# Adding Keys ## Command Before you can create chainlets, you will need to add a public/private keypair (aka key) to `sagacli`. You have the option to either create a new key, or import a key you have already created previously. {% hint style="info" %} All of the keys are created using the `secp256k1` elliptical curve and are securely held in a keyring managed by `sagacli`. However, you also have several different options to create your keys e.g. use a different algorithm than the default of `secp256k1`. {% endhint %} A full list of options with which to add keys can be viewed by the following command: ``` $ sagacli keys add --help Derive a new private key and encrypt to disk. Optionally specify a BIP39 mnemonic, a BIP39 passphrase to further secure the mnemonic, and a bip32 HD path to derive a specific account. The key will be stored under the given name and encrypted with the given password. The only input that is required is the encryption password. If run with -i, it will prompt the user for BIP44 path, BIP39 mnemonic, and passphrase. The flag --recover allows one to recover a key from a seed passphrase. If run with --dry-run, a key would be generated (or recovered) but not stored to the local keystore. Use the --pubkey flag to add arbitrary public keys to the keystore for constructing multisig transactions. You can create and store a multisig key by passing the list of key names stored in a keyring and the minimum number of signatures required through --multisig-threshold. The keys are sorted by address, unless the flag --nosort is set. Example: keys add mymultisig --multisig "keyname1,keyname2,keyname3" --multisig-threshold 2 Usage: sagacli keys add [flags] Flags: --account uint32 Account number for HD derivation (less than equal 2147483647) --coin-type uint32 coin type number for HD derivation (default 118) --dry-run Perform action, but don't add key to local keystore --hd-path string Manual HD Path derivation (overrides BIP44 config) -h, --help help for add --index uint32 Address index number for HD derivation (less than equal 2147483647) -i, --interactive Interactively prompt user for BIP39 passphrase and mnemonic --key-type string Key signing algorithm to generate keys for (default "secp256k1") --ledger Store a local reference to a private key on a Ledger device --multisig strings List of key names stored in keyring to construct a public legacy multisig key --multisig-threshold int K out of N required signatures. For use in conjunction with --multisig (default 1) --no-backup Don't print out seed phrase (if others are watching the terminal) --nosort Keys passed to --multisig are taken in the order they're supplied --pubkey string Parse a public key in JSON format and saves key info to file. --recover Provide seed phrase to recover existing key instead of creating Global Flags: --controller string controller grpc url (host:port) (default "https://controller.testnet-sp1.sagarpc.io") --from string Name of private key used to sign (default "bogdan_local") --keyring-backend string Select keyring's backend (os|file|test) (default "file") -l, --loglevel string commands logging level (default "info") --network-rpc string : to tendermint rpc interface for remote chain (default "https://spc.testnet-sp1.sagarpc.io") -o, --output string output type (default "text") --platform-chain-id string The SPC network chain ID (default "spc-testnet-1") ``` ## Creating a New Key in `sagacli` To create a new key using the default keyring and algorithm, simply type ``` sagacli keys add ``` So, for instance, if you want to generate a new key and call it `mykey1`, then you will type ``` sagacli keys add mykey1 ``` {% hint style="info" %} **Keep in Mind**: If this is your first time creating a key in `sagacli`, you will also be prompted for a password for the `os` keyring, that secures the keys using this password. Provide a strong password to secure the keyring. {% endhint %} This will generate the following output, and store the key in the default keyring, which is `os`. ``` - address: saga1tkax73wxs047nc8kaalhfc4ar6gay2sde28crx name: mykey1 pubkey: '{"@type":"/cosmos.crypto.secp256k1.PubKey","key":"A1YCpZPIzs6MXTiMAOnlEK6Cq8+JQMii9a4vUnyQ0qGs"}' type: local **Important** write this mnemonic phrase in a safe place. It is the only way to recover your account if you ever forget your password. powder knee very truth side engine food brave distance profit pottery move labor machine apology fringe source fragile aim wedding timber since blouse brain ``` You will notice that the key `mykey1` has been generated and allocated an address, which in this case is `saga1tkax73wxs047nc8kaalhfc4ar6gay2sde28crx`. Additionally, from the output above, we can see that this key was generated using the `secp256k1` algorithm. {% hint style="danger" %} **IMPORTANT:** Make sure to copy the mnemonic phrase and save it to a safe place. As the output above indicates, should you forget your password, the only way to recover this key would be the mnemonic phrase. {% endhint %} To create a key in a different keyring (other than the default `os` keyring), you can specify the `--keyring-backend` flag. For example, to create a key in the `test` keyring, type ``` sagacli keys add test3 --keyring-backend test ``` This will create a key in the `test` keyring. ``` - address: saga1yzm4fygqehgravje290pk8ddwr8lld0g7nsn87 name: test3 pubkey: '{"@type":"/cosmos.crypto.secp256k1.PubKey","key":"AvvszXyFvHfr2DEhLdf4lF2sQfp6fRDBXqQvxJV4hYFs"}' type: local **Important** write this mnemonic phrase in a safe place. It is the only way to recover your account if you ever forget your password. casino replace enrich sniff canyon search message together remain document verify absurd settle flame public fresh spray together tenant video suit pelican lemon opinion ``` {% hint style="info" %} Please bear in mind that not all keyrings are secure. For more information about supported keyrings and their security features, please refer to Key Management Overview. {% endhint %} ## Import an Existing Key into `sagacli` You may have keys that you already use that you want to use with `sagacli`. To do so, you will need to import your existing key into `sagacli`. You will need to have access to the BIP39 mnemonic phrase associated with the key you are trying to import. As long you have the mnemonic phrase, you can import an existing key by: ``` sagacli keys add --recover ``` For example, if you want to import an existing key called `test1` into `sagacli`, you would type ``` sagacli keys add test1 --recover ``` This will prompt you to enter the BIP39 mnemonic. ``` $ sagacli keys add test1 --recover > Enter your bip39 mnemonic friend account warrior undo biology elevator crime hole skull nuclear age beef census arena kind canvas prison visual popular love brush bicycle ecology task ``` The new key is generated and saved to the default keyring, and its address is echoed to the screen. ``` - address: saga1z0uscdcprxcun2mlnyrz5kelemmjw768sdrgz5 name: test1 pubkey: '{"@type":"/cosmos.crypto.secp256k1.PubKey","key":"A+u4iLJZWZHHcRIEbme8ppbmk1jYTpZVio8anPqAIQ31"}' type: local ``` ## Configuring a Default Key in `sagacli` You can configure a default key in `sagacli` which will then be used in all transactions and queries unless you override it by using the `--address` flag. The default key can be configured using the following command: ``` sagacli config from ``` For example, if we have a key called `fundkey` and we would like to set it as the default key, we would type ``` sagacli config from fundkey ``` *Note:* Ensure that the key being tagged as default actually exists in `sagacli`. To view the default key, type ``` sagacli config from ``` This will display if a default key has been set. In this example using `fundkey`, we get ``` $ sagacli config from fundkey ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.saga.xyz/sagacli/key-management/adding-keys.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.