> ## Documentation Index
> Fetch the complete documentation index at: https://developers.fireblocks.com/llms.txt
> Use this file to discover all available pages before exploring further.

<AgentInstructions>

## Submitting Feedback

If you encounter incorrect, outdated, or confusing documentation on this page, submit feedback:

POST https://developers.fireblocks.com/feedback

```json
{
  "path": "/docs/embedded-wallet-mpc-key-generation",
  "feedback": "Description of the issue"
}
```

Only submit feedback when you have something specific and actionable to report.

</AgentInstructions>

# MPC Key Generation

<Note>
  For Fireblocks' recommended embedded wallet solution, see [Dynamic Embedded Wallets](/docs/dynamic-embedded-wallets). The documentation below covers the legacy Embedded Wallet APIs and SDKs.
</Note>

# Overview

The creation of multi-party computation (MPC) keys involves a dynamic, step-by-step procedure that involves several rounds of communication between the end user's device and Fireblocks. This process operates asynchronously, meaning that it takes place over multiple interactions rather than a single continuous operation.

# Key Generation

Let's break down the process for better clarity:

1. Your application calls the `generateMPCKeys` method in our SDK to initiate the generation of MPC keys. This step triggers the process and sets everything in motion.
2. `generateMPCKeys` can be called with the algorithms you wish to create under the wallet. Currently, it is `MPC_EDDSA_ED25519` or `MPC_ECDSA_SECP256K1`. More information about it can be found [here](https://ncw-developers.fireblocks.com/docs/multiple-algorithms)
3. The crucial part of the whole process lies in the communication rounds between the end user's device and Fireblocks. These rounds are essential for securely creating the keys.
4. The process unfolds repeatedly, with each round building upon the previous one. Your application exchange messages, refining the communication until the process is complete.
5. After successfully generating MPC keys, the final step involves securely storing these keys to ensure protection for your end users. You can tailor this process to your preferences through various options, such as mobile enclaves, biometric authentication, two-factor authentication (2FA), and more. You retain total control over the implementation that best suits your security needs.

# Key Generation

First, create a new EW using the EW SDK:

<CodeGroup>
  ```bash bash theme={"system"}
  // Assign (or create) the EW wallet
  const wallet = await ew.assignWallet();
  ```

  ```bash bash theme={"system"}
  embeddedWallet.assignWallet()
  ```

  ```bash bash theme={"system"}
  embeddedWallet.assignWallet()
  ```
</CodeGroup>

Next, create a new account in the newly created EW (needed once)

<CodeGroup>
  ```bash bash theme={"system"}
  // Create account under wallet
  const newAccount = await ew.createAccount();
  ```

  ```bash bash theme={"system"}
  embeddedWallet.createAccount()
  ```

  ```bash bash theme={"system"}
  embeddedWallet.createAccount()
  ```
</CodeGroup>

Lastly, start the MPC key generation from your application. You can add the below to your customer application.

<CodeGroup>
  ```bash bash theme={"system"}
  import { IKeyDescriptor } from "@fireblocks/ncw-js-sdk";

  // Generate MPC Keys
  const algorithms = new Set(["MPC_CMP_ECDSA_SECP256K1"]);
  const keyDescriptor: Set<IKeyDescriptor> = await ewCore.generateMPCKeys(algorithms);
  ```

  ```bash bash theme={"system"}
  val algorithms = setOf(Algorithm.MPC_ECDSA_SECP256K1)
  fireblocksSdk.generateMPCKeys(algorithms = algorithms){ result ->
      Timber.i("generateMPCKeys result: $result")
  }
  ```

  ```bash bash theme={"system"}
  func generateKeys(algorithms: Set<Algorithm>) async throws -> Set<KeyDescriptor> {
    //Initialize and create the Core SDK instance
    let instance = try getCore()
    return try await instance.generateMPCKeys(algorithms: algorithms)
  }
  ```
</CodeGroup>

If the device storage has generated keys once (e.g., the EW Core SDK already initialized with a specific `deviceId` that was called successfully with the `generateMPCKeys` function), you do not need to call this function. This scenario relates to a situation in which an end-user is logging in to an already set-up device.

<Info>
  ### Note

  If you use a `deviceId` or `walletId` that previously had keys generated—but those keys are no longer present on the current device (e.g., after an app reinstall or using a new browser)—calling `generateMPCKeys` will fail. Fireblocks only allows key generation once per walletId–deviceId pair. In this case, you must recover the key share using the `recoverKeys` method.
</Info>