TL;DR;:

Important Remark:

Howto:

wallet_backup_create

wallet_dump_account_private_key <delegatename> owner_key



"public_key" : "BTS8RCDZ8aPRxJYVnK7KWmqnTjTPj4H8oY1KtzBcFqbzSp14AGpzh", <<--- pubkey

"wif_private_key" : "5Hwb7G481UsKnjPEb135iWHRGDvLWH5nW6QH4b5vcKS7gGFkdGx", <<-- privkey

"native_address" : "BTSe3YhhRrTfgkGmEECw7yxZvpaQkSToEgS", (not required here)



wallet_import_private_key <wif-from-2)> <delegatename> false false

## example:

wallet_import_private_key 5Hwb7G481UsKnjPEb135iWHRGDvLWH5nW6QH4b5vcKS7gGFkdGx delegate.xeroc false false



wallet_delegate_update_signing_key <delegatename> <delegatename> <pubkey-from-2)>

## example:

wallet_delegate_update_signing_key delegate.xeroc delegate.xeroc BTS8RCDZ8aPRxJYVnK7KWmqnTjTPj4H8oY1KtzBcFqbzSp14AGpzh



wallet_dump_account_private_key <delegatename> active_key



wallet_import_private_key 5Hwb7G481UsKnjPEb135iWHRGDvLWH5nW6QH4b5vcKS7gGFkdGx



Hey friends,yet another quick howto related to the howto about securing owner keys.This time: Secure your owner key and keep signing blocks for delegates- secure the owner key of your delegate- continue signing blocks- keep your votes in even if your VPS with the signing key is compromisedThis is not a cold storage solution, but rather a howto for having just the one necessary key on the delegate machine which is NOT the owner key of the registered account name (to which votes/approvals are bound!)I recommend EVERY delegate to consider this howto!This tutorial will add a RANDOM key as a new delegate signing key. Hence this signing key cannot be regenerated or derived from the delegate's owner key.The random key will be added to your wallet (into your delegates' account) and continue signing as usual.It is REQUIRED that you let the delegate run for at least ONE round (better 2 or more .. say 60 minutes or so) with BOTH keys in the wallet.The reason for this is the SECRET that has to be revealed using the 'old' signing key while signing the block with the new signing key.1) make a backup of your wallet(Optional) Extract your owner key for cold storage or what ever:2) Generate a new private keySeveral tools exist to do so:- one is located near the bitshares executable (if you compiled yourself) in"programs/utils/" and is called bts_create_key- In the bitshares-pytools repository (github.com/xeroc/) there is a tool calledgenbtskey.py (in tools) that generates a new privkeypubkey- you can also use bitshares-js as shownAs a result we will get something like this3) import the private key into your account:4) Fund the delegate with 0.5 BTS to pay for the update transaction5) Update the signing keyDone.Notes:- the key from step 2) is now required by any machine of yours that has thedelegate running in eventually has to sign a block- your delegate should continue signing blocks as usual as we imported therequired key in step 3)- you can dump the signin key from that account again at any time by issuing:If you want to setup a new wallet that contains only the signing key, the onlything you have to do is import the privkey withThe client can figure out the delegates name automatically.Make sure to between step 5) and moving over to a new wallet with the new key,it has passed at least one round if delegates. I recommend to run the steps 1)to 5) 24h before creating a new signing-key-only wallet.The brave users can take a look at this script:which is doing exactly the steps 1)-5)