rename ceremonies repo to vaults

notes-from-lance.txt

@@ -1,92 +0,0 @@
-# Distrust meet 2025-01-13
-
-1. choose location
-	a. random location
-	b. if shipped, neutral location, picked up by both
-
-* barrel jacks are more secure
-
-Level 0
-	* key import from unknown trust level
-	* key export to unknown trust level
-	* use any tools you want
-level 1
-	* icepick level 1
-	* sealing or vault
-	* self custody (by design)
-	* trust single person
-	* portable ceremonies are this level
-	* doesn't matter where they do it, a single individual is trusted
-	* they use tamper evidence because they don't trust others
-	* level 2 assumes witnesses
-
-- [ ] move paragraph above procedures in provisioner/index
-- [ ] add more steps to the docs to make it more explicit
-- [ ] gotta fix the mnemonic word
-
----
-
-break out the requirements for bootstrapping into separate prep doc
-o
-
-* assume every ceremony will be done by different people
-
-* you need to be able to do this ceremony to pass
-	* if u wanna be a multi party operator you need to have a personal computer
-
-
-* personal operator key provisioning
-* provisioning computer
-
-* provisioner should just buy a laptop and tamper proof it 
-	* operators should be gutting laptops
-
-* num of laptops
-	* redundant primary laptop
-	* redundant operator laptops
-	* spare bundles for ceremonies
-
-* all levels need hardware procurement
-
-* commit inventory to a repo, ceremonies repo is fine,
-it can be a text file
-
-## procurer
-
-* obtain numbers of needed items, quantity of each item
-* tamper proof all hardware, sd cards, laptops, etc.
-* tamper proof booster pack of 5 sd cards
-
-- [ ] specner you can go and do these cermonies right now
-
-operator 
-	* gets equipment from ceremony inventory
-
-* get both Spencer and Herve to use a laptop from inventory with airgapos to set up their pgp keys
-
-* provisioned hardware (that's what provisioners do) can write label on bundles
-
-	* operator kits
-	* ceremony kits
-
-* safes and vaults
-	* everything labelled 
-	* didn't use tamper evident bags because they had big vaults
-
-* CSA tamper evident safes
-
-* Spencer tries first, then gets Herve to do it once it's smooth
-
-* could write some data layer stuff in rust
-
-- [ ] track down bug for keyfork mnemonic
-
-* use docs as a way to decide what features to implement
-	* lighter use
-	*  
-- [ ] look ahead at other coins
-	* shell script to make tx
-
-- [ ] do level 0 doc
-
-- [ ] hide document components

quorum-vault-system/src/SUMMARY.md

@@ -9,7 +9,7 @@
     * [Glossary](glossary.md)
 * [Generated Documents]()
     * [All Levels]()
-        * [Create Ceremony Repository](generated-documents/all-levels/create-ceremonies-repository.md)
+        * [Create Vaults Repository](generated-documents/all-levels/create-vaults-repository.md)
         * [Personal PGP Key Provisioning](generated-documents/all-levels/pgp-key-provisioning.md)
     * [Level 2]()
         * [Fixed-Location]()

quorum-vault-system/src/component-documents/vaults-repository.md

@@ -1,12 +1,14 @@
 /* ANCHOR: all */
-# Ceremony Repository
+# Vaults Repository
 
 // ANCHOR: content
-This repository holds data pertaining to ceremonies. The primary data consists of:
+This repository holds data pertaining to vaults. The primary data consists of:
 
-* Transaction proposals
+* Operation proposals
 
-* Transaction approvals
+* Operation approvals
+
+* Payloads
 
 * Trusted PGP keyring
 

quorum-vault-system/src/generated-documents/all-levels/create-ceremonies-repository.md

@@ -1,3 +0,0 @@
-# Create Ceremony Repository
-
-{{ #include ../../component-documents/ceremony-repository.md:content }}

quorum-vault-system/src/generated-documents/all-levels/create-vaults-repository.md

@@ -0,0 +1,3 @@
+# Create Ceremony Repository
+
+{{ #include ../../component-documents/vaults-repository.md:content }}

quorum-vault-system/src/generated-documents/level-2/fixed-location/approver/approve-transaction.md

@@ -14,17 +14,17 @@ The approver is responsible for verifying a transaction proposed by a [proposer]
 
 	* The approver should print photographic evidence from digital cameras which is stored in a PGP signed repository. The photographs should be of the top and underside of the vacuum sealed object.
 
