Command-line interface

FIO Chain Command-line interface Tools


clio is the command line interface for FIO.

clio Examples

Manage wallet

Create a wallet

clio wallet create -n PICK_WALLET_NAME --to-console`

Generate private/public keys

clio create key --to-console`

Import private key into wallet

clio wallet import --private-key YOUR_PRIVATE_KEY -n PICK_WALLET_NAME`

Remove key from wallet

clio wallet remove_key YOUR_PUBLIC_KEY -n PICK_WALLET_NAME --password YOUR_WALLET_PASSWORD`

Unlock wallet

clio wallet unlock -n PICK_WALLET_NAME --password YOUR_WALLET_PASSWORD`


Propose 1 FIO transfer msig

clio -u https://API_NODE_URL multisig propose NAME_YOUR_MSIG '[{"actor": "ACCOUNT_OF_FIRST_SIGNER", "permission": "active"},{"actor": "ACCOUNT_OF_SECOND_SIGNER", "permission": "active"}]' '[{"actor": "ACCOUNT_OF_MSIG", "permission": "active"}]' fio.token trnsfiopubky '{"payee_public_key":"PUBLIC_KEY_WHERE_FUNDS_ARE_SENT", "amount":1000000000, "max_fee":2000000000, "actor":"ACCOUNT_OF_MSIG", "tpid":""}' 1000000000 -p ACCOUNT_OF_MSIG@active

Approve msig

clio -u https://API_NODE_URL multisig approve ACCOUNT_OF_MSIG_PROPOSER NAME_YOUR_MSIG '{"actor": "ACCOUNT_OF_SIGNER", "permission": "active"}' 400000000 -p ACCOUNT_OF_SIGNER@active

Execute msig

clio -u https://API_NODE_URL multisig exec ACCOUNT_OF_MSIG_PROPOSER NAME_YOUR_MSIG 400000000 -p ACCOUNT_OF_SIGNER@active

Vote using clio

See Voting for block producers using clio.

Push action

Using clio you can push any action to the blockchain as follows:

clio -u https\://API_NODE_URL push action CONTRACT ACTION DATA -p ACCOUNT_OF_SIGNER@active


  • CONTRACT and ACTION are specified for every API call in FIO Protocol API Spec. For example CONTRACT and ACTION for /register_fio_domain is fio.address and regdomain respectively.
  • DATA is specified for every API call in FIO Protocol API Spec. For example DATA for /register_fio_domain is:
  "fio_domain": "alice",
  "owner_fio_public_key": "FIO8PRe4WRZJj5mkem6qVGKyvNFgPsNnjNN6kPhh6EaCpzCVin5Jj",
  "max_fee": 2000000000,
  "tpid": "rewards@wallet",
  "actor": "aftyershcu22"

Registering FIO Crypto Handle (aka FIO Address)

For full description of fields see /register_fio_address

clio -u https://API_NODE_URL push action fio.address regaddress '{"fio_address": "YOUR_ADDRESS", "owner_fio_public_key": "", "max_fee": 40000000000, "tpid": "", "actor": "ACCOUNT_OF_SIGNER"
}' -p ACCOUNT_OF_SIGNER@active

Setting domain public

For full description of fields see /set_fio_domain_public

clio -u https://API_NODE_URL push action fio.address setdomainpub '{"fio_domain": "YOUR_DOMAIN", "is_public": 1, "max_fee": 2000000000, "tpid": "", "actor": "ACCOUNT_OF_DOMAIN_OWNER"

Transferring tokens

For full description of fields see /transfer_tokens_pub_key

clio -u https://API_NODE_URL push action fio.token trnsfiopubky '{"payee_public_key": "RECIPIENT_FIO_PUBLIC_KEY", "amount": 1000000000, "max_fee": 2000000000, "tpid": "", "actor": "ACCOUNT_OF_PAYER"
}' -p ACCOUNT_OF_PAYER@active

fio-wallet (keosd)

fio-wallet is a key manager for storing private keys and signing digital messages. It provides a secure key storage medium for keys to be encrypted at rest in the associated wallet file. fio-wallet also defines a secure enclave for signing transaction created by cleos or a third part library.



The EOSIO keosd wallet was renamed to fio-wallet to make it easier for Block Producers to run both EOSIO and FIO commands in the same environment.

When a wallet is unlocked with the corresponding password, clio can request fio-wallet to sign a transaction with the appropriate private keys.


fio-wallet users

fio-wallet is intended to be used only by developers and possibly operators. This is for several reasons including security, scalability, and efficiency.

Starting fio-wallet

Fio-wallet is installed as a service daemon, when installing a FIO Release package. If installed this way, it will be located in /usr/local/bin and, if started as a service via systemctl, will use the configuration files located in /var/lib/fio/fio-wallet. See Enabling fio-wallet.

For most users, the easiest way to run and use fio-wallet is to have clio launch it. Wallet files will be created in the default directory (~/fio-wallet).

