README: Add basic usage guide

This commit is contained in:
Ryan Heywood 2024-01-09 20:39:11 -05:00
parent 44c6ebed06
commit 9604d783cc
Signed by: ryan
GPG Key ID: 8E401478A3FBEF72
1 changed files with 67 additions and 2 deletions

View File

@ -106,10 +106,75 @@ To follow these steps please install [git-lfs][gl] and [git-sig][gs].
make install make install
``` ```
## Basic Usage
### Personal Setup
On an airgapped system, run the following command to generate a BIP-0039
mnemonic encoding a generated seed:
```sh
keyfork mnemonic generate
```
<!--
The default format is to use system entropy, but playing cards, tarot cards, or
dice can be used to generate physical entropy
-->
The Keyfork server can be started by running the following command:
```sh
keyfork recover mnemonic
```
### Group Setup
This guide assumes you are sharding to an `N`-of-`M` system with `I` smart
cards per shardholder. The variables will be used in the following commands as
`$N`, `$M`, and `$I`. The smart cards will be factory reset during the process.
On an airgapped system, run the following command to generate a file containing
encrypted shards of a generated seed:
```sh
keyfork wizard generate-shard-secret --threshold $N --max $M --keys-per-shard $I > shards.pgp
```
If all shardholders are physically present, the Keyfork server can be started
by running the following command:
```sh
keyfork recover shard
```
Otherwise, the Keyfork server can be started by transporting the shards to the
machine using the following command:
```sh
keyfork recover remote-shard
```
Each shard can be transported by running the following command:
```sh
keyfork shard transport shard.pgp
```
### Deriving Keys
Keys can be derived from Keyfork using the `keyfork derive` command, such as
the following command for an OpenPGP certificate with one of each subkey:
```sh
keyfork derive openpgp "Ryan Heywood (RyanSquared) <ryan@distrust.co>"
```
## Usage ## Usage
Usage instructions can be found in the `keyfork-user-guide` mdBook, which can Detailed usage instructions can be found in the `keyfork-user-guide` mdBook,
be opened in-browser by running `mdbook serve --open keyfork-user-guide`. which can be opened in-browser by running
`mdbook serve --open keyfork-user-guide`.
<!-- <!--
``` ```