pair
Generate a regular key pair and associate it with your account.

77
_code-samples/assign-regular-key/js/assign-regular-key.js Normal file
View File

@@ -0,0 +1,77 @@
import xrpl from 'xrpl'
const client = new xrpl.Client('wss://s.altnet.rippletest.net:51233')
await client.connect()
console.log('Funding new wallet from faucet...')
const { wallet } = await client.fundWallet()
console.log(`Funded. Master key pair:
Address: ${wallet.address}
Seed: ${wallet.seed}
`)
// Generate a new key pair to use as the regular key ---------------------------
const algorithm = 'ed25519'
const regularKeyPair = xrpl.Wallet.generate(algorithm)
console.log(`Generated regular key pair:
Address: ${regularKeyPair.address}
Seed: ${regularKeyPair.seed}
Algorithm: ${algorithm}
`)
// Send SetRegularKey transaction ----------------------------------------------
const regularKeyTx = {
TransactionType: 'SetRegularKey',
Account: wallet.address,
RegularKey: regularKeyPair.address
}
xrpl.validate(regularKeyTx)
console.log('Signing and submitting the SetRegularKey transaction:',
JSON.stringify(regularKeyTx, null, 2))
const response = await client.submitAndWait(regularKeyTx, { wallet, autofill: true })
// Check result of the SetRegularKey transaction -------------------------------
console.log(JSON.stringify(response.result, null, 2))
const setRegularKeyResultCode = response.result.meta.TransactionResult
if (setRegularKeyResultCode === 'tesSUCCESS') {
console.log('Regular Key set successfully.')
} else {
console.error(`SetRegularKey failed with code ${setRegularKeyResultCode}.`)
client.disconnect()
process.exit(1)
}
// Send a test transaction using the regular key -------------------------------
const testTx = {
TransactionType: 'AccountSet',
Account: wallet.address
}
xrpl.validate(testTx)
console.log('Signing and submitting the test transaction using the regular key')
const testResponse = await client.submitAndWait(testTx, {
wallet: regularKeyPair, // IMPORTANT: use the regular key pair here
autofill: true
})
// Check result of the test transaction ----------------------------------------
console.log(JSON.stringify(testResponse.result, null, 2))
const testResultCode = testResponse.result.meta.TransactionResult
const testSigningPubKey = testResponse.result.tx_json.SigningPubKey
if (testResultCode === 'tesSUCCESS') {
console.log('Test transaction was successful.')
} else {
console.log(`Test transaction failed with code ${testResultCode}`)
}
if (testSigningPubKey === regularKeyPair.publicKey) {
console.log('This transaction was signed with the regular key pair.')
} else if (testSigningPubKey === wallet.publicKey) {
console.warn('This transaction was signed with the master key pair.')
} else {
console.warn(`Unexpected signing key mismatch.
Regular key: ${regularKeyPair.publicKey}
Key used: ${testSigningPubKey}`)
}
client.disconnect()

4
_code-samples/multisigning/js/package.json → _code-samples/assign-regular-key/js/package.json
View File

@@ -1,6 +1,6 @@
{
"name": "multisigning",
"version": "3.0.0",
"name": "assign-regular-key",
"version": "2.0.0",
"license": "MIT",
"dependencies": {
"xrpl": "^4.5.0"

78
_code-samples/assign-regular-key/py/assign-regular-key.py Normal file
View File

@@ -0,0 +1,78 @@
import json
from xrpl.clients import JsonRpcClient
from xrpl.wallet import generate_faucet_wallet, Wallet
from xrpl.models.transactions import SetRegularKey, AccountSet
from xrpl.transaction import submit_and_wait
client = JsonRpcClient("https://s.altnet.rippletest.net:51234")
print("Funding new wallet from faucet...")
wallet = generate_faucet_wallet(client)
print(f"""Funded. Master key pair:
Address: {wallet.address}
Seed: {wallet.seed}
""")
# Generate a new key pair to use as the regular key ----------------------------
algorithm = "ed25519"
regular_key_pair = Wallet.create(algorithm=algorithm)
print(f"""Generated regular key pair:
Address: {regular_key_pair.address}
Seed: {regular_key_pair.seed}
Algorithm: {algorithm}
""")
# Send SetRegularKey transaction -----------------------------------------------
regular_key_tx = SetRegularKey(
account=wallet.address, regular_key=regular_key_pair.address
)
print(
"Signing and submitting the SetRegularKey transaction:",
json.dumps(regular_key_tx.to_xrpl(), indent=2),
)
try:
response = submit_and_wait(regular_key_tx, client, wallet)
except err:
print("Submitting SetRegularKey transaction failed with error", err)
exit(1)
# Check result of the SetRegularKey transaction --------------------------------
print(json.dumps(response.result, indent=2))
set_regular_key_result_code = response.result["meta"]["TransactionResult"]
if set_regular_key_result_code == "tesSUCCESS":
print("Regular Key set successfully.")
else:
print(f"SetRegularKey failed with code {set_regular_key_result_code}.")
exit(1)
# Send a test transaction using the regular key --------------------------------
test_tx = AccountSet(account=wallet.address)
print("Signing and submitting the test transaction using the regular key")
try:
test_response = submit_and_wait(
test_tx, client, regular_key_pair # IMPORTANT: use regular key pair here
)
except err:
print("Submitting test transaction failed with error", err)
exit(1)
# Check result of the test transaction -----------------------------------------
print(json.dumps(test_response.result, indent=2))
test_result_code = test_response.result["meta"]["TransactionResult"]
test_signing_pub_key = test_response.result["tx_json"]["SigningPubKey"]
if test_result_code == "tesSUCCESS":
print("Test transaction was successful.")
else:
print(f"Test transaction failed with code {test_result_code}")
if test_signing_pub_key == regular_key_pair.public_key:
print("This transaction was signed with the regular key pair.")
elif test_signing_pub_key == wallet.public_key:
print("This transaction was signed with the master key pair.")
else:
print(f"""Unexpected signing key mismatch.
Regular key: {regular_key_pair.public_key}
Key used: {test_signing_pub_key}""")

0
_code-samples/multisigning/py/requirements.txt → _code-samples/assign-regular-key/py/requirements.txt
View File

88
_code-samples/multisigning/js/multisigning.ts Normal file
View File

@@ -0,0 +1,88 @@
/*
* Create and submit a SignerListSet and multisign a transaction.
* Reference: https://xrpl.org/multi-signing.html
*/
import {
multisign,
Client,
AccountSet,
convertStringToHex,
SignerListSet,
} from 'xrpl'
const client = new Client('wss://s.altnet.rippletest.net:51233')
async function multisigning(): Promise<void> {
await client.connect()
/*
* This wallet creation is for demonstration purposes.
* In practice, users generally will not have all keys in one spot,
* hence, users need to implement a way to get signatures.
*/
const { wallet: wallet1 } = await client.fundWallet()
const { wallet: wallet2 } = await client.fundWallet()
const { wallet: walletMaster } = await client.fundWallet()
const signerListSet: SignerListSet = {
TransactionType: 'SignerListSet',
Account: walletMaster.classicAddress,
SignerEntries: [
{
SignerEntry: {
Account: wallet1.classicAddress,
SignerWeight: 1,
},
},
{
SignerEntry: {
Account: wallet2.classicAddress,
SignerWeight: 1,
},
},
],
SignerQuorum: 2,
}
const signerListResponse = await client.submit(signerListSet, {
wallet: walletMaster,
})
console.log('SignerListSet constructed successfully:')
console.log(signerListResponse)
const accountSet: AccountSet = {
TransactionType: 'AccountSet',
Account: walletMaster.classicAddress,
Domain: convertStringToHex('example.com'),
}
const accountSetTx = await client.autofill(accountSet, 2)
console.log('AccountSet transaction is ready to be multisigned:')
console.log(accountSetTx)
const { tx_blob: tx_blob1 } = wallet1.sign(accountSetTx, true)
const { tx_blob: tx_blob2 } = wallet2.sign(accountSetTx, true)
const multisignedTx = multisign([tx_blob1, tx_blob2])
console.log("Successfully multisigned the transaction")
console.log(multisignedTx)
const submitResponse = await client.submit(multisignedTx)
if (submitResponse.result.engine_result === 'tesSUCCESS') {
console.log('The multisigned transaction was accepted by the ledger:')
console.log(submitResponse)
if (submitResponse.result.tx_json.Signers) {
console.log(
`The transaction had ${submitResponse.result.tx_json.Signers.length} signatures`,
)
}
} else {
console.log(
"The multisigned transaction was rejected by rippled. Here's the response from rippled:",
)
console.log(submitResponse)
}
await client.disconnect()
}
void multisigning()

90
_code-samples/multisigning/js/send-multi-signed-transaction.js
View File

@@ -1,90 +0,0 @@
import xrpl from 'xrpl'
const client = new xrpl.Client('wss://s.altnet.rippletest.net:51233')
await client.connect()
console.log('Funding new wallet from faucet...')
const { wallet } = await client.fundWallet()
console.log(`Funded. Master key pair:
Address: ${wallet.address}
Seed: ${wallet.seed}
`)
// Set up multi-signing --------------------------------------------------------
// Skip this step if you are using an existing account with multi-signing
// already set up.
const algorithm = 'ed25519'
const signers = []
for (let i = 0; i < 3; i++) {
const signer = xrpl.Wallet.generate(algorithm)
console.log(`Generated key pair for signer ${i + 1}:
Address: ${signer.address}
Seed: ${signer.seed}
Algorithm: ${algorithm}
`)
signers.push(signer)
}
const signerEntries = []
for (const signer of signers) {
signerEntries.push({
SignerEntry: {
Account: signer.address,
SignerWeight: 1
}
})
}
const signerListSetTx = {
TransactionType: 'SignerListSet',
Account: wallet.address,
SignerQuorum: 2,
SignerEntries: signerEntries
}
xrpl.validate(signerListSetTx)
console.log('Setting up multi-signing...')
const response = await client.submitAndWait(signerListSetTx, { wallet, autofill: true })
const listSetResultCode = response.result.meta.TransactionResult
if (listSetResultCode === 'tesSUCCESS') {
console.log('... done.')
} else {
console.error(`SignerListSet failed with code ${listSetResultCode}.`)
client.disconnect()
process.exit(1)
}
// Prepare transaction ---------------------------------------------------------
// This example uses a no-op AccountSet, but you could send almost any type
// of transaction the same way.
const numSigners = 2
const txInstructions = await client.autofill({
TransactionType: 'AccountSet',
Account: wallet.address
}, numSigners)
console.log('Transaction ready for signing:')
console.log(JSON.stringify(txInstructions, null, 2))
// Collect signatures ----------------------------------------------------------
const txSignedByKey1 = signers[0].sign(txInstructions, true)
console.log('Signed by signer #1:', JSON.stringify(txSignedByKey1, null, 2))
const txSignedByKey2 = signers[1].sign(txInstructions, true)
console.log('Signed by signer #2:', JSON.stringify(txSignedByKey2, null, 2))
// Combine signatures and submit -----------------------------------------------
const multisignedTx = xrpl.multisign([txSignedByKey1.tx_blob, txSignedByKey2.tx_blob])
console.log('Combined multi-signed transaction:',
JSON.stringify(multisignedTx, null, 2)
)
const response2 = await client.submitAndWait(multisignedTx)
const multisignedResultCode = response2.result.meta.TransactionResult
if (multisignedResultCode === 'tesSUCCESS') {
const txHash = response2.result.hash
console.log(`Multi-signed transaction ${txHash} succeeded!`)
} else {
console.error('Multi-signed transaction failed with result code',
multisignedResultCode
)
client.disconnect()
process.exit(1)
}
client.disconnect()

92
_code-samples/multisigning/js/set-up-multi-signing.js
View File

@@ -1,92 +0,0 @@
import xrpl from 'xrpl'
const client = new xrpl.Client('wss://s.altnet.rippletest.net:51233')
await client.connect()
console.log('Funding new wallet from faucet...')
const { wallet } = await client.fundWallet()
console.log(`Funded. Master key pair:
Address: ${wallet.address}
Seed: ${wallet.seed}
`)
// Generate key pairs to use as signers ----------------------------------------
// If each signer represents a separate person, they should generate their own
// key pairs and send you just the address. These key pairs don't need to be
// funded accounts in the ledger.
const algorithm = 'ed25519'
const signerAddresses = []
for (let i = 0; i < 3; i++) {
const signer = xrpl.Wallet.generate(algorithm)
console.log(`Generated key pair for signer ${i + 1}:
Address: ${signer.address}
Seed: ${signer.seed}
Algorithm: ${algorithm}
`)
signerAddresses.push(signer.address)
}
// Send SignerListSet transaction ----------------------------------------------
// This example sets up a 2-of-3 requirement with all signers weighted equally
const signerEntries = []
for (const signerAddress of signerAddresses) {
signerEntries.push({
SignerEntry: {
Account: signerAddress,
SignerWeight: 1
}
})
}
const signerListSetTx = {
TransactionType: 'SignerListSet',
Account: wallet.address,
SignerQuorum: 2,
SignerEntries: signerEntries
}
xrpl.validate(signerListSetTx)
console.log('Signing and submitting the SignerListSet transaction:',
JSON.stringify(signerListSetTx, null, 2))
const response = await client.submitAndWait(signerListSetTx, { wallet, autofill: true })
// Check result of the SignerListSet transaction -------------------------------
console.log(JSON.stringify(response.result, null, 2))
const listSetResultCode = response.result.meta.TransactionResult
if (listSetResultCode === 'tesSUCCESS') {
console.log('Signer list set successfully.')
} else {
console.error(`SignerListSet failed with code ${listSetResultCode}.`)
client.disconnect()
process.exit(1)
}
// Confirm signer list ---------------------------------------------------------
const accountInfoResp = await client.request({
command: 'account_info',
account: wallet.address,
ledger_index: 'validated',
signer_lists: true
})
if (accountInfoResp.error) {
console.error('Error looking up account:', accountInfoResp.error)
client.disconnect()
process.exit(1)
}
if (accountInfoResp.result.signer_lists) {
const lists = accountInfoResp.result.signer_lists
console.log(`Account has ${lists.length} signer list(s):`)
for (const l of lists) {
console.log(` List #${l.SignerListID} Quorum = ${l.SignerQuorum}`)
for (const SEWrapper of l.SignerEntries) {
const se = SEWrapper.SignerEntry
console.log(` Signer ${se.Account} Weight = ${se.SignerWeight}`)
}
}
} else {
console.error(`❌ No signer lists associated with ${wallet.address}`)
client.disconnect()
process.exit(1)
}
client.disconnect()

