various docs
diff --git a/docs/api-details/api.md b/docs/api-details/api.md
new file mode 100644
index 0000000..2e71961
--- /dev/null
+++ b/docs/api-details/api.md
@@ -0,0 +1,7 @@
+---
+id: api
+title: API
+sidebar_label: API
+---
+
+[API](/swagger/index.html)
\ No newline at end of file
diff --git a/docs/api-details/authentication.md b/docs/api-details/authentication.md
new file mode 100644
index 0000000..fdc71ed
--- /dev/null
+++ b/docs/api-details/authentication.md
@@ -0,0 +1,25 @@
+---
+id: authentication
+title: Authentication
+sidebar_label: Authentication
+---
+When you first install Milagro DTA the API endpoints are not authenticated by default. In otherwords any simple CURL command will ellicit the expected reposnse. Milagro DTA supports oAth bearer token authentication our of the box
+
+:::caution
+We strong recommend that you ***do not*** run Milagro DTA server without authentication
+:::
+
+To configure authentication all that is required is a standard oAuth 2.0 service. If you do not have an oAuth service currently running in your own infrastructure we recommend any of these fine service providers who will be able to authenticate your API users.
+* [AWS Cognito](https://aws.amazon.com/cognito/)
+* [Azure Active Directory](https://azure.microsoft.com/en-gb/services/active-directory/)
+* [AuthO](https://auth0.com/)
+
+## Configuration
+
+```
+config.yaml
+
+
+
+
+
diff --git a/docs/api-details/configuration.md b/docs/api-details/configuration.md
index 6f7b9f6..64322d8 100644
--- a/docs/api-details/configuration.md
+++ b/docs/api-details/configuration.md
@@ -3,8 +3,19 @@
title: Configuration
sidebar_label: Configuration
---
-Config file
+Milagro DTA can be passed options at start-up either via the congif.yaml file, by command line arguments or environment variables. Thesefull list of options are defined in milagro/service/flags/flags.go. But the minimum configuration is:
+```
+config.yaml
-Flags
+listen_type: http
+listen_addr: :port
+kvstore: ***local*** NOTE: CHANGE THIS!
+cors-allow: http://localhost:port - if you are hitting the API from a browser
-Env vars
\ No newline at end of file
+
+cli
+
+./milagro-dta -listen-addr=http://localhost:port
+
+
+```
\ No newline at end of file
diff --git a/docs/d-ta-overview.md b/docs/d-ta-overview.md
index 5fb14bb..b5d4886 100644
--- a/docs/d-ta-overview.md
+++ b/docs/d-ta-overview.md
@@ -15,7 +15,9 @@
## Milagro DTA Security
-The key seed is the focus of the system - Milagro DTA aims to provide a method for communicating with organisations who provide services for securing seeds (Custodians), it does not prescribe how the securing should be done. We hope that many custodial services will adopt Milagro as a communication protocol and that they will bring a proffusion of security paradigms: working together we can make the Internet a safer place. The most basic implementation of Milagro DTA should secure seeds in an HSM using a PKCS#11 interface. (We aim to publish a PKCS11 driver in a subsequent release)
+The **Seed** is the focus of the system - Milagro DTA aims to provide a method for communicating with organisations who provide services for securing seeds (Custodians), it does not prescribe how the securing should be done. The most basic implementation of Milagro DTA should secure seeds in an HSM using a PKCS#11 interface. (We aim to publish a PKCS11 driver in a subsequent release).
+
+We hope that many custodial services will adopt Milagro as a communication protocol and that they will bring a profusion of security paradigms amd that by working together we can make a dynamic market place for custodial services and together make the Internet a safer place.