{% include alert.html type="info" title="fio-wallet config file" content="When clio starts fio-wallet, it will write out a config.ini in ~/fio-wallet if one does not exist, however, it does not use this config.ini, using default parameters instead, i.e. --unix-socket-path fio-wallet.sock. Running fio-wallet manually will use the settings in ~/fio-wallet/config.ini." %}

fio-wallet may also be launched manually from the terminal by running:



By default, fio-wallet creates the folder ~/fio-wallet and populates it with a basic config.ini file. The location of the config file can be specified on the command line using the --config-dir argument. The configuration file contains the HTTP server endpoint for incoming HTTP connections and other parameters for cross-origin resource sharing.

Wallet Location

The location of the wallet data folder can be specified on the command line with the --data-dir option.

IP and port

By default fio-wallet will listen on a unix socket, i.e. fio-wallet.sock. To configure fio-wallet to listen on a http port either specify the command-line parameter, --http-server-address on startup or update the config.ini file as follows to point to a local IP and port. HTTPS addresses are set via the https-server-address attribute.

# The local IP and port to listen for incoming http connections; leave blank to disable. (eosio::http_plugin)
http-server-address = localhost:8900

Other options

For a list of all commands known to fio-wallet, simply run it as follows:

fio-wallet --help

Stopping fio-wallet

The most effective way to stop fio-wallet is to find the fio-wallet process and send a SIGTERM signal to it.

Handling large numbers of FIO keys in fio wallet

If you are using the default settings for fio-wallet, you may encounter errors when attempting to sign a transaction with wallets containing a large numbers of keys (30,000+ keys). The failure is caused because requests to the nodeos API exceed the maximum payload size allowed for incoming requests.

To prevent this failure, add the following to the fio-wallet configuration, either on the command line on startup, in ~/fio-wallet/config.ini or in /var/lib/fio-wallet/config.ini depending on your use case:


An alternative approach to avoid issues when using clio to sign transactions is to store the keys in a separate, scalable hot or cold wallet outside of fio-wallet and only load a key into fio-wallet when it is needed to sign a transaction using clio. Once completed, the key can be removed using remove_key.

FIO Wallet API Commands

When running fio-wallet in its default configuration, using a unix socket, interact with it using the format, unix:// along with the path to the wallet socket.

Using a full path, i.e. '/home/ubuntu/fio-wallet/fio-wallet.sock'. Note the leading '/'.

clio --wallet-url unix:///home/ubuntu/fio-wallet/fio-wallet.sock wallet list

Using a relative path, i.e. '../fio-wallet/fio-wallet.sock'

clio --wallet-url unix://../fio-wallet/fio-wallet.sock wallet list

Note that providing no arguments to wallet, i.e. 'list' in the case above, will display all possible wallet sub-commands.

The following commands are used when fio-wallet is running and listening on port 8900 (http-server-address =

Create new wallet

Create a new wallet locally


  • New wallet name
curl --url  --request POST --data '"mywallet"'

# Returns password key needed to unlock the wallet in the future. DO NOT LOSE!

Open wallet

Open an existing wallet.


  • Wallet name
curl --url  --request POST --data '"mywallet"'

# If the open is successsul, returns empty brackets

Lock wallet

Lock wallet.


  • Wallet name
curl --url  --request POST --data '"mywallet"'

# If the lock is successsul, returns empty brackets

Lock all wallets

Lock all unlocked wallets.

curl --url 

# If the lock is successsul, returns empty brackets

Unlock wallet

Unlock wallet


  • Wallet name
  • Wallet password
curl --url  --request POST --data '["mywallet", "PW5KbbHxLScNYzo7JCMEbXEgx9e9iMMscLg5o1PLezrJsru7jvZJu"]'

# If the unlock is successsul, returns empty brackets

Import key

Import FIO private key into wallet


  • Wallet name
  • FIO private key
curl --url  --request POST --data '["mywallet", "5K48SoNMnndG7YgEKxppq7Mrt2arfa2oCwjqCvAVxk3RciaiQZQ"]'

# If the import is successsul, returns empty brackets

Remove key

Remove FIO keypair from wallet


  • Wallet name
  • Wallet password
  • FIO Public Key in WIF format to remove (required)
curl --url  --request POST --data '["mywallet", "PW5KbbHxLScNYzo7JCMEbXEgx9e9iMMscLg5o1PLezrJsru7jvZJu", "FIO4zHqamNrwAc55iewkuMSdQugp3s46UoYqhZjXPHbbRrzvZPXse"]'

# If the import is successsul, returns empty brackets

Create key

Create FIO keypair key within wallet.


  • Wallet name
  • Key type to create, K1 should be specified.
curl --url  --request POST --data '["mywallet", "K1"]'

# Returns the FIO public key associated with the new private key

List wallets

List opened wallets, * = unlocked.

curl --url

# Returns array of open wallets. Wallets that are open are marked with a '*'
["mywallet *","newwallet","newwallet2"]

List keys

List of public/private keypairs from all unlocked wallets.


  • Wallet name
  • Wallet password
curl --url  --request POST --data '["mywallet", "PW5KbbHxLScNYzo7JCMEbXEgx9e9iMMscLg5o1PLezrJsru7jvZJu"]'

# Returns array of FIO Public/Private keypairs from wallet

List public keys in wallet


  • Wallet name
  • Wallet password
curl --url  --request POST --data '["mywallet", "PW5KbbHxLScNYzo7JCMEbXEgx9e9iMMscLg5o1PLezrJsru7jvZJu"]'

# Returns array of FIO Public keys from wallet