Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.bloobank.com/llms.txt

Use this file to discover all available pages before exploring further.

Step 1 — Install OpenSSL

On macOS and most Linux distributions, OpenSSL comes pre‑installed. Windows users should install the version that ships with Git for Windows, or grab a build from the OpenSSL download page.
Verify the install: 
openssl version
# LibreSSL 3.3.6  or  OpenSSL 3.x.x

Step 2 — Generate a private key

Open a terminal in any directory and run: 
openssl ecparam -name secp256k1 -genkey -out privateKey.pem
This creates privateKey.pem in the current directory. That file is your secret — never commit it, never share it, not even with us.
Store privateKey.pem in an environment variable, a secret manager (AWS Secrets Manager, Vault, Doppler, etc.), or an encrypted database. Do not hard‑code it in source.

Step 3 — Extract the key pair in hex

Bloobank expects the keys in hexadecimal. Dump the PEM as text: 
openssl ec -in privateKey.pem -noout -text
Output looks like this: 
Private-Key: (256 bit)
priv:
    7c:d5:f4:99:a5:fd:de:62:83:09:96:96:b8:8b:51:
    70:e4:8d:85:ab:23:eb:58:bf:c0:e4:99:6b:ac:0c:
    3f:76
pub:
    04:94:cc:f0:38:2d:a3:c3:21:f5:cb:e8:59:06:8c:
    8c:91:4d:6a:d5:ce:17:ab:3d:26:a9:dd:7f:ff:65:
    78:cb:31:62:e0:75:af:bd:98:45:96:4a:0c:13:e4:
    39:ae:53:78:30:49:8f:ef:58:79:45:59:7e:97:0a:
    b2:7c:14:7c:23
ASN1 OID: secp256k1
Strip the colons and newlines to get the flat hex strings your code will use: 
# Private key (32 bytes → 64 hex chars)
openssl ec -in privateKey.pem -noout -text 2>/dev/null \
  | awk '/priv:/{flag=1; next} /pub:/{flag=0} flag' \
  | tr -d ' :\n'

# Public key (uncompressed, 65 bytes → 130 hex chars, starts with 04)
openssl ec -in privateKey.pem -noout -text 2>/dev/null \
  | awk '/pub:/{flag=1; next} /ASN1/{flag=0} flag' \
  | tr -d ' :\n'
Example public key (valid format — 130 hex chars, uncompressed, starts with 04): 
0494ccf0382da3c321f5cbe859068c8c914d6ad5ce17ab3d26a9dd7fff6578cb3162e075afbd9845964a0c13e439ae537830498fef587945597e970ab27c147c23

Step 4 — Send the public key to our integration support team

1

Copy your public key hex

Copy the public key hex generated in Step 3 (the 130-character string starting with 04).
2

Send it to our integration support team

Send the public key to our integration support team via the channel provided during your onboarding. Do not share your private key — only the public key is needed.
3

Receive your X-Access-Key

Our team will process your public key and return a static X‑Access‑Key. Save it — you’ll send this in the X-Access-Key header on every request.
Keep the X‑Access‑Key and the private key hex together in your secret store — both are required to sign requests.

Next

Sign a request

Build the canonical string, hash it with SHA-256, sign it with ECDSA secp256k1, and attach the headers.