Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.zodia-custody.com/llms.txt

Use this file to discover all available pages before exploring further.

Never share your private key with anyone — including Zodia. Only your public key should be shared. If you believe your private key has been compromised, generate a new key pair immediately and contact customerservice@zodia.io.
When onboarding with Zodia, you need to provide your public key so it can be registered on the platform. Zodia requires the public key in a specific format:
  • Single line — no line breaks
  • No PEM headers or footers — strip the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- lines
This applies to both your company RSA public key and each user ECC public key. A correctly formatted key looks like this: 
MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAE3s7wCGCHkM3J6Y2KmKqkBY+5l3vKfuXo7Q1234abcdEFGH5678ijklMNOP==

Using Bash

This approach works for both RSA and ECC private keys. Run the appropriate command depending on your key type. ECC private key: 
openssl ec -in private-key.pem -pubout 2>/dev/null \
  | grep -v "BEGIN\|END" \
  | tr -d '\n'
RSA private key: 
openssl rsa -in private-key.pem -pubout 2>/dev/null \
  | grep -v "BEGIN\|END" \
  | tr -d '\n'
To write the output directly to a file: 
openssl ec -in private-key.pem -pubout 2>/dev/null \
  | grep -v "BEGIN\|END" \
  | tr -d '\n' > public-key-single-line.txt

Using Python

This script works for both RSA and ECC private keys. It reads your private key file and prints the public key as a single line with no PEM headers. 
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.backends import default_backend

def extract_public_key(private_key_path):
    with open(private_key_path, "rb") as f:
        private_key = serialization.load_pem_private_key(
            f.read(), password=None, backend=default_backend()
        )

    pem = private_key.public_key().public_bytes(
        encoding=serialization.Encoding.PEM,
        format=serialization.PublicFormat.SubjectPublicKeyInfo,
    ).decode("utf-8")

    single_line = "".join(
        line for line in pem.splitlines() if not line.startswith("-----")
    )
    return single_line

if __name__ == "__main__":
    import sys
    path = sys.argv[1] if len(sys.argv) > 1 else "private-key.pem"
    print(extract_public_key(path))
Run it with: 
python extract_public_key.py private-key.pem
Install the required library if needed: 
pip install cryptography

What to do with your public key

Once you have the single-line public key, share it with Zodia as part of your onboarding:
Key typeWhat to includeWhere to send
Company RSA public keyThe single-line public keycustomerservice@zodia.io
User ECC public keyUser email, role (Maker/Checker), and single-line public keycustomerservice@zodia.io
See Authentication for a full overview of the key pairs required.