generate sol address doc
This commit is contained in:
parent
cdd51780be
commit
aee7530823
GPG Key ID:
44A86CFF1FDF0E85
|
|
@ -32,6 +32,7 @@
|
|||
* [Namespace Entropy Ceremony](generated-documents/level-2/fixed-location/operator/namespace-entropy-ceremony.md)
|
||||
* [Ceremony SD Card Provisioning](generated-documents/level-2/fixed-location/operator/ceremony-sd-card-provisioning.md)
|
||||
* [SOL - Transfer Token](generated-documents/level-2/fixed-location/operator/coins/sol/transfer-token.md)
|
||||
* [SOL - Generate Address](generated-documents/level-2/fixed-location/operator/coins/sol/generate-address.md)
|
||||
* [Decrypt Namespace Secret](generated-documents/level-2/fixed-location/operator/decrypt-namespace-secret.md)
|
||||
* [Encrypt Wallet To Namespace PGP Key](generated-documents/level-2/fixed-location/operator/encrypt-wallet-to-namespace-key.md)
|
||||
* [Export Namespace Mnemonic](generated-documents/level-2/fixed-location/operator/export-namespace-mnemonic.md)
|
||||
|
|
|
|||
|
|
@ -0,0 +1,170 @@
|
|||
# SOL - Generate Address
|
||||
|
||||
## Requirements
|
||||
|
||||
{{ #include ../../../../operator-requirements.md:requirements }}
|
||||
|
||||
* Online machine
|
||||
|
||||
* [High Visibility Storage](TODO): plastic container or bag that's used to keep items while not in use in a visible location like the middle of a desk.
|
||||
|
||||
* [Quorum PGP key pairs](../../key-types.md#quorum-pgp-keypair)
|
||||
|
||||
* [Ceremony SD card](../../ceremony-sd-card-provisioning.md)
|
||||
|
||||
## Procedure
|
||||
|
||||
1. Enter the designated location with the quorum of operators and all required equipment
|
||||
|
||||
1. Lock access to the location - there should be no inflow or outflow of people during the ceremony
|
||||
|
||||
1. Place Ceremony SD card in High Visibility Storage
|
||||
|
||||
1. Retrieve sealed Air-Gapped bundle, polaroid of tamper evidence, and online laptop from locked storage
|
||||
|
||||
{{ #include ../../../../../../component-documents/tamper-evidence-methods.md:vsbwf-procedure-unsealing}}
