quill generate
Generate a mnemonic seed phrase and generate or recover PEM.
Basic usage
The basic syntax for running quill generate commands is:
quill generate [option]
Flags
| Flag | Description |
|---|---|
-h, --help | Displays usage information. |
--overwrite-pem-file | Overwrite any existing PEM file |
--overwrite-seed-file | Overwrite any existing seed file. |
Options
| Option | Description |
|---|---|
--pem-file <PEM_FILE> | File to write the PEM to. [default: identity.pem] |
--phrase <PHRASE> | A seed phrase in quotes to use to generate the PEM file. |
--password-file <PASSWORD_FILE> | Read the encryption password from this file. |
--seed-file <SEED_FILE> | File to write the seed phrase to. |
--words <WORDS> | Number of words: 12 or 24 [default: 12]. |
--storage-mode <MODE> | Change how PEM files are stored [default: password-protected] |
Examples
The quill generate command has two primary uses - generating a new key, or recovering a key from a seed phrase.
To generate a new key, and output it to a PEM file:
quill generate --pem-file identity.pem --seed-file seed.txt
This will generate a new key that you can use to sign IC transactions with quill, or any other IC tool that supports secp256k1, like dfx. It will also output a seed.txt file containing a seed phrase which can be used to recover this key - write it down in a safe place! If you do not specify a file, it will be printed to the terminal.
Keys are password-protected by default. This command will prompt for a password interactively. To use it in a script, use --password-file:
quill generate --pem-file identity.pem --password-file password.txt
Or to disable password protection:
quill generate --pem-file identity.pem --storage-mode plaintext
To recover a key from a seed phrase stored in seed.txt:
quill generate --phrase "$(< seed.txt)" --pem-file identity.pem
Remarks
Most quill commands take a --pem-file parameter, for the key used to sign the messages. If the key is password-protected, it will prompt you for the password, or you can use a --password-file parameter.
If a password-protected key needs to be exported for use with another tool such as DFX, use [quill decrypt-pem].
Technical notes: Passwords are run through scrypt(r=8,p=1,n=2^17,len=32), and then the file is encrypted with AES-256-CBC.
[quill decrypt-pem] quill-decrypt-pem.mdx