From 5d9dc4d6a172699b95f059b3342ff4e7cc5ffe7f Mon Sep 17 00:00:00 2001
From: chengwenxi <vincent.ch.cn@gmail.com>
Date: Mon, 20 May 2019 17:07:49 +0800
Subject: [PATCH] Update kms document

---
 docs/software/kms/kms.md            | 34 +++++++++++---
 docs/software/kms/kms_yubihsm.md    | 73 -----------------------------
 docs/zh/software/kms/kms.md         | 35 +++++++++++---
 docs/zh/software/kms/kms_yubihsm.md | 73 -----------------------------
 4 files changed, 56 insertions(+), 159 deletions(-)
 delete mode 100644 docs/software/kms/kms_yubihsm.md
 delete mode 100644 docs/zh/software/kms/kms_yubihsm.md

diff --git a/docs/software/kms/kms.md b/docs/software/kms/kms.md
index 9c3707a53..f9a723dab 100644
--- a/docs/software/kms/kms.md
+++ b/docs/software/kms/kms.md
@@ -2,11 +2,11 @@
 
 ## What is a KMS?
 
-Please refer to [kms](https://github.com/irisnet/kms).
+Please refer to [kms](https://github.com/tendermint/kms).
 
 ## Building
 
-Detailed build instructions can be found [here](https://github.com/irisnet/kms#installation).
+Detailed build instructions can be found [here](https://github.com/tendermint/kms#installation).
 
 ::: tip
 When compiling the KMS, ensure you have enabled the applicable features:
@@ -19,15 +19,37 @@ When compiling the KMS, ensure you have enabled the applicable features:
 
 ## Configuration
 
-If you want to enable KMS, you need to edit `priv_validator_laddr` in your `~/.iris/config/config.toml` file first. E.g.：
+[tendermint/kms](https://github.com/tendermint/kms) supports all blockchains built on [tendermint](https://github.com/tendermint/tendermint) consensus engine, including IRIShub.
+
+If you want to enable KMS, you need to edit `priv_validator_laddr` in your `<iris_home>/config/config.toml` file first. E.g.:
+
 ```text
 # TCP or UNIX socket address for Tendermint to listen on for
 # connections from an external PrivValidator process
 priv_validator_laddr = "localhost:26658"
 ```
 
-The KMS provides different alternatives
+You can download the [example config file](https://github.com/tendermint/kms/blob/master/tmkms.toml.example) with support for IRIShub, you just have to edit it as follows:
+
+- Edit `addr` to point to your `iris` instance.
+- Adjust `chain-id` to match your `<iris_home>/config/genesis.json` settings.
+- Edit `auth` to authorize access to your yubihsm.
+- Edit `keys` to determine which pubkey you will be using.
+
+Then start tmkms:
+```bash
+tmkms start
+```
+
+A KMS can be configured in various ways:
+
+### Using a YubiHSM
+Detailed information on how to setup a KMS with YubiHSM2 can be found [here](https://github.com/tendermint/kms/blob/master/README.yubihsm.md).
+
+If you want to import IRIShub private_key that already exists, you can:
+```bash
+tmkms yubihsm keys import <iris_home>/config/priv_validator.json -i <id>
+``` 
 