-	* The approver should verify the commit signatures of the photographs they are printing against a list of permitted PGP keys found in the "ceremonies" repo
+	* The approver should verify the commit signatures of the photographs they are printing against a list of permitted PGP keys found in the `vaults` repo
 
 * Ensure that the computer is configured to sign commits with the desired key. Refer to the [Appendix: Git Commit Signing Configuration](#git-commit-signing-configuration)
 
-* Clone the [Ceremonies Repository](../provisioner/provision-ceremonies-repository.md) for your organization to the machine
+* Clone the [Vaults Repository](../../../all-levels/create-vaults-repository.md) for your organization to the machine
 
 ## Procedure
 
 1. Turn on online machine 
 
-1. Pull the latest changes from the `ceremonies` repository
+1. Pull the latest changes from the `vaults` repository
 
 1. Unseal the SD Card Pack
 
@@ -32,7 +32,7 @@ The approver is responsible for verifying a transaction proposed by a [proposer]
 
 1. Plug a fresh SD card into the online machine
 
-1. Save the ceremonies repo to the SD card, referred to as the Ceremony SD card
+1. Save the `vaults` repository to the SD card, referred to as the Ceremony SD card
 
 1. Unplug the Ceremony SD card
 
@@ -56,11 +56,11 @@ The approver is responsible for verifying a transaction proposed by a [proposer]
 
 1. Copy the git repo locally from the Ceremony SD card
 
-	* `cp -r /media/<device_name>/ceremonies /root/ceremonies`
+	* `cp -r /media/<device_name>/vaults /root/vaults`
 
-1. Change directory to ceremonies 
+1. Change directory to vaults 
 
-	* `cd /root/ceremonies`
+	* `cd /root/vaults`
 
 1. Verify the detached signature for the payload
 
@@ -90,9 +90,9 @@ The approver is responsible for verifying a transaction proposed by a [proposer]
 
 1. {{ #include ../../../../component-documents/finding-device-name.md:content }}
 
-1. Copy the updated ceremonies repo to the SD card
+1. Copy the updated vaults repo to the SD card
 
-	* `cp -r /root/ceremonies /media/<device_name>/ceremonies`
+	* `cp -r /root/vaults /media/<device_name>/vaults`
 
 1. Unplug the SD card from the air-gapped machine
 
@@ -102,11 +102,11 @@ The approver is responsible for verifying a transaction proposed by a [proposer]
 
 1. Copy the updated repository locally:
 
-	* `cp -r /media/<device_name>/ceremonies ~/`
+	* `cp -r /media/<device_name>/vaults ~/`
 
 1. Change into locally copied directory
 
-	* `cd ~/ceremonies`
+	* `cd ~/vaults`
 
 1. Push the latest commit to the repository
 	

quorum-vault-system/src/generated-documents/level-2/fixed-location/operator/ceremony-sd-card-provisioning.md

@@ -24,7 +24,7 @@
 
 1. Write the ceremony repo data to the SD card:
 
-    `cp -r ceremonies/ /media/<device_name>/`
+    `cp -r vaults/ /media/<device_name>/`
 
 1. Unplug the SD card 
 

quorum-vault-system/src/generated-documents/level-2/fixed-location/operator/encrypt-wallet-to-namespace-key.md

@@ -20,5 +20,5 @@ Procedure for importing an arbitrary secret (raw key, mnemonic, state secrets) i
 
     * `sq encrypt --for-file <certificate> <file_to_encrypt> --output encrypted.asc` TODO: sq needs to be added to airgapOS
 
-1. Once encrypted, name the file appropriately and add it to an `artifacts/` directory in the appropriate namespace subdirectory in the ceremonies repository
+1. Once encrypted, name the file appropriately and add it to an `artifacts/` directory in the appropriate namespace subdirectory in the `vaults` repository
 

quorum-vault-system/src/generated-documents/level-2/fixed-location/operator/namespace-entropy-ceremony.md

@@ -62,7 +62,7 @@ This is a ceremony for generating and sharding entropy to a set of existing Quor
 
     1. Label the SD card "Shardfile [date] [namespace]"
 
-1. Upload the newly generated artifacts into the ceremonies repository
+1. Upload the newly generated artifacts into the `vaults` repository
 