79
_code-samples/multisigning/py/multisigning.py Normal file
View File

@@ -0,0 +1,79 @@
"""
Example of how we can multisign a transaction.
This will only work with version 2.0.0-beta.0 or later.
Reference: https://xrpl.org/multi-signing.html
"""
from xrpl.clients import JsonRpcClient
from xrpl.models.requests import SubmitMultisigned
from xrpl.models.transactions import AccountSet, SignerEntry, SignerListSet
from xrpl.transaction import (
autofill,
autofill_and_sign,
multisign,
submit_and_wait,
sign,
)
from xrpl.utils import str_to_hex
from xrpl.wallet import generate_faucet_wallet
client = JsonRpcClient("https://s.altnet.rippletest.net:51234")
# Create a wallets to use for multisigning
# Prints debug info as it creates the wallet
master_wallet = generate_faucet_wallet(client, debug=True)
signer_wallet_1 = generate_faucet_wallet(client, debug=True)
signer_wallet_2 = generate_faucet_wallet(client, debug=True)
signer_entries = [
SignerEntry(account=signer_wallet_1.address, signer_weight=1),
SignerEntry(account=signer_wallet_2.address, signer_weight=1),
]
signer_list_set_tx = SignerListSet(
account=master_wallet.address,
signer_quorum=2,
signer_entries=signer_entries,
)
signed_signer_list_set_tx = autofill_and_sign(signer_list_set_tx, client, master_wallet)
print("Constructed SignerListSet and submitting it to the ledger...")
signed_list_set_tx_response = submit_and_wait(
signed_signer_list_set_tx, client
)
print("SignerListSet submitted, here's the response:")
print(signed_list_set_tx_response)
# Now that we've set up multisigning, let's try using it to submit an AccountSet
# transaction.
account_set_tx = AccountSet(
account=master_wallet.address, domain=str_to_hex("example.com")
)
autofilled_account_set_tx = autofill(account_set_tx, client, len(signer_entries))
print("AccountSet transaction is ready to be multisigned")
print(autofilled_account_set_tx)
# Since we created both signer keys, we can sign locally, but if you are building an app
# That allows multisigning, you would need to request signatures from the key holders.
tx_1 = sign(autofilled_account_set_tx, signer_wallet_1, multisign=True)
tx_2 = sign(autofilled_account_set_tx, signer_wallet_2, multisign=True)
multisigned_tx = multisign(autofilled_account_set_tx, [tx_1, tx_2])
print("Successfully multisigned the transaction")
print(multisigned_tx)
multisigned_tx_response = client.request(SubmitMultisigned(tx_json=multisigned_tx))
if multisigned_tx_response.result["engine_result"] == "tesSUCCESS":
print("The multisigned transaction was accepted by the ledger:")
print(multisigned_tx_response)
if multisigned_tx_response.result["tx_json"]["Signers"]:
print(
"The transaction had "
f"{len(multisigned_tx_response.result['tx_json']['Signers'])} signatures"
)
else:
print(
"The multisigned transaction was rejected by rippled."
"Here's the response from rippled:"
)
print(multisigned_tx_response)

88
_code-samples/multisigning/py/send-multi-signed-transaction.py
View File

@@ -1,88 +0,0 @@
import json
from xrpl.clients import JsonRpcClient
from xrpl.wallet import generate_faucet_wallet, Wallet
from xrpl.models.transactions import SignerListSet, SignerEntry, AccountSet
from xrpl.transaction import (
autofill,
multisign,
sign,
submit_and_wait
)
client = JsonRpcClient("https://s.altnet.rippletest.net:51234")
print("Funding new wallet from faucet...")
wallet = generate_faucet_wallet(client)
print(f"""Funded. Master key pair:
Address: {wallet.address}
Seed: {wallet.seed}
""")
# Set up multi-signing --------------------------------------------------------
# Skip this step if you are using an existing account with multi-signing
# already set up.
algorithm = "ed25519"
signers = []
for i in range(3):
signer = Wallet.create(algorithm=algorithm)
print(f"""Generated regular key pair:
Address: {signer.address}
Seed: {signer.seed}
Algorithm: {algorithm}
""")
signers.append(signer)
signer_entries = [
SignerEntry(account=signer.address, signer_weight=1)
for signer in signers
]
signer_list_set_tx = SignerListSet(
account=wallet.address,
signer_quorum=2,
signer_entries=signer_entries
)
print("Setting up multi-signing...")
try:
response = submit_and_wait(signer_list_set_tx, client, wallet)
except err:
print("Submitting SignerListSet transaction failed with error", err)
exit(1)
list_set_result_code = response.result["meta"]["TransactionResult"]
if list_set_result_code == "tesSUCCESS":
print("... done.")
else:
print(f"SignerListSet failed with code {list_set_result_code}.")
exit(1)
# Prepare transaction ---------------------------------------------------------
# This example uses a no-op AccountSet, but you could send almost any type
# of transaction the same way.
num_signers = 2
tx_prepared = autofill(AccountSet(account=wallet.address), client, num_signers)
print("Transaction ready for signing:")
print(json.dumps(tx_prepared.to_xrpl(), indent=2))
# Collect signatures ----------------------------------------------------------
tx_signed_by_key_1 = sign(tx_prepared, signers[0], multisign=True)
print("Signed by signer #1:", tx_signed_by_key_1)
tx_signed_by_key_2 = sign(tx_prepared, signers[1], multisign=True)
print("Signed by signer #2:", tx_signed_by_key_2)
# Combine signatures and submit -----------------------------------------------
multisigned_tx = multisign(tx_prepared, [tx_signed_by_key_1, tx_signed_by_key_2])
print("Combined multi-signed transaction:")
print(json.dumps(multisigned_tx.to_xrpl(), indent=2))
try:
response2 = submit_and_wait(multisigned_tx, client)
except err:
print("Submitting multi-signed transaction failed with error", err)
exit(1)
multisigned_result_code = response2.result["meta"]["TransactionResult"]
if multisigned_result_code == "tesSUCCESS":
tx_hash = response2.result["hash"]
print(f"Multi-signed transaction {tx_hash} succeeded!")
else:
print(f"Multi-signed transaction failed with result code {multisigned_result_code}")
exit(1)

84
_code-samples/multisigning/py/set-up-multi-signing.py
View File

@@ -1,84 +0,0 @@
import json
from xrpl.clients import JsonRpcClient
from xrpl.models.requests import AccountInfo
from xrpl.models.transactions import SignerEntry, SignerListSet
from xrpl.wallet import generate_faucet_wallet, Wallet
from xrpl.transaction import submit_and_wait
client = JsonRpcClient("https://s.altnet.rippletest.net:51234")
print("Funding new wallet from faucet...")
wallet = generate_faucet_wallet(client)
print(f"""Funded. Master key pair:
Address: {wallet.address}
Seed: {wallet.seed}
""")
# Generate key pairs to use as signers -----------------------------------------
# If each signer represents a separate person, they should generate their own
# key pairs and send you just the address. These key pairs don't need to be
# funded accounts in the ledger.
algorithm = "ed25519"
signer_addresses = []
for i in range(3):
signer = Wallet.create(algorithm=algorithm)
print(f"""Generated regular key pair:
Address: {signer.address}
Seed: {signer.seed}
Algorithm: {algorithm}
""")
signer_addresses.append(signer.address)
# Send SignerListSet transaction -----------------------------------------------
# This example sets up a 2-of-3 requirement with all signers weighted equally
signer_list_set_tx = SignerListSet(
account=wallet.address,
signer_quorum=2,
signer_entries=[
SignerEntry(account=signer_address, signer_weight=1)
for signer_address in signer_addresses
],
)
print(
"Signing and submitting the SignerListSet transaction:",
json.dumps(signer_list_set_tx.to_xrpl(), indent=2),
)
try:
response = submit_and_wait(signer_list_set_tx, client, wallet)
except err:
print("Submitting SignerListSet transaction failed with error", err)
exit(1)
# Check result of the SignerListSet transaction --------------------------------
print(json.dumps(response.result, indent=2))
signer_list_set_result_code = response.result["meta"]["TransactionResult"]
if signer_list_set_result_code == "tesSUCCESS":
print("Signer list set successfully.")
else:
print(f"SignerListSet failed with code {signer_list_set_result_code}.")
exit(1)
# Confirm signer list ----------------------------------------------------------
try:
account_info_resp = client.request(
AccountInfo(account=wallet.address, ledger_index="validated", signer_lists=True)
)
except err:
print("Error requesting account_info:", err)
exit(1)
if not account_info_resp.is_successful():
print("Error looking up account:", account_info_resp.result)
exit(1)
if account_info_resp.result.get("signer_lists"):
lists = account_info_resp.result["signer_lists"]
print(f"Account has {len(lists)} signer list(s):")
for l in lists:
print(f" List #{l['SignerListID']} Quorum = {l['SignerQuorum']}")
for se_wrapper in l["SignerEntries"]:
se = se_wrapper["SignerEntry"]
print(f" Signer {se['Account']} Weight = {se['SignerWeight']}")
else:
print(f"❌ No signer lists associated with {wallet.address}")
exit(1)

683
docs/tutorials/best-practices/key-management/assign-a-regular-key-pair.md
View File

