Setting up federation

How can I set up my domain to use Lumenbox as my federation provider?

The Stellar Federation Protocol requires that you define the federation server you would like to use for your domain.

In order to use Lumenbox as your secure Stellar Federation Provider you need to define our federation server on your web server. To do this follow this procedure:

  1. Add a stellar.toml file to your site at (make sure you use HTTPS) and include the following line into it: FEDERATION_SERVER=””
  2. Modify your stellar.toml file/page to enable CORS. You can do this by adding “Access-Control-Allow-Origin: *” to the HTTP response header
How can I sign my federation records for DKIF?

In case you use Lumenbox Open Federation (you are adding a record to one of the domains that we provide) your records get signed automatically using an offline process.

In case you are using the Hosted Federation (you are adding a record under your own domain), the DKIF extension requires you to do few more additional steps to be able to sign and upload your records into the Lumenbox database:

  1. Use the signing tool to sign your federation records on your desktop (works offline so your secret key is safe!)
  2. Include your the public key of your signing key pair into a TXT record in your DNS: federation._stellardomainkey IN TXT “<publickey>”
How can I verify that my domain set up is working fine?

You can use our verify site to test if your set up is correct.

In case you do not have a proper federation record uploaded to Lumenbox yet just use any record with your domain and our tool will still verify your domain set up:

I want to use Lumenbox federation without DKIF, is it possible?

Yes, it is!

For open federation (when you choose one of the domains which are provided by us) we automatically sign the entries but you do not need to worry about this. Clients/wallets which do not support DKIF validation will ignore the signature fields in the federation response.

In case you are using Hosted Federation (accounts with your own domain), Lumenbox allows you to leave the signature field empty. In this way Lumenbox will not try to validate your signature and you can register your account (although it is possible but this is not recommended as in this way your federation records will not use DKIF)