Initial restructure PoC (#1085)

* [WIP] initial restructure PoC Signed-off-by: Alexandra Tran <alexandra.tran@consensys.net> * finish public networks restructure Signed-off-by: Alexandra Tran <alexandra.tran@consensys.net> * private network restructure except tutorials Signed-off-by: Alexandra Tran <alexandra.tran@consensys.net> * finish private networks restructure Signed-off-by: Alexandra Tran <alexandra.tran@consensys.net> * add monitoring index page Signed-off-by: Alexandra Tran <alexandra.tran@consensys.net> * fix link errors Signed-off-by: Alexandra Tran <alexandra.tran@consensys.net> * more link fixes Signed-off-by: Alexandra Tran <alexandra.tran@consensys.net> * mkdocs fixes Signed-off-by: Alexandra Tran <alexandra.tran@consensys.net> * fix link and add nav tabs Signed-off-by: Alexandra Tran <alexandra.tran@consensys.net> * more link fixes Signed-off-by: Alexandra Tran <alexandra.tran@consensys.net> * update and move mining, onchain permissioning, and key mgmt content Signed-off-by: Alexandra Tran <alexandra.tran@consensys.net> * Update home page and add network index pages Signed-off-by: Alexandra Tran <alexandra.tran@consensys.net> * md fix Signed-off-by: Alexandra Tran <alexandra.tran@consensys.net> * update and restructure tls, bootnode, and protocol upgrade content Signed-off-by: Alexandra Tran <alexandra.tran@consensys.net> * initial add global variables Signed-off-by: Alexandra Tran <alexandra.tran@consensys.net> * final variable files Signed-off-by: Alexandra Tran <alexandra.tran@consensys.net> * mkdocs changes Signed-off-by: Alexandra Tran <alexandra.tran@consensys.net> * Some link fixes and content updates Signed-off-by: Alexandra Tran <alexandra.tran@consensys.net> * more link fixes Signed-off-by: Alexandra Tran <alexandra.tran@consensys.net> * restructure #3 - no variables Signed-off-by: Alexandra Tran <alexandra.tran@consensys.net> * update private network links Signed-off-by: Alexandra Tran <alexandra.tran@consensys.net> * fix private network links + md Signed-off-by: Alexandra Tran <alexandra.tran@consensys.net> * update headings Signed-off-by: Alexandra Tran <alexandra.tran@consensys.net> * remove dead link Signed-off-by: Alexandra Tran <alexandra.tran@consensys.net> * minor homepage fix Signed-off-by: Alexandra Tran <alexandra.tran@consensys.net> * fix links and address feedback Signed-off-by: Alexandra Tran <alexandra.tran@consensys.net> * add HA and plugins material Signed-off-by: Alexandra Tran <alexandra.tran@consensys.net> * minor addition Signed-off-by: Alexandra Tran <alexandra.tran@consensys.net> * fix typo Signed-off-by: Alexandra Tran <alexandra.tran@consensys.net> * Integrate more feedback Signed-off-by: Alexandra Tran <alexandra.tran@consensys.net> * minor edits Signed-off-by: Alexandra Tran <alexandra.tran@consensys.net>
2 years ago · 4a96954293
parent 6c3912c219
commit 4a96954293
176 changed files with 6296 additions and 5520 deletions
--- a/DCO.md
+++ b/DCO.md
@ -2,7 +2,7 @@ Developer Certificate of Origin
 ===============================
 Per section 13.a of the
-[Hyperledger Charter](https://www.hyperledger.org/about/charter), all code
+[Hyperledger Charter](https://www.hyperledger.org/about/charter-2), all code
 submitted to the Hyperledger Foundation needs to have a
 [Developer Certificate of Origin](http://developercertificate.org/) (DCO)
 sign-off.
--- a/docs/Concepts/ArchitectureOverview.md
+++ b/docs/Concepts/ArchitectureOverview.md
@ -1,12 +0,0 @@
 ---
 description: Hyperledger Besu architecture
 ---
 # Hyperledger Besu architecture
 The following diagram outlines the Hyperledger Besu high-level architecture.
 ![Architecture](../images/Architecture.png)
 For more information about the Hyperledger Besu architecture, contact us on the
 [Besu channel on Hyperledger Discord](https://discord.gg/hyperledger).
--- a/docs/Concepts/Mining.md
+++ b/docs/Concepts/Mining.md
@ -1,17 +0,0 @@
 ---
 description: Mining overview
 ---
 # Mining
 Hyperledger Besu supports CPU and GPU mining, which are
 [configured using command line options](../HowTo/Configure/Configure-Mining.md).
 GPU mining support testing used [Ethminer](https://github.com/ethereum-mining/ethminer) with the
 `stratum+tcp` and `getwork` schemes.
 Ethminer has been used with Hyperledger Besu to mine blocks on the [Ropsten testnet](https://ropsten.etherscan.io/address/0x2f14582947E292a2eCd20C430B46f2d27CFE213c#mine),
 [ETC Mainnet (uncle block only)](https://etc.tokenview.com/en/uncleblock/10555173) and Mordor ETC testnet.
 !!! note
    Some mining software supports the `getwork` scheme as the `http` scheme.
--- a/docs/Concepts/Network-vs-Node.md
+++ b/docs/Concepts/Network-vs-Node.md
@ -1,16 +0,0 @@
 ---
 description: Configuring Besu at the network level compared to the node level
 ---
 # Network vs node configuration
 You can configure Besu at the network level and the node level.
 Specify network-wide settings in the [genesis file](../Reference/Config-Items.md). For example,
 include `evmStackSize` or specify the
 [consensus mechanism](Consensus-Protocols/Overview-Consensus.md).
 Specify node settings on the command line or in the
 [node configuration file](../HowTo/Configure/Using-Configuration-File.md). For example, enable
 [JSON-RPC API methods](../Reference/API-Methods.md) or specify the
 [data directory](../Reference/CLI/CLI-Syntax.md#data-path) for the node.
--- a/docs/Concepts/Protocol-Upgrades.md
+++ b/docs/Concepts/Protocol-Upgrades.md
@ -1,30 +0,0 @@
 ---
 description: Protocol upgrades
 ---
 # Network upgrades in private networks
 Network upgrades are the mechanism for upgrading the Ethereum protocol. The time when the protocol
 upgrade occurs is the network upgrade.
 For the Ethereum Mainnet and public testnets (for example, Rinkeby), the milestone block
 definitions are in Hyperledger Besu. Upgrading your Besu client applies the network upgrade.
 For private networks, all network participants must agree on the protocol upgrades and then
 coordinate the network upgrades. The genesis file specifies the
 [milestone block](../Reference/Config-Items.md#milestone-blocks) at which to apply the
 [protocol upgrade](../HowTo/Upgrade/Upgrade-Protocol.md).
 ## Backward compatibility
 Some protocol upgrades include changes that might break existing contracts (for example, gas cost
 changes). Before upgrading your protocol, review included EIPs for possible impact. A
 [meta EIP](https://eips.ethereum.org/meta) for each protocol upgrade lists included EIPs. For
 example, [Istanbul](https://eips.ethereum.org/EIPS/eip-1679).
 !!! tip
    For compatibility with future protocol upgrades, do not hardcode any gas price assumptions.
    Implementing upgradeable contracts enables contracts to be upgraded if a protocol upgrade does
    include breaking changes.
--- a/docs/Concepts/Pruning.md
+++ b/docs/Concepts/Pruning.md
@ -1,22 +0,0 @@
 ---
 description: Pruning concept information.
 ---
 # Pruning
 In Besu, pruning reduces the storage required by removing state trie nodes that are unreachable
 from [recent blocks](../Reference/CLI/CLI-Syntax.md#pruning-blocks-retained).
 Pruning is disabled by default, and can be enabled with the
 [`--pruning-enabled`](../Reference/CLI/CLI-Syntax.md#pruning-enabled) command line option.
 !!! Important
    Using pruning with [private transactions](Privacy/Privacy-Overview.md) is not supported.
 Pruning might increase block import times, but it does not affect the ability of nodes to stay in
 sync.
 !!! Important
    Pruning is being deprecated for [Bonsai Tries](Data-Storage-Formats.md#bonsai-tries) and is currently not being updated.
--- a/docs/Concepts/TLS.md
+++ b/docs/Concepts/TLS.md
@ -1,22 +0,0 @@
 ---
 description: TLS overview
 ---
 # TLS communication
 Hyperledger Besu supports TLS to secure client and server communication, or [secure P2P communication] between nodes.
 !!! important
    To secure client and server communication, you also need to configure the client ([EthSigner](https://docs.ethsigner.consensys.net/en/latest/Concepts/TLS/))
    or server ([Tessera](https://docs.tessera.consensys.net/HowTo/Configure/TLS/)) for TLS.
 The following diagram displays an example client and server TLS configuration.
 ![Besu client and server TLS](../images/Besu_TLS.png)
 You must store private keys and certificates in password-protected PKCS12 keystore files.
 Use the command line options to [enable and configure](../HowTo/Configure/TLS/Configure-TLS.md) TLS.
 [secure P2P communication]: ../HowTo/Configure/TLS/P2P-TLS.md
--- a/docs/HowTo/Deploy/Bootnodes.md
+++ b/docs/HowTo/Deploy/Bootnodes.md
@ -1,57 +0,0 @@
 ---
 description: Configuring bootnodes in production networks
 ---
 # Configuring bootnodes in a production network
 A network must have at least one operating bootnode. To allow for continuity in the event of
 failure, configure two or more bootnodes.
 We do not recommend putting bootnodes behind a load balancer because the
 [enode](../../Concepts/Node-Keys.md#enode-url) relates to the node public key, IP address, and
 discovery ports. Any changes to a bootnode enode prevents other nodes from being able to establish
 a connection with the bootnode. This is why we recommend putting more bootnodes on the network
 itself.
 To ensure that a bootnode enode does not change when recovering from a complete bootnode failure:
 1. Create the [node key pair](../../Concepts/Node-Keys.md) (that is, the private and public key)
   before starting the bootnode.
 1. When creating bootnodes in the cloud (for example, AWS and Azure), attempt to assign a static IP
   address to them. If your network is:
    * Publicly accessible, assign an elastic IP.
    * Internal only, specify a private IP address when you create the instance and record this IP
      address.
 We recommend that you store the bootnode configuration under source control.
 ## Specifying bootnodes
 To allow for failure, specify all bootnodes on the command line (even to the bootnodes themselves).
 !!! example
    If your network has two bootnodes, pass the following parameter to all nodes, including the
    bootnodes.
    ```bash
    --bootnodes=enode://<publicKeyBootnode1>@<ipBootnode1>:30303,<publicKeyBootnode2>@<ipBootnode2>:30303
    ```
 !!! tip
    Having each bootnode list the other bootnodes increases the speed of discovery. Nodes ignore
    their own enode in the bootnodes list so it is not required to specify different bootnode lists
    to the bootnodes themselves.
 ## Adding and removing bootnodes
 Adding new bootnodes is a similar process to creating bootnodes. After creating the bootnodes and
 adding them to the network,update the [`--bootnodes`](../../Reference/CLI/CLI-Syntax.md#bootnodes)
 command line option for each node to include the new bootnodes.