## The Milagro DTA Communication Protocol
Milagro DTA provides a secure, distributed method of communication between beneficiaries, principals and fiduciaries. It aims to solve the following problems:
@@ -25,7 +27,7 @@
**Answer:** [Identity Documents](dta-details/identity-documents.md)
2. How can records of interactions between actors in the system be trusted and verified?
- **Answer:** [Encrypted Envelopes](dta-details/encrypted-envelope.md) via [IPFS](dta-details/why-ipfs.md)
+ **Answer:** [Encrypted Envelopes](dta-details/encrypted-envelope.md) via [IPFS](dta-details/ipfs.md)
3. How can conditions for revealing or using secrets be specified?
**Answer:** Redemption Policies
diff --git a/docs/dta-details/identity-documents.md b/docs/dta-details/identity-documents.md
index 87c88d6..fb91139 100644
--- a/docs/dta-details/identity-documents.md
+++ b/docs/dta-details/identity-documents.md
@@ -8,24 +8,27 @@
In order to create an identity document Milagro DTA provides the following endpoint.
[POST: /identity](http://localhost:3000/swagger/index.html#/identity/createIdentity)
+An Identity Document contains public keys for signing and key encapsulation.
-An Identity Document contains public keys for signing and key encapsulation. The defitnition of an identity document is:
+:::note The Milagro DTA communication protocol uses protobufs for serialisation.
+[Click here for more information about Protocol Buffers](https://developers.google.com/protocol-buffers/)
+:::
+
+The definition of an identity document is:
```
message IDDocument {
string AuthenticationReference = 2 ;
bytes SikePublicKey = 3 ;
- bytes PicnicPublicKey = 4 ;
- string Handle = 5 ;
- string Email = 6 ;
- string Username = 7 ;
- int64 Timestamp = 8;
+ bytes PicnicPublicKey = 4 ;
+ string Username = 5 ;
+ int64 Timestamp = 6 ;
}
```
-* Note: The Milagro DTA communication protocol uses [protobufs](https://developers.google.com/protocol-buffers/) for serialisation
-* `AuthenticationReference` refers to Milagro's out of the box [oAuth integration](authentication.md)
+
+* `AuthenticationReference` refers to Milagro's out of the box [oAuth integration](api-details/authentication.md)
The node that is used to create an identity document will store the seed and secret keys associated with the Identity. In RC1 these are stored as a JSON file in the key value store:
diff --git a/docs/dta-details/why-ipfs.md b/docs/dta-details/ipfs.md
similarity index 95%
rename from docs/dta-details/why-ipfs.md
rename to docs/dta-details/ipfs.md
index 627934f..ba296f5 100644
--- a/docs/dta-details/why-ipfs.md
+++ b/docs/dta-details/ipfs.md
@@ -1,7 +1,7 @@
---
-id: why-ipfs
-title: Why IPFS?
-sidebar_label: Why IPFS?
+id: ipfs
+title: IPFS
+sidebar_label: IPFS
---
Milagro DTA aims to provide and auditable record of all interactions between actors in the system. It is vital that all the actors in the system can refer to an agreed record of these transactions in case of dispute or in response to requests from third parties such as law enforcement, audit or compliance. Milagro creates immutable, secure and attributable records of every interaction that occurs in the lifecycle of the actors and their dealings with secrets. We do this using the Inter Planetary File System - [IPFS](https://ipfs.io/).
diff --git a/docs/dta-details/quickstart.md b/docs/dta-details/quickstart.md
new file mode 100644
index 0000000..07f0e9e
--- /dev/null
+++ b/docs/dta-details/quickstart.md
@@ -0,0 +1,63 @@
+---
+id: quickstart
+title: Quick Start
+sidebar_label: Quick Start
+---
+Milagro DTA is designed to be built into the workflow of any organisation that needs to entrust another organisation to store the secret part of a key pair securely. It provides a [simple REST api](/swagger/index.html) "out-of-the-box" that can easily be integrated with an existing back office system, called from a front-end application or called from CURL, Postman, Swagger etc.
+
+## Configure a Pair
+In order to see Milagro in action you need a pair of servers: a Principal and Fiduciary.
+
+1. Download and install the Milagro DTA by following these instructions...TBD
+2. By default the server will startup on port 5555, start one node on using this default port, this will be the Fiduciary (custody server)
+
+`./milagrodta`
+
+3. We will change the config for the Principal (client) node. [Click here to find out more about the configuration options](api-details/configuration.md) If you are building from source the easiest way to change the config is via the configuration file e.g.
