README: Add basic usage guide
This commit is contained in:
parent
44c6ebed06
commit
9604d783cc
69
README.md
69
README.md
|
@ -106,10 +106,75 @@ To follow these steps please install [git-lfs][gl] and [git-sig][gs].
|
||||||
make install
|
make install
|
||||||
```
|
```
|
||||||
|
|
||||||
|
## Basic Usage
|
||||||
|
|
||||||
|
### Personal Setup
|
||||||
|
|
||||||
|
On an airgapped system, run the following command to generate a BIP-0039
|
||||||
|
mnemonic encoding a generated seed:
|
||||||
|
|
||||||
|
```sh
|
||||||
|
keyfork mnemonic generate
|
||||||
|
```
|
||||||
|
|
||||||
|
<!--
|
||||||
|
The default format is to use system entropy, but playing cards, tarot cards, or
|
||||||
|
dice can be used to generate physical entropy
|
||||||
|
-->
|
||||||
|
|
||||||
|
The Keyfork server can be started by running the following command:
|
||||||
|
|
||||||
|
```sh
|
||||||
|
keyfork recover mnemonic
|
||||||
|
```
|
||||||
|
|
||||||
|
### Group Setup
|
||||||
|
|
||||||
|
This guide assumes you are sharding to an `N`-of-`M` system with `I` smart
|
||||||
|
cards per shardholder. The variables will be used in the following commands as
|
||||||
|
`$N`, `$M`, and `$I`. The smart cards will be factory reset during the process.
|
||||||
|
|
||||||
|
On an airgapped system, run the following command to generate a file containing
|
||||||
|
encrypted shards of a generated seed:
|
||||||
|
|
||||||
|
```sh
|
||||||
|
keyfork wizard generate-shard-secret --threshold $N --max $M --keys-per-shard $I > shards.pgp
|
||||||
|
```
|
||||||
|
|
||||||
|
If all shardholders are physically present, the Keyfork server can be started
|
||||||
|
by running the following command:
|
||||||
|
|
||||||
|
```sh
|
||||||
|
keyfork recover shard
|
||||||
|
```
|
||||||
|
|
||||||
|
Otherwise, the Keyfork server can be started by transporting the shards to the
|
||||||
|
machine using the following command:
|
||||||
|
|
||||||
|
```sh
|
||||||
|
keyfork recover remote-shard
|
||||||
|
```
|
||||||
|
|
||||||
|
Each shard can be transported by running the following command:
|
||||||
|
|
||||||
|
```sh
|
||||||
|
keyfork shard transport shard.pgp
|
||||||
|
```
|
||||||
|
|
||||||
|
### Deriving Keys
|
||||||
|
|
||||||
|
Keys can be derived from Keyfork using the `keyfork derive` command, such as
|
||||||
|
the following command for an OpenPGP certificate with one of each subkey:
|
||||||
|
|
||||||
|
```sh
|
||||||
|
keyfork derive openpgp "Ryan Heywood (RyanSquared) <ryan@distrust.co>"
|
||||||
|
```
|
||||||
|
|
||||||
## Usage
|
## Usage
|
||||||
|
|
||||||
Usage instructions can be found in the `keyfork-user-guide` mdBook, which can
|
Detailed usage instructions can be found in the `keyfork-user-guide` mdBook,
|
||||||
be opened in-browser by running `mdbook serve --open keyfork-user-guide`.
|
which can be opened in-browser by running
|
||||||
|
`mdbook serve --open keyfork-user-guide`.
|
||||||
|
|
||||||
<!--
|
<!--
|
||||||
```
|
```
|
||||||
|
|
Loading…
Reference in New Issue