 When adding bootnodes, you do not need to restart running nodes. By updating the
 [`--bootnodes`](../../Reference/CLI/CLI-Syntax.md#bootnodes) option, the next time you restart the
 nodes (for example, when [upgrading](../Upgrade/Upgrade-Node.md)), the nodes connect to the new
 bootnodes.
--- a/docs/HowTo/Deploy/Production.md
+++ b/docs/HowTo/Deploy/Production.md
@ -1,38 +0,0 @@
 ---
 description: Deploying Hyperledger Besu permissioning management dapp for production
 ---
 # Deploying the Hyperledger Besu permissioning management dapp for production
 To deploy the permissioning management dapp for production:
 1. Retrieve the most recent release (tarball or zip) from the [projects release page].
 1. Unpack the distribution into a directory available to your Web server.
 1. In the root of the unpack directory, add a file called `config.json` replacing the placeholders
   shown below.
    !!!example "`config.json`"
         ```json
         {
           "accountIngressAddress":  "<Address of the account ingress contract>",
           "nodeIngressAddress": "<Address of the node ingress contract>",
           "networkId": "<ID of your Ethereum network>"
         }
         ```
 1. On your Web server, host the contents of the directory as static files and direct root requests
   to `index.html`.
 ## Starting a production permissioned network
 Follow the procedure as for [Getting started with onchain permissioning], but do not perform the
 steps using `yarn` to install, build, and start the development server. Instead, follow the
 procedure above to deploy the permissioning management dapp to your Web server.
 <!-- Links -->
 [projects release page]: https://github.com/ConsenSys/permissioning-smart-contracts/releases/latest
 [Getting started with onchain permissioning]: ../../Tutorials/Permissioning/Getting-Started-Onchain-Permissioning.md
--- a/docs/HowTo/Find-and-Connect/Bootnodes.md
+++ b/docs/HowTo/Find-and-Connect/Bootnodes.md
@ -1,50 +0,0 @@
 ---
 description: Configuring bootnodoes
 ---
 # Bootnodes
 You can use bootnodes to initially discover peers.
 Bootnodes are regular nodes used to discover other nodes.
 !!! tip
    Bootnodes and static nodes are parallel methods for finding peers. Depending on your use case,
    you can use only bootnodes, only static nodes, or both bootnodes and statics nodes. For
    example, you run multiple nodes on Mainnet (discovery using bootnodes), but want to ensure your
    nodes are always connected (using static nodes).
    To find peers, configure one or more bootnodes as described below. To configure a specific set
    of peer connections, use [static nodes](Static-Nodes.md).
 ## Mainnet and public testnets
 For Mainnet and the Rinkeby, Ropsten, Sepolia, and Goerli testnets, Hyperledger Besu has an internal list of
 enode URLs and uses this list automatically when you specify the
 [`--network`](../../Reference/CLI/CLI-Syntax.md#network) option.
 ## Private networks
 In private networks for development or testing purposes, specify at least one bootnode.
 In production networks, [configure two or more nodes as bootnodes](../Deploy/Bootnodes.md).
 ### Specify a bootnode
 To start a node, specifying a bootnode [enode](../../Concepts/Node-Keys.md) for P2P discovery,
 using the [`--bootnodes`](../../Reference/CLI/CLI-Syntax.md#bootnodes) option.
 !!! example
    ```bash
    besu --genesis-file=privateNetworkGenesis.json --data-path=nodeDataPath --bootnodes=enode://c35c3ec90a8a51fd5703594c6303382f3ae6b2ecb99bab2c04b3794f2bc3fc2631dabb0c08af795787a6c004d8f532230ae6e9925cbbefb0b28b79295d615f@127.0.0.1:30303
    ```
 The default host and port advertised to other peers for P2P discovery is `127.0.0.1:30303`. To
 specify a different host or port, use the
 [`--p2p-host`](../../Reference/CLI/CLI-Syntax.md#p2p-host) and
 [`--p2p-port`](../../Reference/CLI/CLI-Syntax.md#p2p-port) options.
 By default, peer discovery listens on all available network interfaces. If the device Besu is
 running on must bind to a specific network interface, specify the interface using the
 [`--p2p-interface`](../../Reference/CLI/CLI-Syntax.md#p2p-interface) option.
--- a/docs/HowTo/Find-and-Connect/Configuring-Ports.md
+++ b/docs/HowTo/Find-and-Connect/Configuring-Ports.md
@ -1,61 +0,0 @@
 ---
 description: To enable communication you must expose Hyperledger Besu ports appropriately
 ---
 # Configuring ports
 To enable communication you must expose Hyperledger Besu ports appropriately. The following shows
 an example port configuration for a Besu node on AWS.
 ![Port Configuration](../../images/PortConfiguration.png)
 When running Besu from the [Docker image](../Get-Started/Installation-Options/Run-Docker-Image.md),
 [expose ports](../Get-Started/Installation-Options/Run-Docker-Image.md#exposing-ports).
 !!! tip
    Besu supports [UPnP](Specifying-NAT.md) for home or small office environments where a wireless
    router or modem provides NAT isolation.
 ## P2P networking
 To enable peer discovery, the P2P UDP port must be open for inbound connections. Specify the P2P
 port using the [`--p2p-port`](../../Reference/CLI/CLI-Syntax.md#p2p-port) option. The default is
 `30303`.
 We also recommend opening the P2P TCP port for inbound connections. This is not strictly required
 because Besu attempts to open outbound TCP connections. But if no nodes on the network are
 accepting inbound TCP connections, nodes cannot communicate.
 Combine the P2P port with the values for the
 [`--p2p-host`](../../Reference/CLI/CLI-Syntax.md#p2p-host) and
 [`--p2p-interface`](../../Reference/CLI/CLI-Syntax.md#p2p-interface) options when specifying the
 [P2P host](../../Reference/CLI/CLI-Syntax.md#p2p-host) and
 [P2P network interface](../../Reference/CLI/CLI-Syntax.md#p2p-interface).
 !!! info
    By default, peer discovery listens on `0.0.0.0:30303` (all interfaces). If the device Besu is
    running on must bind to a specific network interface, specify the interface using the
    [`--p2p-interface`](../../Reference/CLI/CLI-Syntax.md#p2p-interface) option.
 ## JSON-RPC API
 To enable access to the [JSON-RPC API](../Interact/APIs/Using-JSON-RPC-API.md), open the HTTP
 JSON-RPC and WebSockets JSON-RPC ports to the intended users of the JSON-RPC API on TCP.
 Specify the HTTP and WebSockets JSON-RPC ports using the
 [`--rpc-http-port`](../../Reference/CLI/CLI-Syntax.md#rpc-http-port) and
 [`--rpc-ws-port`](../../Reference/CLI/CLI-Syntax.md#rpc-ws-port) options. The defaults are `8545`
 and `8546`.
 ## Metrics
 To enable
 [Prometheus to access Besu](../Monitor/Metrics.md#monitor-node-performance-using-prometheus), open
 the metrics port or metrics push port to Prometheus or the Prometheus push gateway on TCP.
 Specify the ports for Prometheus and Prometheus push gateway using the
 [`--metrics-port`](../../Reference/CLI/CLI-Syntax.md#metrics-port) and
 [`--metrics-push-port`](../../Reference/CLI/CLI-Syntax.md#metrics-push-port) options. The defaults
 are `9545` and `9001`.
--- a/docs/HowTo/Get-Started/Installation-Options/Options.md
+++ b/docs/HowTo/Get-Started/Installation-Options/Options.md
@ -1,17 +0,0 @@
 ---
 title: Installation options
 description: Options for getting started with Hyperledger Besu
 ---
 # Options for getting started
 ## New to Hyperledger Besu?
 Get started with the [Developer Quickstart](../../../Tutorials/Developer-Quickstart.md).
 Use the quickstart to rapidly generate local blockchain networks.
 ## Installation options
 * [Docker image](Run-Docker-Image.md)
 * [Binaries](Install-Binaries.md)
 * [Build from source](Build-from-source.md)
--- a/docs/HowTo/Get-Started/migrate-to-besu.md
+++ b/docs/HowTo/Get-Started/migrate-to-besu.md
@ -1,17 +0,0 @@
 ---
 description: Migrate to Besu guide
 ---
 # Migrate to Besu
 Migrate from a different Ethereum [execution client](../../Concepts/Merge.md#execution-and-consensus-clients)
 to Besu to contribute to [client diversity](https://clientdiversity.org/).
 When migrating from a different client, you are [configuring Besu as an execution client](../Upgrade/Prepare-for-The-Merge.md#configure-besu-as-an-execution-client)
 and connecting your [consensus client](../../Concepts/Merge.md#consensus-clients) to Besu instead of your original execution client.
 To minimize downtime while [Besu syncs](../../Concepts/Node-Types.md) and avoid downtime penalties,
 you can sync Besu with a new consensus layer instance.
 Once Besu has fully synced you can connect it to your existing consensus client.
 Find guides to switch from specific clients on the [client diversity website](https://clientdiversity.org/#switch).
--- a/docs/HowTo/Limit-Access/Specify-Perm-Version.md
+++ b/docs/HowTo/Limit-Access/Specify-Perm-Version.md
@ -1,20 +0,0 @@
 ---
 description: Specify the permissioning interface version
 ---
 # Specify the permissioning contract interface version
 Use the [`--permissions-nodes-contract-version`](../../Reference/CLI/CLI-Syntax.md#permissions-nodes-contract-version)
 command line option to specify the version of the [permissioning contract interface](../../Concepts/Permissioning/Onchain-Permissioning.md#permissioning-contracts).
 The default is 1.
 Specify the contract interface version that maps to the version of the [Enterprise Ethereum Alliance Client Specification](https://entethalliance.org/technical-specifications/)
 the contract interface implements.
 |         | EEA Client Specification | Contract interface |
 |:--------|:-------------------------|:-------------------|
 | Version | 5                        | 1                  |
 | Version | 6                        | 2                  |
 The permissioning contracts in the [`ConsenSys/permissioning-smart-contracts`](https://github.com/ConsenSys/permissioning-smart-contracts)
 repository implement the version 2 contract interface.
--- a/docs/HowTo/Limit-Access/Updating-Permission-Lists.md
+++ b/docs/HowTo/Limit-Access/Updating-Permission-Lists.md
@ -1,78 +0,0 @@
 ---
 description: Updating Hyperledger Besu onchain allowlists
 ---
 # Updating nodes and accounts allowlists
 When using [onchain permissioning](../../Concepts/Permissioning/Onchain-Permissioning.md), you can update
 [nodes](#update-nodes-allowlist) and [accounts](#update-accounts-allowlist) allowlists.
 ## Update nodes allowlist
 To add a node to the Hyperledger Besu nodes allowlist:
 1. On the **Nodes** tab of the [permissioning management dapp](../../Tutorials/Permissioning/Getting-Started-Onchain-Permissioning.md),
   select **Add Node**.
   The **Add Node** window displays.
 2. Enter the [enode URL](../../Concepts/Node-Keys.md#enode-url) of the node you are adding and select **Add Node**.
 !!! tip
    If your node has two different IP addresses for ingress and egress
    (for example, if you use Kubernetes implementing a load balancer for ingress and a NAT gateway IP address for egress),
    add both addresses to the allowlist, using the same public key for each IP address. This will allow the node to connect.
 !!! important
    Node allowlists [support domain names] in enode URLs as an experimental feature. Use the `--Xdns-enabled` option
    to enable domain name support.
