Signing Automation Quickstart
Turnkey's Signing Automation enables you to build secure, programmatic signing workflows directly into your applications. With features like customizable policies, multi-party approvals, and support for any blockchain, you can confidently automate complex signing operations while maintaining enterprise-grade security.
Prerequisites
This guide assumes you've completed the steps to create an account, organization, and API keypair as described in the Quickstart section.
Installation
Install the Turnkey CLI to get started:
brew install tkhq/tap/turnkey
We use Homebrew for a quick installation process. For a more secure installation that requires no trust in external parties, see our CLI repository.
Transaction Signing
Setup
Set the ORGANIZATION_ID environment variable to your organization ID. This will be used to identify your organization in the API requests.
export ORGANIZATION_ID=<YOUR_ORGANIZATION_ID>
An API keypair is required to authenticate requests to the Turnkey API.
Create a new key named quickstart using the turnkey CLI:
turnkey generate api-key --organization $ORGANIZATION_ID --key-name quickstart
You'll see output like this:
{
"privateKeyFile": "/home/user/.config/turnkey/keys/quickstart.private",
"publicKey": "03...72",
"publicKeyFile": "/home/user/.config/turnkey/keys/quickstart.public"
}
Follow the instructions in this guide to add your new public API key to your organization via the dashboard.
Create Wallet
Wallets are collections of cryptographic key pairs typically used for sending and receiving digital assets. To create one, we need to provide a name:
turnkey wallets create --name default --key-name quickstart
This command requires a key named quickstart to exist in your configuration. This key should have been created during the Quickstart guide. If you haven't created it yet, please complete the initial setup steps first.
If the key doesn't exist, you'll see an error like this:
{
"error": "failed to load key bytes \"quickstart\": failed to read from \"/.config/turnkey/keys/quickstart.private\": open /.config/turnkey/keys/quickstart.private: no such file or directory"
}
If the key exists but has not been added to your organization, you'll see an error like this:
{
"error": "failed to associate the API key with an organization; please manually specify the organization ID"
}
Create Ethereum Account
To create a cryptographic key pair on our new wallet, we need to pass our desired address format:
turnkey wallets accounts create --wallet default --address-format ADDRESS_FORMAT_ETHEREUM --key-name quickstart
This command will produce an Ethereum address (e.g. 0x08cb1216C95149DF66978b574E484869512CE2bF) that we'll need to sign a transaction. You can see your new Wallet account with:
turnkey wallets accounts list --wallet default --key-name quickstart
Sign a Transaction
Now you can sign an Ethereum transaction with this new address with our sign_transaction endpoint. Make sure to replace the unsignedTransaction below with your own. You can use our simple transaction generator if you need a quick transaction for testing:
turnkey request --path /public/v1/submit/sign_transaction --body '{
"timestampMs": "'"$(date +%s)"'000",
"type": "ACTIVITY_TYPE_SIGN_TRANSACTION_V2",
"organizationId": "'"$ORGANIZATION_ID"'",
"parameters": {
"type": "TRANSACTION_TYPE_ETHEREUM",
"signWith": "<Your Ethereum address>",
"unsignedTransaction": "<Your Transaction>"
}
}' --key-name quickstart
If you'd like to broadcast your transaction, you can easily do so via Etherscan.
Next Steps
- Check out our examples to see what can be built
- Learn more about Organizations and Wallets
- See our API design or dive into our API reference