@@ -1,681 +1,142 @@
---
html: assign-a-regular-key-pair.html
parent: manage-account-settings.html
seo:
description: Authorize a second key pair to sign transactions from your account. This key pair can be changed or removed later.
description: Authorize a regular key pair to sign transactions from your account. This key pair can be changed or removed later.
labels:
- Security
- Accounts
---
# Assign a Regular Key Pair
The XRP Ledger allows an account to authorize a secondary key pair, called a _[regular key pair](../../../concepts/accounts/cryptographic-keys.md)_, to sign future transactions. If the private key of a regular key pair is compromised, you can remove or replace it without changing the rest of your [account](../../../concepts/accounts/index.md) and re-establishing its relationships to other accounts. You can also rotate a regular key pair proactively. (Neither of those things is possible for the master key pair of an account, which is intrinsically linked to the account's address.)
This tutorial shows how to authorize a secondary key pair, called a _[regular key pair](../../../concepts/accounts/cryptographic-keys.md)_, to sign future transactions. Unlike the master key pair, which is mathematically linked to the account's address, you can remove or replace the regular key pair, which is better for security.
For more information about master and regular key pairs, see [Cryptographic Keys](../../../concepts/accounts/cryptographic-keys.md).
You can use these steps to assign a regular key pair for the first time or to replace an existing regular key pair with a new one.
This tutorial walks through the steps required to assign a regular key pair to your account:
## Goals
1. [Generate a key pair](#1-generate-a-key-pair)
2. [Assign the key pair to your account as a regular key pair](#2-assign-the-key-pair-to-your-account-as-a-regular-key-pair)
3. [Verify the regular key pair](#3-verify-the-regular-key-pair)
4. [Explore next steps](#see-also)
By following this tutorial, you should learn how to:
- Securely generate a regular key pair and attach it to your account.
- Submit transactions using a regular key pair.
- Check a transaction to see if the key that was used to sign it matches a known key pair.
## 1. Generate a Key Pair
## Prerequisites
Generate a key pair that you'll assign to your account as a regular key pair.
To complete this tutorial, you should:
This key pair is the same data type as a master key pair, so you can generate it the same way: you can use the client library of your choice or use the [wallet_propose method][] of a server you run. This might look as follows:
- Have a basic understanding of the XRP Ledger.
- Have an [XRP Ledger client library](../../../references/client-libraries.md), such as **xrpl.js**, installed.
- Have a basic understanding of [Cryptographic Keys](../../../concepts/accounts/cryptographic-keys.md).
## Source Code
You can find the complete source code for this tutorial's examples in the {% repo-link path="_code-samples/assign-regular-key/" %}code samples section of this website's repository{% /repo-link %}.
## Steps
### 1. Install dependencies
{% tabs %}
{% tab label="JavaScript" %}
From the code sample folder, use `npm` to install dependencies:
{% tab label="WebSocket" %}
```json
// Request:
{
"command": "wallet_propose"
}
// Response:
{
"result": {
"account_id": "rsprUqu6BHAffAeG4HpSdjBNvnA6gdnZV7",
"key_type": "secp256k1",
"master_key": "KNEW BENT LYNN LED GAD BEN KENT SHAM HOBO RINK WALT ALLY",
"master_seed": "sh8i92YRnEjJy3fpFkL8txQSCVo79",
"master_seed_hex": "966C0F68643EFBA50D58D191D4CA8AA7",
"public_key": "aBRNH5wUurfhZcoyR6nRwDSa95gMBkovBJ8V4cp1C1pM28H7EPL1",
"public_key_hex": "03AEEFE1E8ED4BBC009DE996AC03A8C6B5713B1554794056C66E5B8D1753C7DD0E"
},
"status": "success",
"type": "response"
}
```
{% /tab %}
{% tab label="JSON-RPC" %}
```json
// Request:
{
"method": "wallet_propose"
}
// Response:
{
"result": {
"account_id": "rsprUqu6BHAffAeG4HpSdjBNvnA6gdnZV7",
"key_type": "secp256k1",
"master_key": "KNEW BENT LYNN LED GAD BEN KENT SHAM HOBO RINK WALT ALLY",
"master_seed": "sh8i92YRnEjJy3fpFkL8txQSCVo79",
"master_seed_hex": "966C0F68643EFBA50D58D191D4CA8AA7",
"public_key": "aBRNH5wUurfhZcoyR6nRwDSa95gMBkovBJ8V4cp1C1pM28H7EPL1",
"public_key_hex": "03AEEFE1E8ED4BBC009DE996AC03A8C6B5713B1554794056C66E5B8D1753C7DD0E",
"status": "success"
}
}
```
{% /tab %}
{% tab label="Commandline" %}
```sh
$ rippled wallet_propose
{
"result" : {
"account_id" : "rsprUqu6BHAffAeG4HpSdjBNvnA6gdnZV7",
"key_type" : "secp256k1",
"master_key" : "KNEW BENT LYNN LED GAD BEN KENT SHAM HOBO RINK WALT ALLY",
"master_seed" : "sh8i92YRnEjJy3fpFkL8txQSCVo79",
"master_seed_hex" : "966C0F68643EFBA50D58D191D4CA8AA7",
"public_key" : "aBRNH5wUurfhZcoyR6nRwDSa95gMBkovBJ8V4cp1C1pM28H7EPL1",
"public_key_hex" : "03AEEFE1E8ED4BBC009DE996AC03A8C6B5713B1554794056C66E5B8D1753C7DD0E",
"status" : "success"
}
}
npm i
```
{% /tab %}
{% tab label="Python" %}
```py
keypair = xrpl.wallet.Wallet.create()
print("seed:", keypair.seed)
print("classic address:", keypair.address)
From the code sample folder, set up a virtual environment and use `pip` to install dependencies:
```sh
python -m venv .venv
source .venv/bin/activate
pip install -r requirements.txt
```
{% /tab %}
{% /tabs %}
### 2. Connect and get account(s)
To get started, import the client library and instantiate an API client. For this tutorial, you need one account, which the sample code funds using the Testnet faucet; you could also use an existing account.
{% tabs %}
{% tab label="JavaScript" %}
```js
const keypair = new xrpl.Wallet()
console.log("seed:", keypair.seed)
console.log("classic address:", keypair.classicAddress)
```
{% code-snippet file="/_code-samples/assign-regular-key/js/assign-regular-key.js" language="js" before="// Generate a new key pair" /%}
{% /tab %}
{% tab label="Java" %}
```java
WalletFactory walletFactory = DefaultWalletFactory.getInstance();
Wallet keypair = walletFactory.randomWallet(true).wallet();
System.out.println(keypair);
System.out.println(keypair.privateKey().get());
```
{% tab label="Python" %}
{% code-snippet file="/_code-samples/assign-regular-key/py/assign-regular-key.py" language="py" before="# Generate a new key pair" /%}
{% /tab %}
{% /tabs %}
In the next step, you'll use the address from this response (`account_id` in the API response) to assign the key pair as a regular key pair to your account. Also, save the seed value from this key pair (`master_seed` in the API response) somewhere securely; you'll use that key to sign transactions later. (Everything else, you can forget about.)
### 3. Generate a key pair
Next, generate a key pair to use as the regular key pair. This is the same data type as a master key pair, so you can generate it the same way.
## 2. Assign the Key Pair to Your Account as a Regular Key Pair
{% admonition type="danger" name="Warning" %}
It's important to generate and store the key pair securely; otherwise, it may be possible for malicious actors to gain access to your account and take your money. Common errors include:
Use a [SetRegularKey transaction][] to assign the key pair you generated in step 1 to your account as a regular key pair.
When assigning a regular key pair to your account for the first time, the SetRegularKey transaction requires signing with your account's master private key (secret). There are [several ways of securely signing transactions](../../../concepts/transactions/secure-signing.md), but this tutorial uses a local `rippled` server.
When you send later SetRegularKey transactions, you can sign using the existing regular private key to replace or [remove itself](change-or-remove-a-regular-key-pair.md). Note that you should still not submit your regular private key across the network.
### Sign Your Transaction
{% partial file="/docs/_snippets/tutorial-sign-step.md" /%}
Populate the request fields with the following values:
| Request Field | Value |
|:--------------|:-------------------------------------------------------------|
| `Account` | The address of your account. |
| `RegularKey` | `account_id` generated in step 1. |
| `secret` | `master_key`, `master_seed`, or `master_seed_hex` (master private key) for your account. |
#### Request Format
An example of the request format:
- Getting your secret key from a remote machine, or otherwise sending your secret key in plain text over the internet.
- Generating a key pair using a compromised software library.
- Generating a key pair from a passphrase or other secret value that does not have enough entropy.
{% /admonition %}
{% tabs %}
{% tab label="WebSocket" %}
```json
{
"command": "sign",
"tx_json": {
"TransactionType": "SetRegularKey",
"Account": "rUAi7pipxGpYfPNg3LtPcf2ApiS8aw9A93",
"RegularKey": "rsprUqu6BHAffAeG4HpSdjBNvnA6gdnZV7"
},
"secret": "ssCATR7CBvn4GLd1UuU2bqqQffHki"
}
```
{% tab label="JavaScript" %}
Use the [`Wallet.generate()` class method](https://js.xrpl.org/classes/Wallet.html#generate) to generate a key pair locally on your machine.
{% code-snippet file="/_code-samples/assign-regular-key/js/assign-regular-key.js" language="js" from="// Generate a new key pair" before="// Send SetRegularKey transaction" /%}
{% /tab %}
{% tab label="JSON-RPC" %}
```json
{
"method": "sign",
"params": [
{
"tx_json": {
"TransactionType": "SetRegularKey",
"Account": "rUAi7pipxGpYfPNg3LtPcf2ApiS8aw9A93",
"RegularKey": "rsprUqu6BHAffAeG4HpSdjBNvnA6gdnZV7"
},
"secret": "ssCATR7CBvn4GLd1UuU2bqqQffHki"
}
]
}
```
{% tab label="Python" %}
Use the [`Wallet.create()` class method](https://xrpl-py.readthedocs.io/en/stable/source/xrpl.wallet.html#xrpl.wallet.Wallet.create) to generate a key pair locally on your machine.
{% code-snippet file="/_code-samples/assign-regular-key/py/assign-regular-key.py" language="py" from="# Generate a new key pair" before="# Send SetRegularKey transaction" /%}
{% /tab %}
{% tab label="Commandline" %}
```sh
#Syntax: sign secret tx_json
rippled sign ssCATR7CBvn4GLd1UuU2bqqQffHki '{"TransactionType": "SetRegularKey", "Account": "rUAi7pipxGpYfPNg3LtPcf2ApiS8aw9A93", "RegularKey": "rsprUqu6BHAffAeG4HpSdjBNvnA6gdnZV7"}'
```
{% /tab %}
{% /tabs %}
### 4. Send a SetRegularKey transaction
#### Response Format
Use a [SetRegularKey transaction][] to assign the new key pair to your account as a regular key pair.
An example of a successful response:
{% admonition type="success" name="Tip" %}This example signs the transaction using the master key pair, but you could also use an existing regular key pair, or a [multi-signing list](../../../concepts/accounts/multi-signing.md) if your account has multi-signing set up.{% /admonition %}
{% tabs %}
{% tab label="WebSocket" %}
```json
{
"result": {
"tx_blob": "1200052280000000240000000468400000000000000A73210384CA3C528F10C75F26E0917F001338BD3C9AA1A39B9FBD583DFFFD96CF2E2D7A7446304402204BCD5663F3A2BA02D2CE374439096EC6D27273522CD6E6E0BDBFB518730EAAE402200ECD02D8D2525D6FA4642613E71E395ECCEA01C42C35A668BF092A00EB649C268114830923439D307E642CED308FD91EF701A7BAA74788141620D685FB08D81A70D0B668749CF2E130EA7540",
"tx_json": {
"Account": "rUAi7pipxGpYfPNg3LtPcf2ApiS8aw9A93",
"Fee": "10",
"Flags": 2147483648,
"RegularKey": "rsprUqu6BHAffAeG4HpSdjBNvnA6gdnZV7",
"Sequence": 4,
"SigningPubKey": "0384CA3C528F10C75F26E0917F001338BD3C9AA1A39B9FBD583DFFFD96CF2E2D7A",
"TransactionType": "SetRegularKey",
"TxnSignature": "304402204BCD5663F3A2BA02D2CE374439096EC6D27273522CD6E6E0BDBFB518730EAAE402200ECD02D8D2525D6FA4642613E71E395ECCEA01C42C35A668BF092A00EB649C26",
"hash": "AB73BBF7C99061678B59FB48D72CA0F5FC6DD2815B6736C6E9EB94439EC236CE"
}
},