    If using Kubernetes, enable domain name support and use the `--Xdns-update-enabled` option to ensure that Besu can
    connect to a container after being restarted, even if the IP address of the container changes.
 To remove a node from the nodes allowlist:
 1. On the **Nodes** tab of the permissioning management dapp, hover over the row of the
   node you are removing. A trash can displays.
 1. Select the trash can.
 !!! tip
    If you add a running node, the node does not attempt to reconnect to the bootnode and
    synchronize until peer discovery restarts. To add an allowlisted node as a peer without waiting
    for peer discovery to restart, use
    [`admin_addPeer`](../../Reference/API-Methods.md#admin_addpeer).
    If you add the node to the allowlist before starting the node, using `admin_addPeer` is not
    required because peer discovery is run on node startup.
 !!! tip
    If nodes are not connecting as expected, set the [log level to `TRACE`](../../Reference/CLI/CLI-Syntax.md#logging)
    and search for messages containing `Node permissioning` to identify the issue.
    Ensure the [`--p2p-host`](../../Reference/CLI/CLI-Syntax.md#p2p-host) command line option has been
    correctly configured for all nodes with the
    externally accessible address.
    If you change your network configuration, you may need to update the node allowlist.
 ## Update accounts allowlist
 To add an account to the accounts allowlist:
 1. On the **Accounts** tab of the [permissioning management dapp](../../Tutorials/Permissioning/Getting-Started-Onchain-Permissioning.md),
   select **Add Account**. The **Add Account** window displays.
 1. Enter the account address in the **Account Address** field and select **Add Account**.
 To remove an account from the accounts allowlist:
 1. On the **Accounts** tab of the permissioning management dapp, hover over the row of
   the account you are removing. A trash can displays.
 1. Select the trash can.
 ## Update admins
 You can add or remove admins in the same way as [accounts](#update-accounts-allowlist), except on the **Admins** tab.
 [support domain names]: ../../Concepts/Node-Keys.md#domain-name-support
--- a/docs/HowTo/Send-Transactions/Account-Management.md
+++ b/docs/HowTo/Send-Transactions/Account-Management.md
@ -1,27 +0,0 @@
 ---
 description: Using third party wallets for account management with Hyperledger Besu
 ---
 # Using wallets for key management
 Hyperledger Besu does not support key management inside the client. Use:
 * [EthSigner](http://docs.ethsigner.consensys.net/en/latest/) with Besu to provide access to your
  key store and sign transactions.
 * Third-party tools (for example, [MetaMask](https://metamask.io/) and [web3j](https://web3j.io/))
  for creating accounts.
 In Besu, you can use the JSON-RPC methods:
 * [`eth_getBalance`](../../Reference/API-Methods.md#eth_getbalance) to retrieve the account balance.
 * [`eth_sendRawTransaction`](../../Reference/API-Methods.md#eth_sendrawtransaction) to transfer
  ether or create and interact with contracts. For more information, see
  [Transactions](Transactions.md#transactions)).
 * [`eea_sendRawTransaction`](../../Reference/API-Methods.md#eea_sendrawtransaction) to send
  [private transactions](Creating-Sending-Private-Transactions.md).
 !!! tip
    [EthSigner](http://docs.ethsigner.consensys.net/en/latest/) implements
    [`eth_sendTransaction`](http://docs.ethsigner.consensys.net/en/latest/Using-EthSigner/Using-EthSigner/#eth_sendtransaction)
    and [`eea_sendTransaction`](http://docs.ethsigner.consensys.net/en/latest/Using-EthSigner/Using-EthSigner/#eea_sendtransaction).
--- a/docs/HowTo/Troubleshoot/Trace-Transactions.md
+++ b/docs/HowTo/Troubleshoot/Trace-Transactions.md
@ -1,48 +0,0 @@
 ---
 description: How to trace transactions
 ---
 # Trace transactions
 To get detailed information about transaction processing, use the
 [`TRACE` API](../../Reference/API-Methods.md#trace-methods).
 Enable the `TRACE` API using the
 [`--rpc-http-api`](../../Reference/CLI/CLI-Syntax.md#rpc-http-api) or
 [`--rpc-ws-api`](../../Reference/CLI/CLI-Syntax.md#rpc-ws-api) command line options.
 The `TRACE` API has two sets of trace calls, [ad-hoc tracing APIs](#ad-hoc-tracing-apis) and
 [transaction-trace filtering APIs](#transaction-trace-filtering-apis).
 ## Ad-hoc tracing APIs
 These APIs allow different diagnostic options when tracing calls or transactions.
 The options are [`trace`, `vmTrace`, or `stateDiff`](../../Reference/Trace-Types.md).
 To use the ad-hoc tracing APIs, the requested block or transaction must be within the
 number of [blocks retained](../../Reference/CLI/CLI-Syntax.md#pruning-blocks-retained) with [pruning enabled](../../Reference/CLI/CLI-Syntax.md#pruning-enabled)
 (by default, 1024).
 The ad-hoc tracing APIs are:
 * [trace_call](../../Reference/API-Methods.md#trace_call)
 * [trace_callMany](../../Reference/API-Methods.md#trace_callmany)
 * [trace_rawTransaction](../../Reference/API-Methods.md#trace_rawtransaction)
 * [trace_replayBlockTransactions](../../Reference/API-Methods.md#trace_replayblocktransactions)
 ## Transaction-trace filtering APIs
 These APIs allow you to filter and search by specific information such as the block, address, or transaction.
 These APIs only use the [`trace` type](../../Reference/Trace-Types.md#trace).
 To use the transaction-trace filtering APIs, your node must be an archive node
 (that is, synchronized without pruning or fast sync) or the
 requested block or transaction must be within the
 number of [blocks retained](../../Reference/CLI/CLI-Syntax.md#pruning-blocks-retained) with [pruning enabled](../../Reference/CLI/CLI-Syntax.md#pruning-enabled)
 (by default, 1024).
 The transaction-trace filtering APIs are:
 * [trace_block](../../Reference/API-Methods.md#trace_block)
 * [trace_filter](../../Reference/API-Methods.md#trace_filter)
 * [trace_get](../../Reference/API-Methods.md#trace_get)
 * [trace_transaction](../../Reference/API-Methods.md#trace_transaction)
--- a/docs/HowTo/Upgrade/Upgrade-Protocol.md
+++ b/docs/HowTo/Upgrade/Upgrade-Protocol.md
@ -1,25 +0,0 @@
 ---
 description: Upgrading protocol versions
 ---
 # Upgrading your protocol in a private network
 To [upgrade the protocol](../../Concepts/Protocol-Upgrades.md) (also known as a hard fork) in a
 private network:
 1. Review included EIPs for breaking changes. A [meta EIP](https://eips.ethereum.org/meta) for each
   protocol upgrade lists included EIPs. For example,
   [Istanbul](https://eips.ethereum.org/EIPS/eip-1679).
 1. Network participants agree on the block number at which to
   [upgrade](../../Concepts/Protocol-Upgrades.md).
 1. For each node in the network:
     a. Add the
        [milestone block number](../../Reference/Config-Items.md#milestone-blocks) to the genesis
        file.
     b. Restart the node before reaching milestone block.
 !!! caution
    To avoid a forked network, all network participants must update their genesis file to include
    the agreed on milestone block and restart their node before reaching the milestone block.
--- a/docs/Reference/Resources.md
+++ b/docs/Reference/Resources.md
@ -1,47 +0,0 @@
 ---
 description: Hyperledger Besu resources including blog posts, webinars, and meetup recordings.
 ---
 # Hyperledger Besu resources
 ## Blog posts
 [ConsenSys Quorum Blog]
 [Understanding Proof of Authority via Clique and IBFT 2.0 Private Networks]
 [Security Challenges for Enterprise Blockchain Solutions]
 [Why We Rebuilt Ethereum from Scratch]
 [Why Java for Blockchain]
 [Case Study: How Poste Italiane brings value to loyalty with Hyperledger Besu]
 ## Webinars
 [Besu Plugin API: Learn How to Leverage Plugin APIs on Hyperledger Besu]
 [Permissioning in Blockchain: A Technical Look at Benefits and Best Practices]
 [Privacy in Besu: How PegaSys Redefined Blockchain for Enterprises]
 [The Final Word: IBFT 2.0 and Enterprise Consensus]
 [De-Mystifying Besu: Understanding an Ethereum Codebase]
 [Getting Started with Besu]
 <!-- Links -->
 [Consensys Quorum Blog]: https://consensys.net/quorum/blog/
 [Understanding Proof of Authority via Clique and IBFT 2.0 Private Networks]: https://consensys.net/blog/quorum/hyperledger-besu-understanding-proof-of-authority-via-clique-and-ibft-2-0-private-networks-part-1/
 [Security Challenges for Enterprise Blockchain Solutions]: https://consensys.net/blog/enterprise-blockchain/how-pegasys-orchestrate-solves-4-key-security-challenges-for-enterprise-blockchain-solutions/
 [Why We Rebuilt Ethereum from Scratch]: https://media.consensys.net/why-we-rebuilt-ethereum-from-scratch-9e38b6ebd4a2
 [Why Java for Blockchain]: https://media.consensys.net/why-java-for-blockchain-73f1b444c2d
 [Besu Plugin API: Learn How to Leverage Plugin APIs on Hyperledger Besu]: https://youtu.be/78sa2WuA1rg
 [Permissioning in Blockchain: A Technical Look at Benefits and Best Practices]: https://www.youtube.com/watch?v=CD0pHtNDqZs
 [Privacy in Besu: How PegaSys Redefined Blockchain for Enterprises]: https://www.youtube.com/watch?v=8l7SSZLyFL8
 [The Final Word: IBFT 2.0 and Enterprise Consensus]: https://www.youtube.com/watch?v=YmTUP_dWfME
 [De-Mystifying Besu: Understanding an Ethereum Codebase]: https://www.youtube.com/watch?v=OJfib9kTK7U&feature=youtu.be
 [Getting Started with Besu]: https://www.youtube.com/watch?v=OKWBr94J9rY&t=1s
 [Case Study: How Poste Italiane brings value to loyalty with Hyperledger Besu]: https://www.hyperledger.org/learn/publications/posteitaliane-case-study
--- a/docs/global/concepts/Network-vs-Node.md
+++ b/docs/global/concepts/Network-vs-Node.md
@ -0,0 +1,16 @@
 ---
 description: Configuring Besu at the network level compared to the node level
 ---
 # Network vs node configuration
 You can configure Besu at the network level and the node level.
 Specify network-wide settings in the [genesis file](../../public-networks/reference/genesis-items.md). For example,
 include `evmStackSize` or specify the
 [consensus mechanism](../../private-networks/how-to/configure/consensus/index.md).
 Specify node settings on the command line or in the
 [node configuration file](../../public-networks/how-to/configuration-file.md). For example, enable
 [JSON-RPC API methods](../../public-networks/reference/api/index.md) or specify the
 [data directory](../../public-networks/reference/cli/options.md#data-path) for the node.
--- a/docs/global/concepts/Pruning.md
+++ b/docs/global/concepts/Pruning.md
@ -0,0 +1,22 @@
 ---
 description: Pruning concept information.
 ---
 # Pruning
 In Besu, pruning reduces the storage required by removing state trie nodes that are unreachable
 from [recent blocks](../../public-networks/reference/cli/options.md#pruning-blocks-retained).
