Change the FT4 key
In the Chromia network, the system uses the provider key by default for both controlling the financial FT4 account and operating the node. You have two ways to separate the FT4 account from the default provider key:
-
Change the FT4 auth descriptor: This method involves replacing the existing provider key with a new one. You have the option to switch to a new Chromia key (awaiting multisig support) or to an EVM MetaMask key.
-
Create a separate staking FT4 account: By doing this, you set up a new account with its own dedicated key to manage the staking, while the original provider FT4 account continues to manage rewards, among other things.
You can use both methods together to achieve greater flexibility.
Requirements
Before you start, make sure you have these tools ready:
- Chromia CLI
- Postchain Management Console (PMC)
- MetaMask extension and account (if you're opting for the EVM key method)
The mainnet's economy chain brid is: 15C0CA99BEE60A3B23829968771C50E491BD00D2E3AE448580CD48A8D71E7BBA
Change to an EVM key
Switching your FT4 key to a MetaMask key allows you to access your FT4 account via the Chromia Vault website and sign transactions with MetaMask.
-
Use
chr
andpmc
to configure your provider key for the mainnet. -
Export the MetaMask private key. Instructions can be found in the MetaMask Support.
-
Store the private key in a secure file.
-
Use
chr
to fetch your provider account ID from the economy chain:chr query -brid 15C0CA99BEE60A3B23829968771C50E491BD00D2E3AE448580CD48A8D71E7BBA get_provider_account_id provider_pubkey=<provider pubkey>
-
Use
pmc
to replace the FT4 auth descriptor:pmc economy auth-descriptor-evm-swap --account-id <account id from previous step> --metamask-private-key-file <metamask private key file>
-
Test the key change by transferring a small amount (e.g., 0.000001 CHR) to the ChromaWay system provider account:
chr tx --ft-auth -brid 15C0CA99BEE60A3B23829968771C50E491BD00D2E3AE448580CD48A8D71E7BBA ft4.transfer 'x"<from>"' 'x"<to>"' "1L"
-
After confirming the transfer, delete the file containing the MetaMask private key if it's no longer necessary.
-
Check if the UI on the Chromia Vault now displays the balance previously associated with the provider identity.
Set up a dedicated staking FT4 account
Creating a dedicated staking FT4 account enables you to segregate your staking operations by using a specific key, distinct from the operational key of your provider account.
-
Create or duplicate the
chr/pmc
configuration file using your provider key for the mainnet, and save this configuration asprovider_config
. -
Generate a new key pair for the staking account by running:
chr keygen -f staking_account
-
Create a new
chr/pmc
configuration based onprovider_config
that includes the newly generated keys fromstaking_account
, and save it asstaking_account_config
. This configuration will be used to access the new staking account. -
Create another
chr/pmc
configuration based onprovider_config
that includes both the provider and staking account keys, and save it ascombined_keys_config
:privkey = <provider-private-key>,<staking-account-private-key>
pubkey = <provider-public-key>,<staking-account-public-key> -
Retrieve the provider account ID using the following command with
chr
on the economy chain:chr query -brid 15C0CA99BEE60A3B23829968771C50E491BD00D2E3AE448580CD48A8D71E7BBA get_provider_account_id provider_pubkey=<provider pubkey> -cfg provider_config
-
Change the provider staking account and transfer all staked funds to the new account using the command:
pmc economy set-provider-staking-account -pk <provider public key> --account-pk <staking account public key> -cfg combined_keys_config
-
Obtain the account ID for the new staking account by running:
chr repl -c 'x"<staking account public key>".hash()'
-
Lastly, verify that the staking account has been updated to the new staking account ID by executing the following command:
chr query -brid 15C0CA99BEE60A3B23829968771C50E491BD00D2E3AE448580CD48A8D71E7BBA get_provider_staking_status pubkey=<provider public key> -cfg provider_config
noteEnsure that the
staking_account_id
matches the ID obtained in the previous step.