Step 1: Generate Ethereum Key Pair¶
Goal¶
Generate a cryptographic key pair that serves as your agent's identity. The private key signs all transactions. The derived address is your unique identifier in the Agent Registry.
Code¶
from eth_account import Account
import secrets
# Generate a cryptographically secure random private key
private_key = "0x" + secrets.token_hex(32)
account = Account.from_key(private_key)
print(f"Private key: {private_key}")
print(f"Address: {account.address}")
# SAVE private_key securely. This is the agent's identity.
# If you lose it, you lose access to your registration.
import { ethers } from "ethers";
// Generate a cryptographically secure random wallet
const wallet = ethers.Wallet.createRandom();
console.log(`Private key: ${wallet.privateKey}`);
console.log(`Address: ${wallet.address}`);
// SAVE privateKey securely. This is the agent's identity.
// If you lose it, you lose access to your registration.
Expected Output¶
Private key: 0x4c0883a69102937d6231471b5dbb6204fe512961708279f2a3e4c0f74d47be22
Address: 0x2c7536E3605D9C16a7a3D7b1898e529396a65c23
Your output will differ -- every key pair is unique.
Verify¶
Run this check to confirm your key was generated correctly:
- The private key is a
0x-prefixed string of exactly 66 characters (0x + 64 hex digits). - The address is a
0x-prefixed string of exactly 42 characters (0x + 40 hex digits).
assert len(private_key) == 66, f"Private key wrong length: {len(private_key)}"
assert private_key.startswith("0x"), "Private key must start with 0x"
assert len(account.address) == 42, f"Address wrong length: {len(account.address)}"
assert account.address.startswith("0x"), "Address must start with 0x"
print("Key pair is valid.")
console.assert(wallet.privateKey.length === 66, "Private key wrong length");
console.assert(wallet.privateKey.startsWith("0x"), "Private key must start with 0x");
console.assert(wallet.address.length === 42, "Address wrong length");
console.assert(wallet.address.startsWith("0x"), "Address must start with 0x");
console.log("Key pair is valid.");
Security¶
Never share your private key
The private key is the sole proof of ownership for your agent identity. Anyone who obtains it can impersonate your agent, attest on its behalf, report false revenue, or terminate it. Store it in an encrypted secrets manager, an environment variable, or a hardware security module. Never log it, commit it to version control, or transmit it over unencrypted channels.
Storage Recommendations¶
| Method | Security | Example |
|---|---|---|
| Environment variable | Good | export AGENT_PRIVATE_KEY=0x... |
.env file (gitignored) |
Good | AGENT_PRIVATE_KEY=0x... in .env |
| Secrets manager (AWS/GCP/Vault) | Best | Store as a named secret |
| Hardcoded in source | Never do this | -- |
Next Step¶
Proceed to Step 2: Register with your private key and your Haftungsperson's address.