 Pruning is disabled by default, and can be enabled with the
 [`--pruning-enabled`](../../public-networks/reference/cli/options.md#pruning-enabled) command line option.
 !!! Important
 Using pruning with [private transactions] is not supported.
 Pruning might increase block import times, but it does not affect the ability of nodes to stay in
 sync.
 !!! Important
 Pruning is being deprecated for [Bonsai Tries] and is currently not being updated.
--- a/docs/global/how-to/troubleshoot/Troubleshooting.md
+++ b/docs/global/how-to/troubleshoot/Troubleshooting.md
@ -10,18 +10,18 @@ If Hyperledger Besu is not working as expected, here are some things to check or
 If a `Supplied genesis block does not match stored chain data` error occurs, use the genesis file
 matching the genesis block of the data directory, or use the
-[`--data-path`](../../Reference/CLI/CLI-Syntax.md#data-path) option to specify a different data
+[`--data-path`](../../../public-networks/reference/cli/options.md#data-path) option to specify a different data
 directory.
 ## Invalid block header
-If a `TimeStampMoreRecentThanParent | Invalid block header` error occurs, the [genesis file](../Configure/Genesis-File.md) of the new node is specifying a higher
+If a `TimeStampMoreRecentThanParent | Invalid block header` error occurs, the [genesis file](../../../public-networks/concepts/genesis-file.md) of the new node is specifying a higher
-[`blockperiodseconds`](../Configure/Consensus-Protocols/IBFT.md#block-time) than the imported chain.
+[`blockperiodseconds`](../../../private-networks/how-to/configure/consensus/ibft.md#block-time) than the imported chain.
 The imported chain makes new blocks faster than the genesis file allows and Besu rejects them with this error.
 This error most often occurs when importing chains from older versions of Besu.
-To correct this error, decrease the `blockperiodseconds` in the new [IBFT 2.0 genesis file](../Configure/Consensus-Protocols/IBFT.md#genesis-file)
+To correct this error, decrease the `blockperiodseconds` in the new [IBFT 2.0 genesis file](../../../private-networks/how-to/configure/consensus/ibft.md#genesis-file)
-or [QFBT genesis file](../Configure/Consensus-Protocols/QBFT.md#genesis-file) to a lower value that satisfies the block header validation.
+or [QFBT genesis file](../../../private-networks/how-to/configure/consensus/qbft.md#genesis-file) to a lower value that satisfies the block header validation.
 !!! example
@ -29,26 +29,26 @@ or [QFBT genesis file](../Configure/Consensus-Protocols/QBFT.md#genesis-file) to
    decrease the `blockperiodseconds` from 4 seconds to 3 seconds to match the imported chain.
 After you have updated the new genesis file, if the imported chain has a `blockperiodseconds` value set lower than you prefer, you can adjust it by configuring the block time on an
-[existing IBFT 2.0](../Configure/Consensus-Protocols/IBFT.md#configure-block-time-on-an-existing-network-deployment)
+[existing IBFT 2.0](../../../private-networks/how-to/configure/consensus/ibft.md#configure-block-time-on-an-existing-network-deployment)
-or [existing QBFT](../Configure/Consensus-Protocols/QBFT.md#configure-block-time-on-an-existing-network) network.
+or [existing QBFT](../../../private-networks/how-to/configure/consensus/qbft.md#configure-block-time-on-an-existing-network) network.
 ## Host not authorized
 If a `Host not authorized` error occurs when attempting to access the JSON-RPC API, ensure
-[`--host-allowlist`](../../Reference/CLI/CLI-Syntax.md#host-allowlist) includes the host you are
+[`--host-allowlist`](../../../public-networks/reference/cli/options.md#host-allowlist) includes the host you are
 sending the RPC from, or `*`.
 ## Peers fail to connect
 If nodes are not communicating, ensure the
-[required ports are open](../../HowTo/Find-and-Connect/Configuring-Ports.md).
+[required ports are open](../../../public-networks/how-to/connect/configure-ports.md).
 If your nodes are running in AWS, check you have appropriate `SecurityGroups` to allow access to
 the required ports.
-Check that the [enode URLs](../../Concepts/Node-Keys.md#enode-url) specified for
+Check that the [enode URLs](../../../public-networks/concepts/node-keys.md#enode-url) specified for
-[bootnodes](../Find-and-Connect/Bootnodes.md) or
+[bootnodes](../../../private-networks/how-to/configure/bootnodes.md) or
-[static nodes](../Find-and-Connect/Static-Nodes.md) match the enode URLs displayed when starting the
+[static nodes](../../../public-networks/how-to/connect/static-nodes.md) match the enode URLs displayed when starting the
 remote nodes.
 ## Mining
@ -68,23 +68,23 @@ On non-mining nodes, log messages indicate importing blocks.
 ```
 To confirm the block number is increasing, use the
-[`eth_blockNumber`](../../Reference/API-Methods.md#eth_blocknumber) JSON-RPC API method.
+[`eth_blockNumber`](../../../public-networks/reference/api/index.md#eth_blocknumber) JSON-RPC API method.
-If there is no block creating in [Clique](../Configure/Consensus-Protocols/Clique.md#extra-data)
+If there is no block creating in [Clique](../../../private-networks/how-to/configure/consensus/clique.md#extra-data)
-or [IBFT 2.0](../Configure/Consensus-Protocols/IBFT.md#extra-data) networks, ensure the validator
+or [IBFT 2.0](../../../private-networks/how-to/configure/consensus/ibft.md#extra-data) networks, ensure the validator
 addresses in the genesis file match running nodes.
 ## Transactions are not mined
 If you add a transaction to the
-[transaction pool](../../Concepts/Transactions/Transaction-Pool.md) and the transaction hash
+[transaction pool](../../../public-networks/concepts/transactions/pool.md) and the transaction hash
 returns, but the transaction is never mined, check the
-[`--min-gas-price`](../../Reference/CLI/CLI-Syntax.md#min-gas-price) option on mining nodes. If the
+[`--min-gas-price`](../../../public-networks/reference/cli/options.md#min-gas-price) option on mining nodes. If the
-`gasPrice` on a [transaction](../Send-Transactions/Transactions.md) is lower than the
+`gasPrice` on a [transaction](../../../public-networks/how-to/send-transactions.md) is lower than the
 `min-gas-price` for the mining node, the transaction will never mine.
-In [free gas networks](../Configure/FreeGas.md), you must set
+In [free gas networks](../../../private-networks/how-to/configure/free-gas.md), you must set
-[`--min-gas-price`](../../Reference/CLI/CLI-Syntax.md#min-gas-price) to zero.
+[`--min-gas-price`](../../../public-networks/reference/cli/options.md#min-gas-price) to zero.
 ## Genesis milestone
@ -101,11 +101,11 @@ hyphens.
 ## Logging
 Restart Besu with the command line option
-[`--logging=TRACE`](../../Reference/CLI/CLI-Syntax.md#logging) and look at the log files.
+[`--logging=TRACE`](../../../public-networks/reference/cli/options.md#logging) and look at the log files.
 ## Pending State Nodes not decreasing for a full node in Grafana
-During [fast synchronization](../../Concepts/Node-Types.md#run-a-full-node) for a full node, the
+During [fast synchronization](../../../public-networks/how-to/connect/sync-node.md#run-a-full-node) for a full node, the
 Pending State Nodes count is the number of nodes yet to be downloaded, and it should change
 constantly. Pending State Nodes trend to 0 during fast synchronization and then goes to 0.
@ -115,7 +115,7 @@ In the following example the Pivot Block is 0 (zero) and the Pending State Nodes
 This means the node isn't syncing against any peers. The fact that state nodes have been downloaded
 means at some stage it was syncing.
-![Fast synchronization](../../images/fastsync.png)
+![Fast synchronization](../../../images/fastsync.png)
 The easiest solution in this scenario is to restart fast synchronization to obtain a new
 pivot block.
@ -172,7 +172,7 @@ sudo mount /dev/urandom /dev/random -o bind
 ## Quorum Developer Quickstart not working on Apple M1 chip
-The [Quorum Developer Quickstart](../../Tutorials/Developer-Quickstart.md) does not currently support
+The [Quorum Developer Quickstart](../../../private-networks/tutorials/quickstart.md) does not currently support
 the Apple M1 chip. The quickstart starts up on machines that use the chip, but may show the
 following symptoms:
@ -188,7 +188,7 @@ following symptoms:
 ## Unsupported address exception while running from Docker
-While [running Besu from a Docker image](../../HowTo/Get-Started/Installation-Options/Run-Docker-Image.md), you might get the following exception:
+While [running Besu from a Docker image], you might get the following exception:
 ```bash
 Unsupported address type exception when connecting to peer {}, this is likely due to ipv6 not being enabled at runtime.
--- a/docs/index.md
+++ b/docs/index.md
@ -5,7 +5,10 @@ description: Besu is an open-source Ethereum client developed under the Apache 2
    networks.
 ---
-# Besu Ethereum client
+# Hyperledger Besu Ethereum client
 Hyperledger Besu is an open source Ethereum client developed under the Apache 2.0 license and written in Java.
 It runs on public and private networks:
 <div class="grid cards" markdown>
@ -13,51 +16,31 @@ description: Besu is an open-source Ethereum client developed under the Apache 2
    ---
-    You can run Besu as an execution client on Ethereum Mainnet and Ethereum public testnets, such as Goerli and Sepolia.
+    Run Besu as an execution client on Ethereum Mainnet and Ethereum public testnets, such as Goerli and Sepolia.
-    [:octicons-arrow-right-24: Getting started](HowTo/Get-Started/System-Requirements/System-Requirements-Public.md)
+    [:octicons-arrow-right-24: Get started](public-networks/index.md)
 * :material-book-lock-outline: __Private networks__
    ---
-    You can create or join a network not connected to Mainnet or a public testnet. Use private networks to develop enterprise applications requiring secure, high-performance transaction processing.
+    Create or join a private, permissioned network. Use private networks to develop enterprise applications requiring secure, high-performance transaction processing.
-    [:octicons-arrow-right-24: Getting started](HowTo/Get-Started/System-Requirements/System-Requirements-Private.md)
+    [:octicons-arrow-right-24: Get started](private-networks/index.md)
 </div>
 ## What is Hyperledger Besu?
 Hyperledger Besu is an open-source Ethereum client developed under the Apache 2.0 license and written in Java.
 It runs on Ethereum Mainnet, private networks, and test networks such as Rinkeby, Ropsten, Goerli, and the Merge testnet.
 Besu serves as an [execution client](Concepts/Merge.md) on Ethereum Mainnet and the Merge testnet.
 Besu implements proof of authority (QBFT, IBFT 2.0, and Clique) and proof of work (Ethash) consensus mechanisms.
 You can use Besu to develop enterprise applications requiring secure, high-performance transaction
 processing in a private network.
 Besu supports enterprise features including privacy and permissioning.
 ## What can you do with Besu?
-Besu includes a [command line interface](Reference/CLI/CLI-Syntax.md) and
+Besu includes a [command line interface](public-networks/reference/cli/options.md) and
-[JSON-RPC API](HowTo/Interact/APIs/API.md) for running, maintaining, debugging, and monitoring
+[JSON-RPC API](public-networks/how-to/use-besu-api/index.md) for running, maintaining, debugging, and monitoring
-nodes in an Ethereum network. You can use the API via RPC over HTTP or via WebSockets. Besu also
+nodes in an Ethereum network. You can use the API via RPC over HTTP or via WebSocket. Besu also
 supports Pub/Sub. The API supports typical Ethereum functionalities such as:
 * Ether mining.
 * Smart contract development.
 * Decentralized application (dapp) development.
 ## New to Ethereum?
 Get started with the [Developer Quickstart](Tutorials/Developer-Quickstart.md). Use the quickstart
 to rapidly generate local blockchain networks.
 Learn more about [use cases for Ethereum](https://consensys.net/blockchain-use-cases/case-studies/).
 ## What does Besu support?
 The Besu client supports common smart contract and dapp development, deployment, and operational
@ -65,6 +48,15 @@ use cases, using tools such as [Truffle](http://truffleframework.com/),
 [Remix](https://github.com/ethereum/remix), and [web3j](https://web3j.io/). The client supports
 common JSON-RPC API methods such as `eth`, `net`, `web3`, `debug`, and `miner`.
-Besu doesn't support [key management](HowTo/Send-Transactions/Account-Management.md) inside the
+Besu doesn't support [key management](public-networks/how-to/send-transactions.md) inside the
 client. You can use [EthSigner](http://docs.ethsigner.consensys.net/en/latest/) with Besu to access
 your key store and sign transactions.
 ## Besu architecture
 The following diagram outlines the Besu high-level architecture.
 ![Architecture](images/Architecture.png)
 If you have any questions about Besu or its architecture, contact us on the
 [Besu channel on Hyperledger Discord](https://discord.gg/hyperledger).
--- a/docs/private-networks/concepts/index.md
+++ b/docs/private-networks/concepts/index.md
@ -0,0 +1,19 @@
 ---
 description: private networks concepts overview
 ---
 # Concepts
 This section provides background information and context about private network features.
 The following features are shared with [public networks](../../public-networks/index.md) and the
 content can be found in the public networks section:
 - Transactions:
    - [Transaction types](../../public-networks/concepts/transactions/types.md)
    - [Transaction pool](../../public-networks/concepts/transactions/pool.md)
    - [Transaction validation](../../public-networks/concepts/transactions/validation.md)
 - [Network ID and chain ID](../../public-networks/concepts/network-and-chain-id.md)
 - [Events and logs](../../public-networks/concepts/events-and-logs.md)
 - [Genesis file](../../public-networks/concepts/genesis-file.md)
 - [Node keys](../../public-networks/concepts/node-keys.md)
--- a/docs/private-networks/concepts/permissioning/index.md
+++ b/docs/private-networks/concepts/permissioning/index.md
@ -16,13 +16,13 @@ specified nodes and accounts to access the network.
    action to prevent the bad actor adding to the chain but they cannot prevent the bad actor from
    allowing access to the chain.
-    Besu also implements [privacy](../Privacy/Privacy-Overview.md).
+    Besu also implements [privacy](../privacy/index.md).
 ## Node permissioning
 Use node permissioning to restrict access to known participants only.
-![Node Permissioning](../../images/node-permissioning-bad-actor.png)
+![Node Permissioning](../../../images/node-permissioning-bad-actor.png)
 ## Account permissioning
@ -33,15 +33,15 @@ Use account permissioning to:
 * Exclude broken contracts using a denylist.
 * Restrict the actions an account can perform.
-![Account Permissioning](../../images/enterprise-ethereum-account-permissioning.png)
+![Account Permissioning](../../../images/enterprise-ethereum-account-permissioning.png)
-## Specifying permissioning
+## Specify permissioning
 You can specify permissioning [locally](#local) or [onchain](#onchain).
 ### Local
-[Local permissioning](../../HowTo/Limit-Access/Local-Permissioning.md) works at the node level.
+[Local permissioning](../../how-to/use-permissioning/local.md) works at the node level.
 Each node in the network has a [permissions configuration file].
 Local permissioning affects your node but not the rest of the network. Use local permissioning to
@ -53,7 +53,7 @@ immediately to protect your node. Your rules are not enforced in blocks produced
 ### Onchain
-[Onchain permissioning](Onchain-Permissioning.md) works through a smart contract on the network.
+[Onchain permissioning](onchain.md) works through a smart contract on the network.
 Specifying permissioning onchain enables all nodes to read and update permissioning configuration
 from one location.
@ -66,7 +66,7 @@ by the updated rules. For example, blocked accounts can no longer add transactio
 The following diagram illustrates applying local and onchain permissioning rules.
-![Permissioning Flow](../../images/PermissioningFlow.png)
+![Permissioning Flow](../../../images/PermissioningFlow.png)
 <!-- Links -->
-[permissions configuration file]: ../../HowTo/Limit-Access/Local-Permissioning.md#permissions-configuration-file
+[permissions configuration file]: ../../how-to/use-permissioning/local.md#permissions-configuration-file
--- a/docs/private-networks/concepts/permissioning/onchain.md
+++ b/docs/private-networks/concepts/permissioning/onchain.md
@ -4,7 +4,7 @@ description: Onchain permissioning
 # Onchain permissioning
-Onchain [permissioning](Permissioning-Overview.md) uses smart contracts to store and administer the node, account, and admin
+Onchain [permissioning](index.md) uses smart contracts to store and administer the node, account, and admin
 allowlists. Using onchain permissioning enables all nodes to read the allowlists from a single
 source, the blockchain.
@ -43,8 +43,7 @@ The permissioning smart contracts provided in the
    The permissioning contract has multiple interfaces, and each interface maps to a specific
    version of the [Enterprise Ethereum Alliance Client Specification](https://entethalliance.org/technical-specifications/).
-    Ensure that you specify the [permissioning contract interface](../../HowTo/Limit-Access/Specify-Perm-Version.md)
+    Ensure that you [specify the permissioning contract interface] being used when starting Besu.
    being used when starting Besu.
 ## Permissioning management dapp
@ -61,20 +60,20 @@ Permissioning implements three allowlists:
 !!! caution "Using account permissioning and privacy"
    Account permissioning is incompatible with
-    [random key signing](../../HowTo/Use-Privacy/Sign-Privacy-Marker-Transactions.md) for
+    [random key signing](../../how-to/use-privacy/sign-pmts.md) for
-    [privacy marker transactions](../Privacy/Private-Transaction-Processing.md).
+    [privacy marker transactions](../privacy/private-transactions/processing.md).
    If using account permissioning and privacy, a signing key must be specified using the
-    [`--privacy-marker-transaction-signing-key-file`](../../Reference/CLI/CLI-Syntax.md#privacy-marker-transaction-signing-key-file)
+    [`--privacy-marker-transaction-signing-key-file`](../../reference/cli/options.md#privacy-marker-transaction-signing-key-file)
    command line option and the corresponding public key
    included in the accounts allowlist.
 !!! tip
-    If nodes are not connecting as expected, set the [log level to `TRACE`](../../Reference/CLI/CLI-Syntax.md#logging)
+    If nodes are not connecting as expected, set the [log level to `TRACE`](../../../public-networks/reference/cli/options.md#logging)
    and search for messages containing `Node permissioning` to identify the issue.
-    Ensure the [`--p2p-host`](../../Reference/CLI/CLI-Syntax.md#p2p-host) command line option has been
+    Ensure the [`--p2p-host`](../../../public-networks/reference/cli/options.md#p2p-host) command line option has been
    correctly configured for all nodes with the
    externally accessible address.
@ -82,7 +81,7 @@ Permissioning implements three allowlists:
 ## Bootnodes
-When a node joins the network, the node connects to the [bootnodes](../../HowTo/Find-and-Connect/Bootnodes.md) until it
+When a node joins the network, the node connects to the [bootnodes](../../how-to/configure/bootnodes.md) until it
 synchronizes to the chain head, regardless of node permissions. After synchronization, the Account Rules and Node
 Rules smart contracts apply the permissioning rules.
@ -94,5 +93,6 @@ bootnodes to rediscover peers.
    All bootnodes must be on the nodes allowlist.
 <!-- Links -->
-[permissioning management dapp]: ../../Tutorials/Permissioning/Getting-Started-Onchain-Permissioning.md
+[permissioning management dapp]: ../../how-to/use-permissioning/onchain.md#deploy-the-permissioning-management-dapp
-[`--privacy-marker-transaction-signing-key-file`]: ../../Reference/CLI/CLI-Syntax.md#privacy-marker-transaction-signing-key-file
+[`--privacy-marker-transaction-signing-key-file`]: ../../../public-networks/reference/cli/options.md#privacy-marker-transaction-signing-key-file
 [specify the permissioning contract interface]: ../../how-to/use-permissioning/onchain.md#specify-the-permissioning-contract-interface-version
--- a/docs/private-networks/concepts/permissioning/plugin.md
+++ b/docs/private-networks/concepts/permissioning/plugin.md
@ -4,7 +4,7 @@ description: Plugin based permissioning
 # Permissioning plugin
-You can define complex [permissioning](Permissioning-Overview.md) solutions by [building a plugin](../Plugins.md) that
+You can define complex [permissioning](index.md) solutions by building a plugin that
 extends Hyperledger Besu functionality.
 The plugin API provides a `PermissioningService` interface that currently supports connection permissioning and
@ -19,7 +19,7 @@ Use connection permissioning when deciding whether to restrict node access to kn
 Use message permissioning to propagate different types of devP2P messages to particular nodes. For example,
 this can be used to prevent pending transactions from being forwarded to other nodes.
-## Registering your plugin
+## Register your plugin
 To enable permissioning in your plugin, implement the `PermissioningService` interface and register your providers.
--- a/docs/private-networks/concepts/pki.md
+++ b/docs/private-networks/concepts/pki.md
@ -26,7 +26,7 @@ authorized nodes in the network.
 When receiving connection requests, the incoming connection must be from another authorized node. Similarly, when
 connecting to a node the initiator ensures that the remote node is authorized to participate in the network.
-[Configure TLS for the P2P communication using the Besu command line options](../HowTo/Configure/TLS/P2P-TLS.md).
+[Configure TLS for the P2P communication using the Besu command line options](../how-to/configure/tls/p2p.md).
 ## Block proposal permissioning
@ -39,7 +39,7 @@ network. The block hash is signed by the validator private certificate and inclu
 as a [CMS (Cryptographic Message Syntax)]. This is used by other validators to verify that the proposer is authorized
 to create a block in the network.
-[Configure block proposal permissioning using the Besu command line options](../HowTo/Configure/Block-Proposal-Permissioning.md).
+[Configure block proposal permissioning using the Besu command line options](../how-to/configure/block-proposal-permissioning.md).
-[QBFT consensus protocol]: ../HowTo/Configure/Consensus-Protocols/QBFT.md
+[QBFT consensus protocol]: ../how-to/configure/consensus/qbft.md
 [CMS (Cryptographic Message Syntax)]: https://en.wikipedia.org/wiki/Cryptographic_Message_Syntax
--- a/docs/private-networks/concepts/plugins.md
+++ b/docs/private-networks/concepts/plugins.md
@ -18,9 +18,9 @@ third-party application. The API exposes data about the following components:
 * Logs
 * Syncing state.
