From 9604d783ccad981e860e79593fede8a416ff70d4 Mon Sep 17 00:00:00 2001 From: ryan Date: Tue, 9 Jan 2024 20:39:11 -0500 Subject: [PATCH] README: Add basic usage guide --- README.md | 69 +++++++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 67 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index b4df990..7bd47fa 100644 --- a/README.md +++ b/README.md @@ -106,10 +106,75 @@ To follow these steps please install [git-lfs][gl] and [git-sig][gs]. make install ``` +## Basic Usage + +### Personal Setup + +On an airgapped system, run the following command to generate a BIP-0039 +mnemonic encoding a generated seed: + +```sh +keyfork mnemonic generate +``` + + + +The Keyfork server can be started by running the following command: + +```sh +keyfork recover mnemonic +``` + +### Group Setup + +This guide assumes you are sharding to an `N`-of-`M` system with `I` smart +cards per shardholder. The variables will be used in the following commands as +`$N`, `$M`, and `$I`. The smart cards will be factory reset during the process. + +On an airgapped system, run the following command to generate a file containing +encrypted shards of a generated seed: + +```sh +keyfork wizard generate-shard-secret --threshold $N --max $M --keys-per-shard $I > shards.pgp +``` + +If all shardholders are physically present, the Keyfork server can be started +by running the following command: + +```sh +keyfork recover shard +``` + +Otherwise, the Keyfork server can be started by transporting the shards to the +machine using the following command: + +```sh +keyfork recover remote-shard +``` + +Each shard can be transported by running the following command: + +```sh +keyfork shard transport shard.pgp +``` + +### Deriving Keys + +Keys can be derived from Keyfork using the `keyfork derive` command, such as +the following command for an OpenPGP certificate with one of each subkey: + +```sh +keyfork derive openpgp "Ryan Heywood (RyanSquared) " +``` + ## Usage -Usage instructions can be found in the `keyfork-user-guide` mdBook, which can -be opened in-browser by running `mdbook serve --open keyfork-user-guide`. +Detailed usage instructions can be found in the `keyfork-user-guide` mdBook, +which can be opened in-browser by running +`mdbook serve --open keyfork-user-guide`.