|
||||
|
||||
1. Place all contents except for the laptop into High Visibility Storage
|
||||
|
||||
### Offline Machine: Generate Address
|
||||
|
||||
1. Retrieve AirgapOS SD card and plug it into the air-gapped machine
|
||||
|
||||
1. Turn on air-gapped machine
|
||||
|
||||
1. Unplug the AirgapOS SD card and place it in High Visibility Storage
|
||||
|
||||
1. Retrieve Ceremony SD card from High Visibility Storage and plug it into the air-gapped machine
|
||||
|
||||
1. Copy the `vaults` repository to the machine
|
||||
|
||||
* `cp -r /media/vaults /root/`
|
||||
|
||||
1. Change directory to `vaults`:
|
||||
|
||||
* `cd /root/vaults`
|
||||
|
||||
1. Start Keyfork using the relevant Shardfile:
|
||||
|
||||
1. `keyfork recover shard --daemon <namespace>/shardfile.asc`
|
||||
|
||||
1. Follow on screen prompts
|
||||
|
||||
1. If the desired `<coin>` directory doesn't exist for the namespace, create it:
|
||||
|
||||
* `mkdir -p <namespace>/<coin>`
|
||||
|
||||
* e.g `mkdir -p vault_1/sol/`
|
||||
|
||||
1. Connect to the appropriate coin directory:
|
||||
|
||||
* `cd <namespace>/<coin>/`
|
||||
|
||||
1. Check what the latest address account is:
|
||||
|
||||
* `ls -la .`
|
||||
|
||||
1. Find what the latest number for the address is, and add 1 to it. This will be the new address account.
|
||||
|
||||
* For example if the latest address file is 42, the new account_id would be 43. The addresses should start at `0`
|
||||
|
||||
* Set an environment variable with the new account_id:
|
||||
|
||||
* `account_id=<num>`, e.g `account_id=43`
|
||||
|
||||
1. Generate a new address:
|
||||
|
||||
* `icepick workflow sol generate-address --account $account_id | jq -r .pubkey > $account_id.txt`
|
||||
|
||||
1. Sign the file using:
|
||||
|
||||
* `gpg --detach-sign $account_id.txt`
|
||||
|
||||
1. You may repeat the previous steps, starting at the step where the `account_id` is set.
|
||||
|
||||
1. Once finished, copy the updated repository back to the Ceremony SD card:
|
||||
|
||||
* `cp -rf /root/vaults /media/`
|
||||
|
||||
1. Shut down the air gapped machine
|
||||
|
||||
1. Unplug the Ceremony SD card and place it into High Visibility Storage
|
||||
|
||||
### Online Machine: Generate Nonce Account
|
||||
|
||||
1. Turn on online machine
|
||||
|
||||
1. Retrieve the Ceremony SD card from High Visibility Storage and plug it into the computer
|
||||
|
||||
1. {{ #include ../../../../component-documents/finding-device-name.md:content }}
|
||||
|
||||
1. Copy the `vaults` repository from the Ceremony SD card:
|
||||
|
||||
* `cp -r /media/vaults ~/`
|
||||
|
||||
* If the `~/vaults/` repository already exists, ensure it doesn't have any changes that haven't been committed, then remove it using `sudo rm -rf ~/vaults` before re-running the previous step
|
||||
|
||||
1. Ensure `keyfork` is available on the system:
|
||||
|
||||
* Follow steps from [installation guide](https://git.distrust.co/public/keyfork#install)
|
||||
|
||||
1. Ensure `icepick` is available on system
|
||||
|
||||
* Follow steps from [installation guide](TODO)
|
||||
|
||||
1. Set unsafe `keyfork` usage variable:
|
||||
|
||||
* `export SHOOT_SELF_IN_FOOT=1`
|
||||
|
||||
1. Generate throwaway mnemonic to generate address which will be used for funding the creation of nonce account:
|
||||
|
||||
* `keyfork mnemonic generate | KEYFORK_PROMPT_TYPE=headless keyfork recover mnemonic --daemon`
|
||||
|
||||
1. Change directory into the desired \<namespace>/\<coin> directory:
|
||||
|
||||
* `cd ~/vaults/<namespace>/<coin>`
|
||||
|
||||
1. Select which account you are creating the delegate address by viewing the appropriate \<namespace>/\<coin>/ directory:
|
||||
|
||||
* `ls -la .`
|
||||
|
||||
1. Once you have selected the appropriate account, set the account_id variable:
|
||||
|
||||
* `account_id=<num>`
|
||||
|
||||
1. Use `icepick` to generate nonce account:
|
||||
|
||||
* The following command will need to be updated to use the appropriate \<cluster>, which can be `devnet`, `testnet` or `mainnet-beta`
|
||||
|
||||
* `icepick workflow sol generate-nonce-account --cluster <cluster> --authorization-address $"(cat $account_id.txt)" | jq -r .nonce_account > $account_id-na.txt`
|
||||
|
||||
1. Airdrop the wallet displayed on-screen with 0.01 SOL
|
||||
|
||||
* Once the airdrop is done, nonce account will be created
|
||||
|
||||
1. Add all files to git stage:
|
||||
|
||||
* `git add .`
|
||||
|
||||
1. Review what files are staged:
|
||||
|
||||
* `git status`
|
||||
|
||||
1. Create a signed commit:
|
||||
|
||||
* `git commit -m -S "<message>"`
|
||||
|
||||
1. Push the changes to the branch you are on:
|
||||
|
||||
* `git push origin HEAD`
|
||||
|
||||
### Sealing
|
||||
|
||||
1. Gather all the original items that were in the air-gapped bundle:
|
||||
|
||||
* Air-gapped computer
|
||||
|
||||
* AirgapOS SD card
|
||||
|
||||
{{ #include ../../../../../../component-documents/tamper-evidence-methods.md:vsbwf-procedure-sealing}}
|
||||
|
||||
Loading…
Reference in New Issue