README: Add basic usage guide
This commit is contained in:
parent
44c6ebed06
commit
9604d783cc
69
README.md
69
README.md
|
@ -106,10 +106,75 @@ To follow these steps please install [git-lfs][gl] and [git-sig][gs].
|
|||
make install
|
||||
```
|
||||
|
||||
## Basic Usage
|
||||
|
||||
### Personal Setup
|
||||
|
||||
On an airgapped system, run the following command to generate a BIP-0039
|
||||
mnemonic encoding a generated seed:
|
||||
|
||||
```sh
|
||||
keyfork mnemonic generate
|
||||
```
|
||||
|
||||
<!--
|
||||
The default format is to use system entropy, but playing cards, tarot cards, or
|
||||
dice can be used to generate physical entropy
|
||||
-->
|
||||
|
||||
The Keyfork server can be started by running the following command:
|
||||
|
||||
```sh
|
||||
keyfork recover mnemonic
|
||||
```
|
||||
|
||||
### Group Setup
|
||||
|
||||
This guide assumes you are sharding to an `N`-of-`M` system with `I` smart
|
||||
cards per shardholder. The variables will be used in the following commands as
|
||||
`$N`, `$M`, and `$I`. The smart cards will be factory reset during the process.
|
||||
|
||||
On an airgapped system, run the following command to generate a file containing
|
||||
encrypted shards of a generated seed:
|
||||
|
||||
```sh
|
||||
keyfork wizard generate-shard-secret --threshold $N --max $M --keys-per-shard $I > shards.pgp
|
||||
```
|
||||
|
||||
If all shardholders are physically present, the Keyfork server can be started
|
||||
by running the following command:
|
||||
|
||||
```sh
|
||||
keyfork recover shard
|
||||
```
|
||||
|
||||
Otherwise, the Keyfork server can be started by transporting the shards to the
|
||||
machine using the following command:
|
||||
|
||||
```sh
|
||||
keyfork recover remote-shard
|
||||
```
|
||||
|
||||
Each shard can be transported by running the following command:
|
||||
|
||||
```sh
|
||||
keyfork shard transport shard.pgp
|
||||
```
|
||||
|
||||
### Deriving Keys
|
||||
|
||||
Keys can be derived from Keyfork using the `keyfork derive` command, such as
|
||||
the following command for an OpenPGP certificate with one of each subkey:
|
||||
|
||||
```sh
|
||||
keyfork derive openpgp "Ryan Heywood (RyanSquared) <ryan@distrust.co>"
|
||||
```
|
||||
|
||||
## Usage
|
||||
|
||||
Usage instructions can be found in the `keyfork-user-guide` mdBook, which can
|
||||
be opened in-browser by running `mdbook serve --open keyfork-user-guide`.
|
||||
Detailed usage instructions can be found in the `keyfork-user-guide` mdBook,
|
||||
which can be opened in-browser by running
|
||||
`mdbook serve --open keyfork-user-guide`.
|
||||
|
||||
<!--
|
||||
```
|
||||
|
|
Loading…
Reference in New Issue