public
/
docs
5
0
Fork 0
Code Issues 14 Pull Requests 1 Packages Projects Releases Wiki Activity

many updates

This commit is contained in:
Anton Livaja 2025-01-24 05:31:14 -05:00
parent 4157641f09
commit 573c13b462
Signed by: anton
GPG Key ID: 44A86CFF1FDF0E85
17 changed files with 415 additions and 186 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
quorum-key-management/src/SUMMARY.md
View File

@ -21,7 +21,9 @@
* [Provision Computer](generated-documents/level-2/fixed-location/provisioner/provision-computer.md)
* [Provision SD Card](generated-documents/level-2/fixed-location/provisioner/provision-sd-card.md)
* [Provision AirgapOS](generated-documents/level-2/fixed-location/provisioner/provision-airgapos.md)
* [Provision Root Entropy Ceremony SD Card](generated-documents/level-2/fixed-location/provisioner/provision-root-entropy-ceremony-sd-card.md)
* [Provision Namespace Ceremony SD Card](generated-documents/level-2/fixed-location/provisioner/provision-namespace-ceremony-sd-card.md)
* [Provision Quorum Ceremony SD Card](generated-documents/level-2/fixed-location/provisioner/provision-quorum-ceremony-sd-card.md)
* [Provision Ceremony SD Card](generated-documents/level-2/fixed-location/provisioner/provision-ceremony-sd-card.md)
* [Copy Shardfile SD Card](generated-documents/level-2/fixed-location/provisioner/copy-shardfile-sd-card.md)
* [Provision Air-Gapped Bundle](generated-documents/level-2/fixed-location/provisioner/air-gapped-bundle.md)
* [Proposer](system-roles.md)
@ -30,5 +32,6 @@
* [Transaction Approval](generated-documents/level-2/fixed-location/approver/approve-transaction.md)
* [Operator](generated-documents/level-2/fixed-location/operator/index.md)
* [PGP Key Provisioning](generated-documents/level-2/fixed-location/operator/pgp-key-provisioning.md)
* [Root Entropy Generation](generated-documents/level-2/fixed-location/operator/root-entropy-generation.md)
* [Namespace Entropy Ceremony](generated-documents/level-2/fixed-location/operator/namespace-entropy-ceremony.md)
* [Quorum Entropy Ceremony](generated-documents/level-2/fixed-location/operator/quorum-entropy-ceremony.md)
* [PYTH-SLN - Sign Transaction](generated-documents/level-2/fixed-location/operator/coins/pyth-spl/sign-transaction.md)

189
quorum-key-management/src/component-documents/ceremony-repository.md
View File

@ -37,16 +37,201 @@ ceremonies/
transactions/
<tx_name>.tx.json
policies/
spending-policy.json
spending-policy.json [NOT IMPLEMENTED]
keychain/
<key_fingerprint>/
<last_16_digits_of_key_fingerprint>.asc
<last_16_digits_of_key_fingerprint>.<last_16_digits_of_sigining_key>.asc.sig
```
## Procedure: Setting up Repository
{{ #include ./git-repository-initialization.md:procedure}}
## Procedure: Adding a OpenPGP Public Certificate
1. Designate the role of the key - it should be placed into the corresponding role directory
1. Open a PR submitting the key to the repository
* MUST be via commit signed by the PGP key being submitted to the repository
1. Two other authorized individuals (TODO define how they are authorized) must perform a signing ceremony where the master key signature of the public certificate is added to the public certificate
- [ ] TODO add instructions/doc
1. The PR should be merged using a signed commit via the git CLI
## Procedure: Adding Scripts
### Script: Verify OpenPGP Certificate Signatures (`verify-openpgp-certificates.sh`)
This script is used during ceremonies where operators want to ensure that a set of OpenPGP certificates are signed by each of the operators at least once. The way it is used is:
1. Plugs in the Ceremony SD card
1. The operator plugs in their smart card which holds their OpenPGP subkeys
1. Runs the `verify-openpgp-certificates.sh`
#### Provisioning
1. Create a file called `verify-openpgp-certificates.sh` in the `scripts/` directory
1. Add the following contents to the file:
- [ ] TODO, modify to check signatures on the pub key
- [ ] TODO review script
```
#!/bin/bash
set -eu -o pipefail
DIRECTORY="$1"
if ! compgen -G "$DIRECTORY/*.asc" > /dev/null; then
echo "No .asc files found in the directory."