-- [Using a CPU-based signer](kms_cpu.md)
-- [Using a YubiHSM](kms_yubihsm.md)
+### Using a Ledger device running the Tendermint app
 - [Using a Ledger device running the Tendermint Validator app](kms_ledger.md)
diff --git a/docs/software/kms/kms_yubihsm.md b/docs/software/kms/kms_yubihsm.md
deleted file mode 100644
index d2a36dc18..000000000
--- a/docs/software/kms/kms_yubihsm.md
+++ /dev/null
@@ -1,73 +0,0 @@
-# Setting up Tendermint KMS + YubiHSM
-
-::: danger Warning
-The following instructions are a brief walkthrough and not a comprehensive guideline.
-:::
-
-::: danger Warning
-KMS is currently work in progress. Details may vary. Use with care under your own risk.
-:::
-
-## YubiHSM
-[YubiHSM](https://www.yubico.com/products/yubihsm/): hardware security module providing root of trust for servers and computing devices.
-
-## KMS configuration
-
-In this section, we will configure a KMS to use YubiHSM. 
-
-#### Config file
-
-You can find other configuration examples [here](https://github.com/irisnet/kms/blob/master/tmkms.toml.example)
-
-- Create a `tmkms.toml` file with the following content:
-
-```toml
-# Example KMS configuration file
-[[validator]]
-addr = "tcp://localhost:26658"    # or "unix:///path/to/socket"
-chain_id = "irishub"
-reconnect = true # true is the default
-secret_key = "secret_connection.key"
-[[providers.yubihsm]]
-adapter = { type = "usb" }
-auth = { key = 1, password = "password" } # Default YubiHSM admin credentials. Change ASAP!
-keys = [{ id = "irishub", key = 1 }]
-#serial_number = "0123456789" # identify serial number of a specific YubiHSM to connect to
-```
-
-- Edit `addr` to point to your `iris` instance.
-- Adjust `chain-id` to match your `~/.iris/config/config.toml` settings.
-- Edit `auth` to authorize access to your yubihsm.
-- Edit `keys` to determine which pubkey you will be using. [How to import key?](#import-private-key)
-
-#### Import private key
-
-```bash
-tmkms yubihsm keys import  -p ~/.iris/config/priv_validator.json [key-id]
-```
-
-#### Generate connection secret key
-
-Now you need to generate secret_key:
-
-```bash
-tmkms keygen secret_connection.key
-```
-
-#### Start the KMS
-
-The last step is to retrieve the validator key that you will use in `iris`.
-
-Start the KMS:
-
-```bash
-tmkms start
-```
-
-The output should look similar to:
-
-```text
-07:28:24 [INFO] tmkms 0.3.0 starting up...
-07:28:24 [INFO] [keyring:ledgertm:ledgertm] added validator key icp1zcjduepqa9y67dqgug4u4stf5sf0arvjrnty8eenlfj22vnh78cmejd8qdss8t6ljg
-07:28:24 [INFO] KMS node ID: 1BC12314E2E1C29015B66017A397F170C6ECDE4A
-```
\ No newline at end of file
diff --git a/docs/zh/software/kms/kms.md b/docs/zh/software/kms/kms.md
index d8f908f6a..c8701332f 100644
--- a/docs/zh/software/kms/kms.md
+++ b/docs/zh/software/kms/kms.md
@@ -2,11 +2,11 @@
 
 ## 什么是KMS?
 
-请参阅[kms](https://github.com/irisnet/kms).
+请参阅[kms](https://github.com/tendermint/kms).
 
 ## 构建
 
-可以在[这里](https://github.com/irisnet/kms#installation)找到详细的构建说明。
+可以在[这里](https://github.com/tendermint/kms#installation)找到详细的构建说明。
 
 ::: tip
 在编译KMS的时候, 确保您已启用适用的功能：
@@ -17,17 +17,38 @@
 | YubiHSM               | ```cargo build --features yubihsm```  |
 | Ledger+Tendermint App | ```cargo build --features ledgertm``` |
 
-## Configuration
+## 配置
 
-如果要启用KMS，首先需要在`~/.iris/config/config.toml`文件中编辑`priv_validator_laddr`。例如：
+[tendermint/kms](https://github.com/tendermint/kms)支持所有基于[tendermint](https://github.com/tendermint/tendermint)共识引擎构建的区块链，包括IRIShub。
+
+如果要启用KMS，首先需要在`<iris_home>/config/config.toml`文件中编辑`priv_validator_laddr`。例如：
 ```text
 # TCP or UNIX socket address for Tendermint to listen on for
 # connections from an external PrivValidator process
 Priv_validator_laddr = "localhost:26658"
 ```
 