 1. Gather all the original items that were in the air-gapped bundle:
 

quorum-vault-system/src/generated-documents/level-2/fixed-location/operator/quorum-entropy-ceremony.md

@@ -64,7 +64,7 @@ This is a ceremony for generating entropy which is used to derive Quorum PGP key
 
     1. Label the SD card "Shardfile [date]"
 
-1. Upload the newly generated artifacts into the ceremonies repository
+1. Upload the newly generated artifacts into the `vaults` repository
 
 1. Gather all the original items that were in the air-gapped bundle:
 

quorum-vault-system/src/generated-documents/level-2/fixed-location/proposer/create-transaction-payload.md

@@ -28,7 +28,7 @@ The proposer must combine these values into a JSON file, such as:
 
 	* The proposer  should print photographic evidence from digital cameras which is stored in a PGP signed repository. The photographs should be of the top and underside of the vacuum sealed object.
 
-	* The proposer should verify the commit signatures of the photographs they are printing against a list of permitted PGP keys found in the "ceremonies" repo
+	* The proposer should verify the commit signatures of the photographs they are printing against a list of permitted PGP keys found in the `vaults` repo
 
 * [Online Machine](TODO)
 
@@ -56,9 +56,9 @@ The proposer must combine these values into a JSON file, such as:
 
 1. {{ #include ../../../../component-documents/finding-device-name.md:content }}
 
-1. Save the ceremonies repo to the SD card, referred to as the Ceremony SD card
+1. Save the `vaults` repo to the SD card, referred to as the Ceremony SD card
 
-	* `cp -r ~/ceremonies/ /media/<device_name>/`
+	* `cp -r ~/vaults/ /media/<device_name>/`
 
 1. Unplug the Ceremony SD card
 
@@ -82,13 +82,13 @@ The proposer must combine these values into a JSON file, such as:
 
 1. Copy the git repo locally from the Ceremony SD card
 
-	* `cp -r /media/<device_name>/ceremonies /root/ceremonies`
+	* `cp -r /media/<device_name>/vaults /root/vaults`
 	
-1. Change into the ceremonies directory:
+1. Change into the vaults directory:
 
-	* `cd /root/ceremonies`
+	* `cd /root/vaults`
 
-1. Create a new payloads directory in the `ceremonies` repository for the date on which the ceremony for the transaction will take place if it doesn't already exist
+1. Create a new payloads directory in the `vaults` repository for the date on which the ceremony for the transaction will take place if it doesn't already exist
 
 	* `mkdir -p <namespace>/ceremonies/<date>/payloads`
 
@@ -151,7 +151,7 @@ The proposer must combine these values into a JSON file, such as:
 
 1. Copy the updated ceremonies repo to the SD card
 
-	* `cp -r /root/ceremonies /media/<device_name>/ceremonies`
+	* `cp -r /root/vaults /media/<device_name>/vaults`
 
 1. Unplug the SD card from the air-gapped machine
 
@@ -161,11 +161,11 @@ The proposer must combine these values into a JSON file, such as:
 
 1. Copy the updated repository locally:
 
-	* `cp -r /media/<device_name>/ceremonies ~/`
+	* `cp -r /media/<device_name>/vaults ~/`
 
 1. Change into locally copied directory
 
-	* `cd ~/ceremonies`
+	* `cd ~/vaults`
 
 1. Push the latest commit to the repository
 	

quorum-vault-system/src/generated-documents/level-2/fixed-location/provisioner/index.md

@@ -11,7 +11,6 @@ The provisioner is responsible for:
 ## Procedures
 
 * [Provision SD Card](./provision-sd-card.md)
-* [Provision Ceremonies Repository](./provision-ceremonies-repository.md)
 * [Provision AirgapOS](./provision-airgapos.md)
 * [Provision Computer](./procure-computer.md)
     * Requires tamper proofing equipment to be available

quorum-vault-system/src/generated-documents/level-2/fixed-location/provisioner/provision-ceremonies-repository.md

@@ -1,3 +1,3 @@
 # Provision Ceremony Repository
 
-{{ #include ../../../../component-documents/ceremony-repository.md:content }}
+{{ #include ../../../../component-documents/vaults-repository.md:content }}