public
/
docs
5
0
Fork 0
Code Issues 21 Pull Requests 2 Packages Projects Releases Wiki Activity

refactor main operator doc

This commit is contained in:
Anton Livaja 2024-12-16 16:45:34 -05:00
parent eb77ad63c9
commit 5489afbbed
Signed by: anton
GPG Key ID: 44A86CFF1FDF0E85
4 changed files with 32 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
quorum-key-management/book.toml
View File

@ -3,4 +3,4 @@ authors = ["Anton Livaja", "Lance R. Vick", "Ryan Heywood"]
language = "en"
multilingual = false
src = "src"
title = "Quorum Key Management (QKM)"
title = "Quorum Vault System (QVS)"

63
quorum-key-management/src/generated-documents/level-2/fixed-location/operator/coins/pyth-spl/sign-transaction.md
View File

@ -2,21 +2,11 @@
# Operator - Sign PYTH-SPL Transaction
Solana blockchain has a time sensitive aspect associated to validity of standard transactions. The `blockhash` which is used as part of a transaction expires in 60-90 seconds. This introduces operational challenges to signing a transaction offline. As a result, this ceremony requires 3 operators, rather than the typical 2. It is essential for the operators to collaborate to quickly get the transaction data from the online computer to the offline, sign it, then get it back to the online machine before the `blockhash` validity period expires.
The online machine operator is only to operate the online machine, and not touch the offline machine, and the air-gapped machine operators should not touch the online machine. The operators must focus on their machine and their part of the process.
Typically, the online machine and the additional operator are not necessary as there is no time sensitivity to the transaction as only some blockchains have the requirement of using a `blockhash` from a previous block as part of a new valid transaction.
## Requirements
* 3 Operators
* 2 primary operators will be operating the offline machine and online machine
* 2 primary operators will be operating the offline machine
* Ensure both primary operators have their [Operator Keys](../../../../../../glossary.md#operator-key)
* An additional operator is necessary for fetching and providing the transaction data and the latest SOL `blockhash` from a online computer and transmitting using an SD card to the 2 primary operators conducting the main ceremony
* Ensure both primary operators have their [Operator Keys](../../../../../../glossary.md#operator-key)
* Photographic tamper proofing evidence
@ -34,19 +24,25 @@ Typically, the online machine and the additional operator are not necessary as t
* Colored beads
* 4 SD cards (2 fresh, formatted as ext4, and 2 cards with prepared data)
* PureBoot smart card (TODO)
* 5 SD cards (2 fresh, formatted as ext4, and 3 cards with prepared data)
* 1 SD card for transferring transaction data from online to air-gapped machine
* 1 SD card for storing tamper proofing evidence produced at the end of the ceremony
* 1 SD card which has the shardfile and "trusted keys" for proposers and approvers, both signed by each operator using their operator key (TODO)
* 1 SD card which has the shardfile, labelled "Shardile"
* This should be write-locked and stored in tamper proofing along with air-gapped machine
* 1 SD card with "trusted keys" for proposers and approvers, both signed by each operator using their operator key (TODO)
* This should be write-locked and stored in tamper proofing along with air-gapped machine
* TODO refactor for this to be alongside airgapped machine
* 1 SD card with AirgapOS
* This should be write-locked and stored in tamper proofing along with air-gapped machine
* Digital camera (TODO selection)
@ -61,32 +57,33 @@ Typically, the online machine and the additional operator are not necessary as t
3. Retrieve sealed laptop and polaroid from locked storage
### Unsealing Tamper Proofing
{{ #include ../../../../../../tamper-evidence-methods.md:vsbwf-procedure-unsealing}}
### Secure Boot Procedure
0. Plug PureBoot smart card into air-gapped machine
{{ #include ../../../../../../secure-boot-sequence.md:content}}
1. Plug in SD card labelled "AirgapOS"
0. Load well known PGP keys of proposer and approver, and sign them using operator keys (NOT IMPLEMENTED)
{{ #include ../../../../../../secure-boot-sequence.md:prepared}}
1. Insert SD card with shardfile
0. Plug in SD card labelled "Trusted Keys"
* Load well known PGP keys of proposer and approver, and sign them using operator keys (NOT IMPLEMENTED)
* `gpg --import <keyfile_name>`
1. Insert SD card labelled "shardfile"
2. `keyfork recover shard --daemon`
3. Await prompt and plug in first Operator Key
* Follow on screen prompts
4. Tap the key (may have to tap multiple times)
3. As a last step, run the `icepick` command which is awaiting the transaction payload
5. Await prompt and plug in second Operator Key
* `icepick workflow sol-transfer`
6. Tap the key
* Follow on screen prompts
7. Run `keyfork
8. As a last step, run the `icepick` command which is awaiting the transaction payload
* TODO add command
### Obtain Transaction Request
@ -96,7 +93,7 @@ Typically, the online machine and the additional operator are not necessary as t
* TODO define means (could just be email?)
3. Run `icepick workflow sol-get-blockhash-and-broadcast` command
3. Run `icepick workflow sol-broadcast` command
* Wait for prompt and plug in fresh SD card
@ -108,11 +105,7 @@ Typically, the online machine and the additional operator are not necessary as t
### Sign Transaction
1. Use `icepick` to generate the transaction payload:
* `icepick workflow sol-transfer-token`
* Wait for SD card prompt and plug in SD card with signed transaction payload
1. Plug in SD card with transaction payload
2. Wait for the screen to display the transaction information. (NOT IMPLEMENTED)

2
quorum-key-management/src/portable-reusable-laptop-ceremony.md
View File

@ -64,7 +64,7 @@ To conform to [Level 2](threat-model.md#level-2) security properties a location
### Perform Operations
6. Follow a [playbook](TODO)
Follow a [playbook](TODO)
### Sealing

3
quorum-key-management/src/secure-boot-sequence.md
View File

@ -30,7 +30,7 @@ binary they built on their own system according to the [AirgapOS Setup Playbook]
12. Once everyone is satisfied that the hash matches, the computer should be
be restarted.
// ANCHOR: prepared
13. Press space when the message "Automatic boot in 5 seconds unless interrupted by keypress..."
14. Once in the PureBoot Boot Menu, navigate to "Options -->" and press Enter
@ -43,6 +43,7 @@ be restarted.
18. Once booted, verify the version of the software matches the AirgapOS Hash
which was noted during the [AirgapOS Setup](repeat-use-airgapos.md).
// ANCHOR_END: prepared
// ANCHOR_END: content
/* ANCHOR_END: all */