-KMS提供了不同的选择
+你可以下载[示例配置文件](https://github.com/tendermint/kms/blob/master/tmkms.toml.example)，其中包含对IRIShub的支持，你只需要做如下修改：
+
+- 编辑 `addr` 指向你的 `iris` 实例。
+- 调整 `chain-id` 以匹配你的 `<iris_home>/config/genesis.json` 设置。
+- 编辑 `auth` 以授权访问你的yubihsm。
+- 编辑 `keys` 确定您将使用哪个pubkey。
+
+然后启动tmkms:
+```bash
+tmkms start
+```
+
+KMS提供了多种选择
+
+### 使用YubiHSM
+有关如何使用YubiHSM2设置KMS的更多信息，请参阅[此处](https://github.com/tendermint/kms/blob/master/README.yubihsm.md)。
+
+如果要导入已存在的IRIShub private_key，可以：
+```bash
+tmkms yubihsm keys import <iris_home>/config/priv_validator.json -i <id>
+``` 
 
-- [Using a CPU-based signer](kms_cpu.md)
-- [Using a YubiHSM](kms_yubihsm.md)
+### 使用运行Tendermint app的ledger设备
 - [Using a Ledger device running the Tendermint Validator app](kms_ledger.md)
diff --git a/docs/zh/software/kms/kms_yubihsm.md b/docs/zh/software/kms/kms_yubihsm.md
deleted file mode 100644
index 8ba86db5c..000000000
--- a/docs/zh/software/kms/kms_yubihsm.md
+++ /dev/null
@@ -1,73 +0,0 @@
-# Setting up Tendermint KMS + YubiHSM
-
-::: danger Warning
-以下说明是一个简短的演练，而不是一个全面的指南。
-:::
-
-::: danger Warning
-KMS目前正在进行中。细节可能有所不同请谨慎使用，风险自负。
-:::
-
-## YubiHSM
-[YubiHSM](https://www.yubico.com/products/yubihsm/): hardware security module providing root of trust for servers and computing devices.
-
-## KMS配置
-
-在本节中，我们将配置KMS以使用YubiHSM。
-
-#### 配置文件
-
-可以在[这里](https://github.com/irisnet/kms/blob/master/tmkms.toml.example)找到其他配置示例。
-
-- 使用以下内容创建一个`tmkms.toml`文件：
-
-```toml
-# Example KMS configuration file
-[[validator]]
-addr = "tcp://localhost:26658"    # or "unix:///path/to/socket"
-chain_id = "irishub"
-reconnect = true # true is the default
-secret_key = "secret_connection.key"
-[[providers.yubihsm]]
-adapter = { type = "usb" }
-auth = { key = 1, password = "password" } # Default YubiHSM admin credentials. Change ASAP!
-keys = [{ id = "irishub", key = 1 }]
-#serial_number = "0123456789" # identify serial number of a specific YubiHSM to connect to
-```
-
-- 编辑 `addr` 指向你的 `iris` 实例。
-- 调整 `chain-id` 以匹配你的 `~/.iris/config/config.toml` 设置。
-- 编辑 `auth` 以授权访问你的yubihsm。
-- 编辑 `keys` 确定您将使用哪个pubkey。[如何导入密钥？](#导入私钥)
-
-#### 导入私钥
-
-```bash
-tmkms yubihsm keys import  -p ~/.iris/config/priv_validator.json [key-id]
-```
-
-#### 生成连接密钥
-
-现在你需要生成secret_key
-
-```bash
-tmkms keygen secret_connection.key
-```
-
-#### 启动KMS
-
-最后一步是检索将在`iris`中使用的验证人密钥。
-
-启动KMS:
-
-```bash
-tmkms start
-```
-
-The output should look similar to:
-
-```text
-07:28:24 [INFO] tmkms 0.3.0 starting up...
-07:28:24 [INFO] [keyring:ledgertm:ledgertm] added validator key icp1zcjduepqa9y67dqgug4u4stf5sf0arvjrnty8eenlfj22vnh78cmejd8qdss8t6ljg
-07:28:24 [INFO] KMS node ID: 1BC12314E2E1C29015B66017A397F170C6ECDE4A
-```
\ No newline at end of file