93 lines
2.3 KiB
Plaintext
93 lines
2.3 KiB
Plaintext
# Distrust meet 2025-01-13
|
|
|
|
1. choose location
|
|
a. random location
|
|
b. if shipped, neutral location, picked up by both
|
|
|
|
* barrel jacks are more secure
|
|
|
|
Level 0
|
|
* key import from unknown trust level
|
|
* key export to unknown trust level
|
|
* use any tools you want
|
|
level 1
|
|
* icepick level 1
|
|
* sealing or vault
|
|
* self custody (by design)
|
|
* trust single person
|
|
* portable ceremonies are this level
|
|
* doesn't matter where they do it, a single individual is trusted
|
|
* they use tamper evidence because they don't trust others
|
|
* level 2 assumes witnesses
|
|
|
|
- [ ] move paragraph above procedures in provisioner/index
|
|
- [ ] add more steps to the docs to make it more explicit
|
|
- [ ] gotta fix the mnemonic word
|
|
|
|
---
|
|
|
|
break out the requirements for bootstrapping into separate prep doc
|
|
o
|
|
|
|
* assume every ceremony will be done by different people
|
|
|
|
* you need to be able to do this ceremony to pass
|
|
* if u wanna be a multi party operator you need to have a personal computer
|
|
|
|
|
|
* personal operator key provisioning
|
|
* provisioning computer
|
|
|
|
* provisioner should just buy a laptop and tamper proof it
|
|
* operators should be gutting laptops
|
|
|
|
* num of laptops
|
|
* redundant primary laptop
|
|
* redundant operator laptops
|
|
* spare bundles for ceremonies
|
|
|
|
* all levels need hardware procurement
|
|
|
|
* commit inventory to a repo, ceremonies repo is fine,
|
|
it can be a text file
|
|
|
|
## procurer
|
|
|
|
* obtain numbers of needed items, quantity of each item
|
|
* tamper proof all hardware, sd cards, laptops, etc.
|
|
* tamper proof booster pack of 5 sd cards
|
|
|
|
- [ ] specner you can go and do these cermonies right now
|
|
|
|
operator
|
|
* gets equipment from ceremony inventory
|
|
|
|
* get both Spencer and Herve to use a laptop from inventory with airgapos to set up their pgp keys
|
|
|
|
* provisioned hardware (that's what provisioners do) can write label on bundles
|
|
|
|
* operator kits
|
|
* ceremony kits
|
|
|
|
* safes and vaults
|
|
* everything labelled
|
|
* didn't use tamper evident bags because they had big vaults
|
|
|
|
* CSA tamper evident safes
|
|
|
|
* Spencer tries first, then gets Herve to do it once it's smooth
|
|
|
|
* could write some data layer stuff in rust
|
|
|
|
- [ ] track down bug for keyfork mnemonic
|
|
|
|
* use docs as a way to decide what features to implement
|
|
* lighter use
|
|
*
|
|
- [ ] look ahead at other coins
|
|
* shell script to make tx
|
|
|
|
- [ ] do level 0 doc
|
|
|
|
- [ ] hide document components
|