Skip to content

Commit 5079b6d

Browse files
xrissoulaxrissoula
committed
Fixed image embedding in root keypair generation doc
1 parent e119540 commit 5079b6d

File tree

1 file changed

+10
-15
lines changed

1 file changed

+10
-15
lines changed

docs/reference/root-keypair-generation.md

Lines changed: 10 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -39,43 +39,41 @@ A hybrid cryptosystem consists of:
3939

4040
Before we can encrypt anything, we must generate the Ed25519 Root Keypair.
4141

42-
[Insert Image Here: Hybrid Cryptosystem Diagram]
43-
42+
![Step 1](kgd-s1.svg)
4443
---
4544

4645
## Generating the Root Keypair
4746
The process is deterministic, secure, and clean.
4847

49-
### Step 1: Root Keypair Generation Begins
48+
### Root Keypair Generation Begins
5049
* The user or console triggers keypair generation.
5150
* The system gathers high-entropy randomness to ensure security.
5251

53-
[Insert Image Here: Root Keypair Generation Trigger]
54-
52+
![Step 2](kgd-s2.svg)
5553
---
5654

57-
### Step 2: BIP39 Wordlist & Recovery Code
55+
### BIP39 Wordlist & Recovery Code
5856
* Entropy is converted into a mnemonic phrase using the BIP39 English Wordlist .
5957
* The 24-word recovery code represents 264 bits of entropy.
6058

61-
[Insert Image Here: BIP39 Recovery Code Generation]
59+
![Step 3](kgd-s3.svg)
6260

6361
---
6462

65-
### Step 3: Mnemonic to Binary Seed
63+
### Mnemonic to Binary Seed
6664
* The 24-word recovery code is converted into a binary seed using PBKDF2.
6765
* Uses HMAC-SHA512 with 2048 iterations.
6866
* The binary seed is 512 bits, then truncated to 256 bits.
6967

70-
[Insert Image Here: PBKDF2 & Binary Seed Truncation]
68+
![Step 4](kgd-s4.svg)
7169

7270
---
7371

74-
### Step 4: Generating the Keypair
72+
### Generating the Keypair
7573
* The 256-bit seed is fed into the Ed25519 algorithm to generate a private key.
7674
* Scalar multiplication is performed to derive the public key.
7775

78-
[Insert Image Here: Private Key & Public Key Generation]
76+
![Step 5](kgd-s5.svg)
7977

8078
---
8179

@@ -91,8 +89,7 @@ The Data Encryption Key (DEK) is derived from the Root Keypair using a Key Deriv
9189
3. Store or Re-Derive the DEK
9290
* The DEK is either stored securely or regenerated when needed.
9391

94-
[Insert Image Here: DEK Generation Process]
95-
92+
![Step 6](kgd-s6.svg)
9693
---
9794

9895
## Final Output: The Root Keypair
@@ -102,8 +99,6 @@ The Data Encryption Key (DEK) is derived from the Root Keypair using a Key Deriv
10299
* 256-bit Ed25519 key provides same security as a 3072-bit RSA key.
103100
* Public key can be encoded using multibase base32z.
104101

105-
[Insert Image Here: Final Root Keypair Output]
106-
107102
---
108103

109104
## Wrapping It Up

0 commit comments

Comments
 (0)