Important - Private Keys

Honse Farm uses public and private key cryptography to sign messages between servers in the federation. This ensures that all communication is authentic and secure. Your server's identity and ability to communicate with other servers in the federation depend entirely on these cryptographic keys.

Key Files Location

Your server's cryptographic keys are stored in the /opt/honsefarm/data/certs folder. This directory contains three critical files:

• ServerId.key - Your server's private key (never share this)
• ServerId.pub - Your server's public key (shared with other servers)
• ServerId.Recovery.txt - Your recovery key in mnemonic format

Recovery Key Format

When your server is first set up, a recovery file (ServerId.Recovery.txt) is automatically generated. This file contains your recovery mnemonic in the following format:

Server ID: {SERVER NAME}
Created: 2025-12-10 21:34:41 UTC
Mnemonic: modify word some other tobacco horse pave inquiry crash onion often imitate

IMPORTANT: Store this mnemonic phrase securely.
To recover: Use the same mnemonic phrase to regenerate the identical key pair.
Never share your private key or mnemonic phrase with anyone.

The mnemonic phrase is a series of 12 words that can be used to regenerate your exact private and public keys.

Key Recovery Process

If you lose your ServerId.key and ServerId.pub files (due to hardware failure, data corruption, or server migration), you can restore them using your recovery file.

To restore your keys:

1. Ensure your ServerId.Recovery.txt file is in the /opt/honsefarm/data/certs folder
2. Delete the corrupted or missing ServerId.key and ServerId.pub files (if they exist)
3. Restart the HonseFarm.Server service

The server software will automatically detect the recovery file and regenerate your identical ServerId.key and ServerId.pub files from the mnemonic phrase.

Why This Matters

Your private key is used exclusively by HonseFarm.Server to:

• Sign outgoing messages to prove they came from your server
• Establish trust with other servers in the federation
• Maintain your server's unique identity in the network

Without your private key:

• Your server cannot sign messages
• Other servers will reject communication from your server
• You cannot recover your server's identity or reputation
• You will need to set up a completely new server identity

Understanding Mnemonic Keys

A mnemonic phrase (also called a seed phrase) is a human-readable representation of cryptographic entropy. Instead of backing up a complex binary private key, you back up a series of simple words.

Technical Overview

The mnemonic system works through a standardized process:

1. Entropy Generation: When your server is first created, it generates 128-256 bits of cryptographic entropy (random data)
2. Word Encoding: This entropy is encoded into 12-24 words selected from a standardized dictionary of 2048 words
3. Deterministic Derivation: The mnemonic phrase is processed through a key derivation function (typically PBKDF2 or similar) to generate a seed
4. Key Reconstruction: This seed is used to deterministically generate your private key using the same algorithm every time

Because the process is deterministic, the same mnemonic phrase will always produce the exact same private key. This means:

• Your 12-word phrase contains all the information needed to reconstruct your private key
• The mathematical process is one-way: you cannot derive the mnemonic from the private key
• Anyone with access to your mnemonic can regenerate your private key

This is why protecting your mnemonic phrase is equivalent to protecting your private key itself. The mnemonic is simply a more human-friendly way to store and transport the same cryptographic material.