exit 1
fi
if ! gpg --card-status > /dev/null 2>&1; then
echo "No smart card detected. Please insert a smart card."
exit 1
fi
smart_card_id=$(gpg --card-status | grep sec | cut -d'/' -f2 | cut -d' ' -f1)
for asc_file in "$DIRECTORY"/*.asc; do
gpg --import "$asc_file"
done
for asc_file in "$DIRECTORY"/*.asc; do
sig_exists="false"
for sig_file in "$DIRECTORY"/*.asc.sig; do
sigfile_basename=$(basename "$sig_file" .asc.sig)
ascfile_basename=$(basename "$asc_file" .asc)
if [[ "$sigfile_basename" != "$ascfile_basename" ]]; then
continue
fi
sig_key_id=$(gpg --verify "$sig_file" 2>&1 | grep 'Primary key fingerprint' | cut -d' ' -f4- | tr -d ' ')
trimmed_key_id="${sig_key_id: -16}"
if [[ "$trimmed_key_id" == "$smart_card_id" ]]; then
sig_exists="true"
break
fi
done
if [[ "$sig_exists" == "false" ]]; then
printf "\nWARNING: Signature for %s by operator key %s does not exist\n" "$asc_file" "$smart_card_id"
fi
done
```
### Script: Verify Workflow Payload Has Valid OpenPGP Signatures (`verify-workload-payloads.sh`)
This script is used during ceremonies to ensure that the payload data from the "Proposer" and "Approvers" have been signed by trusted keys from the `keychain/` directory. The script `verify-openpgp-signatures.sh` is used to load and verify the validity of keys before this script can be used.
1. Run the `verify-openpgp-certificates` scripts
1. Plug in the "Workflow" SD card and run the `verify-workload-payload.sh`
#### Provisioning
1. Create a file called `verify-workload-payload.sh` in the `scripts/` directory
1. Add the following content to the file:
- [ ] TODO: review script
```
#!/bin/bash
DIRECTORY=$1
declare -a key_ids
while IFS= read -r line; do
key_id=$(echo "$line" | awk -F: '/^pub/{print $5}')
if [[ -n "$key_id" ]]; then
key_ids+=("$key_id")
fi
done < <(gpg --list-keys --with-colons)
check_key_id() {
local search_key_id="$1"
for id in "${key_ids[@]}"; do
if [[ "$id" == "$search_key_id" ]]; then
return 0
fi
done
return 1
}
for tx in "$DIRECTORY"/*.json; do
basename=$(basename "$tx" .json)
number_of_sigs=0
tx_sig="$DIRECTORY/$basename.json.sig"
if [[ ! -f "$tx_sig" ]]; then
echo "WARNING: No signature file found for transaction $tx."
continue
fi
sig_key_id=$(gpg --verify "$tx_sig" 2>&1 | grep 'Primary key fingerprint' | cut -d' ' -f4- | tr -d ' ')
trimmed_key_id="${sig_key_id: -16}"
if check_key_id "$trimmed_key_id"; then
((number_of_sigs++))
else
echo "Key ID $trimmed_key_id not found in key_ids array."
fi
if (( number_of_sigs < 2 )); then
echo "WARNING: Insufficient signatures ($number_of_sigs) for transaction $tx."
fi
done
```
## Procedure: Provision Ceremony SD Card
This procedure requires 2 individuals in order to witness the process and verify that the data being burned to the card is correct.
