refactor proposer docs to use templates
This commit is contained in:
parent
2437eac516
commit
de40afb775
|
@ -24,7 +24,8 @@
|
|||
* [Provision AirgapOS](generated-documents/level-2/fixed-location/provisioner/provision-airgapos.md)
|
||||
* [Provision Air-Gapped Bundle](generated-documents/level-2/fixed-location/provisioner/air-gapped-bundle.md)
|
||||
* [Proposer]()
|
||||
* [Propose Transaction](generated-documents/level-2/fixed-location/proposer/create-transaction-payload.md)
|
||||
* [Solana: Create Transaction Payload](generated-documents/level-2/fixed-location/proposer/sol-create-transaction-payload.md)
|
||||
* [Cosmos: Create Transaction Payload](generated-documents/level-2/fixed-location/proposer/cosmos-create-transaction-payload.md)
|
||||
* [Approver]()
|
||||
* [Transaction Approval](generated-documents/level-2/fixed-location/approver/approve-transaction.md)
|
||||
* [Operator](generated-documents/level-2/fixed-location/operator/index.md)
|
||||
|
|
|
@ -0,0 +1,10 @@
|
|||
# Cosmos: Create Transaction Payload
|
||||
|
||||
{{ #include template-create-tx-0.md:content }}
|
||||
|
||||
1. Use icepick to generate and sign the payload:
|
||||
```
|
||||
$ icepick workflow <workflow> <--option value> <--option value> --export-for-quorum --sign > <output_file>
|
||||
```
|
||||
|
||||
{{ #include template-create-tx-1.md }}
|
|
@ -1,117 +0,0 @@
|
|||
# Proposer - Create Transaction Payload
|
||||
|
||||
The proposer is a fiduciary whose responsibility is to make sound financial decisions on behalf of a business and determine where funds are moving from, where to and in which amount. The reasons for sending funds may range across settlement, exchanging, staking and more.
|
||||
|
||||
The proposer MUST include the workflow type and all arguments required by a workflow, such as `from_address`, `to_address`, `asset_name`, etc., as well as a UTC datetime representing the time when the transaction is proposed.
|
||||
|
||||
The proposer must combine these values into a JSON file, such as:
|
||||
|
||||
```json
|
||||
{
|
||||
"workflow": ["cosmos", "withdraw"],
|
||||
"values": {
|
||||
"delegate_address": "kyve1q9w3nar74up6mxnwd428wpr5nffcw3360tkxer",
|
||||
"validator_address": "kyvevaloper1ghpmzfuggm7vcruyhfzrczl4aczy8gas8guslh",
|
||||
"asset_name": "KYVE",
|
||||
"asset_amount": "0.4",
|
||||
"chain_name": "korellia"
|
||||
},
|
||||
"proposal_datetime": "2025-01-28T18:18:00"
|
||||
}
|
||||
```
|
||||
|
||||
## Requirements
|
||||
|
||||
* [Quorum PGP Key](../operator/quorum-entropy-ceremony.md)
|
||||
|
||||
* [Air-Gapped Bundle](../provisioner/air-gapped-bundle.md)
|
||||
|
||||
* The proposer should print photographic evidence from digital cameras which is stored in a PGP signed repository. The photographs should be of the top and underside of the vacuum sealed object.