"status": "success",
"type": "response"
}
```
{% tab label="JavaScript" %}
{% code-snippet file="/_code-samples/assign-regular-key/js/assign-regular-key.js" language="js" from="// Send SetRegularKey transaction" before="// Send a test transaction" /%}
{% /tab %}
{% tab label="JSON-RPC" %}
```json
{
"result": {
"status": "success",
"tx_blob": "1200052280000000240000000768400000000000000A73210384CA3C528F10C75F26E0917F001338BD3C9AA1A39B9FBD583DFFFD96CF2E2D7A7446304402201453CA3D4D17F0EE3828B9E3D6ACF65327F5D4FC2BA30953CACF6CBCB4145E3502202F2154BED1D7462CAC1E3DBB31864E48C3BA0B3133ACA5E37EC54F0D0C339E2D8114830923439D307E642CED308FD91EF701A7BAA74788141620D685FB08D81A70D0B668749CF2E130EA7540",
"tx_json": {
"Account": "rUAi7pipxGpYfPNg3LtPcf2ApiS8aw9A93",
"Fee": "10",
"Flags": 2147483648,
"RegularKey": "rsprUqu6BHAffAeG4HpSdjBNvnA6gdnZV7",
"Sequence": 4,
"SigningPubKey": "0384CA3C528F10C75F26E0917F001338BD3C9AA1A39B9FBD583DFFFD96CF2E2D7A",
"TransactionType": "SetRegularKey",
"TxnSignature": "304402201453CA3D4D17F0EE3828B9E3D6ACF65327F5D4FC2BA30953CACF6CBCB4145E3502202F2154BED1D7462CAC1E3DBB31864E48C3BA0B3133ACA5E37EC54F0D0C339E2D",
"hash": "AB73BBF7C99061678B59FB48D72CA0F5FC6DD2815B6736C6E9EB94439EC236CE"
}
}
}
```
{% tab label="Python" %}
{% code-snippet file="/_code-samples/assign-regular-key/py/assign-regular-key.py" language="py" from="# Send SetRegularKey transaction" before="# Send a test transaction" /%}
{% /tab %}
{% tab label="Commandline" %}
```json
{
"result" : {
"status" : "success",
"tx_blob" : "1200052280000000240000000768400000000000000A73210384CA3C528F10C75F26E0917F001338BD3C9AA1A39B9FBD583DFFFD96CF2E2D7A7446304402201453CA3D4D17F0EE3828B9E3D6ACF65327F5D4FC2BA30953CACF6CBCB4145E3502202F2154BED1D7462CAC1E3DBB31864E48C3BA0B3133ACA5E37EC54F0D0C339E2D8114830923439D307E642CED308FD91EF701A7BAA74788141620D685FB08D81A70D0B668749CF2E130EA7540",
"tx_json" : {
"Account" : "rUAi7pipxGpYfPNg3LtPcf2ApiS8aw9A93",
"Fee" : "10",
"Flags" : 2147483648,
"RegularKey" : "rsprUqu6BHAffAeG4HpSdjBNvnA6gdnZV7",
"Sequence" : 4,
"SigningPubKey" : "0384CA3C528F10C75F26E0917F001338BD3C9AA1A39B9FBD583DFFFD96CF2E2D7A",
"TransactionType" : "SetRegularKey",
"TxnSignature" : "304402201453CA3D4D17F0EE3828B9E3D6ACF65327F5D4FC2BA30953CACF6CBCB4145E3502202F2154BED1D7462CAC1E3DBB31864E48C3BA0B3133ACA5E37EC54F0D0C339E2D",
"hash" : "AB73BBF7C99061678B59FB48D72CA0F5FC6DD2815B6736C6E9EB94439EC236CE"
}
}
}
```
{% /tab %}
{% /tabs %}
The `sign` command response contains a `tx_blob` value, as shown above. The offline signing response contains a `signedTransaction` value. Both are signed binary representations (blobs) of the transaction.
### 5. Send a test transaction using the regular key
Next, use the `submit` command to send the transaction blob (`tx_blob` or `signedTransaction`) to the network.
After the SetRegularKey transaction succeeds, the regular key pair is assigned to your account and you should be able to send transactions using the regular key pair. **To avoid losing control of your account**, it is important that you test your regular key before you take any additional steps such as [disabling the master key pair](disable-master-key-pair.md). If you make a mistake and lose access to your account, no one can restore it for you.
### Submit Your Transaction
Take the `signedTransaction` value from the offline signing response or the `tx_blob` value from the `sign` command response and submit it as the `tx_blob` value using the [submit method][].
#### Request Format
An example of the request format:
To test the key, send any type of transaction, signing it using the regular key pair. The sample code sends an [AccountSet transaction][] with no parameters, which is a "no-op" that does nothing besides use a sequence number and burn the transaction cost.
{% tabs %}
{% tab label="WebSocket" %}
```json
{
"command": "submit",
"tx_blob": "1200052280000000240000000468400000000000000A73210384CA3C528F10C75F26E0917F001338BD3C9AA1A39B9FBD583DFFFD96CF2E2D7A7446304402204BCD5663F3A2BA02D2CE374439096EC6D27273522CD6E6E0BDBFB518730EAAE402200ECD02D8D2525D6FA4642613E71E395ECCEA01C42C35A668BF092A00EB649C268114830923439D307E642CED308FD91EF701A7BAA74788141620D685FB08D81A70D0B668749CF2E130EA7540"
}
```
{% tab label="JavaScript" %}
{% code-snippet file="/_code-samples/assign-regular-key/js/assign-regular-key.js" language="js" from="// Send a test transaction" before="// Check result of the test" /%}
{% /tab %}
{% tab label="JSON-RPC" %}
```json
{
"method":"submit",
"params": [
{
"tx_blob": "1200052280000000240000000468400000000000000A73210384CA3C528F10C75F26E0917F001338BD3C9AA1A39B9FBD583DFFFD96CF2E2D7A7446304402204BCD5663F3A2BA02D2CE374439096EC6D27273522CD6E6E0BDBFB518730EAAE402200ECD02D8D2525D6FA4642613E71E395ECCEA01C42C35A668BF092A00EB649C268114830923439D307E642CED308FD91EF701A7BAA74788141620D685FB08D81A70D0B668749CF2E130EA7540"
}
]
}
```
{% tab label="Python" %}
{% code-snippet file="/_code-samples/assign-regular-key/py/assign-regular-key.py" language="py" from="# Send a test transaction" before="# Check result of the test" /%}
{% /tab %}
{% tab label="Commandline" %}
```sh
#Syntax: submit tx_blob
rippled submit 1200052280000000240000000468400000000000000A73210384CA3C528F10C75F26E0917F001338BD3C9AA1A39B9FBD583DFFFD96CF2E2D7A7446304402204BCD5663F3A2BA02D2CE374439096EC6D27273522CD6E6E0BDBFB518730EAAE402200ECD02D8D2525D6FA4642613E71E395ECCEA01C42C35A668BF092A00EB649C268114830923439D307E642CED308FD91EF701A7BAA74788141620D685FB08D81A70D0B668749CF2E130EA7540
```
{% /tab %}
{% /tabs %}
### 6. Confirm that the test transaction succeeded as expected
#### Response Format
An example of a successful response:
If the test transaction succeeds, your regular key pair works as expected. For further confirmation, you can look at the `SigningPubKey` field which is automatically added to a transaction during signing; this field contains the _public key_ of the key pair that was used to sign the transaction, and is what the network uses to validate the transaction signature. When you use your regular key pair to sign a transaction, the `SigningPubKey` field contains the public key from your regular key pair.
{% tabs %}
{% tab label="WebSocket" %}
```json
{
"result": {
"engine_result": "tesSUCCESS",
"engine_result_code": 0,
"engine_result_message": "The transaction was applied. Only final in a validated ledger.",
"tx_blob": "1200052280000000240000000468400000000000000A73210384CA3C528F10C75F26E0917F001338BD3C9AA1A39B9FBD583DFFFD96CF2E2D7A7446304402204BCD5663F3A2BA02D2CE374439096EC6D27273522CD6E6E0BDBFB518730EAAE402200ECD02D8D2525D6FA4642613E71E395ECCEA01C42C35A668BF092A00EB649C268114830923439D307E642CED308FD91EF701A7BAA74788141620D685FB08D81A70D0B668749CF2E130EA7540",
"tx_json": {
"Account": "rUAi7pipxGpYfPNg3LtPcf2ApiS8aw9A93",
"Fee": "10",
"Flags": 2147483648,
"RegularKey": "rsprUqu6BHAffAeG4HpSdjBNvnA6gdnZV7",
"Sequence": 4,
"SigningPubKey": "0384CA3C528F10C75F26E0917F001338BD3C9AA1A39B9FBD583DFFFD96CF2E2D7A",
"TransactionType": "SetRegularKey",
"TxnSignature": "304402204BCD5663F3A2BA02D2CE374439096EC6D27273522CD6E6E0BDBFB518730EAAE402200ECD02D8D2525D6FA4642613E71E395ECCEA01C42C35A668BF092A00EB649C26",
"hash": "AB73BBF7C99061678B59FB48D72CA0F5FC6DD2815B6736C6E9EB94439EC236CE"
}
},
"status": "success",
"type": "response"
}
```
{% tab label="JavaScript" %}
{% code-snippet file="/_code-samples/assign-regular-key/js/assign-regular-key.js" language="js" from="// Check result of the test" /%}
{% /tab %}
{% tab label="JSON-RPC" %}
```json
{
"result": {
"engine_result": "tesSUCCESS",
"engine_result_code": 0,
"engine_result_message": "The transaction was applied. Only final in a validated ledger.",
"status": "success",
"tx_blob": "1200052280000000240000000468400000000000000A73210384CA3C528F10C75F26E0917F001338BD3C9AA1A39B9FBD583DFFFD96CF2E2D7A7446304402204BCD5663F3A2BA02D2CE374439096EC6D27273522CD6E6E0BDBFB518730EAAE402200ECD02D8D2525D6FA4642613E71E395ECCEA01C42C35A668BF092A00EB649C268114830923439D307E642CED308FD91EF701A7BAA74788141620D685FB08D81A70D0B668749CF2E130EA7540",
"tx_json": {
"Account": "rUAi7pipxGpYfPNg3LtPcf2ApiS8aw9A93",
"Fee": "10",
"Flags": 2147483648,
"RegularKey": "rsprUqu6BHAffAeG4HpSdjBNvnA6gdnZV7",
"Sequence": 4,
"SigningPubKey": "0384CA3C528F10C75F26E0917F001338BD3C9AA1A39B9FBD583DFFFD96CF2E2D7A",
"TransactionType": "SetRegularKey",
"TxnSignature": "304402204BCD5663F3A2BA02D2CE374439096EC6D27273522CD6E6E0BDBFB518730EAAE402200ECD02D8D2525D6FA4642613E71E395ECCEA01C42C35A668BF092A00EB649C26",
"hash": "AB73BBF7C99061678B59FB48D72CA0F5FC6DD2815B6736C6E9EB94439EC236CE"
}
}
}
```
{% tab label="Python" %}
{% code-snippet file="/_code-samples/assign-regular-key/py/assign-regular-key.py" language="py" from="# Check result of the test" /%}
{% /tab %}
{% tab label="Commandline" %}
```json
{
"result" : {
"engine_result" : "tesSUCCESS",
"engine_result_code" : 0,
"engine_result_message" : "The transaction was applied. Only final in a validated ledger.",
"status" : "success",
"tx_blob" : "1200052280000000240000000468400000000000000A73210384CA3C528F10C75F26E0917F001338BD3C9AA1A39B9FBD583DFFFD96CF2E2D7A7446304402204BCD5663F3A2BA02D2CE374439096EC6D27273522CD6E6E0BDBFB518730EAAE402200ECD02D8D2525D6FA4642613E71E395ECCEA01C42C35A668BF092A00EB649C268114830923439D307E642CED308FD91EF701A7BAA74788141620D685FB08D81A70D0B668749CF2E130EA7540",
"tx_json" : {
"Account" : "rUAi7pipxGpYfPNg3LtPcf2ApiS8aw9A93",
"Fee" : "10",
"Flags" : 2147483648,
"RegularKey" : "rsprUqu6BHAffAeG4HpSdjBNvnA6gdnZV7",
"Sequence" : 4,
"SigningPubKey" : "0384CA3C528F10C75F26E0917F001338BD3C9AA1A39B9FBD583DFFFD96CF2E2D7A",
"TransactionType" : "SetRegularKey",
"TxnSignature" : "304402204BCD5663F3A2BA02D2CE374439096EC6D27273522CD6E6E0BDBFB518730EAAE402200ECD02D8D2525D6FA4642613E71E395ECCEA01C42C35A668BF092A00EB649C26",
"hash" : "AB73BBF7C99061678B59FB48D72CA0F5FC6DD2815B6736C6E9EB94439EC236CE"
}
}
}
```
{% /tab %}
{% /tabs %}
Note that the response contains a `hash` of the transaction, which you can use to [look up the transaction's final outcome](../../../references/http-websocket-apis/public-api-methods/transaction-methods/tx.md).
## 3. Verify the Regular Key Pair
At this point, the regular key pair is assigned to your account and you should be able to send transactions using the regular key pair. **To avoid losing control of your account,** it is important that you test your regular key before you take any additional steps such as [disabling the master key pair](disable-master-key-pair.md). If you make a mistake and lose access to your account, no one can restore it for you.
To verify that your account has the regular key pair set correctly, submit an [AccountSet transaction][] from your account, signing it with the regular private key you assigned to your account in step 2. As in step 1, this tutorial uses a local `rippled` server as a [way of securely signing transactions](../../../concepts/transactions/secure-signing.md).
### Sign Your Transaction
{% partial file="/docs/_snippets/tutorial-sign-step.md" /%}
Populate the request fields with the following values:
| Request Field | Value |
|:--------------|:-------------------------------------------------------------|
| `Account` | The address of your account. |
| `secret` | `master_key`, `master_seed`, or `master_seed_hex` (regular private key) generated in step 1 and assigned to your account in step 2. |
#### Request Format
Here's an example of the request format. Note that the request does not include any `AccountSet` options. This means that a successful transaction has no effect other than to confirm that the regular key pair is set correctly for your account (and to destroy the transaction cost).
