Keyholder Procedures
Bitcoin Commons uses cryptographic keyholders (maintainers) to sign governance decisions. This section describes procedures for keyholders.
Maintainer Responsibilities
Maintainers are responsible for:
- Reviewing Changes: Understanding the impact of proposed changes
- Signing Decisions: Cryptographically signing approved changes
- Maintaining Keys: Securely storing and managing cryptographic keys
- Following Procedures: Adhering to governance processes and review periods
Signing Process
- Review PR: Understand the change and its impact
- Generate Signature: Use
blvm-signfrom blvm-sdk - Post Signature: Comment
/governance-sign <signature>on PR - Governance App Verifies: Cryptographically verifies signature
- Status Check Updates: Shows signature count progress
Key Management
Key Generation
blvm-keygen --output maintainer.key --format pem
Key Storage
- Development: Test keys can be stored locally
- Production: Keys should be stored in HSMs (Hardware Security Modules)
- Backup: Secure backup procedures required
Key Rotation
Keys can be rotated through the governance process. See MAINTAINER_GUIDE.md for detailed procedures.
Emergency Keyholders
Emergency keyholders can activate emergency response classes defined in emergency-tiers.yml (see PR Process → Emergency Procedures):
- Activation (all classes): 5-of-7 emergency keyholders
- Critical class: 4-of-7 maintainer signatures after activation; maximum 7 days
- Urgent class: 5-of-7 signatures; maximum 30 days
- Elevated class: 6-of-7 signatures; maximum 90 days
Release Pipeline Gate Strength
Figure: Gate strength across the release pipeline. Each gate requires specific signatures and review periods based on the change tier.
For detailed maintainer procedures, see MAINTAINER_GUIDE.md.
See Also
- PR Process - How maintainers sign PRs
- Multisig Configuration - Signature threshold requirements
- Layer-Tier Model - Governance tier system
- Governance Model - Governance system
- Governance Overview - Governance system introduction