Use this skill for any wallet, keypair, or vault operation. Covers key generation, rotation, encrypted storage, and the operational/wallets/ directory conventions.
3f:T575,
operational/wallets/ to git — confirm .gitignore covers *.json and *.keyCHASSIS_VAULT_PASSWORD# Generate a new Solana keypair
solana-keygen new --outfile operational/wallets/trader_$(date +%Y%m%d).json
# Verify
solana-keygen pubkey operational/wallets/trader_YYYYMMDD.json
operational/wallets/
├── .gitignore # ← must contain: *.json, *.key, *.pem
├── README.md # Documents wallet purposes (no keys)
└── {name}_{date}.json # Encrypted keypair files
// Load keypair from env path — never inline
let keypair_path = std::env::var("CHASSIS_KEYPAIR_PATH")
.expect("CHASSIS_KEYPAIR_PATH must be set");
let keypair = read_keypair_file(&keypair_path)
.expect("Invalid keypair file");
CHASSIS_KEYPAIR_PATH in environmentoperational/audits/ with date and pubkey (no private key)