+
+```
+/cmd/service/flags.go
+
+listen_addr : 5556 /* Choose a port for this server*/
+
+custody_server: http://localhost:5556 /*Point to the Fiduciary (custody) server*/
+
+```
+Or use command line options like this...
+```
+$ ./milagro-dta -listen-addr :5556 -custody-server http://localhost:5555
+```
+
+## Bootstrapping An Identity
+
+In order to run a Milagro DTA Node it needs to be configured with an identity. This is usually passed to the node via one of the [configuration options](api-details/configuration.md), however if you are running a server for the first time it will prompt you to create a new one by entering a name string.
+
+
+
+(If the server is being restarted it will allow you to select a previously created ID)
+
+## Hitting the API
+
+The API has three parts to it:
+
+1. **Identity Endpoints** - that support creation and retrieval of [identity documents](dta-details/identity-documents.md)
+2. **Secret Endpoints**
+ 1. Creates orders for new secrets
+ 2. Requests for secret keys to be revealed (redeemed)
+ 3. Allows orders to be searched and listed
+3. **Fulfillment RPC** - these are the server-to-server remnote procedure calls that enable the Principal DTA to communicate with the Fiduciary DTA
+
+The details of the API can be [seen here...](/swagger/index.html)
+
+### Example - To create a new Identity
+
+```
+curl -X POST "http://localhost:5556/identity" -H "accept: application/json" -H "Content-Type: application/json" -d "{\"name\":\"thisNode\"}"
+```
+
+
+
+
+
+
+
diff --git a/docs/dta-details/usage.md b/docs/dta-details/usage.md
deleted file mode 100644
index e0184f6..0000000
--- a/docs/dta-details/usage.md
+++ /dev/null
@@ -1,22 +0,0 @@
----
-id: usage
-title: Using Milagro DTA
-sidebar_label: Using Milagro DTA
----
-Milagro DTA is designed to be built into the workflow of any organisation that needs to entrust another organisation to store the secret part of a key pair securely. It provides a [simple REST api](/swagger/index.html) "out-of-the-box" that can easily be integrated with an existing back office system or attached to a front-end application (or called from CURL, Postman, Swagger etc. if you just want to see what it does).
-
-The API has three parts to it:
-
-1. _Identity Endpoints_ - that support creation and retrieval of identity documents
-2. Secret Endpoints
- 1. Creates orders for new secrets
- 2. Requets for existing secret keys to be revealed (redeemed)
- 3. Allows orders to be searched and listed
-3. Fulfilment RPC - these are the server-to-server calls that enable the Principal DTA to communicate with the Fiduciary
-
-## Bootstrapping An Identity
-
-In order to run a Milagro DTA Node it needs to be configured with an idenity. This is usually passed to the node via one of the [configuration options](api-details/configuration.md), however if you are running a server for the first time it will prompt you to create a new one.
-
-
-
diff --git a/website/sidebars.json b/website/sidebars.json
index 2e84d86..3eb2f13 100644
--- a/website/sidebars.json
+++ b/website/sidebars.json
@@ -19,16 +19,17 @@
{
"type":"subcategory",
"label":"DTA Details",
- "ids":[ "dta-details/usage",
+ "ids":[ "dta-details/quickstart",
"dta-details/identity-documents",
"dta-details/encrypted-envelope",
- "dta-details/why-ipfs"
- ]
+ "dta-details/ipfs"]
},
{
"type":"subcategory",
"label":"Set Up Instructions",
- "ids":["api-details/configuration"]
+ "ids":["api-details/configuration",
+ "api-details/authentication",
+ "api-details/api"]
}
],
"ZKP-MFA Clients/Servers": [
diff --git a/website/static/img/dta/initID.png b/website/static/img/dta/initID.png
new file mode 100644
index 0000000..713c6dd
--- /dev/null
+++ b/website/static/img/dta/initID.png
Binary files differ