{% tabs %}
{% tab label="WebSocket" %}
```json
{
"command": "sign",
"tx_json": {
"TransactionType": "AccountSet",
"Account": "rUAi7pipxGpYfPNg3LtPcf2ApiS8aw9A93"
},
"secret": "sh8i92YRnEjJy3fpFkL8txQSCVo79"
}
```
{% /tab %}
{% tab label="JSON-RPC" %}
```json
{
"method": "sign",
"params": [
{
"tx_json": {
"TransactionType": "AccountSet",
"Account": "rUAi7pipxGpYfPNg3LtPcf2ApiS8aw9A93"
},
"secret": "sh8i92YRnEjJy3fpFkL8txQSCVo79"
}
]
}
```
{% /tab %}
{% tab label="Commandline" %}
```sh
#Syntax: sign secret tx_json
rippled sign sh8i92YRnEjJy3fpFkL8txQSCVo79 '{"TransactionType": "AccountSet", "Account": "rUAi7pipxGpYfPNg3LtPcf2ApiS8aw9A93"}'
```
{% /tab %}
{% /tabs %}
#### Response Format
An example of a successful response:
{% tabs %}
{% tab label="WebSocket" %}
```json
{
"result": {
"tx_blob": "1200032280000000240000000468400000000000000A73210330E7FC9D56BB25D6893BA3F317AE5BCF33B3291BD63DB32654A313222F7FD02074473045022100A50E867D3B1B5A39F23F1ABCA5C7C3EC755442FDAA357EFD897B865ACA7686DB02206077BF459BCE39BCCBFE1A128DA986D1E00CBEC5F0D6B0E11710F60BE2976FB88114623B8DA4A0BFB3B61AB423391A182DC693DC159E",
"tx_json": {
"Account": "rUAi7pipxGpYfPNg3LtPcf2ApiS8aw9A93",
"Fee": "10",
"Flags": 2147483648,
"Sequence": 4,
"SigningPubKey": "0330E7FC9D56BB25D6893BA3F317AE5BCF33B3291BD63DB32654A313222F7FD020",
"TransactionType": "AccountSet",
"TxnSignature": "3045022100A50E867D3B1B5A39F23F1ABCA5C7C3EC755442FDAA357EFD897B865ACA7686DB02206077BF459BCE39BCCBFE1A128DA986D1E00CBEC5F0D6B0E11710F60BE2976FB8",
"hash": "D9B305CB6E861D0994A5CDD4726129D91AC4277111DC444DE4CEE44AD4674A9F"
}
},
"status": "success",
"type": "response"
}
```
{% /tab %}
{% tab label="JSON-RPC" %}
```json
{
"result": {
"status": "success",
"tx_blob": "1200032280000000240000000468400000000000000A73210330E7FC9D56BB25D6893BA3F317AE5BCF33B3291BD63DB32654A313222F7FD02074473045022100A50E867D3B1B5A39F23F1ABCA5C7C3EC755442FDAA357EFD897B865ACA7686DB02206077BF459BCE39BCCBFE1A128DA986D1E00CBEC5F0D6B0E11710F60BE2976FB88114623B8DA4A0BFB3B61AB423391A182DC693DC159E",
"tx_json": {
"Account": "rUAi7pipxGpYfPNg3LtPcf2ApiS8aw9A93",
"Fee": "10",
"Flags": 2147483648,
"Sequence": 4,
"SigningPubKey": "0330E7FC9D56BB25D6893BA3F317AE5BCF33B3291BD63DB32654A313222F7FD020",
"TransactionType": "AccountSet",
"TxnSignature": "3045022100A50E867D3B1B5A39F23F1ABCA5C7C3EC755442FDAA357EFD897B865ACA7686DB02206077BF459BCE39BCCBFE1A128DA986D1E00CBEC5F0D6B0E11710F60BE2976FB8",
"hash": "D9B305CB6E861D0994A5CDD4726129D91AC4277111DC444DE4CEE44AD4674A9F"
}
}
}
```
{% /tab %}
{% tab label="Commandline" %}
```json
{
"result" : {
"status" : "success",
"tx_blob" : "1200032280000000240000000468400000000000000A73210330E7FC9D56BB25D6893BA3F317AE5BCF33B3291BD63DB32654A313222F7FD02074473045022100A50E867D3B1B5A39F23F1ABCA5C7C3EC755442FDAA357EFD897B865ACA7686DB02206077BF459BCE39BCCBFE1A128DA986D1E00CBEC5F0D6B0E11710F60BE2976FB88114623B8DA4A0BFB3B61AB423391A182DC693DC159E",
"tx_json" : {
"Account" : "rUAi7pipxGpYfPNg3LtPcf2ApiS8aw9A93",
"Fee" : "10",
"Flags" : 2147483648,
"Sequence" : 4,
"SigningPubKey" : "0330E7FC9D56BB25D6893BA3F317AE5BCF33B3291BD63DB32654A313222F7FD020",
"TransactionType" : "AccountSet",
"TxnSignature" : "3045022100A50E867D3B1B5A39F23F1ABCA5C7C3EC755442FDAA357EFD897B865ACA7686DB02206077BF459BCE39BCCBFE1A128DA986D1E00CBEC5F0D6B0E11710F60BE2976FB8",
"hash" : "D9B305CB6E861D0994A5CDD4726129D91AC4277111DC444DE4CEE44AD4674A9F"
}
}
}
```
{% /tab %}
{% /tabs %}
The `sign` command response contains a `tx_blob` value, as shown above. The offline signing response contains a `signedTransaction` value. Both are signed binary representations (blobs) of the transaction.
Next, use the `submit` command to send the transaction blob (`tx_blob` or `signedTransaction`) to the network.
### Submit Your Transaction
Take the `signedTransaction` value from the offline signing response or the `tx_blob` value from the `sign` command response and submit it as the `tx_blob` value using the [submit method][].
#### Request Format
An example of the request format:
{% tabs %}
{% tab label="WebSocket" %}
```json
{
"command": "submit",
"tx_blob": "1200032280000000240000000468400000000000000A73210330E7FC9D56BB25D6893BA3F317AE5BCF33B3291BD63DB32654A313222F7FD02074473045022100A50E867D3B1B5A39F23F1ABCA5C7C3EC755442FDAA357EFD897B865ACA7686DB02206077BF459BCE39BCCBFE1A128DA986D1E00CBEC5F0D6B0E11710F60BE2976FB88114623B8DA4A0BFB3B61AB423391A182DC693DC159E"
}
```
{% /tab %}
{% tab label="JSON-RPC" %}
```json
{
"method":"submit",
"params": [
{
"tx_blob": "1200032280000000240000000468400000000000000A73210330E7FC9D56BB25D6893BA3F317AE5BCF33B3291BD63DB32654A313222F7FD02074473045022100A50E867D3B1B5A39F23F1ABCA5C7C3EC755442FDAA357EFD897B865ACA7686DB02206077BF459BCE39BCCBFE1A128DA986D1E00CBEC5F0D6B0E11710F60BE2976FB88114623B8DA4A0BFB3B61AB423391A182DC693DC159E"
}
]
}
```
{% /tab %}
{% tab label="Commandline" %}
```sh
#Syntax: submit tx_blob
rippled submit 1200032280000000240000000468400000000000000A73210330E7FC9D56BB25D6893BA3F317AE5BCF33B3291BD63DB32654A313222F7FD02074473045022100A50E867D3B1B5A39F23F1ABCA5C7C3EC755442FDAA357EFD897B865ACA7686DB02206077BF459BCE39BCCBFE1A128DA986D1E00CBEC5F0D6B0E11710F60BE2976FB88114623B8DA4A0BFB3B61AB423391A182DC693DC159E
```
{% /tab %}
{% /tabs %}
#### Response Format
An example of a successful response:
{% tabs %}
{% tab label="WebSocket" %}
```json
{
"result": {
"engine_result": "tesSUCCESS",
"engine_result_code": 0,
"engine_result_message": "The transaction was applied. Only final in a validated ledger.",
"tx_blob": "1200032280000000240000000468400000000000000A73210330E7FC9D56BB25D6893BA3F317AE5BCF33B3291BD63DB32654A313222F7FD02074473045022100A50E867D3B1B5A39F23F1ABCA5C7C3EC755442FDAA357EFD897B865ACA7686DB02206077BF459BCE39BCCBFE1A128DA986D1E00CBEC5F0D6B0E11710F60BE2976FB88114623B8DA4A0BFB3B61AB423391A182DC693DC159E",
"tx_json": {
"Account": "rUAi7pipxGpYfPNg3LtPcf2ApiS8aw9A93",
"Fee": "10",
"Flags": 2147483648,
"Sequence": 4,
"SigningPubKey": "0330E7FC9D56BB25D6893BA3F317AE5BCF33B3291BD63DB32654A313222F7FD020",
"TransactionType": "AccountSet",
"TxnSignature": "3045022100A50E867D3B1B5A39F23F1ABCA5C7C3EC755442FDAA357EFD897B865ACA7686DB02206077BF459BCE39BCCBFE1A128DA986D1E00CBEC5F0D6B0E11710F60BE2976FB8",
"hash": "D9B305CB6E861D0994A5CDD4726129D91AC4277111DC444DE4CEE44AD4674A9F"
}
},
"status": "success",
"type": "response"
}
```
{% /tab %}
{% tab label="JSON-RPC" %}
```json
{
"result": {
"engine_result": "tesSUCCESS",
"engine_result_code": 0,
"engine_result_message": "The transaction was applied. Only final in a validated ledger.",
"status": "success",
"tx_blob": "1200032280000000240000000468400000000000000A73210330E7FC9D56BB25D6893BA3F317AE5BCF33B3291BD63DB32654A313222F7FD02074473045022100A50E867D3B1B5A39F23F1ABCA5C7C3EC755442FDAA357EFD897B865ACA7686DB02206077BF459BCE39BCCBFE1A128DA986D1E00CBEC5F0D6B0E11710F60BE2976FB88114623B8DA4A0BFB3B61AB423391A182DC693DC159E",
"tx_json": {
"Account": "rUAi7pipxGpYfPNg3LtPcf2ApiS8aw9A93",
"Fee": "10",
"Flags": 2147483648,
"Sequence": 4,
"SigningPubKey": "0330E7FC9D56BB25D6893BA3F317AE5BCF33B3291BD63DB32654A313222F7FD020",
"TransactionType": "AccountSet",
"TxnSignature": "3045022100A50E867D3B1B5A39F23F1ABCA5C7C3EC755442FDAA357EFD897B865ACA7686DB02206077BF459BCE39BCCBFE1A128DA986D1E00CBEC5F0D6B0E11710F60BE2976FB8",
"hash": "D9B305CB6E861D0994A5CDD4726129D91AC4277111DC444DE4CEE44AD4674A9F"
}
}
}
```
{% /tab %}
{% tab label="Commandline" %}
```json
{
"result" : {
"engine_result" : "tesSUCCESS",
"engine_result_code" : 0,
"engine_result_message" : "The transaction was applied. Only final in a validated ledger.",
"status" : "success",
"tx_blob" : "1200032280000000240000000468400000000000000A73210330E7FC9D56BB25D6893BA3F317AE5BCF33B3291BD63DB32654A313222F7FD02074473045022100A50E867D3B1B5A39F23F1ABCA5C7C3EC755442FDAA357EFD897B865ACA7686DB02206077BF459BCE39BCCBFE1A128DA986D1E00CBEC5F0D6B0E11710F60BE2976FB88114623B8DA4A0BFB3B61AB423391A182DC693DC159E",
"tx_json" : {
"Account" : "rUAi7pipxGpYfPNg3LtPcf2ApiS8aw9A93",
"Fee" : "10",
"Flags" : 2147483648,
"Sequence" : 4,
"SigningPubKey" : "0330E7FC9D56BB25D6893BA3F317AE5BCF33B3291BD63DB32654A313222F7FD020",
"TransactionType" : "AccountSet",
"TxnSignature" : "3045022100A50E867D3B1B5A39F23F1ABCA5C7C3EC755442FDAA357EFD897B865ACA7686DB02206077BF459BCE39BCCBFE1A128DA986D1E00CBEC5F0D6B0E11710F60BE2976FB8",
"hash" : "D9B305CB6E861D0994A5CDD4726129D91AC4277111DC444DE4CEE44AD4674A9F"
}
}
}
```
{% /tab %}
{% /tabs %}
If the transaction fails with the following [result codes](../../../references/protocol/transactions/transaction-results/index.md), here are some things to check:

547
docs/tutorials/best-practices/key-management/send-a-multi-signed-transaction.md
View File

@@ -1,159 +1,442 @@
---
html: send-a-multi-signed-transaction.html
parent: manage-account-settings.html
seo:
description: Send a transaction authorized with multiple signatures.
description: Send a transaction authorized with multiple signatures.
labels:
- Security
---
# Send a Multi-Signed Transaction
This tutorial shows how to send a transaction using [multi-signing](../../../concepts/accounts/multi-signing.md).
## Goals
By following this tutorial, you should learn how to send a transaction using a multi-signing list to authorize the transaction.
The following procedure demonstrates how to create, sign, and submit a multi-signed transaction.
## Prerequisites
To complete this tutorial, you should:
- You must have already [set up multi-signing](set-up-multi-signing.md) for your address.
- Have a basic understanding of the XRP Ledger.
- Have an [XRP Ledger client library](../../../references/client-libraries.md), such as **xrpl.js**, installed.
- Understand how to [set up multi-signing](set-up-multi-signing.md) on an account, including how signer weights and quorums work.
## Source Code
You can find the complete source code for this tutorial's examples in the {% repo-link path="_code-samples/multisigning/" %}code samples section of this website's repository{% /repo-link %}.
## Steps
- Multi-signing must be available. Multi-signing has been enabled by an [**Amendment**](../../../concepts/networks-and-servers/amendments.md) to the XRP Ledger Consensus Protocol since 2016-06-27.
### 1. Install dependencies
## 1. Create the transaction
Create a JSON object that represents the transaction you want to submit. You have to specify _everything_ about this transaction, including `Fee` and `Sequence`. Also include the field `SigningPubKey` as an empty string, to indicate that the transaction is multi-signed.
Keep in mind that the `Fee` for multi-signed transactions is significantly higher than for regularly-signed transactions. It should be at least (N+1) times the normal [transaction cost](../../../concepts/transactions/transaction-cost.md), where N is the number of signatures you plan to provide. Since it sometimes takes a while to collect signatures from multiple sources, you may want to specify more than the current minimum, in case the [transaction cost](../../../concepts/transactions/transaction-cost.md) increases in that time.
Here's an example transaction ready to be multi-signed:
{% tabs %}
{% tab label="JavaScript" %}
From the code sample folder, use `npm` to install dependencies:
```sh
npm i
{% tab label="JSON" %}
```json
{
"TransactionType": "TrustSet",
"Account": "rEuLyBCvcw4CFmzv8RepSiAoNgF8tTGJQC",
"Flags": 262144,
"LimitAmount": {
"currency": "USD",
"issuer": "rHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh",
"value": "100"
},
