createActivityPoller with v4 endpoint does not save the privateKey in Turnkey

[flux0uz]

Creating a new sub-organization as Custodial Wallet with ACTIVITY_TYPE_CREATE_SUB_ORGANIZATION_V4 returns a new wallet address, a new wallet identifier (walletId) and a new sub-organization identifier (subOrganizationId), but these are not saved on the new sub-organization in Turnkey.
Attempt to execute a transaction, then fail with error TurnkeyRequestError: Turnkey error 5: cannot find private key (Details: []).

const activityPoller = createActivityPoller({
    client: turnkeyClient,
    requestFn: turnkeyClient.createSubOrganization,
  })

const completedActivity = await activityPoller({
      type: "ACTIVITY_TYPE_CREATE_SUB_ORGANIZATION_V4",
      timestampMs: String(Date.now()),
      organizationId: env.TURNKEY_ORG_ID,
      parameters: {
        subOrganizationName: username,
        rootQuorumThreshold: 1,
        rootUsers: [
          {
            userName: username,
            apiKeys: [
              {
                apiKeyName: "************",
                publicKey: env.TURNKEY_API_PUBLIC_KEY,
              },
            ],
            authenticators: [],
          },
        ],
        wallet: {
          walletName: `${username}-wallet`,
          accounts: [
            {
              curve: "CURVE_SECP256K1",
              pathFormat: "PATH_FORMAT_BIP32",
              path: "m/44'/60'/0'/0/0",
              addressFormat: "ADDRESS_FORMAT_ETHEREUM",
            },
          ],
        },
      },
    })

    const subOrgId = refineNonNull(
      completedActivity.result.createSubOrganizationResultV4?.subOrganizationId
    )
    const walletId = refineNonNull(
      completedActivity.result.createSubOrganizationResultV4?.wallet?.walletId
    )
    const walletAddress = refineNonNull(
      completedActivity.result.createSubOrganizationResultV4?.wallet
        ?.addresses?.[0]
    )

[timurnkey]

hi @flux0uz, we have a docs page for getting started with sub orgs. Hopefully this will clear up some confusion. https://docs.turnkey.com/getting-started/sub-organizations#before-you-start.

[andrewkmin]

Hi @flux0uz 👋 just adding here -- when you say Attempt to execute a transaction, can you show us how you are trying to do so? If you’re using our viem or ethers package, there were recent updates (0.3.0 and 0.18.0, respectively) that now support a signWith parameter that can accept a wallet account address, private key address, or private key ID. This will allow you to use the resulting walletAddress from

const walletAddress = refineNonNull(
      completedActivity.result.createSubOrganizationResultV4?.wallet
        ?.addresses?.[0]
    )

[flux0uz]

Hey @andrewkmin,

Yes, I saw those changes too and modified them accordingly. But what's weird is that I don't see a privateKey Id on the sub-organization that was created in my turnkey admin, whereas before the update I did. Here's the code:

const turnkeyAccount = await createAccount({
    client: turnkeyClient,
    organizationId: subOrgId,
    signWith: pkId,
  })

  const walletClient = createWalletClient({
    account: turnkeyAccount,
    chain: IS_PROD ? polygon : polygonMumbai,
    transport: http(
      `${env.NEXT_PUBLIC_RPC_BASE_URL}/${env.NEXT_PUBLIC_ALCHEMY_KEY}`
    ),
  }).extend(publicActions)

[timurnkey]

Hey @andrewkmin,

Yes, I saw those changes too and modified them accordingly. But what's weird is that I don't see a privateKey Id on the sub-organization that was created in my turnkey admin, whereas before the update I did. Here's the code:

you're on the cutting edge! we'll be shipping an update to our dashboard shortly that will show your wallets. you'll want to use the generated address to sign as there's no private key ID for a wallet.

const turnkeyAccount = await createAccount({
    client: turnkeyClient,
    organizationId: subOrgId,
    signWith: pkId,  // ----> this should instead be the address that was generated when creating the wallet
  })

[flux0uz]

Ah, I see, thanks @timurnkey.
So, we're no longer creating a public/private key pair for our users, but a wallet that can have multiple accounts. Is that right?
What happens to the old sub-organizations (users) with whom we used the privateKeyId to sign? Will it be possible to sign with their wallet address too?

[timurnkey]

Ah, I see, thanks @timurnkey. So, we're no longer creating a public/private key pair for our users, but a wallet that can have multiple accounts. Is that right?

Bingo! Wallets provide several advantages over Private Keys:

• can be used across various networks regardless of curve
• can generate millions of addresses
• can be exported as a checksummed, mnemonic phrase making back-up / recovery easier

What happens to the old sub-organizations (users) with whom we used the privateKeyId to sign? Will it be possible to sign with their wallet address too?

The signing interface is compatible both with Wallets and Private Keys. signWith accepts any of the following:

• wallet account address
• private key address
• private key id