Skip to main content

Hotkeys generation


This page will explain how to generate a hotkey for neuron management. The recommended way to get hotkeys is to programmatically generate them using the same process used in the public ic repository. However, it is possible to generate hotkeys manually as described below. This page is a step-by-step guide with some examples showing the data format to expect.

Manual process

The manual hotkey generation process consists in generating a PEM file, then deriving the corresponding private and public keys.

Generate PEM

To generate the keys, start with generating a private PEM file:

openssl genpkey -algorithm ed25519 -outform PEM -out private.pem

Example output:


Then create the public PEM from it:

openssl pkey -in private.pem -pubout > public.pem

Example output:

-----END PUBLIC KEY-----

Generating hex key representation

Create the private DER file:

openssl pkey -inform pem -outform der -in private.pem -out private.der

Create the public DER file:

openssl pkey -inform pem -outform der -in private.pem -out public.der -pubout

Hex representation

The generated DER files are in a binary format not intended to be readable by humans. But we can get a hex representation of both keys:

Private key

xxd -p private.der

Example output:


Public key

xxd -p public.der


We need to keep only the last 32 bytes of the public key:

xxd -s 12 -c 32 -p public.der

Example output:


This is the public key you can use in Rosetta operations to identify your hotkey!

Frequently asked questions

  • Why do I get "Algorithm ed25519 not found" while generating the PEM file?

The version of OpenSSL included in MacOS doesn't support ed25519 by default. You may have to install another version of OpenSSL (for example through brew), or run the command from a Linux machine.