"Sequence": 2,
"SigningPubKey": "",
"Fee": "30000"
}
```
(This transaction creates an accounting relationship from `rEuLyBCvcw4CFmzv8RepSiAoNgF8tTGJQC` to `rHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh` with a maximum balance of 100 USD.)
{% /tab %}
{% tab label="Javascript" %}
{% code-snippet file="/_code-samples/multisigning/js/multisigning.ts" language="js" from="const accountSet: AccountSet = {" before="const { tx_blob" /%}
{% /tab %}
{% tab label="Python" %}
{% code-snippet file="/_code-samples/multisigning/py/multisigning.py" language="py" from="account_set_tx = AccountSet" before="# Since" /%}
{% /tab %}
{% /tabs %}
## 2. Get one signature
Use the [sign_for method][] with the secret key and address of one of the members of your SignerList to get a signature for that member.
{% partial file="/docs/_snippets/secret-key-warning.md" /%}
```
$ rippled sign_for rsA2LpzuawewSBQXkiju3YQTMzW13pAAdW <rsA2L..'s secret> '{
> "TransactionType": "TrustSet",
> "Account": "rEuLyBCvcw4CFmzv8RepSiAoNgF8tTGJQC",
> "Flags": 262144,
> "LimitAmount": {
> "currency": "USD",
> "issuer": "rHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh",
> "value": "100"
> },
> "Sequence": 2,
> "SigningPubKey": "",
> "Fee": "30000"
> }'
Loading: "/etc/opt/ripple/rippled.cfg"
Connecting to 127.0.0.1:5005
{
"result" : {
"status" : "success",
"tx_blob" : "1200142200040000240000000263D5038D7EA4C680000000000000000000000000005553440000000000B5F762798A53D543A014CAF8B297CFF8F2F937E868400000000000753073008114A3780F5CB5A44D366520FC44055E8ED44D9A2270F3E010732102B3EC4E5DD96029A647CFA20DA07FE1F85296505552CCAC114087E66B46BD77DF744730450221009C195DBBF7967E223D8626CA19CF02073667F2B22E206727BFE848FF42BEAC8A022048C323B0BED19A988BDBEFA974B6DE8AA9DCAE250AA82BBD1221787032A864E58114204288D2E47F8EF6C99BCC457966320D12409711E1F1",
"tx_json" : {
"Account" : "rEuLyBCvcw4CFmzv8RepSiAoNgF8tTGJQC",
"Fee" : "30000",
"Flags" : 262144,
"LimitAmount" : {
"currency" : "USD",
"issuer" : "rHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh",
"value" : "100"
},
"Sequence" : 2,
"Signers" : [
{
"Signer" : {
"Account" : "rsA2LpzuawewSBQXkiju3YQTMzW13pAAdW",
"SigningPubKey" : "02B3EC4E5DD96029A647CFA20DA07FE1F85296505552CCAC114087E66B46BD77DF",
"TxnSignature" : "30450221009C195DBBF7967E223D8626CA19CF02073667F2B22E206727BFE848FF42BEAC8A022048C323B0BED19A988BDBEFA974B6DE8AA9DCAE250AA82BBD1221787032A864E5"
}
}
],
"SigningPubKey" : "",
"TransactionType" : "TrustSet",
"hash" : "A94A6417D1A7AAB059822B894E13D322ED3712F7212CE9257801F96DE6C3F6AE"
}
}
}
```
Save the `tx_json` field of the response: it has the new signature in the `Signers` field. You can discard the value of the `tx_blob` field.
If you have a problem in stand-alone mode or a non-production network, check that [multi-sign is enabled](../../../infrastructure/testing-and-auditing/start-a-new-genesis-ledger-in-stand-alone-mode.md#settings-in-new-genesis-ledgers).
## 3. Get additional signatures
You can collect additional signatures in parallel or in serial:
* In parallel: Use the `sign_for` command with the original JSON for the transaction. Each response has a single signature in the `Signers` array.
* In serial: Use the `sign_for` command with the `tx_json` value from the previous `sign_for` response. Each response adds a new signature to the existing `Signers` array.
{% partial file="/docs/_snippets/secret-key-warning.md" /%}
```
$ rippled sign_for rUpy3eEg8rqjqfUoLeBnZkscbKbFsKXC3v <rUpy..'s secret> '{
> "Account" : "rEuLyBCvcw4CFmzv8RepSiAoNgF8tTGJQC",
> "Fee" : "30000",
> "Flags" : 262144,
> "LimitAmount" : {
> "currency" : "USD",
> "issuer" : "rHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh",
> "value" : "100"
> },
> "Sequence" : 2,
> "Signers" : [
> {
> "Signer" : {
> "Account" : "rsA2LpzuawewSBQXkiju3YQTMzW13pAAdW",
> "SigningPubKey" : "02B3EC4E5DD96029A647CFA20DA07FE1F85296505552CCAC114087E66B46BD77DF",
> "TxnSignature" : "30450221009C195DBBF7967E223D8626CA19CF02073667F2B22E206727BFE848FF42BEAC8A022048C323B0BED19A988BDBEFA974B6DE8AA9DCAE250AA82BBD1221787032A864E5"
> }
> }
> ],
> "SigningPubKey" : "",
> "TransactionType" : "TrustSet",
> "hash" : "A94A6417D1A7AAB059822B894E13D322ED3712F7212CE9257801F96DE6C3F6AE"
> }'
Loading: "/etc/opt/ripple/rippled.cfg"
Connecting to 127.0.0.1:5005
{
"result" : {
"status" : "success",
"tx_blob" : "1200142200040000240000000263D5038D7EA4C680000000000000000000000000005553440000000000B5F762798A53D543A014CAF8B297CFF8F2F937E868400000000000753073008114A3780F5CB5A44D366520FC44055E8ED44D9A2270F3E010732102B3EC4E5DD96029A647CFA20DA07FE1F85296505552CCAC114087E66B46BD77DF744730450221009C195DBBF7967E223D8626CA19CF02073667F2B22E206727BFE848FF42BEAC8A022048C323B0BED19A988BDBEFA974B6DE8AA9DCAE250AA82BBD1221787032A864E58114204288D2E47F8EF6C99BCC457966320D12409711E1E0107321028FFB276505F9AC3F57E8D5242B386A597EF6C40A7999F37F1948636FD484E25B744630440220680BBD745004E9CFB6B13A137F505FB92298AD309071D16C7B982825188FD1AE022004200B1F7E4A6A84BB0E4FC09E1E3BA2B66EBD32F0E6D121A34BA3B04AD99BC181147908A7F0EDD48EA896C3580A399F0EE78611C8E3E1F1",
"tx_json" : {
"Account" : "rEuLyBCvcw4CFmzv8RepSiAoNgF8tTGJQC",
"Fee" : "30000",
"Flags" : 262144,
"LimitAmount" : {
"currency" : "USD",
"issuer" : "rHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh",
"value" : "100"
},
"Sequence" : 2,
"Signers" : [
{
"Signer" : {
"Account" : "rsA2LpzuawewSBQXkiju3YQTMzW13pAAdW",
"SigningPubKey" : "02B3EC4E5DD96029A647CFA20DA07FE1F85296505552CCAC114087E66B46BD77DF",
"TxnSignature" : "30450221009C195DBBF7967E223D8626CA19CF02073667F2B22E206727BFE848FF42BEAC8A022048C323B0BED19A988BDBEFA974B6DE8AA9DCAE250AA82BBD1221787032A864E5"
}
},
{
"Signer" : {
"Account" : "rUpy3eEg8rqjqfUoLeBnZkscbKbFsKXC3v",
"SigningPubKey" : "028FFB276505F9AC3F57E8D5242B386A597EF6C40A7999F37F1948636FD484E25B",
"TxnSignature" : "30440220680BBD745004E9CFB6B13A137F505FB92298AD309071D16C7B982825188FD1AE022004200B1F7E4A6A84BB0E4FC09E1E3BA2B66EBD32F0E6D121A34BA3B04AD99BC1"
}
}
],
"SigningPubKey" : "",
"TransactionType" : "TrustSet",
"hash" : "BD636194C48FD7A100DE4C972336534C8E710FD008C0F3CF7BC5BF34DAF3C3E6"
}
}
}
```
Depending on the SignerList you configured, you may need to repeat this step several times to get signatures from all the necessary parties.
## 4. Combine signatures and submit
If you collected the signatures in serial, the `tx_json` from the last `sign_for` response has all the signatures assembled, so you can use that as the argument to the [submit_multisigned method][].
If you collected the signatures in parallel, you must manually construct a `tx_json` object with all the signatures included. Take the `Signers` arrays from all the `sign_for` responses, and combine their contents into a single `Signers` array that has each signature. Add the combined `Signers` array to the original transaction JSON value, and use that as the argument to the [submit_multisigned method][].
{% tabs %}
{% tab label="Commandline" %}
```
$ rippled submit_multisigned '{
> "Account" : "rEuLyBCvcw4CFmzv8RepSiAoNgF8tTGJQC",
> "Fee" : "30000",
> "Flags" : 262144,
> "LimitAmount" : {
> "currency" : "USD",
> "issuer" : "rHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh",
> "value" : "100"
> },
> "Sequence" : 2,
> "Signers" : [
> {
> "Signer" : {
> "Account" : "rsA2LpzuawewSBQXkiju3YQTMzW13pAAdW",
> "SigningPubKey" : "02B3EC4E5DD96029A647CFA20DA07FE1F85296505552CCAC114087E66B46BD77DF",
> "TxnSignature" : "30450221009C195DBBF7967E223D8626CA19CF02073667F2B22E206727BFE848FF42BEAC8A022048C323B0BED19A988BDBEFA974B6DE8AA9DCAE250AA82BBD1221787032A864E5"
> }
> },
> {
> "Signer" : {
> "Account" : "rUpy3eEg8rqjqfUoLeBnZkscbKbFsKXC3v",
> "SigningPubKey" : "028FFB276505F9AC3F57E8D5242B386A597EF6C40A7999F37F1948636FD484E25B",
> "TxnSignature" : "30440220680BBD745004E9CFB6B13A137F505FB92298AD309071D16C7B982825188FD1AE022004200B1F7E4A6A84BB0E4FC09E1E3BA2B66EBD32F0E6D121A34BA3B04AD99BC1"
> }
> }
> ],
> "SigningPubKey" : "",
> "TransactionType" : "TrustSet",
> "hash" : "BD636194C48FD7A100DE4C972336534C8E710FD008C0F3CF7BC5BF34DAF3C3E6"
> }'
Loading: "/etc/opt/ripple/rippled.cfg"
Connecting to 127.0.0.1:5005
{
"result": {
"engine_result": "tesSUCCESS",
"engine_result_code": 0,
"engine_result_message": "The transaction was applied. Only final in a validated ledger.",
"status": "success",
"tx_blob": "1200142200040000240000000263D5038D7EA4C680000000000000000000000000005553440000000000B5F762798A53D543A014CAF8B297CFF8F2F937E868400000000000753073008114A3780F5CB5A44D366520FC44055E8ED44D9A2270F3E010732102B3EC4E5DD96029A647CFA20DA07FE1F85296505552CCAC114087E66B46BD77DF744730450221009C195DBBF7967E223D8626CA19CF02073667F2B22E206727BFE848FF42BEAC8A022048C323B0BED19A988BDBEFA974B6DE8AA9DCAE250AA82BBD1221787032A864E58114204288D2E47F8EF6C99BCC457966320D12409711E1E0107321028FFB276505F9AC3F57E8D5242B386A597EF6C40A7999F37F1948636FD484E25B744630440220680BBD745004E9CFB6B13A137F505FB92298AD309071D16C7B982825188FD1AE022004200B1F7E4A6A84BB0E4FC09E1E3BA2B66EBD32F0E6D121A34BA3B04AD99BC181147908A7F0EDD48EA896C3580A399F0EE78611C8E3E1F1",
"tx_json": {
"Account": "rEuLyBCvcw4CFmzv8RepSiAoNgF8tTGJQC",
"Fee": "30000",
"Flags": 262144,
"LimitAmount": {
"currency": "USD",
"issuer": "rHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh",
"value": "100"
},
"Sequence": 2,
"Signers": [{
"Signer": {
"Account": "rsA2LpzuawewSBQXkiju3YQTMzW13pAAdW",
"SigningPubKey": "02B3EC4E5DD96029A647CFA20DA07FE1F85296505552CCAC114087E66B46BD77DF",
"TxnSignature": "30450221009C195DBBF7967E223D8626CA19CF02073667F2B22E206727BFE848FF42BEAC8A022048C323B0BED19A988BDBEFA974B6DE8AA9DCAE250AA82BBD1221787032A864E5"
}
}, {
"Signer": {
"Account": "rUpy3eEg8rqjqfUoLeBnZkscbKbFsKXC3v",
"SigningPubKey": "028FFB276505F9AC3F57E8D5242B386A597EF6C40A7999F37F1948636FD484E25B",
"TxnSignature": "30440220680BBD745004E9CFB6B13A137F505FB92298AD309071D16C7B982825188FD1AE022004200B1F7E4A6A84BB0E4FC09E1E3BA2B66EBD32F0E6D121A34BA3B04AD99BC1"
}
}],
"SigningPubKey": "",
"TransactionType": "TrustSet",
"hash": "BD636194C48FD7A100DE4C972336534C8E710FD008C0F3CF7BC5BF34DAF3C3E6"
}
}
}
```
Take note of the `hash` value from the response so you can check the results of the transaction later. (In this case, the hash is `BD636194C48FD7A100DE4C972336534C8E710FD008C0F3CF7BC5BF34DAF3C3E6`.)
{% /tab %}
{% tab label="Javascript" %}
{% code-snippet file="/_code-samples/multisigning/js/multisigning.ts" language="js" from="const { tx_blob" before="if (submitResponse" /%}
{% /tab %}
{% tab label="Python" %}
{% code-snippet file="/_code-samples/multisigning/py/multisigning.py" language="py" from="tx_1 =" before="if multisigned_tx_response" /%}
{% /tab %}
{% /tabs %}
## 5. Close the ledger
If you are using the live network, you can wait 4-7 seconds for the ledger to close automatically.
If you're running `rippled` in stand-alone mode, use the [ledger_accept method][] to manually close the ledger:
```
$ rippled ledger_accept
Loading: "/etc/opt/ripple/rippled.cfg"
Connecting to 127.0.0.1:5005
{
"result" : {
"ledger_current_index" : 7,
"status" : "success"
}
}
```
## 6. Confirm transaction results
Use the hash value from the response to the `submit_multisigned` command to look up the transaction using the [tx method][]. In particular, check that the `TransactionResult` is the string `tesSUCCESS`.
On the live network, you must also confirm that the `validated` field is set to the boolean `true`. If the field is not `true`, you might need to wait longer for the consensus process to finish; or your transaction may be unable to be included in a ledger for some reason.