-![Besu plugin API](../images/Hyperledger-Besu-Plugin-API.png)
+![Besu plugin API](../../images/Hyperledger-Besu-Plugin-API.png)
-The plugin API provides access to [interfaces](../Reference/Plugin-API-Interfaces.md) allowing you
+The plugin API provides access to [interfaces](../reference/plugin-api-interfaces.md) allowing you
 to build the plugin.
 !!! tip
--- a/docs/Concepts/Consensus-Protocols/Comparing-PoA.md
+++ b/docs/Concepts/Consensus-Protocols/Comparing-PoA.md
@ -2,9 +2,9 @@
 description: Besu proof of authority consensus protocols comparison
 ---
-# Comparing proof of authority consensus protocols
+# Proof of authority consensus
-Besu implements the QBFT, IBFT 2.0, and Clique proof of authority (PoA) [consensus protocols](Overview-Consensus.md).
+Besu implements the QBFT, IBFT 2.0, and Clique proof of authority (PoA) [consensus protocols](../how-to/configure/consensus/index.md).
 PoA consensus protocols work when participants know each other and there is a level of trust
 between them. For example, in a permissioned consortium network.
--- a/docs/private-networks/concepts/privacy/flexible-privacy.md
+++ b/docs/private-networks/concepts/privacy/flexible-privacy.md
@ -10,8 +10,8 @@ description: Flexible privacy groups
    Read our [Orion to Tessera migration guide](https://docs.orion.consensys.net/en/latest/Tutorials/Migrating-from-Orion-to-Tessera/)
    and about all the [new Tessera features](https://consensys.net/blog/quorum/tessera-the-privacy-manager-of-choice-for-consensys-quorum-networks).
-Flexible [privacy groups](Privacy-Groups.md) use smart contracts to store and maintain the group membership.
+Flexible [privacy groups](privacy-groups.md) use smart contracts to store and maintain the group membership.
-You can [add and remove members to and from flexible privacy groups](../../HowTo/Use-Privacy/Use-FlexiblePrivacy.md).
+You can [add and remove members to and from flexible privacy groups](../../how-to/use-privacy/flexible.md).
 !!! tip
@ -27,7 +27,7 @@ You can [add and remove members to and from flexible privacy groups](../../HowTo
    group functionality in future versions.
    We don't recommended creating flexible privacy groups in a chain with existing
-    [offchain privacy groups](Privacy-Groups.md).
+    [offchain privacy groups](privacy-groups.md).
 ## Group management contracts
@ -51,7 +51,7 @@ the management contract, must be signed by the same key that signed the group cr
 When creating a flexible privacy group, generate the privacy group ID for the group outside of Besu
 and pass the ID as a parameter.
-The [web3js-quorum library](../../HowTo/Use-Privacy/Use-FlexiblePrivacy.md) generates a unique privacy
+The [web3js-quorum library](../../how-to/use-privacy/flexible.md) generates a unique privacy
 group ID and passes the ID to Besu when creating a privacy group.
 !!! caution
@ -64,14 +64,14 @@ group ID and passes the ID to Besu when creating a privacy group.
 ## Multi-tenancy
-When using [multi-tenancy](Multi-Tenancy.md) with flexible privacy groups, each user provides a JSON Web Token (JWT)
+When using [multi-tenancy](multi-tenancy.md) with flexible privacy groups, each user provides a JSON Web Token (JWT)
 which allows Besu to check that the user has access to functionality and data associated with a privacy group.
-Using multi-tenancy with flexible privacy groups is more complex than with [offchain privacy groups](Privacy-Groups.md)
+Using multi-tenancy with flexible privacy groups is more complex than with [offchain privacy groups](privacy-groups.md)
 because users may be added and removed from flexible privacy groups.
 When a user is added to a privacy group, they get access to all existing data in the privacy group.
 After being removed from a privacy group, a user retains access to already existing data in the privacy group, up to the
-block containing the [privacy marker transaction (PMT)](Private-Transaction-Processing.md) that removed them (the
+block containing the [privacy marker transaction (PMT)](private-transactions/processing.md) that removed them (the
 removal block).
 A removed user doesn't have access to data in the privacy group that happens after they were removed.
@ -80,23 +80,23 @@ but later removed from, Besu allows the user access to the following functionali
 group:
 - Private transactions using `priv_getTransaction` and private transaction receipts using
-  [`priv_getTransactionReceipt`](../../Reference/API-Methods.md#priv_gettransactionreceipt) from blocks up to (and
+  [`priv_getTransactionReceipt`](../../../public-networks/reference/api/index.md#priv_gettransactionreceipt) from blocks up to (and
  including) the removal block.
-  
+
    !!! note
        A removed group member may have access to some private transactions after the removal PMT in the same block.
-  
+
- Using [`priv_call`](../../Reference/API-Methods.md#priv_call) on blocks up to (and including) the removal block.
+- Using [`priv_call`](../../../public-networks/reference/api/index.md#priv_call) on blocks up to (and including) the removal block.
-  
+
- Private logs using [`priv_getLogs`](../../Reference/API-Methods.md#priv_getlogs) for blocks up to (and including) the
+- Private logs using [`priv_getLogs`](../../../public-networks/reference/api/index.md#priv_getlogs) for blocks up to (and including) the
  removal block.
  When the `toBlock` is greater than the removal block, `priv_getLogs` still returns logs up to the removal block.
-  
+
    !!! note
        When a user is removed from a privacy group, any [log filters](../../HowTo/Interact/Filters#filters-for-private-contracts)
        they've created are also removed and can't be accessed.
        A user can only create and access filters for a privacy group they are currently a member of.
-All other [`PRIV` API methods](../../Reference/API-Methods.md#priv-methods) fail for the removed group member.
+All other [`PRIV` API methods](../../../public-networks/reference/api/index.md#priv-methods) fail for the removed group member.
--- a/docs/private-networks/concepts/privacy/index.md
+++ b/docs/private-networks/concepts/privacy/index.md
@ -18,27 +18,27 @@ participants. Other participants cannot access the transaction content or list o
    For production environments requiring private transactions:
    * We recommend using a network with a consensus mechanism supporting transaction finality. For
-    example, [IBFT 2.0](../../HowTo/Configure/Consensus-Protocols/IBFT.md).
+      example, [IBFT 2.0](../../how-to/configure/consensus/ibft.md).
    * Tessera must be [highly available and run in a separate instance to Besu].
-    Using private transactions with [pruning](../Pruning.md) or
+    Using private transactions with [pruning] or
-    [fast sync](../../Reference/CLI/CLI-Syntax.md#sync-mode) is not supported.
+    [fast sync](../../../public-networks/reference/cli/options.md#sync-mode) is not supported.
 ## Private transaction manager
 Besu uses a private transaction manager, [Tessera](https://docs.tessera.consensys.net/), to implement
 privacy.
-Each Besu node that sends or receives [private transactions](Private-Transactions.md) requires an
+Each Besu node that sends or receives [private transactions](private-transactions/index.md) requires an
 associated Tessera node.
-![Tessera Nodes](../../images/TesseraNodes.png)
+![Tessera Nodes](../../../images/TesseraNodes.png)
 Private transactions pass from the Besu node to the associated Tessera node. The Tessera node
 encrypts and directly distributes (that is, point-to-point) the private transaction to the Tessera
 nodes participating in the transaction.
 By default, each participant in a privacy-enabled network uses its own Besu and Tessera node.
-[Multi-tenancy](Multi-Tenancy.md) allows more than one participant to use the same Besu and Tessera
+[Multi-tenancy](multi-tenancy.md) allows more than one participant to use the same Besu and Tessera
 node.
 !!! tip
@ -47,7 +47,7 @@ node.
 ## Privacy-enabled networks
-When enabling privacy in a [private network](../../HowTo/Get-Started/System-Requirements/System-Requirements-Private.md),
+When enabling privacy in a [private network](../../get-started/system-requirements.md),
 there's an assumed level of trust among the node operators, since all are members of the private
 network.
@ -79,4 +79,5 @@ Do not use private transactions in production environments using consensus mecha
 occur.
 <!-- Links -->
-[highly available and run in a separate instance to Besu]: ../../HowTo/Use-Privacy/Run-Tessera-With-Besu.md
+[highly available and run in a separate instance to Besu]: ../../how-to/use-privacy/tessera.md
 [pruning]: ../../../public-networks/concepts/data-storage-formats.md
--- a/docs/private-networks/concepts/privacy/multi-tenancy.md
+++ b/docs/private-networks/concepts/privacy/multi-tenancy.md
@ -18,10 +18,10 @@ is a _tenant_, and the operator is the _owner_ of the Besu and Tessera node.
 !!! important
    The operator is responsible for
-    [configuring multi-tenancy](../../Tutorials/Privacy/Configuring-Multi-Tenancy.md), and has
+    [configuring multi-tenancy](../../tutorials/privacy/multi-tenancy.md), and has
    access to all tenant data.
-![Multi-tenancy](../../images/Multi-tenancy.png)
+![Multi-tenancy](../../../images/Multi-tenancy.png)
 !!! important
@ -31,8 +31,8 @@ is a _tenant_, and the operator is the _owner_ of the Besu and Tessera node.
    If not configured to allow access only by the multi-tenant Besu node, other Tessera clients,
    including other Besu nodes, might be able to access tenant data.
-    To secure access, you can [configure TLS between Besu and Tessera](../TLS.md) with the
+    To secure access, you can [configure TLS between Besu and Tessera](../../how-to/configure/tls/client-and-server.md)
-    [`WHITELIST`](https://docs.tessera.consensys.net/en/stable/HowTo/Configure/TLS/#whitelist)
+    with the [`WHITELIST`](https://docs.tessera.consensys.net/en/stable/HowTo/Configure/TLS/#whitelist)
    trust mode.
 Multi-tenancy validates that tenants have permission to use the specified HTTP or WebSocket
@ -40,4 +40,4 @@ JSON-RPC requests, and the tenant has access to the requested privacy data.
 Private data is isolated and each tenant uses a JSON Web Token (JWT) for authentication.
 You can
-[create the JWT either externally or internally](../../HowTo/Interact/APIs/Authentication.md).
+[create the JWT either externally or internally](../../../public-networks/how-to/use-besu-api/authenticate.md).
--- a/docs/private-networks/concepts/privacy/plugin.md
+++ b/docs/private-networks/concepts/privacy/plugin.md
@ -4,7 +4,7 @@ description: Privacy plugin
 # Privacy plugin
-You can define your own strategy for private transactions by [building a plugin](../Plugins.md) that extends
+You can define your own strategy for private transactions by building a plugin that extends
 Hyperledger Besu functionality.
 The plugin can take many forms, but it must provide Besu with a private transaction when required.
@ -18,7 +18,7 @@ The plugin can take many forms, but it must provide Besu with a private transact
 Enable the privacy plugin by starting Besu and including the `--Xprivacy-plugin-enabled` command line option.
 The registered plugin must implement the `PrivacyPluginPayloadProvider` interface.
-## Using the payload provider interface
+## Use the payload provider interface
 The privacy plugin must define the [privacy marker transaction (PMT)] payload.
 Use the payload to retrieve the contents of the private transaction which could be a link to a location in
@ -27,11 +27,11 @@ an enclave, or an encrypted form of the private payload itself.
 Besu doesn't need to know how the private transaction is distributed, it just needs to know what the private transaction
 for the PMT is.
