# Generating Keys

The Vertex can participate in MPC key generation in order to generate a share of a [threshold key](/cryptography/mpc).
The Vertex can be used interoperably with the Sodot SDKs to generate keys for use in signing transactions.
The Key Share will be stored in the Vertex and a `key_id` can be used to reference the Key Share for signing (and other) operations.

## Key Generation Flow

First, we will create the Key Share using the [`create-key`](https://docs.sodot.dev/vertex-api-reference/#tag/ecdsa/POST/ecdsa/create) endpoint:

```bash
curl -L -X POST 'https://<YOUR_VERTEX>/ecdsa/create' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-H 'Authorization: <USER_API_KEY>'
```

In response we will receive a `key_id` that we can use to reference the Key Share, as well as a `keygen_id` that we can use for key generation with the [SDK](/mpc-infra/getting-started) or other Vertex servers.

### Creating a Room for MPC Key Generation

Each MPC key generation operation requires a room to be created. For a `t-of-n` key `n` is the required room size.
This can be done using the [`create-room`](https://docs.sodot.dev/vertex-api-reference/#tag/common/POST/create-room) endpoint:

```bash
curl -L -X POST 'https://<YOUR_VERTEX>/create-room' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: <USER_API_KEY>' \
--data-raw '{
  "room_size": 3
}'
```

In response we will receive a `room_uuid` that we can use for key generation.

### Generating the Threshold Key

Next, all parties involved in the key generation must call the `keygen` endpoint or SDK method with the same `room_uuid` to generate the threshold key.

The Vertex will participate in key generation by calling the [`keygen`](https://docs.sodot.dev/vertex-api-reference/#tag/ecdsa/POST/ecdsa/keygen) endpoint:

```bash
curl -L -X POST 'https://<YOUR_VERTEX>/ecdsa/keygen' \
-H 'Content-Type: application/json' \
-H 'Authorization: <USER_API_KEY>' \
--data-raw '{
  "key_id": "string",
  "num_parties": 3,
  "threshold": 2,
  "others_keygen_ids": [
    "keygen_id_from_other_vertex",
    "keygen_id_from_sdk_device"
  ],
  "room_uuid": "string"
}'
```

Receiving a `200 OK` response indicates that the key generation was successful.

Once a key is generated, its secret shares can be rotated or its quorum changed without altering the public key, see [Resharing and Refreshing Keys](/vertex/keygen/reshare_and_refresh).