In stand-alone mode, the server automatically considers a ledger to be `validated` if it has been manually closed.
{% tabs %}
{% tab label="Commandline" %}
```
$ rippled tx BD636194C48FD7A100DE4C972336534C8E710FD008C0F3CF7BC5BF34DAF3C3E6
Loading: "/etc/opt/ripple/rippled.cfg"
Connecting to 127.0.0.1:5005
{
"result": {
"Account": "rEuLyBCvcw4CFmzv8RepSiAoNgF8tTGJQC",
"Fee": "30000",
"Flags": 262144,
"LimitAmount": {
"currency": "USD",
"issuer": "rHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh",
"value": "100"
},
"Sequence": 2,
"Signers": [{
"Signer": {
"Account": "rsA2LpzuawewSBQXkiju3YQTMzW13pAAdW",
"SigningPubKey": "02B3EC4E5DD96029A647CFA20DA07FE1F85296505552CCAC114087E66B46BD77DF",
"TxnSignature": "30450221009C195DBBF7967E223D8626CA19CF02073667F2B22E206727BFE848FF42BEAC8A022048C323B0BED19A988BDBEFA974B6DE8AA9DCAE250AA82BBD1221787032A864E5"
}
}, {
"Signer": {
"Account": "rUpy3eEg8rqjqfUoLeBnZkscbKbFsKXC3v",
"SigningPubKey": "028FFB276505F9AC3F57E8D5242B386A597EF6C40A7999F37F1948636FD484E25B",
"TxnSignature": "30440220680BBD745004E9CFB6B13A137F505FB92298AD309071D16C7B982825188FD1AE022004200B1F7E4A6A84BB0E4FC09E1E3BA2B66EBD32F0E6D121A34BA3B04AD99BC1"
}
}],
"SigningPubKey": "",
"TransactionType": "TrustSet",
"date": 512172510,
"hash": "BD636194C48FD7A100DE4C972336534C8E710FD008C0F3CF7BC5BF34DAF3C3E6",
"inLedger": 6,
"ledger_index": 6,
"meta": {
"AffectedNodes": [{
"ModifiedNode": {
"LedgerEntryType": "AccountRoot",
"LedgerIndex": "2B6AC232AA4C4BE41BF49D2459FA4A0347E1B543A4C92FCEE0821C0201E2E9A8",
"PreviousTxnID": "B7E1D33DB7DEA3BB65BFAB2C80E02125F47FCCF6C957A7FDECD915B3EBE0C1DD",
"PreviousTxnLgrSeq": 4
}
}, {
"CreatedNode": {
"LedgerEntryType": "RippleState",
"LedgerIndex": "93E317B32022977C77810A2C558FBB28E30E744C68E73720622B797F957EC5FA",
"NewFields": {
"Balance": {
"currency": "USD",
"issuer": "rrrrrrrrrrrrrrrrrrrrBZbvji",
"value": "0"
},
"Flags": 2162688,
"HighLimit": {
"currency": "USD",
"issuer": "rHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh",
"value": "0"
},
"LowLimit": {
"currency": "USD",
"issuer": "rEuLyBCvcw4CFmzv8RepSiAoNgF8tTGJQC",
"value": "100"
}
}
}
}, {
"ModifiedNode": {
"FinalFields": {
"Account": "rEuLyBCvcw4CFmzv8RepSiAoNgF8tTGJQC",
"Balance": "999960000",
"Flags": 0,
"OwnerCount": 6,
"Sequence": 3
},
"LedgerEntryType": "AccountRoot",
"LedgerIndex": "A6B1BA6F2D70813100908EA84ABB7783695050312735E2C3665259F388804EA0",
"PreviousFields": {
"Balance": "999990000",
"OwnerCount": 5,
"Sequence": 2
},
"PreviousTxnID": "8FDC18960455C196A8C4DE0D24799209A21F4A17E32102B5162BD79466B90222",
"PreviousTxnLgrSeq": 5
}
}, {
"ModifiedNode": {
"FinalFields": {
"Flags": 0,
"Owner": "rEuLyBCvcw4CFmzv8RepSiAoNgF8tTGJQC",
"RootIndex": "C2728175908D82FB1DE6676F203D8D3C056995A9FA9B369EF326523F1C65A1DE"
},
"LedgerEntryType": "DirectoryNode",
"LedgerIndex": "C2728175908D82FB1DE6676F203D8D3C056995A9FA9B369EF326523F1C65A1DE"
}
}, {
"CreatedNode": {
"LedgerEntryType": "DirectoryNode",
"LedgerIndex": "D8120FC732737A2CF2E9968FDF3797A43B457F2A81AA06D2653171A1EA635204",
"NewFields": {
"Owner": "rHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh",
"RootIndex": "D8120FC732737A2CF2E9968FDF3797A43B457F2A81AA06D2653171A1EA635204"
}
}
}],
"TransactionIndex": 0,
"TransactionResult": "tesSUCCESS"
},
"status": "success",
"validated": true
}
}
```
{% /tab %}
{% tab label="Python" %}
From the code sample folder, set up a virtual environment and use `pip` to install dependencies:
```sh
python -m venv .venv
source .venv/bin/activate
pip install -r requirements.txt
```
{% /tab %}
{% /tabs %}
### 2. Connect and get account(s)
To get started, import the client library and instantiate an API client. For this tutorial, you need one account, which the sample code funds using the Testnet faucet; you could also use an existing account.
{% tabs %}
{% tab label="JavaScript" %}
{% code-snippet file="/_code-samples/multisigning/js/send-multi-signed-transaction.js" language="js" before="// Set up multi-signing" /%}
{% tab label="Javascript" %}
{% code-snippet file="/_code-samples/multisigning/js/multisigning.ts" language="js" from="if (submitResponse" before="await client.disconnect" /%}
{% /tab %}
{% tab label="Python" %}
{% code-snippet file="/_code-samples/multisigning/py/send-multi-signed-transaction.py" language="py" before="# Set up multi-signing" /%}
{% code-snippet file="/_code-samples/multisigning/py/multisigning.py" language="py" from="if multisigned_tx_response" /%}
{% /tab %}
{% /tabs %}
### 3. Set up multi-signing
Before you can send a multi-signed transaction, you have to have a signer list set up for your account. Since the sample code uses a newly funded account, it needs to do this one-time setup first. For a more detailed explanation of this process, see [Set Up Multi-Signing](set-up-multi-signing.md). **Skip this step if you are using an existing account that already has a signer list.**
{% tabs %}
{% tab label="JavaScript" %}
{% code-snippet file="/_code-samples/multisigning/js/send-multi-signed-transaction.js" language="js" from="// Set up multi-signing" before="// Prepare transaction" /%}
{% /tab %}
{% tab label="Python" %}
{% code-snippet file="/_code-samples/multisigning/py/send-multi-signed-transaction.py" language="py" from="# Set up multi-signing" before="# Prepare transaction" /%}
{% /tab %}
{% /tabs %}
### 4. Prepare the transaction
When sending a multi-signed transaction, you need to specify _all_ the details of the transaction before collecting signatures, so that the signers are signing the exact same transaction instructions. Instead of implicitly autofilling a transaction while signing it, you can explicitly use your client library's autofill function to set auto-fillable transaction fields like the `Fee`, `Sequence`, and `LastLedgerSequence`. Multi-signed transactions require a higher [transaction cost][] based on the number of signatures, so you should specify the expected number of signers to this function.
The sample code uses a no-op [AccountSet transaction][], but you can send almost any type of transaction using a multi-signature.
{% admonition type="warning" name="Caution: Sequence Numbers" %}
You have to set the transaction's sequence number in the `Sequence` field at this time. If you send any other transactions from the same account while you are collecting signatures, this transaction becomes invalid because you can't reuse or skip sequence numbers. If collecting signatures may take a while, you should [use a ticket](../transaction-sending/use-tickets.md) instead.
{% /admonition %}
{% tabs %}
{% tab label="JavaScript" %}
In **xrpl.js**, use the [`autofill(transaction, signerCount)` method](https://js.xrpl.org/classes/Client.html#autofill) of the Client instance to autofill a transaction for multi-signing.
{% code-snippet file="/_code-samples/multisigning/js/send-multi-signed-transaction.js" language="js" from="// Prepare transaction" before="// Collect signatures" /%}
{% /tab %}
{% tab label="Python" %}
In **xrpl-py**, use the [`xrpl.transaction.autofill(transaction, client, num_signers)` function](https://xrpl-py.readthedocs.io/en/stable/source/xrpl.transaction.html#xrpl.transaction.autofill) to autofill a transaction for multi-signing.
{% code-snippet file="/_code-samples/multisigning/py/send-multi-signed-transaction.py" language="py" from="# Prepare transaction" before="# Collect signatures" /%}
{% /tab %}
{% /tabs %}
### 5. Collect signatures
Now, have each of your signers provide a signature for the prepared transaction. Provide the same prepared transaction JSON to each signer, so they can use their own private key to sign the transaction. Signatures for a multi-signed transaction are slightly different than a single-signed transaction, so be sure each signer uses the correct method for producing their signature.
{% tabs %}
{% tab label="JavaScript" %}
In **xrpl.js**, pass `true` as the second argument to the [`Wallet.sign(...)` method](https://js.xrpl.org/classes/Wallet.html#sign) to create a signature for a multi-signed transaction.
{% code-snippet file="/_code-samples/multisigning/js/send-multi-signed-transaction.js" language="js" from="// Collect signatures" before="// Combine signatures" /%}
{% /tab %}
{% tab label="Python" %}
In **xrpl-py**, pass `multisign=True` to the [`xrpl.transaction.sign(...)` function](https://xrpl-py.readthedocs.io/en/stable/source/xrpl.transaction.html#xrpl.transaction.sign) to create a signature for a multi-signed transaction.
{% code-snippet file="/_code-samples/multisigning/py/send-multi-signed-transaction.py" language="py" from="# Collect signatures" before="# Combine signatures" /%}
{% /tab %}
{% /tabs %}
### 6. Combine signatures and submit the transaction
When you have enough signatures to authorize the transaction, combine them into a single transaction, and submit the transaction to the network.
{% tabs %}
{% tab label="JavaScript" %}
In **xrpl.js**, use the [`xrpl.multisign(...)` function](https://js.xrpl.org/functions/multisign.html) to combine a list of signatures into a single multi-signed transaction.
{% code-snippet file="/_code-samples/multisigning/js/send-multi-signed-transaction.js" language="js" from="// Combine signatures" /%}
{% /tab %}
{% tab label="Python" %}
In **xrpl-py**, use the [`xrpl.transaction.multisign(...)` function](https://xrpl-py.readthedocs.io/en/stable/source/xrpl.transaction.html#xrpl.transaction.multisign) to combine a list of signatures into a single multi-signed transaction.
{% code-snippet file="/_code-samples/multisigning/py/send-multi-signed-transaction.py" language="py" from="# Combine signatures" /%}
{% /tab %}
{% /tabs %}
Confirming that the transaction succeeded and accomplished the intended purpose is largely the same as it would be when sending the transaction normally, except you should be aware of the potential for [malleability with multi-signatures](../../../concepts/transactions/finality-of-results/transaction-malleability.md#malleability-with-multi-signatures): if valid signatures can be added to or removed from the transaction, it could succeed with a different identifying hash than you expected. You can mitigate these risks with good operational security, including not submitting a transaction with more than the necessary number of signatures.
## See Also
For more information about multi-signing and related topics, see:
- **Concepts:**
- [Cryptographic Keys](../../../concepts/accounts/cryptographic-keys.md)
- [Multi-Signing](../../../concepts/accounts/multi-signing.md)
- [Issuing and Operational Addresses](../../../concepts/accounts/account-types.md)
- [Transaction Malleability](../../../concepts/transactions/finality-of-results/transaction-malleability.md)
- **Tutorials:**
- [Set Up Multi-Signing](set-up-multi-signing.md)
- [Disable Master Key Pair](disable-master-key-pair.md)
- [Use Tickets](../transaction-sending/use-tickets.md)
- **References:**
- **xrpl.js:**
- [`autofill(transaction, signerCount)`](https://js.xrpl.org/classes/Client.html#autofill)
- [`Wallet.sign(...)`](https://js.xrpl.org/classes/Wallet.html#sign)
- [`xrpl.multisign(...)`](https://js.xrpl.org/functions/multisign.html)
- **xrpl-py:**
- [`xrpl.transaction.autofill(transaction, client, num_signers)`](https://xrpl-py.readthedocs.io/en/stable/source/xrpl.transaction.html#xrpl.transaction.autofill)
- [`xrpl.transaction.sign(...)`](https://xrpl-py.readthedocs.io/en/stable/source/xrpl.transaction.html#xrpl.transaction.sign)
- [`xrpl.transaction.multisign(...)`](https://xrpl-py.readthedocs.io/en/stable/source/xrpl.transaction.html#xrpl.transaction.multisign)
{% raw-partial file="/docs/_snippets/common-links.md" /%}