|
||||
|
||||
* The proposer should verify the commit signatures of the photographs they are printing against a list of permitted PGP keys found in the `vaults` repo
|
||||
|
||||
{{ #include ../../../../component-documents/linux-workstation.md:content }}
|
||||
|
||||
* Clone the [Vaults Repository](../../../all-levels/create-vaults-repository.md) for your organization to the machine
|
||||
|
||||
## Procedure
|
||||
|
||||
1. Turn on online linux workstation
|
||||
|
||||
1. Clone the `vaults` repository if it's not available locally and get the latest changes:
|
||||
```
|
||||
$ git clone <repository_git_url>
|
||||
$ git pull origin main
|
||||
```
|
||||
1. Unseal the SD Card Pack
|
||||
|
||||
{{ #include ../../../../component-documents/tamper-evidence-methods.md:vsbwf-procedure-unsealing}}
|
||||
|
||||
1. Plug a fresh SD card into the online linux workstation
|
||||
|
||||
1. {{ #include ../../../../component-documents/finding-device-name.md:content }}
|
||||
|
||||
1. Save the `vaults` repo to the SD card, referred to as the Ceremony SD card
|
||||
```
|
||||
$ cp -r ~/vaults/ /media
|
||||
```
|
||||
1. Unplug the Ceremony SD card
|
||||
|
||||
1. Unseal the tamper proofed bundle
|
||||
|
||||
{{ #include ../../../../component-documents/tamper-evidence-methods.md:vsbwf-procedure-unsealing}}
|
||||
|
||||
1. Insert the AirgapOS SD card into the airgapped machine and turn it on
|
||||
|
||||
1. Once booted, unplug the AirgapOS SD card and place it in High Visibility Storage
|
||||
|
||||
1. Plug in the Ceremony SD card
|
||||
|
||||
1. Copy the git repo locally from the Ceremony SD card and change to it
|
||||
```
|
||||
$ cp -r /media/vaults /root
|
||||
$ cd /root/vaults
|
||||
```
|
||||
1. Create a new payloads directory in the `vaults` repository for the date on which the ceremony for the transaction will take place if it doesn't already exist
|
||||
|
||||
* `mkdir -p <namespace>/ceremonies/<date>/payloads`
|
||||
|
||||
* e.g `mkdir -p solana-01/ceremonies/2025-01-01/payloads`
|
||||
|
||||
1. Use `icepick workflow --help` to list the available workflows and options
|
||||
|
||||
1. Plug in the Operator smart card
|
||||
|
||||
1. Use icepick to generate and sign the payload:
|
||||
```
|
||||
$ icepick workflow <chain> <workflow> <--option value> <--option value> --export-for-quorum --sign > <output_file>
|
||||
```
|
||||
* e.g `$ icepick workflow cosmos withdraw-rewards --delegate-address kyve1q9w3nar74up6mxnwd428wpr5nffcw3360tkxer --validator-address kyvevaloper1ghpmzfuggm7vcruyhfzrczl4aczy8gas8guslh --chain-name korellia --export-for-quorum --sign > <namespace>/ceremonies/<date>/payloads/payload_<num>.json`
|
||||
|
||||
* e.g `$ icepick workflow sol transfer --from-address "$(cat <namespace>/<coin>/0.txt)" --to-address "$(cat to_address.txt)" --amount <amount> --export-for-quorum --sign > <namespace>/ceremonies/<date>/payloads/payload_<num>.json`
|
||||
|
||||
1. Copy the updated ceremonies repo to the SD card
|
||||
```
|
||||
$ cp -r /root/vaults /media
|
||||
```
|
||||
1. Transfer the SD card from the air-gapped machine to the online machine
|
||||
|
||||
1. {{ #include ../../../../component-documents/finding-device-name.md:content }}
|
||||
|
||||
1. Copy the updated repository locally and switch to it:
|
||||
```
|
||||
$ cp -r /media/vaults ~/
|
||||
$ cd ~/vaults
|
||||
```
|
||||
1. Stage, sign, commit and push the changes to the ceremonies repository:
|
||||
```
|
||||
$ git add <namespace>/ceremonies/<date>/payloads/*
|
||||
$ git commit -S -m "add payload signature for payload_<num>.json"
|
||||
$ git push origin main
|
||||
```
|
||||
|
||||
1. Notify relevant individuals that there are new transactions queued up, and that a ceremony should be scheduled. This can be automated in the future so that when a commit is made or PR opened, others are notified, for example using a incident management tool.
|
||||
|
||||
1. Tamper proof the AirgapOS and Air-gapped laptop
|
||||
|
||||
{{ #include ../../../../component-documents/tamper-evidence-methods.md:vsbwf-procedure-sealing}}
|
|
@ -0,0 +1,10 @@
|
|||
# Solana: Create Transaction Payload
|
||||
|
||||
{{ #include template-create-tx-0.md:content }}
|
||||
|
||||
1. Use icepick to generate and sign the payload:
|
||||
```
|
||||
$ icepick workflow sol <--option value> <--option value> --export-for-quorum --sign > <output_file>
|
||||
```
|
||||
|
||||
{{ #include template-create-tx-1.md }}
|
|
@ -0,0 +1,65 @@
|
|||
/* ANCHOR: all */
|
||||
// ANCHOR: content
|
||||
## Requirements
|
||||
|
||||
* [Quorum PGP Key](../operator/quorum-entropy-ceremony.md)
|
||||
|
||||
* [Air-Gapped Bundle](../provisioner/air-gapped-bundle.md)
|
||||
|
||||
* The proposer should print photographic evidence from digital cameras which is stored in a PGP signed repository. The photographs should be of the top and underside of the vacuum sealed object.