The Ceremony SD Card once provisioned will be used in creating the [tamper proofed airgap bundle](#air-gapped-bundle)
// ANCHOR: provision-ceremony-sd-card
1. Get a freshly formatted SD card
1. Plug it into a computer
1. Navigate the the official Keychain repository of your organization
1. Select provisioner and approver keys from the Keychain repository
1. Download the desired keys along with detached signatures
1. Find the SD card block device name using `lsblk`
1. Create a directory for OpenPGP public certificates on the SD card: `mkdir dev/<device_name>/public_certificates`
1. Copy the `.asc` and `.sig` signature files from `keychain` directory in the Ceremonies repository to into the `public_certificates` dir on the SD card
1. Create a directory for scripts on the SD card: `mkdir dev/<device_name>/scripts`
1. Copy the contents of the scripts directory from the Ceremonies repository into the `scripts/` directory on the SD card
1. Use the `sdtool` to lock the card
{{ #include ../sdtool-instructions.md:steps }}
1. Label the card "Ceremony [date]"
### Tamper Proofing
{{ #include ./tamper-evidence-methods.md:vsbwf-procedure-sealing }}
// ANCHOR_END: provision-ceremony-sd-card
// ANCHOR_END: content
/* ANCHOR_END: all */

65
quorum-key-management/src/component-documents/keychain-repository.md
View File

@ -1,65 +0,0 @@
/* ANCHOR: all */
# Keychain Repository
// ANCHOR: content
This repository contains the trusted keys for the organization.
## Directives
* MUST be a private repository
* MUST require signed commits
## Repository Structure
```
trusted-keys/
proposers/
<key_id>/
pub.asc
sig_1.asc
sig_2.asc
approvers/
operators/
```
## Procedure: Setting up Repository
{{ #include ./git-repository-initialization.md:procedure }}
## Procedure: Adding OpenPGP Keys
1. Designate the role of the key - it should be placed into the corresponding role directory
1. Open a PR submitting the key to the repository
* MUST be via commit signed by the PGP key being submitted to the repository
1. Two other authorized individuals (TODO define how they are authorized) must provide detached PGP signatures of the key being submitted
1. The PR should be merged using a signed commit via the git CLI
### Procedure: Ceremony "Keychain SD Card"
This procedure requires 2 individuals in order to witness the process and verify that the data being burned to the card is correct.
The Keychain SD Card once provisioned will be used in creating the [tamper proofed airgap bundle](#air-gapped-bundle)
1. Get a freshly formatted SD card
1. Plug it into a computer
1. Navigate the the official Keychain repository of your organization
1. Select provisioner and approver keys from the Keychain repository
1. Download the desired keys along with detached signatures
1. Copy the `.asc` and signature files to the SD card
1. Use the `sdtool` to lock the card
{{ #include ../sdtool-instructions.md:steps }}
1. Label the card "Keychain <date>"
// ANCHOR_END: content
/* ANCHOR_END: all */

2
quorum-key-management/src/component-documents/one-time-use-airgapos.md
View File

@ -19,7 +19,7 @@ instead the AirgapOS `.iso` image is flashed to an SD card, locked using
{{ #include ../sdtool-instructions.md:steps }}
1. Label the SD card "AirgapOS - <version>"
1. Label the SD card "AirgapOS [version]"
1. Verify that the hash of `airgap.iso` matches what's flashed on the SD card:

56
quorum-key-management/src/generated-documents/level-2/fixed-location/operator/ceremony-template.md Normal file
View File

@ -0,0 +1,56 @@
/* ANCHOR: all */
// ANCHOR: content
## Procedure
1. Enter the designated location with the 2 operators and all required equipment