-### Sending transactions
+### Send transactions
-When submitting a private transaction using [`eea_sendRawTransaction`](../../Reference/API-Methods.md#eea_sendrawtransaction),
+When submitting a private transaction using [`eea_sendRawTransaction`](../../../public-networks/reference/api/index.md#eea_sendrawtransaction),
 the signed transaction must be sent to `0x000000000000000000000000000000000000007a` to indicate which
-[privacy precompiled contract](../Privacy/Private-Transaction-Processing.md) is being used.
+[privacy precompiled contract](private-transactions/processing.md) is being used.
 The transaction flow is as follows:
@ -43,12 +43,12 @@ The transaction flow is as follows:
 5. The private transaction handler creates a PMT for the private transaction, and propagates the PMT using devP2P in
    the same way as a public Ethereum transaction.
-### Mining transactions
+### Mine transactions
 The process of mining transactions happens in reverse to sending transactions.
 1. The Mainnet transaction processor processes the PMT in the same way as
-    any other public transaction. On nodes containing the [privacy precompile contract](../../Reference/API-Methods.md#priv_getprivacyprecompileaddress)
+    any other public transaction. On nodes containing the [privacy precompile contract](../../../public-networks/reference/api/index.md#priv_getprivacyprecompileaddress)
    specified in the `to` attribute of the PMT, the Mainnet transaction processor passes the PMT to the privacy precompile contract.
   !!! note
@ -72,9 +72,9 @@ The extension allows you to use a more dynamic approach, for example different k
 Your plugin needs to register the `PrivateMarkerTransactionFactory` interface which is called before submitting a PMT
 to the transaction pool. The responsibility then lies with the plugin to sign and serialize the PMT.
-[privacy marker transaction (PMT)]: ../../HowTo/Use-Privacy/Access-Private-Transactions.md
+[privacy marker transaction (PMT)]: ../../how-to/use-privacy/access-private-transactions.md
-## Registering your plugin
+## Register your plugin
 To enable Besu to use your privacy plugin, you must implement the `PrivacyPluginService` interface and you must call `setPayloadProvider`.
--- a/docs/private-networks/concepts/privacy/privacy-groups.md
+++ b/docs/private-networks/concepts/privacy/privacy-groups.md
@ -22,7 +22,7 @@ state.
    The privacy group implementations described below are offchain privacy groups and cannot have
    their group membership updated.
-    [Flexible privacy groups are an early access feature](Flexible-PrivacyGroups.md).
+    [Flexible privacy groups are an early access feature](flexible-privacy.md).
 ## Privacy types
@ -35,7 +35,7 @@ Besu implements two types of privacy:
 Both privacy types create privacy groups and store private transactions with their privacy group in
 Tessera.
-![Privacy Groups](../../images/PrivacyGroups.png)
+![Privacy Groups](../../../images/PrivacyGroups.png)
 !!! note
@ -83,7 +83,7 @@ provided by Tessera.
 ### Besu-extended privacy
 The Besu-extended privacy implementation creates a privacy group using
-[`priv_createPrivacyGroup`](../../Reference/API-Methods.md#priv_createprivacygroup) with private
+[`priv_createPrivacyGroup`](../../../public-networks/reference/api/index.md#priv_createprivacygroup) with private
 transactions sent to the privacy group ID.
 !!! example
@ -101,5 +101,5 @@ transactions sent to the privacy group ID.
 ## Multi-tenancy
-When using [multi-tenancy](Multi-Tenancy.md) with privacy groups, each user provides a JSON Web Token (JWT) which
+When using [multi-tenancy](multi-tenancy.md) with privacy groups, each user provides a JSON Web Token (JWT) which
 allows Besu to check that the user has access to functionality and data associated with a privacy group.
--- a/docs/private-networks/concepts/privacy/private-transactions/index.md
+++ b/docs/private-networks/concepts/privacy/private-transactions/index.md
@ -15,7 +15,7 @@ Private transactions have the same parameters as public Ethereum transactions, w
 * `privateFrom` - The Tessera public key of the transaction sender.
 * One of the following:
    * `privateFor` - The Tessera public keys of the transaction recipients.
-    * `privacyGroupId` - [The privacy group to receive the transaction](Privacy-Groups.md).
+    * `privacyGroupId` - [The privacy group to receive the transaction](../privacy-groups.md).
 * `restriction` - Whether the private transaction is `restricted` or `unrestricted`:
    * `restricted` - Only the nodes participating in the transaction receive
      and store the payload of the private transaction.
@ -26,23 +26,23 @@ Private transactions have the same parameters as public Ethereum transactions, w
        Besu implements `restricted` private transactions only.
-The `gas` and `gasPrice` are used by the [privacy marker transaction (PMT)](Private-Transaction-Processing.md),
+The `gas` and `gasPrice` are used by the [privacy marker transaction (PMT)](processing.md),
 not the private transaction itself.
 !!! warning
    Because gas isn't required in private transactions, inefficient contracts deployed accidentally
    or deliberately can cause performance issues in privacy-enabled networks.
-    Ensure your network has a mechanism to [establish trust offchain](Privacy-Overview.md#privacy-enabled-networks).
+    Ensure your network has a mechanism to [establish trust offchain](../index.md#privacy-enabled-networks).
-You can [create and send private transactions](../../HowTo/Send-Transactions/Creating-Sending-Private-Transactions.md).
+You can [create and send private transactions](../../../how-to/send-transactions/private-transactions.md).
 ## Besu and Tessera keys
 Besu and Tessera nodes both have public/private key pairs identifying them.
 A Besu node sending a private transaction to a Tessera node signs the transaction with the Besu node private key.
 The `privateFrom` and `privateFor` parameters specified in the RLP-encoded transaction string for
-[`eea_sendRawTransaction`](../../Reference/API-Methods.md#eea_sendrawtransaction) are the public keys of the Tessera
+[`eea_sendRawTransaction`](../../../reference/api/index.md#eea_sendrawtransaction) are the public keys of the Tessera
 nodes sending and receiving the transaction.
 !!! important
@ -54,7 +54,7 @@ nodes sending and receiving the transaction.
 A nonce is the number of previous transactions made by the sender.
-[Private transaction processing](Private-Transaction-Processing.md) involves two transactions:
+[Private transaction processing](processing.md) involves two transactions:
 the private transaction distributed to involved participants, and the privacy marker transaction (PMT) included on the
 public blockchain.
 Each of these transactions has its own nonce.
@ -62,20 +62,20 @@ Since the PMT is a public transaction, the PMT nonce is the public nonce for the
 ### Private transaction nonce
-Besu maintains separate private states for each [privacy group](../../Concepts/Privacy/Privacy-Groups.md).
+Besu maintains separate private states for each [privacy group](../privacy-groups.md).
 The private transaction nonce for an account is specific to the privacy group.
 That is, the nonce for account A for privacy group ABC is different to the nonce for account A for privacy group AB.
 ### Private nonce validation
-Unlike public transactions, private transactions are not submitted to the [transaction pool](../Transactions/Transaction-Pool.md).
+Unlike public transactions, private transactions are not submitted to the [transaction pool](../../../../public-networks/concepts/transactions/pool.md).
 The private transaction is distributed directly to the participants in the transaction, and the PMT is submitted to the
 transaction pool.
-Unlike [public transaction nonces](../Transactions/Transaction-Validation.md), private transaction nonces aren't
+Unlike [public transaction nonces](../../../../public-networks/concepts/transactions/validation.md), private transaction nonces aren't
 validated when the private transaction is submitted.
 If a private transaction has an incorrect nonce, the PMT is still valid and is added to a block.
-However, in this scenario, the private transaction execution fails when [processing the PMT](Private-Transaction-Processing.md)
+However, in this scenario, the private transaction execution fails when [processing the PMT](processing.md)
 for the private transaction with the incorrect nonce.
 The following private transaction flow illustrates when nonce validation occurs:
@ -83,7 +83,7 @@ The following private transaction flow illustrates when nonce validation occurs:
 1. Submit a private transaction with a [nonce value](#private-transaction-nonce).
 1. The private transaction is distributed to all participants in the privacy group.
 1. The PMT is created and submitted to the transaction pool with a nonce of `0` if using one-time accounts.
-   If using a specific account with [`--privacy-marker-transaction-signing-key-file`](../../Reference/CLI/CLI-Syntax.md#privacy-marker-transaction-signing-key-file),
+   If using a specific account with [`--privacy-marker-transaction-signing-key-file`](../../../reference/cli/options.md#privacy-marker-transaction-signing-key-file),
   the public nonce for that account is obtained and used for the PMT.
 1. The PMT is mined and included in the block.
 1. After the block containing the PMT is imported, and the PMT is processed, the private transaction is retrieved from
@ -94,8 +94,8 @@ The following private transaction flow illustrates when nonce validation occurs:
 ### Private nonce management
-In Besu, you call [`eth_getTransactionCount`](../../Reference/API-Methods.md#eth_gettransactioncount) to get a nonce,
+In Besu, you call [`eth_getTransactionCount`](../../../../public-networks/reference/api/index.md#eth_gettransactioncount) to get a nonce,
-then use that nonce with [`eea_sendRawTransaction`](../../Reference/API-Methods.md#eea_sendrawtransaction) to send a
+then use that nonce with [`eea_sendRawTransaction`](../../../reference/api/index.md#eea_sendrawtransaction) to send a
 private transaction.
 However, when you send multiple transactions in row, if a subsequent call to `getTransactionCount` happens before a
@ -114,12 +114,12 @@ You can manage private nonces in multiple ways:
    You must wait until the private transaction's corresponding PMT is included in a block.
 * Manage the nonce yourself, by keeping track of and providing the nonce at each call.
-  We recommend this if you're [sending many transactions that are independent of each other](../../HowTo/Send-Transactions/Concurrent-Private-Transactions.md).
+  We recommend this if you're [sending many transactions that are independent of each other](../../../how-to/send-transactions/concurrent-private-transactions.md).
    !!! note
-        You can use [`priv_getTransactionCount`](../../Reference/API-Methods.md#priv_gettransactioncount) or
+        You can use [`priv_getTransactionCount`](../../../reference/api/index.md#priv_gettransactioncount) or
-        [`priv_getEeaTransactionCount`](../../Reference/API-Methods.md#priv_geteeatransactioncount) to get the nonce for
+        [`priv_getEeaTransactionCount`](../../../reference/api/index.md#priv_geteeatransactioncount) to get the nonce for
        an account for the specified privacy group or participants.
 * Use [Orchestrate](https://docs.orchestrate.consensys.net/en/stable/) for nonce management.
@ -128,5 +128,5 @@ You can manage private nonces in multiple ways:
 !!! tip
    The [web3js-quorum library includes an example](https://github.com/ConsenSys/web3js-quorum/blob/9a0f9eb1b91a4a0d93801f77782b509ae2e7314c/example/concurrentPrivateTransactions/concurrentPrivateTransactions.js)
-    of nonce management when [sending concurrent private transactions](../../HowTo/Send-Transactions/Concurrent-Private-Transactions.md).
+    of nonce management when [sending concurrent private transactions](../../../how-to/send-transactions/concurrent-private-transactions.md).
    The example calculates the correct nonces for the private transactions and PMTs outside of Besu.
