GET STARTED
Get started with MPC Wallets
This guide provides a step-by-step walkthrough for setting up and using MPC Wallets on Cobo Portal. You’ll learn how to:
Follow the instructions below to create a Main Group in Cobo Portal:
> Transaction History.
- Set up your account and organization
- Create vaults and wallets
- Make deposits and withdrawals
Cobo Portal offers two types of MPC Wallets: Organization-Controlled Wallets and User-Controlled Wallets. This guide will focus on Organization-Controlled Wallets.
Prerequisites
- Contact our sales team to acquire your account activation link.
- An iOS device to run Cobo Guard, our dedicated app for multi-factor authentication (MFA), operation approval, transaction signing, and key share management.
Set up accounts and organization
As the first admin of your organization, complete these initial steps to configure your account and organization:Create an account
Use the activation link from our sales team to create your Cobo Portal account.Set up Cobo Guard
- Log in to Cobo Portal.
- For testing purposes, use the development environment.
- For production, use the production environment.
- Click Guide at the bottom left, and click Set up Cobo Guard.
- Follow the instructions on the screen to install Cobo Guard on your iOS device and link your account with your Cobo Guard.
Configure governance policies and user roles
If you’re in the testing phase and want to quickly verify deposits and withdrawals first, you can skip this section for now and configure them later.
Set up governance policies and user roles
Set up governance policies and user roles
Configuring governance policies and user roles is essential for managing access control and security in your organization.
- Governance policies define approval rules for key operations (such as member deletion, organization freezing, and API key management), using mechanisms such as auto-approval, auto-rejection, and approval quorum. You can edit governance policies if the default ones don’t align with your organizational needs.
- User roles enable you to assign specific permissions to designated members within your organization. When you assign a role to a member, they can only perform actions allowed by that role. For instance, a member with the Viewer role can see wallet information but cannot withdraw tokens. Cobo offers preset user roles. You can also create custom roles tailored to your specific requirements.
Invite members
- Log in to Cobo Portal.
- For testing purposes, use the development environment.
- For production, use the production environment.
- Click the profile icon at the bottom left, and then click Organization.
- Click Members. On the Members page, click Invite Members.
- Enter the member’s email address and name, and then select appropriate user roles.
Confirm on Cobo Guard that this invitation was initiated by you. Also, as a default governance policy, at least half of your organization admins must approve the invitation request on Cobo Guard.
Add chains
View and manage the chains available for your organization:- Log in to Cobo Portal.
- For testing purposes, use the development environment.
- For production, use the production environment.
- Click the profile icon at the bottom left, and then click Pricing Plans.
- Navigate to Supported Chains and click the Chain Management icon.
- On the Chain Management page, review the list of available chains. If the chains you need are not present, click Add Chains to include additional chains for your organization’s use.
After adding a chain, all its supported tokens will be available for deposit and withdrawal in your wallets.
To view a full list of tokens and chains supported by Cobo, see Supported tokens and chains.
Set up an MPC vault
After setting up your account and organization, the next step is to configure an MPC vault. A default vault is automatically created for you. You need to complete the setup by creating a Main Group and generating key shares.To learn about vaults, key shares, and other related concepts, see Introduction to Organization-Controlled Wallets.
Create a Main Group
A set of key share holders is referred to as a holder group. The Main Group is the first holder group you create before using MPC Wallets. The diagram below illustrates a Main Group with two key share holders. Cobo holds one key share, while your organization holds the other.
Follow the instructions below to create a Main Group in Cobo Portal:
-
Log in to Cobo Portal.
- For testing purposes, use the development environment.
- For production, use the production environment.
-
Click > MPC Wallets.
- Click Create Main Group.
-
In the Create Main Group dialog box, navigate to the Key Share Holder 2 section, and configure the holder. For detailed information about co-signer types and their setup, see Co-Signer Type.
-
To use a mobile co-signer, select a holder from the pull-down list. The TSS Node ID field will be filled in automatically. Click Confirm. For quick testing, you can select yourself as a holder. However, for production use, refer to our Security best practices for guidance on selecting appropriate holders.
- To use a server co-signer, enter a holder name, fill in the TSS Node ID, and then click Confirm.
-
To use a mobile co-signer, select a holder from the pull-down list. The TSS Node ID field will be filled in automatically. Click Confirm.
- Confirm in your Cobo Guard app that you initiated this request.
Generate key shares
To finalize the vault setup, the next crucial step is generating key shares on your co-signer. This process varies depending on your co-signer type:-
For mobile co-signers:
- Wait for the 1 key share needs to be generated banner to appear on Cobo Guard (this may take a few seconds).
- Tap the banner to open the key generation interface.
- Follow the on-screen instructions to complete the key share generation process.
- We recommend backing up your key shares at this point for added security. However, you can also choose to complete this step later after finishing the guide.
