Skip to main content

Use multiple signing keys

EthSigner supports transaction signing using multiple stored keys. Any account submitting transactions to EthSigner can use the stored keys. The keys can be stored in:


The ability to use multiple signing keys should be limited to the accounts with access to the stored keys.

Each key requires a separate TOML file that defines the parameters to access the key. The TOML files must be placed in a single directory specified using the multikey-signer --directory subcommand.


Files can be added or removed from the directory without needing to restart EthSigner.

The TOML file name must use the format [<prefix>]<accountAddress>.toml. The account address must be in lowercase. The prefix can be anything you want. No two TOML files can have the same key address in the file name, even if the prefix differs.

Remove the 0x portion of the account address. For example, 78e6e236592597c09d5c137c2af40aecd42d12a2.toml.


Use the export-address Hyperledger Besu subcommand to obtain the account address of the node.