From c695e0e5ece2f4d1091f19d6fbcedc1bf48ac090 Mon Sep 17 00:00:00 2001
From: Anton Livaja <anton@livaja.me>
Date: Wed, 29 Jan 2025 06:58:54 -0500
Subject: [PATCH 1/3] add draft doc for encrypting wallet to namespace

---
 quorum-vault-system/src/SUMMARY.md            |  1 +
 .../encrypt-wallet-to-namespace-key.md        | 28 +++++++++++++++++++
 2 files changed, 29 insertions(+)
 create mode 100644 quorum-vault-system/src/generated-documents/level-2/fixed-location/operator/encrypt-wallet-to-namespace-key.md

diff --git a/quorum-vault-system/src/SUMMARY.md b/quorum-vault-system/src/SUMMARY.md
index 190640f..34e4262 100644
--- a/quorum-vault-system/src/SUMMARY.md
+++ b/quorum-vault-system/src/SUMMARY.md
@@ -31,3 +31,4 @@
                 * [Namespace Entropy Ceremony](generated-documents/level-2/fixed-location/operator/namespace-entropy-ceremony.md)
                 * [Ceremony SD Card Provisioning](generated-documents/level-2/fixed-location/operator/ceremony-sd-card-provisioning.md)
                 * [SOL - Transfer Token](generated-documents/level-2/fixed-location/operator/coins/sol/transfer-token.md)
+                * [SOL - Transfer Token](generated-documents/level-2/fixed-location/operator/encrypt-wallet-to-namespace-key.md)
diff --git a/quorum-vault-system/src/generated-documents/level-2/fixed-location/operator/encrypt-wallet-to-namespace-key.md b/quorum-vault-system/src/generated-documents/level-2/fixed-location/operator/encrypt-wallet-to-namespace-key.md
new file mode 100644
index 0000000..a25e023
--- /dev/null
+++ b/quorum-vault-system/src/generated-documents/level-2/fixed-location/operator/encrypt-wallet-to-namespace-key.md
@@ -0,0 +1,28 @@
+# Encrypt Wallet to Namespace Key
+
+Procedure for importing an arbitrary secret (raw key, mnemonic, state secrets) into a Namespace.
+
+## Requirements
+
+* [Namespace OpenPGP Certificate]() 
+
+    * It can be on an SD card or accessed online
+
+## Procedure
+
+1. Access machine which has the secret that should be encrypted available
+
+    * If not on a computer, but a hardware wallet or otherwise, perform the steps on a air-gapped machine
+
+1. Load the OpenPGP certificate:
+
+    * `gpg --import <cert.asc>`
+
+1. Encrypt the secret the the public cert:
+
+    * `gpg -k` to list keys and find the fingerprint for the public certificate you are encrypting to
+
+    * `gpg --encrypt <key_id> <secret_file>
+
+1. Once encrypted, add the encrypted file to an `artifacts/` directory in the appropriate namespace subdirectory in the ceremonies repository
+

From a75e667bf1cf94fe1aa31f0d56bb5047cacc5b62 Mon Sep 17 00:00:00 2001
From: Anton Livaja <anton@livaja.me>
Date: Wed, 29 Jan 2025 07:42:22 -0500
Subject: [PATCH 2/3] fix doc title

---
 quorum-vault-system/src/SUMMARY.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/quorum-vault-system/src/SUMMARY.md b/quorum-vault-system/src/SUMMARY.md
index 34e4262..643e0b4 100644
--- a/quorum-vault-system/src/SUMMARY.md
+++ b/quorum-vault-system/src/SUMMARY.md
@@ -31,4 +31,4 @@
                 * [Namespace Entropy Ceremony](generated-documents/level-2/fixed-location/operator/namespace-entropy-ceremony.md)
                 * [Ceremony SD Card Provisioning](generated-documents/level-2/fixed-location/operator/ceremony-sd-card-provisioning.md)
                 * [SOL - Transfer Token](generated-documents/level-2/fixed-location/operator/coins/sol/transfer-token.md)
-                * [SOL - Transfer Token](generated-documents/level-2/fixed-location/operator/encrypt-wallet-to-namespace-key.md)
+                * [Encrypt Wallet To Namespace PGP Key](generated-documents/level-2/fixed-location/operator/encrypt-wallet-to-namespace-key.md)

From 61c4f2b03ab2d2dd86ad725d5517c6f142bbad03 Mon Sep 17 00:00:00 2001
From: Anton Livaja <anton@livaja.me>
Date: Thu, 30 Jan 2025 01:06:43 -0500
Subject: [PATCH 3/3] simplify encryption by using sq

---
 .../operator/encrypt-wallet-to-namespace-key.md        | 10 +++-------
 1 file changed, 3 insertions(+), 7 deletions(-)

diff --git a/quorum-vault-system/src/generated-documents/level-2/fixed-location/operator/encrypt-wallet-to-namespace-key.md b/quorum-vault-system/src/generated-documents/level-2/fixed-location/operator/encrypt-wallet-to-namespace-key.md
index a25e023..443cae8 100644
--- a/quorum-vault-system/src/generated-documents/level-2/fixed-location/operator/encrypt-wallet-to-namespace-key.md
+++ b/quorum-vault-system/src/generated-documents/level-2/fixed-location/operator/encrypt-wallet-to-namespace-key.md
@@ -16,13 +16,9 @@ Procedure for importing an arbitrary secret (raw key, mnemonic, state secrets) i
 
 1. Load the OpenPGP certificate:
 
-    * `gpg --import <cert.asc>`
+1. Encrypt the secret to certificate:
 
-1. Encrypt the secret the the public cert:
+    * `sq encrypt --for-file <certificate> <file_to_encrypt> --output encrypted.asc` TODO: sq needs to be added to airgapOS
 
-    * `gpg -k` to list keys and find the fingerprint for the public certificate you are encrypting to
-
-    * `gpg --encrypt <key_id> <secret_file>
-
-1. Once encrypted, add the encrypted file to an `artifacts/` directory in the appropriate namespace subdirectory in the ceremonies repository
+1. Once encrypted, name the file appropriately and add it to an `artifacts/` directory in the appropriate namespace subdirectory in the ceremonies repository