How To Find Private Keys in Hyperledger Indy

After this post you’ll know how to find the private keys inside Hyperledger Indy. A problem our Tech Lead, Eduardo Elias, was facing and could not find the solution for online.

The value in private keys

In Hyperledger Indy, as in all most common blockchains, people have their private keys inside their wallets. The difference is that, in Indy, they do not have access to them, at all.

We believe the value in every blockchain is in holding the private keys.

It’s important to note that a private key can be used for multiple cryptography purposes. The same private key that generates my identity for Indy (for SSI, for Sovrin) can be used, for example, for a GPG signature for Github. It could be the same key that can be used for Ethereum or Bitcoin to generate an address.

If the technical infrastructure where you are trying to use your keys accepts the same type of encryption – like Elliptic Curve Cryptography – you could use your Hyperledger Indy private keys there. Structures like HTTPS, Ethereum, Sovrin or Corda, for example, all accept this encryption. Right now it’s not possible to use those Hyperledger Indy’s private keys to establish connections with other parties of a user’s choice. 

No access to private keys in Hyperledger Indy

We were trying to post transactions directly to a Sovrin node without the Indy-SDK. To do that we need to encrypt the data. To encrypt the data we need the private keys. But, through Indy-SDK’s Wallet implementation and its CLI tool, there is no method to retrieve the private keys from inside the wallet.

When we open the Indy-SDK code and find the wallet specific code there is a method to list all the credentials stored. But it only shows the public keys. Not the private ones. 

We’ve been to Hyperledger’s Rocketchat and we haven’t found an answer on how to access those private keys.

So we had to change the method.

How to find the private keys in Hyperledger Indy

Eduardo, our Tech Lead, had to change Indy-SDK’s code. He forked the project on Github, created a branch on his fork and then asked for a Pull Request with that change. 

The Pull Request was never merged, it’s just a way to show what part of the code Eduardo changed:


Using this method, Eduardo was able to access private keys in Hyperledger Indy.

This small change on the code enabled the private keys to be shown on a “hacky” stdout call. The code above is a preparation to enable the command that lists credentials to show the private keys in a formatted way.

Tykn is a digital identity company.

We just launched Ana, a digital identity management platform that allows organisations to issue tamper-proof digital credentials which are verifiable anywhere, at any time. If you’re keen on reading more we suggest you check out our Definitive Guide to Identity Management with Blockchain and the Ultimate Guide to Self-Sovereign Identity.