1. Lock access to the location - there should be no inflow or outflow of people during the ceremony
1. Retrieve Air-Gapped Bundle from locked storage
### Unsealing Tamper Proofing
{{ #include ../../../../component-documents/tamper-evidence-methods.md:vsbwf-procedure-unsealing}}
1. Place all materials except for the laptop into High Visibility Storage
### Generating Entropy
1. Retrieve AirgapOS SD card from High Visibility Storage and plug it into air-gapped laptop
1. Turn on the machine
1. Once booted, remove the AirgapOS SD card and place it into High Visibility Storage
1. Plug in the Ceremony SD card
1. Run `ceremony.sh` from the SD card
1. Button mash to ensure adequate entropy on the OS
1. Back up the `shardfile` to any desired number of SD cards, and label each "Shardfile [date]"
1. Optionally write an `autorun.sh` file to the Shardfile SD card containing the following command:
* `keyfork recover shard --daemon`
1. If an OpenPGP certificate was derived, store the public key on a SD card, separate from the shardfiles
### Finalizing Ceremony
1. Gather all the original items that were in the air-gapped bundle:
* Air-gapped computer
* AirgapOS SD card
* Shardfile SD card
* Ceremony SD card
{{ #include ../../../../component-documents/tamper-evidence-methods.md:vsbwf-procedure-sealing}}
// ANCHOR_END: content
/* ANCHOR_END: all */

108
quorum-key-management/src/generated-documents/level-2/fixed-location/operator/coins/pyth-spl/sign-transaction.md
View File

@ -6,7 +6,7 @@
* [High Visibility Storage](TODO): plastic container or bag that's used to keep items while not in use in a visible location like the middle of a desk.
* [Operator PGP key pairs](../../key-types.md#operator-pgp-keypair)
* [Quorum PGP key pairs](../../key-types.md#quorum-pgp-keypair)
{{ #include ../../../../operator-requirements.md:requirements }}
@ -52,59 +52,11 @@
1. Use detached signatures of the keys on the SD cards to verify the pub certs. Each operator should verify that the each key in the Keychain has been signed by that operator's key.
1. Plug in a smart card with Operator PGP Key
1. Plug in a smart card with Quorum PGP Key
1. Use the following script to check that a signature by the plugged in key exists for all the public certificates found on the Keychain
- [ ] TODO move this to ceremony SD card or airgapOS
```
#!/bin/bash
1. Run the `verify-openpgp-certifiates.sh` script
set -eu -o pipefail
DIRECTORY="$1"
if ! compgen -G "$DIRECTORY/*.asc" > /dev/null; then
echo "No .asc files found in the directory."
exit 1
fi
if ! gpg --card-status > /dev/null 2>&1; then
echo "No smart card detected. Please insert a smart card."
exit 1
fi
smart_card_id=$(gpg --card-status | grep sec | cut -d'/' -f2 | cut -d' ' -f1)
for asc_file in "$DIRECTORY"/*.asc; do
gpg --import "$asc_file"
done
for asc_file in "$DIRECTORY"/*.asc; do
sig_exists="false"
for sig_file in "$DIRECTORY"/*.asc.sig; do
sigfile_basename=$(basename "$sig_file" .asc.sig)
ascfile_basename=$(basename "$asc_file" .asc)
if [[ "$sigfile_basename" != "$ascfile_basename" ]]; then
continue
fi
sig_key_id=$(gpg --verify "$sig_file" 2>&1 | grep 'Primary key fingerprint' | cut -d' ' -f4- | tr -d ' ')
trimmed_key_id="${sig_key_id: -16}"
if [[ "$trimmed_key_id" == "$smart_card_id" ]]; then
sig_exists="true"
break
fi
done
if [[ "$sig_exists" == "false" ]]; then
printf "\nWARNING: Signature for %s by operator key %s does not exist\n" "$asc_file" "$smart_card_id"
fi
done
```
1. Repeat for all operators, using their respective smart cards
1. Ensure that the script doesn't output any "WARNING" messages to the console. If it does, abort the ceremony and initiate incident response.
