d-bis/the_order
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8649ad41242e8aa5e73c5a026a43ea7762b4db2e
the_order/docs/governance/root-key-ceremony-runbook.md
defiQUG 2633de4d33 feat(eresidency): Complete eResidency service implementation 
- Implement credential revocation endpoint with proper database integration
- Fix database row mapping (snake_case to camelCase) for eResidency applications
- Add missing imports (getRiskAssessmentEngine, VeriffKYCProvider, ComplyAdvantageSanctionsProvider)
- Fix environment variable type checking for Veriff and ComplyAdvantage providers
- Add required 'message' field to notification service calls
- Fix risk assessment type mismatches
- Update audit logging to use 'verified' action type (supported by schema)
- Resolve all TypeScript errors and unused variable warnings
- Add TypeScript ignore comments for placeholder implementations
- Temporarily disable security/detect-non-literal-regexp rule due to ESLint 9 compatibility
- Service now builds successfully with no linter errors

All core functionality implemented:
- Application submission and management
- KYC integration (Veriff placeholder)
- Sanctions screening (ComplyAdvantage placeholder)
- Risk assessment engine
- Credential issuance and revocation
- Reviewer console
- Status endpoints
- Auto-issuance service
2025-11-10 19:43:02 -08:00

337 lines
6.3 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# Root Key Ceremony Runbook
**Date:** Friday, December 5, 2025, 10:0013:00 PT
**Location:** Secure facility (airgapped room), dualcontrol entry
**Status:** Scheduled
---
## Roles & Responsibilities
### Ceremony Officer
* Leads the ceremony
* Ensures all steps are followed
* Documents all actions
* Coordinates with witnesses
### Key Custodians (3)
* Multi-party control (2-of-3)
* Participate in HSM initialization
* Witness key generation
* Verify backup procedures
### Auditor
* Independent verification
* Reviews all procedures
* Validates artifacts
* Signs off on completion
### Witnesses (2)
* External observers
* Verify procedures
* Sign witness statements
* Maintain independence
### Video Scribe
* Records the ceremony
* Documents all actions
* Creates tamper-evident archive
* Provides notarization support
---
## Pre-Ceremony Checklist
### Week Before
- [ ] Confirm all participants
- [ ] Verify secure facility access
- [ ] Test HSM equipment
- [ ] Prepare tamper-evident bags
- [ ] Schedule notary
- [ ] Prepare ceremony scripts
### Day Before
- [ ] Room sweep & security check
- [ ] Device inventory
- [ ] Hash baseline of all equipment
- [ ] Verify air-gap status
- [ ] Test recording equipment
- [ ] Prepare backup media
### Day Of (Pre-Ceremony)
- [ ] Final room sweep
- [ ] Verify all participants present
- [ ] Check recording equipment
- [ ] Verify HSM status
- [ ] Confirm air-gap maintained
- [ ] Begin video recording
---
## Ceremony Steps
### 1. Room Sweep & Hash Baseline
**Duration:** 15 minutes
**Actions:**
1. Verify room is secure and air-gapped
2. Inventory all devices and equipment
3. Create hash baseline of all equipment
4. Document all serial numbers
5. Verify no unauthorized devices
**Artifacts:**
* Device inventory list
* Hash baseline document
* Room security checklist
### 2. HSM Initialization (M of N)
**Duration:** 30 minutes
**Actions:**
1. Initialize Thales Luna HSM
2. Configure multi-party control (2-of-3)
3. Verify key custodian access
4. Test HSM functionality
5. Document HSM configuration
**Artifacts:**
* HSM configuration document
* Key custodian access logs
* HSM test results
### 3. Generate Root Key
**Duration:** 45 minutes
**Actions:**
1. Generate root key pair in HSM
2. Verify key generation
3. Extract public key
4. Create Certificate Signing Request (CSR)
5. Document key parameters
**Artifacts:**
* Root key generation log
* Public key certificate
* CSR document
* Key parameters document
### 4. Seal Backups
**Duration:** 30 minutes
**Actions:**
1. Create encrypted backups
