Delegate Key

POST /keys/:keyId/delegate

Only keys created with "delayDelegation: true" can then be delegated to an end-user. It means you need to know ahead of time that you're creating a wallet meant to be delegated to an end-user later. This is a safety to prevent, for example, a treasury wallet from being unintentionally delegated to an end-user.

When a key is delegated to an end user, all wallets using this key as the signing key are also automatically delegated to the same end user. Key and wallet ownerships are guaranteed to be always consistent.

This operation is irreversible. The key ownership will be transferred to the end-user

In most cases, when you want to implement Delegated Signing, simply create the wallet by directly delegating it to an end user, in which case it will the non-custodial from the start. There are some rare cases, however, where the key or wallet must be created before the user has accessed to the system. To accommodate this, we've added the ability to create a key or wallet in delay delegation mode, and then later delegate it (ie. transfer ownership of it) to an end user via this endpoint.

User action signature required. See User Action Signing for more information.
Request headers required. See Request Headers for more information.
Authentication required. See Authentication Headers for more information.

Required Permissions

Name

Conditions

Keys:Delegate

Always Required

Parameters

Path parameters

Path parameter

Description

keyId

Unique identifier of the key.

Request Body

Field

Description

Type

userId

The ID of the end user to delegate the key to.

String

Example

{
  "userId": "us-gk0i1-5bvju-xxxxxxxxxxxxxxxx"
}

Response Body

The response indicates the status of the operation.

200 Success

{
  "keyId": "us-gk0i1-5bvju-xxxxxxxxxxxxxxxx",
  "status": "Delegated"
}

Last updated 3 months ago