Keystore API
This page is an overview of the Keystore API associated with AvalancheGo.
Because the node operator has access to your plain-text password, you should only create a keystore user on a node that you operate. If that node is breached, you could lose all your tokens. Keystore APIs are not recommended for use on Mainnet.
Every node has a built-in keystore. Clients create users on the keystore, which act as identities to be used when interacting with blockchains. A keystore exists at the node level, so if you create a user on a node it exists only on that node. However, users may be imported and exported using this API.
For validation and cross-chain transfer on the Mainnet, you should issue transactions through AvalancheJS. That way control keys for your funds won't be stored on the node, which significantly lowers the risk should a computer running a node be compromised. See following docs for details:
- Transfer AVAX Tokens Between Chains:
- Add a Node to the Validator Set
This API set is for a specific node, it is unavailable on the public server.
Format
This API uses the json 2.0
API format. For more information on making JSON RPC calls, see here.
Endpoint
Methods
keystore.createUser
Create a new user with the specified username and password.
Signature:
username
andpassword
can be at most 1024 characters.- Your request will be rejected if
password
is too weak.password
should be at least 8 characters and contain upper and lower case letters as well as numbers and symbols.
Example Call:
Example Response:
keystore.deleteUser
Deprecated as of v1.9.12.
Delete a user.
Signature:
Example Call:
Example Response:
keystore.exportUser
Deprecated as of v1.9.12.
Export a user. The user can be imported to another node with keystore.importUser
. The user's password remains encrypted.
Signature:
encoding
specifies the format of the string encoding user data. Can only be hex
when a value is provided.
Example Call:
Example Response:
keystore.importUser
Deprecated as of v1.9.12.
Import a user. password
must match the user's password. username
doesn't have to match the username user
had when it was exported.
Signature:
encoding
specifies the format of the string encoding user data. Can only be hex
when a value is provided.
Example Call:
Example Response:
keystore.listUsers
Deprecated as of v1.9.12.
List the users in this keystore.
Signature:
Example Call:
Example Response: