Announcing Distributed Key Generation for multisig

IF Labs

Building a Safe, Encrypted Tomorrow

Earlier this month we announced support for multisignature transactions, or multisig, which allow you to spread the key required to approve a transaction among multiple participants. Need a refresher on what multisignature transactions are? Check out the previous blog post!

Today we’re happy to announce that we extended our multisignature implementation to support a new method to generate keys: distributed key generation, or DKG.

Different methods for generating keys 

When we initially launched support for multisig, we supported only one key generation method: Trusted Dealer Key Generation (TDK). With this method, a trusted entity, called “dealer”, generates a cryptographic key, then splits this key and distributes the parts among the participants.

The advantage of TDK is that it’s relatively simple to use. The downside is that all participants need to trust the dealer not to keep any copy of the initial cryptographic key or its parts. If the dealer has malicious intentions (or if their machine is compromised by malicious actors), then they could become able to fully authorize transactions autonomously, without the cooperation of other participants.

Trusted Dealer Key Generation
Trusted Dealer Key Generation

Distributed Key Generation (DKG) is an alternative to Trusted Dealer Key Generation (TDK). It is a method that involves only the participants, and does not require any trusted entity. Through DKG, participants work cooperatively to generate a set of keys, and none of them ever gets access to enough information to gain an advantage over other participants.

DKG can therefore be considered safer than TDK under many aspects. The price to pay with DKG is that it is a more complicated process that involves more steps.

Distributed Key Generation
Distributed Key Generation (DKG)

How do I choose between DKG and TDK? 

There are many possible use cases for both of the methods, so there is not a definitive answer, but here are some general suggestions.

Use TDK if:

  • you want to use the simplest method to generate multisignature accounts
  • you have an entity or a machine that you can fully trust with your keys, who will never leak or copy them

Use DKG if:

  • you want to use the most secure method to generate multisignature accounts
  • you don’t mind the extra steps required

Get Started 

Support for Distributed Key Generation (DKG) was released in the node and SDK version 2.3.0.

To get you started, we have published both an SDK recipe and a CLI recipe. Check them out for a step-by-step guide on how to generate keys with DKG!

Join the Iron Fish community 🏃🐟 

IF Labs

Building a Safe, Encrypted Tomorrow

IF Labs is an encryption-focused team that uses the Iron Fish protocol to build a world where users control their data.

Join our newsletter and stay up to date with privacy and crypto.

Discover our impactful presence — read our blog.


  • FAQ
  • Whitepaper
  • Tokenomics


  • Get Started
  • Node App
  • Mine
  • Block Explorer
  • Ecosystem


  • Documentation
  • Github


  • Foundation
  • Governance
  • Grants
  • Our Community


  • About Us
  • Media Kit
  • Contact Us
Privacy Policy


Copyright 2024 Iron Fish.