2. Seal backups in tamper-evident bags
3. Label all backups
4. Verify backup integrity
5. Store backups in secure location
**Artifacts:**
* Backup inventory
* Tamper-evident bag log
* Backup integrity checks
* Storage location record
### 5. Sign Issuing CA
**Duration:** 30 minutes
**Actions:**
1. Generate Issuing CA certificate
2. Sign with root key
3. Verify certificate signature
4. Publish certificate
5. Document certificate details
**Artifacts:**
* Issuing CA certificate
* Certificate signature verification
* Certificate publication record
* Certificate details document
### 6. Publish Fingerprints
**Duration:** 20 minutes
**Actions:**
1. Calculate certificate fingerprints
2. Publish fingerprints publicly
3. Create DID documents (offline)
4. Prepare for online publication
5. Document publication process
**Artifacts:**
* Fingerprint document
* DID documents
* Publication record
* Online bridge preparation
### 7. Record & Notarize Minutes
**Duration:** 30 minutes
**Actions:**
1. Compile ceremony minutes
2. Have all participants sign
3. Notarize minutes
4. Create tamper-evident archive
5. Store original minutes
**Artifacts:**
* Ceremony minutes
* Participant signatures
* Notarized document
* Tamper-evident archive
* Storage record
---
## Artifacts Checklist
### Required Artifacts
- [ ] Root CSR
- [ ] CP/CPS v1.0
- [ ] Offline DID documents
- [ ] Hash manifest
- [ ] Sealed tamper-evident bags
- [ ] Ceremony minutes
- [ ] Participant signatures
- [ ] Notarized document
- [ ] Video recording
- [ ] Backup media
### Verification
- [ ] All artifacts present
- [ ] All signatures collected
- [ ] Video recording complete
- [ ] Backups verified
- [ ] Certificates published
- [ ] DID documents prepared
---
## Post-Ceremony Tasks
### Immediate (Day Of)
- [ ] Secure all artifacts
- [ ] Verify backup storage
- [ ] Publish fingerprints
- [ ] Notarize minutes
- [ ] Archive video recording
### Week After
- [ ] Publish DID documents online
- [ ] Update certificate registry
- [ ] Distribute artifacts to custodians
- [ ] Create ceremony report
- [ ] Schedule audit review
### Month After
- [ ] External audit review
- [ ] Update CP/CPS if needed
- [ ] Publish ceremony report
- [ ] Schedule next ceremony review
- [ ] Update procedures based on lessons learned
---
## Security Measures
### Physical Security
* Air-gapped room
* Dual-control entry
* No unauthorized devices
* Continuous video recording
* Witnessed procedures
### Cryptographic Security
* HSM-protected keys
* Multi-party control
* Encrypted backups
* Tamper-evident seals
* Hash verification
### Procedural Security
* Scripted procedures
* Independent verification
* Witnessed actions
* Documented steps
* Notarized records
---
## Incident Response
### Key Compromise
1. Immediately halt ceremony
2. Document incident
3. Notify all participants
4. Secure all artifacts
5. Begin investigation
6. Reschedule ceremony
### Equipment Failure
1. Document failure
2. Verify no key exposure
3. Replace equipment
4. Resume from last verified step
5. Update procedures
### Procedural Error
1. Document error
2. Assess impact
3. Correct if possible
4. Restart affected step
5. Update procedures
---
## Contacts
### Ceremony Officer
* Name: [TBD]
* Email: [TBD]
* Phone: [TBD]
### Key Custodians
* Custodian 1: [TBD]
* Custodian 2: [TBD]
* Custodian 3: [TBD]
### Auditor
* Name: [TBD]
* Email: [TBD]
* Phone: [TBD]
### Witnesses
* Witness 1: [TBD]
* Witness 2: [TBD]
### Video Scribe
* Name: [TBD]
* Email: [TBD]
* Phone: [TBD]
---
## Revision History
| Version | Date | Author | Changes |
|---------|------|--------|---------|
| 1.0 | 2025-11-10 | Ceremony Officer | Initial runbook |
---
## Approval
**Ceremony Officer:** _________________ Date: _________
**CISO:** _________________ Date: _________
**Founding Council:** _________________ Date: _________
Reference in New Issue View Git Blame Copy Permalink