docs/shard: fixup documentation for new QR code scanning system

2024-02-04 23:06:30 -05:00 · 2024-02-04 23:06:30 -05:00 · d6b52a8f0a
parent b3a05277e8
commit d6b52a8f0a
1 changed files with 13 additions and 6 deletions
--- a/docs/src/shard.md
+++ b/docs/src/shard.md
@ -35,24 +35,31 @@ to be entered. Once the shard is decrypted, the Keyfork server will start.
 ## Starting Keyfork using remote systems

 A line of communication should be established with the shardholders, but can be
-public and/or insecure. On the system intended to run the Keyfork server, the
+public and/or recorded. On the system intended to run the Keyfork server, the
 following command can be run:

 ```sh
 keyfork recover remote-shard
 ```

-This command will continuously prompt 33 words followed by a QR code containing
-the words, and read in 72 words until all necessary shards are recovered.
+The command will continuously prompt a QR code, followed by 33 words, to be
+sent to the remote operator. The operator must then perform their operations
+and send back their own QR code, optionally followed by 72 words. The QR code
+must be scanned by Keyfork, else the 72 words will be required.

-Shardholders should run the following command to transport their shards:
+### Shard Transport
+
+Upon receiving the QR code and/or the 33 words, Shardholders should run the
+following command to transport their shards:

 ```sh
 keyfork shard transport < shards.pgp
 ```

-This command will read in 33 words, prompt for a smartcard PIN, and prompt 72
-words, followed by a QR code containing the words.
+The QR code must be scanned by Keyfork, else the 33 words will be required.
+Once entered, Keyfork will prompt with a new QR code and 72 words. A picture of
+the QR code and (if requested by the lead operator) 72 words should be sent
+back.

 ## Example: Deriving an OpenPGP key for Encryption