@ -123,56 +75,8 @@
1. Retrieve the "Transaction" SD card from High Visibility Storage and plug in the "Transaction" SD card
1. For each transaction, verify that the signature is made by trusted keys that are loaded in the gpg keyring:
- [ ] TODO: move this to ceremony SD card
```
#!/bin/bash
DIRECTORY=$1
declare -a key_ids
while IFS= read -r line; do
key_id=$(echo "$line" | awk -F: '/^pub/{print $5}')
if [[ -n "$key_id" ]]; then
key_ids+=("$key_id")
fi
done < <(gpg --list-keys --with-colons)
check_key_id() {
local search_key_id="$1"
for id in "${key_ids[@]}"; do
if [[ "$id" == "$search_key_id" ]]; then
return 0
fi
done
return 1
}
for tx in "$DIRECTORY"/*.json; do
basename=$(basename "$tx" .json)
number_of_sigs=0
tx_sig="$DIRECTORY/$basename.json.sig"
if [[ ! -f "$tx_sig" ]]; then
echo "WARNING: No signature file found for transaction $tx."
continue
fi
sig_key_id=$(gpg --verify "$tx_sig" 2>&1 | grep 'Primary key fingerprint' | cut -d' ' -f4- | tr -d ' ')
trimmed_key_id="${sig_key_id: -16}"
if check_key_id "$trimmed_key_id"; then
((number_of_sigs++))
else
echo "Key ID $trimmed_key_id not found in key_ids array."
fi
if (( number_of_sigs < 2 )); then
echo "WARNING: Insufficient signatures ($number_of_sigs) for transaction $tx."
fi
done
```
* Run the `verify-workload-payload.sh` script
1. Run the `icepick` command with the transaction payload
@ -206,7 +110,7 @@
* Shardfile SD card
* Keychain SD card
* Ceremony SD card
{{ #include ../../../../../../component-documents/tamper-evidence-methods.md:vsbwf-procedure-sealing}}

12
quorum-key-management/src/generated-documents/level-2/fixed-location/operator/root-entropy-generation.md → quorum-key-management/src/generated-documents/level-2/fixed-location/operator/namespace-entropy-ceremony.md
View File

@ -1,10 +1,10 @@
# Root Entropy Generation
# Namespace Entropy Ceremony
This is a ceremony for generating root entropy.
This is a ceremony for generating and sharding entropy to a set of existing Quorum Keys.
## Requirements
* [Operator PGP key pairs](/key-types.md#operator-pgp-keypair)
* [Quorum PGP key pairs](/key-types.md#quorum-pgp-keypair)
{{ #include ../../operator-requirements.md:requirements }}
@ -12,6 +12,8 @@ This is a ceremony for generating root entropy.
* [Ceremony SD Card](../provisioner/provision-root-entropy-ceremony-sd-card.md)
* [Namespace Ceremony SD Card](../provisioner/provision-namespace-ceremony-sd-card.md)
* [High Visibility Storage](TODO): plastic container or bag that's used to keep items while not in use in a visible location like the middle of a desk.
## Procedure
@ -42,7 +44,7 @@ This is a ceremony for generating root entropy.
1. Button mash to ensure adequate entropy on the OS
1. Back up the `shardfile` to any desired number of SD cards, and label each "Shardfile <date>"
1. Back up the `shardfile` to any desired number of SD cards, and label each "Shardfile [date]"
1. Optionally write an `autorun.sh` file to the Shardfile SD card containing the following command:
@ -60,6 +62,6 @@ This is a ceremony for generating root entropy.
* Shardfile SD card
* Keychain SD card
* Ceremony SD card
{{ #include ../../../../component-documents/tamper-evidence-methods.md:vsbwf-procedure-sealing}}

2
quorum-key-management/src/generated-documents/level-2/fixed-location/operator/pgp-key-provisioning.md
View File

@ -40,7 +40,7 @@
* Shardfile SD card
* Keychain SD card
* Ceremony SD card
{{ #include ../../../../component-documents/tamper-evidence-methods.md:vsbwf-procedure-sealing}}

67
quorum-key-management/src/generated-documents/level-2/fixed-location/operator/quorum-entropy-ceremony.md Normal file
View File

@ -0,0 +1,67 @@
# Quorum Entropy Ceremony
This is a ceremony for generating entropy which is used to derive Quorum PGP keys, load them into smart cards and shard entropy to them. Optionally a disaster recovery PGP key can be derived.
