Export Namespace Mnemonic

Requirements

• For ALL tamper proofed hardware used in the ceremony, both operators MUST print photographic evidence from digital cameras which is stored in a PGP signed repository. The photographs should be of the top and underside of the vacuum sealed object.

  • The operators should verify the commit signatures of the photographs they are printing against a list of permitted PGP keys found in the "ceremonies" repo

• AirgapOS SD card

  • Provided by Air-Gapped Bundle
  • Alternative: Create your own from documentation in AirgapOS Repository

• AirgapOS Laptop

  • Provided by Air-Gapped Bundle
  • Alternative: Computer that can load AirgapOS (compatibility reference)

• Minimum of 1 Operator and 1 Witness

  • Personal PGP key pair for each operator

• Tamper-proofing equipment

• SD Card Pack

• Trove SD Card

• High Visibility Storage: plastic container or bag that's used to keep items while not in use in a visible location like the middle of a desk.

Procedure

1. Enter the designated location with the quorum of operators and all required equipment

2. Lock access to the location - there should be no inflow or outflow of people during the ceremony

3. Place Trove SD card in High Visibility Storage

4. Retrieve sealed Air-Gapped bundle, polaroid of tamper evidence, and online laptop from locked storage

   Vacuum sealing based tamper proofing

   a. Retrieve digital/physical photographs of both sides of sealed bundle

   b. Compare all photographs to object for differences

   c. Proceed with unsealing the object if no differences are detected

   Safe based tamper proofing

   1. Inspect the safe for any signs of tampering

   2. Retrieve items from the safe

5. Place all contents except for the laptop into High Visibility Storage

6. Retrieve AirgapOS SD card and plug it into the air-gapped machine

7. Boot the computer

8. Unplug the AirgapOS SD card and place it in High Visibility Storage

9. Retrieve Trove SD card from High Visibility Storage and plug it into the air-gapped machine

10. Recover the mnemonic from an existing shardfile

    • keyfork shard combine /media/trove/<namespace>/shardfile.asc | keyfork-mnemonic-from-seed > mnemonic.txt

11. Follow on screen prompts

12. Unplug the Trove SD card and place it in High Visibility Storage

13. Unseal the SD Card Pack

    Vacuum sealing based tamper proofing

    a. Retrieve digital/physical photographs of both sides of sealed bundle

    b. Compare all photographs to object for differences

    c. Proceed with unsealing the object if no differences are detected

    Safe based tamper proofing

    1. Inspect the safe for any signs of tampering

    2. Retrieve items from the safe

14. Put the mnemonic on an SD card for transport or use cat command to output it in the terminal for entry into a hardware wallet or otherwise

    • WARNING: if displaying on screen, ensure nothing else can see the mnemonic. It is recommended to cover the operator and the machine with a blanket to obstruct the view of the screen.

15. Shut down the air gapped machine

16. Gather all the original items that were in the air-gapped bundle:

    • Air-gapped computer

    • AirgapOS SD card

    Vacuum sealing based tamper proofing

    1. Insert object(s) into plastic sealing bag

    2. Fill bag with enough plastic beads that most of the object is surrounded

    3. Use vacuum sealer to remove air from the bag until the beads are no longer able to move

    4. Take photographs of both sides of the sealed object using both the digital and polaroid camera

    5. Date and sign the polaroid photographs and store them in a local lock box

    6. Take the SD card to an online connected device, ensuring continued dual custody, and commit the tamper evidence photographs to a repository. If two individuals are present, have one create a PR with a signed commit, and the other do a signed merge commit.

    Safe based tamper proofing

    1. Place items into safe

    2. Ensure the safe is properly locked