Prepare Quarantined Workspaces

This section is meant to be done immediately before executing the Deposit or Withdrawal protocols. If you are executing the Setup Protocol for the first time and do not plan on executing the Deposit or Withdrawal protocol now, you can stop here.

1. Block side channels:

   Side-channel attacks are a form of electronic threat based on the physical nature of computing hardware (as opposed to algorithms or their software implementations). Side channel attacks are rare, but it’s relatively straightforward to defend against most of them.

   1. Visual side channel:
      1. Ensure that no humans or cameras (e.g. home security cameras, which can be hacked) have visual line-of-sight to the Quarantined Computers.
      2. Close doors and window shades.
   2. Acoustic side channel:
      1. Choose a room where sound will not travel easily outside.
      2. Shut down nearby devices with microphones (e.g. smartphones and other laptops).
      3. Plug in and turn on a table fan to generate white noise.
   3. Power side channel:
      1. Unplug both Quarantined Computers from the wall.
      2. Run them only on battery power throughout this protocol.
      3. Make sure they are fully charged first! If you run out of battery, you’ll need to start over.
   4. Radio and other side channels. Including seismic, thermal, and magnetic:
      1. Turn off all other computers and smartphones in the room.
      2. Put portable computing devices in the Faraday bag and seal the bag.
      3. Unplug desktop computers.
2. Put your Q1 BOOT USB into an open slot in your Q1 computer.
3. Boot off the USB drive. If you’ve forgotten how, refer to the procedure in Section IV of the Setup Protocol.
4. Plug the Q1 APP USB into the Q1 computer.
5. Copy the software from the Q1 computer’s RAM disk:
   1. Click the File Manager icon from the launchpad on the left side of the screen.
   2. Click on the App USB on the left of the file manager.
   3. Drag the contents of the USB to the “Home” directory on the left side of file manager.
6. Open a copy of this document on the Q1 computer:

   1. In the File Manager find the glacier folder, the PDF file for this document should be visible with the name “Glacier.pdf.” Open it.

      Note: You won’t be able to click any external links in the document, since you don’t have a network connection. If you need to look something up on the internet, do so in a distant room. Do not remove devices from the Faraday bag before doing going to the other room.

7. Open a Terminal window by pressing Ctrl-Alt-T.
8. Install the application software on the Q1 computer’s RAM disk:
   1. Install applications from the apps folder:

       $ cd ~/apps
       $ sudo dpkg -i *.deb
      

   2. Install Bitcoin Core:
      1. Run commands to import and verify the Bitcoin Core release:

          $ cd ~/bitcoin
          $ gpg --import jon@atack.com
          $ gpg --verify SHA256SUMS.asc
         

      2. The output will include a lot of text, but ensure you see this:

          gpg: Good signature from "Jon Atack <jon@atack.com>" [unknown]
          gpg:                 aka "jonatack <jon@atack.com>" [unknown]
          gpg: WARNING: This key is not certified with a trusted signature!
          gpg:          There is no indication that the signature belongs to the owner.
          Primary key fingerprint: 8292 1A4B 88FD 454B 7EB8  CE3C 796C 4109 063D 4EAF
         

      3. Verify the fingerprints in the fingerprint file match the fingerprint of the downloaded file:

          $ sha256sum -c --ignore-missing SHA256SUMS
         

         The following output should be displayed:

          bitcoin-22.0-x86_64-linux-gnu.tar.gz: OK
         

      4. Extract the bitcoin core archive:

          $ tar xf bitcoin-22.0-x86_64-linux-gnu.tar.gz
         

      5. Export the path to the Bitcoin Core binaries:

          $ export PATH=$PATH:$HOME/bitcoin/bitcoin-22.0/bin
         

      6. Double check the bitcoin-cli command:

          $ which bitcoin-cli
         

         Should return:

          /home/ubuntu/bitcoin/bitcoin-22.0/bin/bitcoin-cli
         

9. Change into the glacier directory. You’ll be using this directory to execute software for the protocol:

    $ cd ~/glacier
   

10. Prepare GlacierScript for execution:

     $ chmod +x glacierscript.py
    

11. Prepare the “Quarantined Scratchpad” – an empty file you’ll use as a place to jot notes:
    1. Click the “Search your computer” icon at the top of the launcher along the left side of the screen.
    2. Type “text editor”.
    3. Click the Text Editor icon.
    4. A blank window should appear.
12. Repeat the above steps using the Q2 computer, Q2 BOOT USB and Q2 APP USB.