Download KMS

macOS: Natively or via Docker
Unix: Natively or via Docker
Ms Windows: Only via Docker

📘
We recommend that you run KMS from the Docker image regardless of the operating system used.

🚧
Tatum KMS should be installed in the Deny-From-All environment to meet the highest security standards.

Install KMS

From npm

Install KMS globally:

npm i -g @tatumio/tatum-kms
//or
yarn global add @tatumio/tatum-kms

Use .env file to configure Tatum KMS
1. via --env-file=/path/to/.env
```
 tatum-kms --env-file=/path/to/.env getaddress 11111111-1111-1111-1111-111111111111 0
```
2. via environment variables directly
```
TATUM_API_KEY=XXXXX-YOUR-API-KEY tatum-kms --help
```
3. via predefined environment vars on global level
```
export TATUM_API_KEY=XXXXX-YOUR-API-KEY  
tatum-kms --help
```
  🚧
  IMPORTANT! NodeJS >=14 and npm@6 are required. KMS does not work on npm@7.

From Docker

Pull the tatum-kms image:
```
docker pull tatumio/tatum-kms
```
Navigate to the home directory:
```
cd $HOME
```
Use pre-created .env file to configure Tatum KMS via --env-file .env
Map the Docker volume to the local storage (your home folder).
1. For more details, refer to the Docker user documentation.
2. Once you have mapped the Docker volume, KMS is ready to be run as a Docker container.

To interactively communicate with KMS and run various KMS commands, use the docker run command:

docker run -it --env-file .env -v $HOME:/root/.tatumrc tatumio/tatum-kms --help
docker run -it --env-file .env -v $HOME:/root/.tatumrc tatumio/tatum-kms generatemanagedwallet BTC
docker run -it --env-file .env -v $HOME:/root/.tatumrc tatumio/tatum-kms storemanagedprivatekey BTC

//NOTE: You can shorten the command syntax and use it as follows:
docker run ${COMMON_PARAMS} tatumio/tatum-kms generatemanagedwallet BTC
//where COMMON_PARAMS can be exported as all the flags necessary for running the container.

Good to know

It is possible to store private keys locally or using an external service:
After you generate and store the wallets you want to work with, enable daemon mode. Daemon mode periodically checks for pending transactions to sign.
Every pending transaction has a signatureId. When a pending transaction matches a stored wallet, it is signed locally and sent to the blockchain. Your wallet data are stored only in memory.

📘
KMS supports the 4 eye control mechanism, where pending transactions are controlled in Tatum and the customer system. By default, KMS checks for the pending transactions every 5 seconds using the following REST API call.

Download and Install KMS

Download KMS

📘
We recommend that you run KMS from the Docker image regardless of the operating system used.

🚧
Tatum KMS should be installed in the Deny-From-All environment to meet the highest security standards.

Install KMS

From npm

🚧
IMPORTANT! NodeJS >=14 and npm@6 are required. KMS does not work on npm@7.

From Docker

Good to know

📘
KMS supports the 4 eye control mechanism, where pending transactions are controlled in Tatum and the customer system. By default, KMS checks for the pending transactions every 5 seconds using the following REST API call.

Download KMS

📘We recommend that you run KMS from the Docker image regardless of the operating system used.

🚧Tatum KMS should be installed in the Deny-From-All environment to meet the highest security standards.

Install KMS

From npm

🚧IMPORTANT! NodeJS >=14 and npm@6 are required. KMS does not work on npm@7.

From Docker

Good to know

📘KMS supports the 4 eye control mechanism, where pending transactions are controlled in Tatum and the customer system. By default, KMS checks for the pending transactions every 5 seconds using the following REST API call.

📘
We recommend that you run KMS from the Docker image regardless of the operating system used.

🚧
Tatum KMS should be installed in the Deny-From-All environment to meet the highest security standards.

🚧
IMPORTANT! NodeJS >=14 and npm@6 are required. KMS does not work on npm@7.

📘
KMS supports the 4 eye control mechanism, where pending transactions are controlled in Tatum and the customer system. By default, KMS checks for the pending transactions every 5 seconds using the following REST API call.