316
docs/tutorials/best-practices/key-management/set-up-multi-signing.md
View File

@@ -1,4 +1,6 @@
---
html: set-up-multi-signing.html
parent: manage-account-settings.html
seo:
description: Add a signer list to your account to enable multi-signing.
labels:
@@ -6,141 +8,239 @@ labels:
---
# Set Up Multi-Signing
This tutorial shows up how to set up [multi-signing](../../../concepts/accounts/multi-signing.md) on your XRP Ledger account, which allows you to authorize transactions using signatures from a combination of keys. Various configurations are possible, but this tutorial shows a straightforward configuration requiring 2 of 3 signers to authorize a transaction.
[Multi-signing](../../../concepts/accounts/multi-signing.md) is one of three ways to authorize [transactions](../../../concepts/transactions/index.md) for the XRP Ledger, alongside signing with [regular keys and master keys](../../../concepts/accounts/cryptographic-keys.md). You can configure your [address](../../../concepts/accounts/index.md) to allow any combination of the three methods to authorize transactions.
## Goals
By following this tutorial, you should learn how to:
- Generate key pairs you can use for multi-signing.
- Add or update a signer list on your account.
- Look up the signer list associated with an account, including its configured weights and quorum.
This tutorial demonstrates how to enable multi-signing for an address.
## Prerequisites
To complete this tutorial, you should:
- You must have a funded XRP Ledger [address](../../../concepts/accounts/index.md) with enough spare XRP to send transactions and meet the [reserve requirement](../../../concepts/accounts/reserves.md) of a new signer list.
- Have a basic understanding of the XRP Ledger.
- Have an [XRP Ledger client library](../../../references/client-libraries.md), such as **xrpl.js**, installed.
- Have a basic understanding of [Cryptographic Keys](../../../concepts/accounts/cryptographic-keys.md) and [Multi-Signing](../../../concepts/accounts/multi-signing.md).
- With the [MultiSignReserve amendment][] enabled, multi-signing requires {% $env.PUBLIC_OWNER_RESERVE %} for the account reserve, regardless of the number of signers and signatures you use. (The MultiSignReserve amendment has been enabled in the production XRP Ledger since **2019-04-07**.)
## Source Code
- If you are on a test network that does not have the [MultiSignReserve amendment][] enabled, multi-signing requires more than the usual amount of XRP for the [account reserve](../../../concepts/accounts/reserves.md), increasing with the number of signers in the list.
You can find the complete source code for this tutorial's examples in the {% repo-link path="_code-samples/multisigning/" %}code samples section of this website's repository{% /repo-link %}.
- You must have access to a tool that can generate key pairs in the XRP Ledger format. If you are using a `rippled` server for this, you must have admin access because the [wallet_propose method][] is admin-only.
## Steps
- Alternatively, if you are authorizing others who already have XRP Ledger addresses to be signers for your address, you only need to know the account addresses of those people or entities.
### 1. Install dependencies
- Multi-signing must be available. (The MultiSign amendment has been enabled in the production XRP Ledger since **2016-06-27**.)
## 1. Design Your Configuration
Decide how many signers you want to include (up to 32). Choose a quorum number for your signer list and weights for your signers based on how many signatures you want to require for a given transaction. For a straightforward "M-of-N" signing setup, assign each signer weight **`1`** and set your list's quorum to be "M", the number of signatures to require.
## 2. Prepare member keys
You need one or more validly-formed XRP Ledger addresses to include as members of your signer list. You or your chosen signers must know the secret keys associated with these addresses. The addresses can be funded accounts that exist in the ledger, but they do not need to be.
You can generate new addresses using the [wallet_propose method][]. For example:
```
$ rippled wallet_propose
Loading: "/etc/opt/ripple/rippled.cfg"
Connecting to 127.0.0.1:5005
{
"result" : {
"account_id" : "rnRJ4dpSBKDR2M1itf4Ah6tZZm5xuNZFPH",
"key_type" : "secp256k1",
"master_key" : "FLOG SEND GOES CUFF GAGE FAT ANTI DEL GUM TIRE ISLE BEAR",
"master_seed" : "snheH5UUjU4CWqiNVLny2k21TyKPC",
"master_seed_hex" : "A9F859765EB8614D26809836382AFB82",
"public_key" : "aBR4hxFXcDNHnGYvTiqb2KU8TTTV1cYV9wXTAuz2DjBm7S8TYEBU",
"public_key_hex" : "03C09A5D112B393D531E4F092E3A5769A5752129F0A9C55C61B3A226BB9B567B9B",
"status" : "success"
}
}
```
Take note of the `account_id` (XRP Ledger Address) and `master_seed` (secret key) for each one you generate.
## 3. Send SignerListSet transaction
[Sign and submit](../../../concepts/transactions/index.md#signing-and-submitting-transactions) a [SignerListSet transaction][] in the normal (single-signature) way. This associates a signer list with your XRP Ledger address, so that a combination of signatures from the members of that signer list can multi-sign later transactions on your behalf.
In this example, the signer list has 3 members, with the weights and quorum set up such that multi-signed transactions need a signature from `rsA2LpzuawewSBQXkiju3YQTMzW13pAAdW` plus at least one signature from the other two members of the list.
{% partial file="/docs/_snippets/secret-key-warning.md" /%}
{% tabs %}
{% tab label="JavaScript" %}
From the code sample folder, use `npm` to install dependencies:
```sh
npm i
{% tab label="Commandline" %}
```
$ rippled submit shqZZy2Rzs9ZqWTCQAdqc3bKgxnYq '{
> "Flags": 0,
> "TransactionType": "SignerListSet",
> "Account": "rnBFvgZphmN39GWzUJeUitaP22Fr9be75H",
> "Fee": "10000",
> "SignerQuorum": 3,
> "SignerEntries": [
> {
> "SignerEntry": {
> "Account": "rsA2LpzuawewSBQXkiju3YQTMzW13pAAdW",
> "SignerWeight": 2
> }
> },
> {
> "SignerEntry": {
> "Account": "rUpy3eEg8rqjqfUoLeBnZkscbKbFsKXC3v",
> "SignerWeight": 1
> }
> },
> {
> "SignerEntry": {
> "Account": "raKEEVSGnKSD9Zyvxu4z6Pqpm4ABH8FS6n",
> "SignerWeight": 1
> }
> }
> ]
> }'
Loading: "/etc/opt/ripple/rippled.cfg"
Connecting to 127.0.0.1:5005
{
"result" : {
"engine_result" : "tesSUCCESS",
"engine_result_code" : 0,
"engine_result_message" : "The transaction was applied. Only final in a validated ledger.",
"status" : "success",
"tx_blob" : "12000C2200000000240000000120230000000368400000000000271073210303E20EC6B4A39A629815AE02C0A1393B9225E3B890CAE45B59F42FA29BE9668D74473045022100BEDFA12502C66DDCB64521972E5356F4DB965F553853D53D4C69B4897F11B4780220595202D1E080345B65BAF8EBD6CA161C227F1B62C7E72EA5CA282B9434A6F04281142DECAB42CA805119A9BA2FF305C9AFA12F0B86A1F4EB1300028114204288D2E47F8EF6C99BCC457966320D12409711E1EB13000181147908A7F0EDD48EA896C3580A399F0EE78611C8E3E1EB13000181143A4C02EA95AD6AC3BED92FA036E0BBFB712C030CE1F1",
"tx_json" : {
"Account" : "rnBFvgZphmN39GWzUJeUitaP22Fr9be75H",
"Fee" : "10000",
"Flags" : 0,
"Sequence" : 1,
"SignerEntries" : [
{
"SignerEntry" : {
"Account" : "rsA2LpzuawewSBQXkiju3YQTMzW13pAAdW",
"SignerWeight" : 2
}
},
{
"SignerEntry" : {
"Account" : "rUpy3eEg8rqjqfUoLeBnZkscbKbFsKXC3v",
"SignerWeight" : 1
}
},
{
"SignerEntry" : {
"Account" : "raKEEVSGnKSD9Zyvxu4z6Pqpm4ABH8FS6n",
"SignerWeight" : 1
}
}
],
"SignerQuorum" : 3,
"SigningPubKey" : "0303E20EC6B4A39A629815AE02C0A1393B9225E3B890CAE45B59F42FA29BE9668D",
"TransactionType" : "SignerListSet",
"TxnSignature" : "3045022100BEDFA12502C66DDCB64521972E5356F4DB965F553853D53D4C69B4897F11B4780220595202D1E080345B65BAF8EBD6CA161C227F1B62C7E72EA5CA282B9434A6F042",
"hash" : "3950D98AD20DA52EBB1F3937EF32F382D74092A4C8DF9A0B1A06ED25200B5756"
}
}
}
```
{% /tab %}
{% tab label="Python" %}
From the code sample folder, set up a virtual environment and use `pip` to install dependencies:
{% tab label="Javascript" %}
{% code-snippet file="/_code-samples/multisigning/js/multisigning.ts" language="js" from=" const { wallet: wallet1" before="const accountSet:" /%}
{% /tab %}
{% tab label="Python" %}
{% code-snippet file="/_code-samples/multisigning/py/multisigning.py" language="py" from="master_wallet =" before="# Now that" /%}
{% /tab %}
{% /tabs %}
Make sure that the [Transaction Result](../../../references/protocol/transactions/transaction-results/index.md) is [**`tesSUCCESS`**](../../../references/protocol/transactions/transaction-results/tes-success.md). Otherwise, the transaction failed. If you have a problem in stand-alone mode or a non-production network, check that [multi-sign is enabled](../../../infrastructure/testing-and-auditing/start-a-new-genesis-ledger-in-stand-alone-mode.md#settings-in-new-genesis-ledgers).
{% admonition type="info" name="Note" %}Without the [MultiSignReserve amendment][], the more members in the signer list, the more XRP your address must have for purposes of the [owner reserve](../../../concepts/accounts/reserves.md#owner-reserves). If your address does not have enough XRP, the transaction fails with [`tecINSUFFICIENT_RESERVE`](../../../references/protocol/transactions/transaction-results/tec-codes.md). With the [MultiSignReserve amendment][] enabled, the XRP your address must have for purposes of the [owner reserve](../../../concepts/accounts/reserves.md#owner-reserves) is 5 XRP, regardless of the number of members in the signer list. See also: [Signer Lists and Reserves](../../../references/protocol/ledger-data/ledger-entry-types/signerlist.md#signer-lists-and-reserves).{% /admonition %}
## 4. Wait for validation
{% raw-partial file="/docs/_snippets/wait-for-validation.md" /%}
## 5. Confirm the new signer list
Use the [account_objects method][] to confirm that the signer list is associated with the address in the latest validated ledger.
Normally, an account can own many objects of different types (such as trust lines and offers). If you funded a new address for this tutorial, the signer list is the only object in the response.
```sh
python -m venv .venv
source .venv/bin/activate
pip install -r requirements.txt
```
{% /tab %}
{% /tabs %}
$ rippled account_objects rEuLyBCvcw4CFmzv8RepSiAoNgF8tTGJQC validated
Loading: "/etc/opt/ripple/rippled.cfg"
Connecting to 127.0.0.1:5005
{
"result" : {
"account" : "rEuLyBCvcw4CFmzv8RepSiAoNgF8tTGJQC",
"account_objects" : [
{
"Flags" : 0,
"LedgerEntryType" : "SignerList",
"OwnerNode" : "0000000000000000",
"PreviousTxnID" : "8FDC18960455C196A8C4DE0D24799209A21F4A17E32102B5162BD79466B90222",
"PreviousTxnLgrSeq" : 5,
"SignerEntries" : [
{
"SignerEntry" : {
"Account" : "rsA2LpzuawewSBQXkiju3YQTMzW13pAAdW",
"SignerWeight" : 2
}
},
{
"SignerEntry" : {
"Account" : "raKEEVSGnKSD9Zyvxu4z6Pqpm4ABH8FS6n",
"SignerWeight" : 1
}
},
{
"SignerEntry" : {
"Account" : "rUpy3eEg8rqjqfUoLeBnZkscbKbFsKXC3v",
"SignerWeight" : 1
}
}
],
"SignerListID" : 0,
"SignerQuorum" : 3,
"index" : "79FD203E4DDDF2EA78B798C963487120C048C78652A28682425E47C96D016F92"
}
],
"ledger_hash" : "56E81069F06492FB410A70218C08169BE3AB3CFD5AEA20E999662D81DC361D9F",
"ledger_index" : 5,
"status" : "success",
"validated" : true
}
}
```
If the signer list is present with the expected contents, then your address is ready to multi-sign.
### 2. Connect and get account(s)
## 6. Further steps
To get started, import the client library and instantiate an API client. For this tutorial, you need one account, which the sample code funds using the Testnet faucet; you could also use an existing account.
At this point, your address is ready to [send a multi-signed transaction](send-a-multi-signed-transaction.md). You may also want to:
{% tabs %}
{% tab label="JavaScript" %}
{% code-snippet file="/_code-samples/multisigning/js/set-up-multi-signing.js" language="js" before="// Generate key pairs" /%}
{% /tab %}
{% tab label="Python" %}
{% code-snippet file="/_code-samples/multisigning/py/set-up-multi-signing.py" language="py" before="# Generate key pairs" /%}
{% /tab %}
{% /tabs %}
### 3. Prepare signer keys
Each signer on your list needs a key pair they can use to sign transactions. As the account owner, you only need to know the addresses, not the secret keys, of each signer. (One party knowing all the secret keys might defeat the purpose of multi-signing, depending on your use case.) These addresses _can_ have funded accounts in the ledger, but they don't have to.
Each signer should securely generate and store their own key pair, as you would any time you generate keys for an XRP Ledger account.
{% tabs %}
{% tab label="JavaScript" %}
{% code-snippet file="/_code-samples/multisigning/js/set-up-multi-signing.js" language="js" from="// Generate key pairs" before="// Send SignerListSet transaction" /%}
{% /tab %}
{% tab label="Python" %}
{% code-snippet file="/_code-samples/multisigning/py/set-up-multi-signing.py" language="py" from="# Generate key pairs" before="# Send SignerListSet transaction" /%}
{% /tab %}
{% /tabs %}
For purposes of this tutorial, the sample code generates three key pairs and saves their addresses into an array.
### 4. Send SignerListSet transaction
Use a [SignerListSet transaction][] to assign a multi-signing list to your account. For this transaction, you set the total weight needed for a quorum in the `SignerQuorum` field, and the list of signers with their individual weights in the `SignerEntries` field. For 2-of-3 multi-signing, give each of the three signers a weight of `1` and set the quorum to `2`. Note that each object in the `SignerEntries` array must be a wrapper object with a single `SignerEntry` field.
{% tabs %}
{% tab label="JavaScript" %}
{% code-snippet file="/_code-samples/multisigning/js/set-up-multi-signing.js" language="js" from="// Send SignerListSet transaction" before="// Confirm signer list" /%}
{% /tab %}
{% tab label="Python" %}
{% code-snippet file="/_code-samples/multisigning/py/set-up-multi-signing.py" language="py" from="# Send SignerListSet transaction" before="# Confirm signer list" /%}
{% /tab %}
{% /tabs %}
{% admonition type="success" name="Tip: Replacing Signer Lists" %}
If you already have a multi-signing list configured for your account, you can use this same process to replace it with a new list. You can even use the old list to authorize the transaction.
{% /admonition %}
### 5. Confirm that the signer list is assigned to your account
If the SignerListSet transaction succeeded, the list should now be associated with your account. For further confirmation, you can look up the list using the [account_info method][].
{% tabs %}
{% tab label="JavaScript" %}
{% code-snippet file="/_code-samples/multisigning/js/set-up-multi-signing.js" language="js" from="// Confirm signer list" /%}
{% /tab %}
{% tab label="Python" %}
{% code-snippet file="/_code-samples/multisigning/py/set-up-multi-signing.py" language="py" from="# Confirm signer list" /%}
{% /tab %}
{% /tabs %}
{% admonition type="info" name="Note" %}
There currently is no way to have more than one multi-signing list assigned to your account, but the protocol is built to be expandable; every signer list has an ID number of `0`, so that a future [amendment](../../../concepts/networks-and-servers/amendments.md) could allow lists with other IDs. This is why the `signer_lists` field is an array in the `account_info` response.
{% /admonition %}
## Next Steps
At this point, you can [send a multi-signed transaction](send-a-multi-signed-transaction.md). You may also want to:
* [Disable the master key pair](disable-master-key-pair.md).
* [Remove the regular key pair](change-or-remove-a-regular-key-pair.md) (if you previously set one)
* [Disable the address's master key pair](disable-master-key-pair.md).
* [Remove the address's regular key pair](change-or-remove-a-regular-key-pair.md) (if you previously set one) by sending a [SetRegularKey transaction][].
## See Also
- **Concepts:**
- [Cryptographic Keys](../../../concepts/accounts/cryptographic-keys.md)
- [Multi-Signing](../../../concepts/accounts/multi-signing.md)
- [Cryptographic Keys](../../../concepts/accounts/cryptographic-keys.md)
- [Multi-Signing](../../../concepts/accounts/multi-signing.md)
- **Tutorials:**
- [Send a Multi-signed Transaction](send-a-multi-signed-transaction.md)
- [Assign a Regular Key Pair](assign-a-regular-key-pair.md)
- [Reliable Transaction Submission](../../../concepts/transactions/reliable-transaction-submission.md)
- [Install rippled](../../../infrastructure/installation/index.md)
- [Assign a Regular Key Pair](assign-a-regular-key-pair.md)
- [Reliable Transaction Submission](../../../concepts/transactions/reliable-transaction-submission.md)
- [Enable Public Signing](../../../infrastructure/configuration/enable-public-signing.md)
- **References:**
- [account_info method][]
- [SignerListSet transaction][]
- [SignerList entry][]
- [wallet_propose method][]
- [account_objects method][]
- [sign_for method][]
- [submit_multisigned method][]
- [SignerListSet transaction][]
- [SignerList object](../../../references/protocol/ledger-data/ledger-entry-types/signerlist.md)
{% raw-partial file="/docs/_snippets/common-links.md" /%}