diff --git a/quorum-key-management/src/fixed-location-reusable-laptop-ceremony.md b/quorum-key-management/src/fixed-location-reusable-laptop-ceremony.md index 4431052..13980fc 100644 --- a/quorum-key-management/src/fixed-location-reusable-laptop-ceremony.md +++ b/quorum-key-management/src/fixed-location-reusable-laptop-ceremony.md @@ -26,8 +26,6 @@ The primary tamper proofing methods for the fixed location device are: * Both photos of vacuum sealed bag with filler and glitter on the bottom screws of laptop are required -- [ ] TODO how is hardware token stored (for pureboot/heads) - 3. Make an entry into the access log, specifying the: * Individuals involved diff --git a/quorum-key-management/src/generated-documents/level-2/fixed-location/operator/coins/pyth-spl/sign-transaction.md b/quorum-key-management/src/generated-documents/level-2/fixed-location/operator/coins/pyth-spl/sign-transaction.md index 3f5e801..d93aa93 100644 --- a/quorum-key-management/src/generated-documents/level-2/fixed-location/operator/coins/pyth-spl/sign-transaction.md +++ b/quorum-key-management/src/generated-documents/level-2/fixed-location/operator/coins/pyth-spl/sign-transaction.md @@ -6,28 +6,17 @@ * Both operators should print photographic evidence from digital cameras which is stored in a PGP signed repository. The photographs should be of the top and underside of the vacuum sealed object. - * The operators should verify the commit signatures of the photographs they are printing against a list of permitted PGP keys - - - [ ] TODO: where do we refer to permitted PGP keys - -* Each operator should hash the `keychain` repository - - [ ] TODO define keychain repository setup - - * `sha256sum keychain/` - - * Write it down on a piece of paper as it will be used during the ceremony + * The operators should verify the commit signatures of the photographs they are printing against a list of permitted PGP keys (found in ceremonies repo) ## Procedure -1. Verify all transactions for the ceremony in the `ceremonies` repository, ensuring that all the transactions are properly signed by the proposer and the approver. - - - [ ] TODO guide on how to do this +1. Verify all transactions for the ceremony in the `ceremonies` repository, ensuring that all the transactions are properly signed by the proposer and the approver using PGP keys which have been checked into ceremonies repository. 1. Enter the designated location with the 2 operators and all required equipment 1. Lock access to the location - there should be no inflow or outflow of people during the ceremony -1. Retrieve sealed laptop and polaroid from locked storage +1. Retrieve sealed Air-Gapped bundle and polaroid from locked storage ### Unsealing Tamper Proofing {{ #include ../../../../../../component-documents/tamper-evidence-methods.md:vsbwf-procedure-unsealing}} diff --git a/quorum-key-management/src/generated-documents/level-2/fixed-location/operator/root-entropy-generation.md b/quorum-key-management/src/generated-documents/level-2/fixed-location/operator/root-entropy-generation.md index 4a55bc4..652a361 100644 --- a/quorum-key-management/src/generated-documents/level-2/fixed-location/operator/root-entropy-generation.md +++ b/quorum-key-management/src/generated-documents/level-2/fixed-location/operator/root-entropy-generation.md @@ -8,16 +8,7 @@ This is a ceremony for generating root entropy. * Both operators should print photographic evidence from digital cameras which is stored in a PGP signed repository. The photographs should be of the top and underside of the vacuum sealed object. - * The operators should verify the commit signatures of the photographs they are printing against a list of permitted PGP keys - - - [ ] TODO: where do we refer to permitted PGP keys - -* Each operator should hash the `keychain` repository - - [ ] TODO define keychain repository setup - - * `sha256sum keychain/` - - * Write it down on a piece of paper as it will be used during the ceremony + * The operators should verify the commit signatures of the photographs they are printing against a list of permitted PGP keys found in "ceremonies" repo * Each member needs to bring their: diff --git a/quorum-key-management/src/generated-documents/level-2/fixed-location/proposer/create-transaction-payload.md b/quorum-key-management/src/generated-documents/level-2/fixed-location/proposer/create-transaction-payload.md index d8d7e47..595e8f9 100644 --- a/quorum-key-management/src/generated-documents/level-2/fixed-location/proposer/create-transaction-payload.md +++ b/quorum-key-management/src/generated-documents/level-2/fixed-location/proposer/create-transaction-payload.md @@ -56,7 +56,7 @@ The proposer must combine these values into a single message, which can be a sim * `gpg --clearsign ` -1. Notify relevant individuals that there are new transactions queued up, and that a ceremony should be scheduled. This can be automated in the future so that when a commit is made or PR opened, others are notified, for example using a incident management tool(TODO). +1. Notify relevant individuals that there are new transactions queued up, and that a ceremony should be scheduled. This can be automated in the future so that when a commit is made or PR opened, others are notified, for example using a incident management tool. ## Appendix