public
/
docs
5
0
Fork 0
Code Issues 18 Pull Requests 1 Packages Projects Releases Wiki Activity

more refactoring

This commit is contained in:
Anton Livaja 2025-01-15 14:17:38 -05:00
parent c5682b871f
commit 17bc691cf6
Signed by: anton
GPG Key ID: 44A86CFF1FDF0E85
8 changed files with 42 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
quorum-key-management/src/SUMMARY.md
View File

@ -8,11 +8,12 @@
* [Location](locations.md)
* [Glossary](glossary.md)
* [Generated Documents]()
* [All Levels]()
* [Provision Personal PGP Signing Keys On-Board Smart Card](generated-documents/all-levels/provision-pgp-signing-keys-on-board-smart-card.md)
* [Level 2]()
* [Fixed-Location]()
* [Procurer](generated-documents/level-2/fixed-location/procurer/index.md)
* [Procure Facility](generated-documents/level-2/fixed-location/procurer/procure-facility.md)
* [Provision PGP Signing Keys On-Board Smart Card](generated-documents/level-2/fixed-location/procurer/provision-pgp-signing-keys-on-board-smart-card.md)
* [Procure Tamper Proofing Equipment](generated-documents/level-2/fixed-location/procurer/procure-tamper-proofing-equipment.md)
* [Procure Hardware](generated-documents/level-2/fixed-location/procurer/procure-hardware.md)
* [Provisioner](generated-documents/level-2/fixed-location/provisioner/index.md)

2
quorum-key-management/src/generated-documents/level-2/fixed-location/procurer/provision-pgp-signing-keys-on-board-smart-card.md → quorum-key-management/src/generated-documents/all-levels/provision-pgp-signing-keys-on-board-smart-card.md
View File

@ -8,4 +8,4 @@
## Procedure
{{ #include ../../../../component-documents/openpgp-setup.md:steps-on-key-gen }}
{{ #include ../../component-documents/openpgp-setup.md:steps-on-key-gen }}

20
quorum-key-management/src/generated-documents/level-2/fixed-location/operator/coins/pyth-spl/sign-transaction.md
View File

@ -2,28 +2,12 @@
## Requirements
* 2 Operators
* [Operator PGP key pairs](../../key-types.md#operator-pgp-keypair)
* Ensure both primary operators have their [Shard-Bearer Keys](../../pgp-key-provisioning.md)
* Both operators should print photographic evidence from digital cameras which is stored in a PGP signed repository. The photographs should be of the top and underside of the vacuum sealed object.
* The operators should verify the commit signatures of the photographs they are printing against a list of permitted PGP keys (found in ceremonies repo)
* Shardfile on SD card
* Keychain SD card
{{ #include ../../../../operator-requirements.md:requirements }}
* Air-gapped bundle
* Tamper proofing equipment
* Ceremony notes
* AirgapOS hash
* Trusted PGP key fingeprints IDs
## Procedure
1. Verify all transactions for the ceremony in the `ceremonies` repository, ensuring that all the transactions are properly signed by the proposer and the approver using PGP keys which have been checked into ceremonies repository.

30
quorum-key-management/src/generated-documents/level-2/fixed-location/operator/pgp-key-provisioning.md
View File

@ -2,7 +2,17 @@
## Requirements
{{ #include ../../operator-requirements.md:requirements }}
* 2 Operators
* [Personal PGP key pairs](../../key-types.md#personal-pgp-keypair)
* Air-gapped bundle
* Tamper-proofing equipment
* Both operators should print photographic evidence from digital cameras which is stored in a PGP signed repository. The photographs should be of the top and underside of the vacuum sealed object.
* The operators should verify the commit signatures of the photographs they are printing against a list of permitted PGP keys found in the "ceremonies" repo
* For each new key to be provisioned:
@ -18,4 +28,20 @@
1. Unseal the Air-Gapped bundle consisting of a air-gapped laptop, "AirgapOS" SD card and "Keychain" SD card
{{ #include ../../../../component-documents/openpgp-setup.md:steps-keyfork}}
{{ #include ../../../../component-documents/openpgp-setup.md:steps-keyfork}}
#### Sealing
1. Gather all the original items that were in the air-gapped bundle:
* Air-gapped computer
* AirgapOS SD card
* Shardfile SD card
* Keychain SD card
{{ #include ../../../../component-documents/tamper-evidence-methods.md:vsbwf-procedure-sealing}}

3
quorum-key-management/src/generated-documents/level-2/fixed-location/operator/root-entropy-generation.md
View File

@ -4,8 +4,9 @@ This is a ceremony for generating root entropy.
## Requirements
{{ #include ../../operator-requirements.md:requirements }}
* [Operator PGP key pairs](../../key-types.md#operator-pgp-keypair)
{{ #include ../../operator-requirements.md:requirements }}
* Each member needs to bring their:

2
quorum-key-management/src/generated-documents/level-2/fixed-location/procurer/index.md
View File

@ -18,7 +18,7 @@ The procurer is responsible for:
## Order of Operations
1. Provisioning [Signing PGP Keys](./provision-pgp-signing-keys-on-board-smart-card.md)
1. Provisioning [Personal PGP Keys](./provision-pgp-signing-keys-on-board-smart-card.md)
1. Procuring a [facility](./procure-facility.md)

6
quorum-key-management/src/generated-documents/level-2/operator-requirements.md
View File

@ -4,9 +4,11 @@
## For Quorum Based Operations
// ANCHOR: requirements
* Adequate quorum (M individuals of a M of N quorum)
* [Personal PGP key pairs](../../key-types.md#personal-pgp-keypair)
* [Operator PGP key pairs](../../key-types.md#operator-pgp-keypair)
* Air-gapped bundle
* Adequate quorum (M individuals of a M of N quorum)
* Tamper-proofing equipment

2
quorum-key-management/src/key-types.md
View File

@ -4,6 +4,8 @@
Used for day to day operations such as signing keys being added to keychain, signing tamper evidence, signing transaction requests and approvals etc.
When bootstrapping a system, the initial PGP keys can be generated on-board a smart card using [this guide](./generated-documents/all-levels/provision-pgp-signing-keys-on-board-smart-card.md).
### Requirements
* MUST not be transferred