- [ ] add step for deriving root entropy pgp key
## Requirements
{{ #include ../../operator-requirements.md:requirements }}
* `N` SD cards in the chosen `M of N` quorum
* [Ceremony SD Card](../provisioner/provision-root-entropy-ceremony-sd-card.md)
* [Quorum Entropy Ceremony SD Card](../provisioner/provision-quorum-ceremony-sd-card.md)
* [High Visibility Storage](TODO): plastic container or bag that's used to keep items while not in use in a visible location like the middle of a desk.
## Procedure
1. Enter the designated location with at least 2 operators and all required equipment
1. Lock access to the location - there should be no inflow or outflow of people during the ceremony
1. Retrieve Air-Gapped Bundle from locked storage
### Unsealing Tamper Proofing
{{ #include ../../../../component-documents/tamper-evidence-methods.md:vsbwf-procedure-unsealing}}
1. Place all materials except for the laptop into High Visibility Storage
### Generating Entropy
1. Retrieve AirgapOS SD card from High Visibility Storage and plug it into air-gapped laptop
1. Turn on the machine
1. Once booted, remove the AirgapOS SD card and place it into High Visibility Storage
1. Plug in the Ceremony SD card
1. Run `ceremony.sh` from the SD card
1. Button mash to ensure adequate entropy on the OS
1. Back up the `shardfile` to any desired number of SD cards, and label each "Shardfile [date]"
1. Optionally write an `autorun.sh` file to the Shardfile SD card containing the following command:
* `keyfork recover shard --daemon`
1. If an OpenPGP certificate was derived, store the public key on a SD card, separate from the shardfiles
### Finalizing Ceremony
1. Gather all the original items that were in the air-gapped bundle:
* Air-gapped computer
* AirgapOS SD card
* Shardfile SD card
* Ceremony SD card
{{ #include ../../../../component-documents/tamper-evidence-methods.md:vsbwf-procedure-sealing}}

4
quorum-key-management/src/generated-documents/level-2/fixed-location/provisioner/air-gapped-bundle.md
View File

@ -8,10 +8,12 @@
* Air-gapped computer
* Keychain SD Card
* Ceremony SD Card
## Procedure
{{ #include ../../../../component-documents/tamper-evidence-methods.md:vsbwf-procedure-sealing}}
1. Label the tamper proofed package as "Air-Gapped Bundle [num]", for example "Air-Gapped Bundle 2" if one already exists
1. Update inventory to indicate a new air-gapped bundle is available

4
quorum-key-management/src/generated-documents/level-2/fixed-location/provisioner/copy-shardfile-sd-card.md
View File

@ -16,9 +16,11 @@ There should be multiple SD cards containing the shardfile data. Shardfile data
1. Copy the shardfile to the new SD card
1. Label the SD card: "Shardfile <date>"
1. Label the SD card: "Shardfile [date]"
1. Optionally write an `autorun.sh` file to the Shardfile SD card containing the following command:
* `keyfork recover shard --daemon`
{{ #include ../../../../component-documents/tamper-evidence-methods.md:vsbwf-procedure-sealing }}

4
quorum-key-management/src/generated-documents/level-2/fixed-location/provisioner/provision-airgapos.md
View File

@ -14,4 +14,6 @@
{{ #include ../../../../component-documents/sd-formatting.md:steps }}
{{ #include ../../../../component-documents/one-time-use-airgapos.md:steps }}
{{ #include ../../../../component-documents/one-time-use-airgapos.md:steps }}
{{ #include ../../../../component-documents/tamper-evidence-methods.md:vsbwf-procedure-sealing }}

11