|
||||
|
||||
* The proposer should verify the commit signatures of the photographs they are printing against a list of permitted PGP keys found in the `vaults` repo
|
||||
|
||||
{{ #include ../../../../component-documents/linux-workstation.md:content }}
|
||||
|
||||
* Clone the [Vaults Repository](../../../all-levels/create-vaults-repository.md) for your organization to the machine
|
||||
|
||||
## Procedure
|
||||
|
||||
1. Turn on online linux workstation
|
||||
|
||||
1. Clone the `vaults` repository if it's not available locally and get the latest changes:
|
||||
```
|
||||
$ git clone <repository_git_url>
|
||||
$ git pull origin main
|
||||
```
|
||||
1. Unseal the SD Card Pack
|
||||
|
||||
{{ #include ../../../../component-documents/tamper-evidence-methods.md:vsbwf-procedure-unsealing}}
|
||||
|
||||
1. Plug a fresh SD card into the online linux workstation
|
||||
|
||||
1. {{ #include ../../../../component-documents/finding-device-name.md:content }}
|
||||
|
||||
1. Save the `vaults` repo to the SD card, referred to as the Ceremony SD card
|
||||
```
|
||||
$ cp -r ~/vaults/ /media
|
||||
```
|
||||
1. Unplug the Ceremony SD card
|
||||
|
||||
1. Unseal the tamper proofed bundle
|
||||
|
||||
{{ #include ../../../../component-documents/tamper-evidence-methods.md:vsbwf-procedure-unsealing}}
|
||||
|
||||
1. Insert the AirgapOS SD card into the airgapped machine and turn it on
|
||||
|
||||
1. Once booted, unplug the AirgapOS SD card and place it in High Visibility Storage
|
||||
|
||||
1. Plug in the Ceremony SD card
|
||||
|
||||
1. Copy the git repo locally from the Ceremony SD card and change to it
|
||||
```
|
||||
$ cp -r /media/vaults /root
|
||||
$ cd /root/vaults
|
||||
```
|
||||
1. Create a new payloads directory in the `vaults` repository for the date on which the ceremony for the transaction will take place if it doesn't already exist
|
||||
|
||||
* `mkdir -p <namespace>/ceremonies/<date>/payloads`
|
||||
|
||||
* e.g `mkdir -p acme-coin-01/ceremonies/2025-01-01/payloads`
|
||||
|
||||
1. Use `icepick workflow --help` to list the available workflows and options
|
||||
|
||||
1. Plug in the Operator smart card
|
||||
// ANCHOR_END: content
|
||||
/* ANCHOR_END: all */
|
|
@ -0,0 +1,29 @@
|
|||
/* ANCHOR: all */
|
||||
// ANCHOR: content
|
||||
1. Copy the updated ceremonies repo to the SD card
|
||||
```
|
||||
$ cp -r /root/vaults /media
|
||||
```
|
||||
1. Transfer the SD card from the air-gapped machine to the online machine
|
||||
|
||||
1. {{ #include ../../../../component-documents/finding-device-name.md:content }}
|
||||
|
||||
1. Copy the updated repository locally and switch to it:
|
||||
```
|
||||
$ cp -r /media/vaults ~/
|
||||
$ cd ~/vaults
|
||||
```
|
||||
1. Stage, sign, commit and push the changes to the ceremonies repository:
|
||||
```
|
||||
$ git add <namespace>/ceremonies/<date>/payloads/*
|
||||
$ git commit -S -m "add payload signature for payload_<num>.json"
|
||||
$ git push origin main
|
||||
```
|
||||
|
||||
1. Notify relevant individuals that there are new transactions queued up, and that a ceremony should be scheduled. This can be automated in the future so that when a commit is made or PR opened, others are notified, for example using a incident management tool.
|
||||
|
||||
1. Tamper proof the AirgapOS and Air-gapped laptop
|
||||
|
||||
{{ #include ../../../../component-documents/tamper-evidence-methods.md:vsbwf-procedure-sealing}}
|
||||
// ANCHOR_END: content
|
||||
/* ANCHOR_END: all */
|
Loading…
Reference in New Issue