Skip to main content
This guide shows how to sign and submit RebelFi transactions using Fireblocks as your custody provider. Fireblocks is a common choice for exchanges, funds, and institutions that need policy-based signing and MPC key management.
For Fireblocks setup, API keys, and vault configuration, see the Fireblocks Developer Docs.

How It Works

RebelFi returns unsigned transactions with to, data, and gas parameters. You pass the to address and data to Fireblocks as a CONTRACT_CALL, and Fireblocks handles signing, gas estimation, and broadcasting.

Prerequisites

  • A Fireblocks workspace with API access
  • A vault account with an EVM asset (e.g., ETH_TEST5 for testnet, ETH for mainnet)
  • The vault’s deposit address registered as a wallet in RebelFi
  • fireblocks-sdk installed: npm install fireblocks-sdk

Vault-to-Wallet Mapping

Your Fireblocks vault account has a deposit address for each asset. This address is what you register with RebelFi:
The wallet address you register with RebelFi must match the Fireblocks vault’s deposit address for that asset. If they don’t match, transaction signing will fail.

The Fireblocks Signer

The core of the integration is a function that takes RebelFi’s unsigned transaction fields and submits them through Fireblocks:
Fireblocks handles gas estimation and broadcasting. You pass amount: '0' because the contract call itself doesn’t transfer native tokens — it interacts with an ERC-20 contract.

Supply Example

EVM supply operations produce two transactions: a token approval and the protocol deposit. Sign and submit them sequentially through Fireblocks:

What Happens Step by Step

1

Plan the supply

Call operations.supply() with your wallet, strategy, amount, and token address. RebelFi returns an operation with status AWAITING_SIGNATURE.
2

Fetch unsigned transactions

Call operations.getUnsignedTransactions() to get fresh unsigned transactions. For EVM supply, you’ll get two:
  • Transaction 1: Token approval (approve call on the ERC-20 contract)
  • Transaction 2: Supply to protocol (deposit into the yield strategy)
3

Sign via Fireblocks

For each unsigned transaction, create a Fireblocks CONTRACT_CALL with the to address and data field. Fireblocks signs with MPC, applies your policy rules, and broadcasts on-chain.
4

Submit hash to RebelFi

Once Fireblocks confirms the transaction, take the txHash and submit it to RebelFi via transactions.submitHash(). Include the transactionId to identify which transaction in the operation you’re submitting.
5

Confirm

RebelFi monitors the chain and updates the operation status to CONFIRMED once all transactions land.

Unwind Example

Unwinding (withdrawing from a yield strategy) follows the same pattern:
For a full withdrawal, pass fullWithdrawal: true instead of amount:
For sandbox/testnet, use https://sandbox-api.fireblocks.io as the base URL and a testnet asset ID like ETH_TEST5.

Troubleshooting

Cause: The EVM asset hasn’t been added to your Fireblocks vault account.Solution: In the Fireblocks console, go to your vault account and add the asset (e.g., ETH, ETH_TEST5). Then fetch the deposit address.
Cause: Fireblocks policy engine rejected the transaction.Solution: Check your Transaction Authorization Policy (TAP) rules in the Fireblocks console. The CONTRACT_CALL to a ONE_TIME_ADDRESS may need explicit approval or a policy rule allowing it.
Cause: Fireblocks transaction took too long to reach a terminal status.Solution: Check the transaction status in the Fireblocks console. It may be pending human approval (if your policy requires it). Increase MAX_POLL_ATTEMPTS if your approval flow takes longer.
Cause: The vault deposit address doesn’t match the wallet registered with RebelFi.Solution: Use fireblocks.getDepositAddresses(vaultAccountId, assetId) to get the correct address, and ensure that’s the address registered with RebelFi.

Resources