quorum-key-management/src/generated-documents/level-2/fixed-location/provisioner/provision-ceremony-sd-card.md Normal file
View File

@ -0,0 +1,11 @@
# Provision Ceremony SD Card
## Requirements
{{ #include ../../basic-requirements.md:requirements }}
* Booster pack of fresh SD Cards
## Procedure
{{ #include ../../../../component-documents/ceremony-repository.md:provision-ceremony-sd-card }}

16
quorum-key-management/src/generated-documents/level-2/fixed-location/provisioner/provision-root-entropy-ceremony-sd-card.md → quorum-key-management/src/generated-documents/level-2/fixed-location/provisioner/provision-namespace-ceremony-sd-card.md
View File

@ -1,4 +1,12 @@
# Provision Root Entropy Ceremony SD Card
# Provision Namespace Ceremony SD Card
## Requirements
* Personal PGP Keys
* SD Card Booster Pack
## Procedure
1. Plug in a fresh formatted SD card into the computer
@ -47,4 +55,8 @@
1. Burn the SD card contents to the SD card using `sdtool`
{{ #include ../../../../sdtool-instructions.md:steps }}
{{ #include ../../../../sdtool-instructions.md:steps }}
1. Label the SD card "Namespace Ceremony [date]"
{{ #include ../../../../component-documents/tamper-evidence-methods.md:vsbwf-procedure-sealing }}

33
quorum-key-management/src/generated-documents/level-2/fixed-location/provisioner/provision-quorum-ceremony-sd-card.md Normal file
View File

@ -0,0 +1,33 @@
# Provision Quorum Ceremony SD Card
## Requirements
* Personal PGP Keys
* SD Card Booster Pack
## Procedure
1. Plug in a fresh formatted SD card into the computer
1. Write the following script to a file called `ceremony.sh`
* `<threshold_value>` should be replaced with the desired `M` value in a `M of N` quorum
* If you would like to generate an OpenPGP public certificate, add `--output-cert /media/cert` and `--user-id <name>` to the command
```sh
#!/bin/sh
TODO: add keyfork command
```
1. Write the `ceremony.sh` script to the SD card
1. Burn the SD card contents to the SD card using `sdtool`
{{ #include ../../../../sdtool-instructions.md:steps }}
1. Label the SD card "Quorum Ceremony [date]"
{{ #include ../../../../component-documents/tamper-evidence-methods.md:vsbwf-procedure-sealing }}

16
quorum-key-management/src/generated-documents/level-2/fixed-location/provisioner/provision-sd-card.md
View File

@ -1,15 +1,27 @@
# Provisioning SD Cards
SD cards are provisioned and tamper proofed in packs of 5 referred to as "SD Booster Packs"
## Requirements
{{ #include ../../basic-requirements.md:requirements }}
* Tamper proofing evidence (photographs)
* Fresh SD card(s)
* 5 Fresh SD card(s) per booster pack
* Bring however many SD cards should be provisioned
* High Visibility Storage
## Procedure: formatting SD Card to `fat32`
{{ #include ../../../../component-documents/sd-formatting.md:steps }}
1. Place the provisioned SD card into High Visibility Storage
### Tamper Proofing
1. Select 5 SD cards to be tamper proofed from High Visibility Storage
{{ #include ../../../../component-documents/tamper-evidence-methods.md:vsbwf-procedure-sealing }}
1. Label the tamper proofed package "SD Booster Pack [date]"

5
quorum-key-management/src/key-types.md
View File

@ -16,7 +16,7 @@ When bootstrapping a system, the initial PGP keys can be generated on-board a sm
* MUST have subkeys maintained on a smartcard
## Operator PGP Keypair
## Quorum PGP Keypair
Only used in ceremonies for decrypting shardfile material.
@ -34,3 +34,6 @@ Only used in ceremonies for decrypting shardfile material.
* MAY be transferred in levels 1-3
## Namespace Key
- [ ] TODO define