-
For server co-signers:
- Ensure the TSS Node server is brought online within 24 hours. The key share generation process initiates automatically when the server comes online.
- If a TSS Node callback server is configured, the generation process will only start after approval from the callback server.
Create a wallet and transfer tokens
Create a wallet
After successful key generation, a default wallet is automatically created for your vault. You can create additional wallets by following the steps below:- Log in to Cobo Portal.
- For testing purposes, use the development environment.
- For production, use the production environment.
- Click > MPC Wallets.
- Click Create Wallet. In the dialog box:
- Enter a unique name for your wallet.
- If you need to automatically consolidate funds from multiple addresses, enable auto token sweeping. If you’re unsure, you can leave it disabled for now and enable it later if needed.
- Click Create.
- From the wallet list, select your newly created wallet to view its details.
Make a deposit
To make a deposit, you should first generate a deposit address for your wallet:- Navigate to the Addresses tab, and then click Add Address.
- Select a network, and then click Create.
- Navigate to the address you just created and click
to display the address.
- Proceed to your preferred external wallet to initiate the transfer to the deposit address.
Configure transaction policies
If you’re in the testing phase and want to quickly verify deposits and withdrawals first, you can skip this section for now and set them up later.
Configure transaction policies
Configure transaction policies
Transaction policies are essential measures to secure your digital asset operations. When a transaction starts, it’s checked against your organization’s transaction policies in sequential order. If it matches a policy’s trigger condition, the specified action will be taken: auto-approve, auto-reject, or an approval quorum process.In this guide, we’ll create a policy that requires 2-of-3 Admin approval for large USDT withdrawals to non-trusted addresses. For other policy setups and advanced configurations, see Set up token transfer policy.
Prerequisites
You have at least three members with the Admin role in your organization.Configure an address list
First, set up a list of trusted addresses for withdrawals:-
Log in to Cobo Portal.
- For testing, use the development environment.
- For production, use the production environment.
-
Click
> Transaction Policies.
- Navigate to the Address Lists tab and click Create List.
- Enter a name for your address list, then click Confirm.
- Click your newly created address list, click Add Address, then enter your trusted addresses.
- Click Submit and complete MFA.
Create the transaction policy
Now, let’s create a policy with the following security rules:- Trigger: Withdrawals over 30,000,000 USDT to non-trusted addresses
- Action: Require approval from 2 out of 3 approvers with the Admin user role.
- In Cobo Portal, go to > Transaction Policies.
- Click Create Policy > Token Transfer.
- Configure the settings as shown in the screenshot:
- Click Next and follow the on-screen instructions to complete the policy setup.
Make a withdrawal
Follow the steps below to withdraw tokens from your wallet.To learn more about withdrawal, such as transaction fees, risk control measures, and signing procedures, see Transfer from MPC Wallets (Organization-Controlled Wallets).
-
Log in to Cobo Portal.
- For testing purposes, use the development environment.
- For production, use the production environment.
-
Click
in the main menu on the left hand side.
- In the Transfer dialog box, fill in the required information, and then click Submit.
- Double confirm the withdrawal on Cobo Guard.
-
After the withdrawal is confirmed, one of your co-signers will be automatically selected to sign the transaction based on their online status and other criteria. You need to ensure that at least one of your co-signers is online. The transaction will remain pending until it receives the necessary signature. You can check if a co-signer is online through Cobo Portal:
- Log in to Cobo Portal.
-
Click
> MPC Wallets.
-
Select your vault and then click the Manage Share Management icon
on the upper right hand corner.
-
In the Key Group Management page, locate your key share holder group, and check the status indicator next to each key share holder:
- 🟢 Green dot: The co-signer is online and ready to sign transactions
- No dot: The co-signer is offline and cannot sign transactions.
View transaction details and status
After making a transfer to or from your Asset Wallets, you can view its transaction status in > Transaction History.
Integrate using the WaaS API
To create wallets and transfer tokens programmatically, you can utilize our WaaS API. Follow these steps to integrate wallet functionality using the API:- Start with Sending your first request. This guide covers API key registration, authentication, and SDK usage.
- Proceed to Integrate MPC Wallets (Organization-Controlled) for detailed instructions on creating wallets and managing token transactions.
What’s next
Congratulations on successfully setting up your MPC Wallet and completing token transfers! To further enhance your wallet’s security and functionality, consider implementing these next steps:Implement security best practices
Follow our security checklist to enhance the security of your assets. For MPC Wallets specifically:- Back up your key shares
- Create at least one Signing Group and one Recovery Group in addition to the Main Group.
Explore more features
To explore more advanced features, check out these articles:- Enable auto token sweeping: Automatically consolidate funds from multiple addresses into a single designated address.
- Enable fee station: Your all-in-one solution for managing bills and transaction fees.
Learn more
Feel free to share your feedback to improve our documentation!