API Co-signer Maintenance - Fireblocks Developer Docs

This article outlines the most common maintenance operations for Co-signers. Since each Co-signer type has a unique architecture and is installed in a specific environment, refer to the relevant article for detailed maintenance instructions for your Co-signer type.

Due to the enclave architecture of the Google Cloud Confidential Space Co-signer, maintenance operations can only be performed through Google Cloud’s portal or using gcloud.

Co-signer maintenance include:

View the logs
Observe the status
List the paired API users
Retrieve the public key (used for the Callback Handler JWT authentication)
Stop the Co-signer
Restart the Co-signer
Retrieve the running version
Update the Co-signer
Migrate to a new machine
Configure a proxy server
Configure the communication protocol

Use the Co-signer management tab to observe the Co-signer’s online / offline status and the list of paired API users and refer to the following guides to learn about platform-specific Co-signer maintenance:

fd86eebab344ef5d293268881a57d315a559d86dfe79eebd12486d680885f21a-Asset_10300x_1

AWS Nitro

AWS Nitro Co-signer maintenance

5ca73c3e63d6abb29bb2e9959b25433188bc7157e30760a90027f40fe7ad0554-Asset_6300x

GCP Confidential Space

Google Cloud Confidential Space Co-signer maintenance

7d9aa427c05bac0694c1f9560b5414a7f94a81720855308caf259359ba954984-Asset_7300x_2

Intel SGX

SGX-based Co-signer maintenance on Azure, On-Premise, IBM Cloud, or Alibaba Cloud

SGX API Co-signer Maintenance

⌘I