--- a/docs/private-networks/concepts/privacy/private-transactions/processing.md
+++ b/docs/private-networks/concepts/privacy/private-transactions/processing.md
@ -2,7 +2,7 @@
 description: Private transaction processing
 ---
-# Processing private transactions
+# Private transaction processing
 !!! warning
@ -10,22 +10,22 @@ description: Private transaction processing
    Read our [Orion to Tessera migration guide](https://docs.orion.consensys.net/en/latest/Tutorials/Migrating-from-Orion-to-Tessera/)
    and about all the [new Tessera features](https://consensys.net/blog/quorum/tessera-the-privacy-manager-of-choice-for-consensys-quorum-networks).
-Processing [private transactions](Private-Transactions.md) involves the following:
+Processing [private transactions](index.md) involves the following:
 * **Precompiled contract**: A smart contract compiled from the source language to EVM bytecode and
  stored by an Ethereum node for later execution.
 * **Privacy marker transaction (PMT)**: A public Ethereum transaction with a payload of the enclave key.
  The enclave key is a pointer to the private transaction in Tessera.
-  The `to` attribute of the PMT is the [address of the privacy precompiled contract](../../Reference/API-Methods.md#priv_getprivacyprecompileaddress).
+  The `to` attribute of the PMT is the [address of the privacy precompiled contract](../../../reference/api/index.md#priv_getprivacyprecompileaddress).
    The PMT is [signed with a random key or the key specified on the command line].
 Private transaction processing is illustrated and described in the following diagram.
-![Processing Private Transactions](../../images/PrivateTransactionProcessing.png)
+![Processing Private Transactions](../../../../images/PrivateTransactionProcessing.png)
-1. Submit a private transaction using [`eea_sendRawTransaction`](../../Reference/API-Methods.md#eea_sendrawtransaction).
+1. Submit a private transaction using [`eea_sendRawTransaction`](../../../reference/api/index.md#eea_sendrawtransaction).
   The signed transaction includes transaction parameters specific to private transactions, including:
    * `privateFor` or `privacyGroupId`, which specifies the list of recipients.
@ -49,13 +49,13 @@ Private transaction processing is illustrated and described in the following dia
    !!! tip
        If you want to sign the PMT outside of Besu, use
-        [`priv_distributeRawTransaction`](../../HowTo/Send-Transactions/Creating-Sending-Private-Transactions.md#priv_distributerawtransaction)
+        [`priv_distributeRawTransaction`](../../../how-to/send-transactions/private-transactions.md#priv_distributerawtransaction)
-        instead of [`eea_sendRawTransaction`](../../Reference/API-Methods.md#eea_sendrawtransaction).
+        instead of [`eea_sendRawTransaction`](../../../reference/api/index.md#eea_sendrawtransaction).
 1. Besu mines the PMT into a block and the PMT is distributed to all Ethereum nodes in the network.
 1. The Mainnet Transaction Processor processes the PMT in the same way as any other public transaction.
-   On nodes containing the [privacy precompile contract](../../Reference/API-Methods.md#priv_getprivacyprecompileaddress)
+   On nodes containing the [privacy precompile contract](../../../reference/api/index.md#priv_getprivacyprecompileaddress)
   specified in the `to` attribute of the PMT, the Mainnet Transaction Processor passes the PMT to the privacy
   precompile contract.
@ -75,12 +75,13 @@ Private transaction processing is illustrated and described in the following dia
 !!! important
    * We recommend using a network with a consensus mechanism supporting transaction finality. For example,
-      [IBFT 2.0](../../HowTo/Configure/Consensus-Protocols/IBFT.md).
+      [IBFT 2.0](../../../how-to/configure/consensus/ibft.md).
-    * Tessera must be [highly available and run in a separate instance to Besu](../../HowTo/Use-Privacy/Run-Tessera-With-Besu.md).
+    * Tessera must be [highly available and run in a separate instance to Besu](../../../how-to/use-privacy/tessera.md).
-    Using private transactions with [pruning](../Pruning.md) or [fast sync](../../Reference/CLI/CLI-Syntax.md#sync-mode)
+    Using private transactions with [pruning] or [fast sync](../../../../public-networks/reference/cli/options.md#sync-mode)
    is not supported.
 <!-- Links -->
-[signed with a random key or the key specified on the command line]: ../../HowTo/Use-Privacy/Sign-Privacy-Marker-Transactions.md
+[signed with a random key or the key specified on the command line]: ../../../how-to/use-privacy/sign-pmts.md
-[highly available and run in a separate instance to Besu]: ../../HowTo/Use-Privacy/Run-Tessera-With-Besu.md
+[highly available and run in a separate instance to Besu]: ../../../how-to/use-privacy/tessera.md
 [pruning]: ../../../../public-networks/concepts/data-storage-formats.md
--- a/docs/private-networks/get-started/install/binary-distribution.md
+++ b/docs/private-networks/get-started/install/binary-distribution.md
--- a/docs/private-networks/get-started/install/index.md
+++ b/docs/private-networks/get-started/install/index.md
@ -0,0 +1,29 @@
 ---
 title: Installation options
 description: Options for getting started with Hyperledger Besu
 ---
 # Options for getting started
 ## New to Hyperledger Besu?
 Get started with the [Developer Quickstart](../../../private-networks/tutorials/quickstart.md).
 Use the quickstart to rapidly generate local blockchain networks.
 ## Installation options
 * [Docker image](run-docker-image.md)
 * [Binaries](binary-distribution.md)
 ## Build from source
 If you want to use the latest development version of Hyperledger Besu or a specific commit,
 build from source. Otherwise, use the [binary] or [Docker image] for more stable
 versions.
 View the [Hyperledger Wiki] for instructions to install Hyperledger Besu from source.
 <!-- link -->
 [Hyperledger Wiki]: https://wiki.hyperledger.org/display/BESU/Building+from+source
 [binary]: binary-distribution.md
 [Docker image]: run-docker-image.md
--- a/docs/private-networks/get-started/install/run-docker-image.md
+++ b/docs/private-networks/get-started/install/run-docker-image.md
@ -0,0 +1,138 @@
 ---
 description: Run Hyperledger Besu using the official docker image
 ---
 # Run Besu from a Docker image
 Hyperledger Besu provides a Docker image to run a Besu node in a Docker container.
 Use this Docker image to run a single Besu node without installing Besu.
 ## Prerequisites
 * [Docker](https://docs.docker.com/install/)
 * MacOS or Linux
 !!! important
    The Docker image does not run on Windows.
 ## Default node for Mainnet
 To run a Besu node in a container connected to the Ethereum Mainnet:
 ```bash
 docker run hyperledger/besu:latest
 ```
 !!! note
    https://hub.docker.com/r/hyperledger/besu/tags lists the available tags for the image.
    If you previously pulled `latest`, Docker runs the cached version.
    To ensure your image is up to date, pull the `latest` version again using `docker pull hyperledger/besu:latest`.
 ## Expose ports
 Expose ports for P2P discovery, GraphQL, metrics, and HTTP and WebSocket JSON-RPC. You need
 to expose the ports to use the default ports or the ports specified using
 [`--rpc-http-port`](../../../public-networks/reference/cli/options.md#rpc-http-port),
 [`--p2p-port`](../../../public-networks/reference/cli/options.md#p2p-port),
 [`--rpc-ws-port`](../../../public-networks/reference/cli/options.md#rpc-ws-port),
 [`--metrics-port`](../../../public-networks/reference/cli/options.md#metrics-port),
 [`--graphql-http-port`](../../../public-networks/reference/cli/options.md#graphql-http-port), and
 [`--metrics-push-port`](../../../public-networks/reference/cli/options.md#metrics-push-port) options.
 To run Besu exposing local ports for access:
 ```bash
 docker run -p <localportJSON-RPC>:8545 -p <localportWS>:8546 -p <localportP2P>:30303 hyperledger/besu:latest --rpc-http-enabled --rpc-ws-enabled
 ```
 !!! note
    The examples on this page expose TCP ports only.
    To expose UDP ports, specify `/udp` at the end of the argument for the `-p` Docker subcommand option:
    ```bash
    docker run -p <port>:<port>/udp
    ```
    See the [`docker run -p` documentation](https://docs.docker.com/engine/reference/commandline/run/#publish-or-expose-port--p---expose).
 !!! example
    To enable JSON-RPC HTTP calls to `127.0.0.1:8545` and P2P discovery on `127.0.0.1:13001`:
    ```bash
    docker run -p 8545:8545 -p 13001:30303 hyperledger/besu:latest --rpc-http-enabled
    ```
 ## Start Besu
 !!! important
    Don't mount a volume at the default data path (`/opt/besu`). Mounting a volume at the default
    data path interferes with the operation of Besu and prevents Besu from safely launching.
    To run a node that maintains the node state (key and database),
    [`--data-path`](../../../public-networks/reference/cli/options.md#data-path) must be set to a location other
    than `/opt/besu` and a storage volume mounted at that location.
    When running in a Docker container, [`--nat-method`](../../../public-networks/how-to/connect/specify-nat.md)
    must be set to `DOCKER` or `AUTO` (default). Don't set
    [`--nat-method`](../../../public-networks/how-to/connect/specify-nat.md) to `NONE` or `UPNP`.
 You can specify
 [Besu environment variables](../../../public-networks/reference/cli/options.md#besu-environment-variables) with the
 Docker image instead of the command line options.
 !!! example
    ```bash
    docker run -p 30303:30303 -p 8545:8545 -e BESU_RPC_HTTP_ENABLED=true -e BESU_NETWORK=goerli hyperledger/besu:latest
    ```
 ### Run a node for testing
 To run a node that mines blocks at a rate suitable for testing purposes with WebSockets enabled:
 ```bash
 docker run -p 8546:8546 --mount type=bind,source=/<myvolume/besu/testnode>,target=/var/lib/besu hyperledger/besu:latest --miner-enabled --miner-coinbase fe3b557e8fb62b89f4916b721be55ceb828dbd73 --rpc-ws-enabled --network=dev --data-path=/var/lib/besu
 ```
 ### Run a node on Rinkeby testnet
 To run a node on Rinkeby:
 ```bash
 docker run -p 30303:30303 --mount type=bind,source=/<myvolume/besu/rinkeby>,target=/var/lib/besu hyperledger/besu:latest --network=rinkeby --data-path=/var/lib/besu
 ```
 ### Run a node on Ethereum Mainnet
 To run a node on Ethereum Mainnet with the HTTP JSON-RPC service enabled:
 ```bash
 docker run -p 8545:8545 --mount type=bind,source=/<myvolume/besu/rinkeby>,target=/var/lib/besu  -p 30303:30303 hyperledger/besu:latest --rpc-http-enabled --data-path=/var/lib/besu
 ```
 ## Stop Besu and clean up resources
 When done running nodes, you can shut down the node container without deleting resources or you can
 delete the container after stopping it. Run `docker container ls` and `docker volume ls` to get the
 container and volume names.
 To stop a container:
 ```bash
 docker stop <container-name>
 ```
 To delete a container:
 ```bash
 docker rm <container-name>
 ```
--- a/docs/private-networks/get-started/start-node.md
+++ b/docs/private-networks/get-started/start-node.md
@ -0,0 +1,222 @@
 ---
 description: Starting Hyperledger Besu
 ---
 # Start Besu
 Use the [`besu`](../reference/cli/options.md) command with the required command line options
 to start a node. Alternatively, use the [launcher](#besu-launcher) to start Besu interactively
 with the most common options.
 ## Prerequisites
 [Besu installed](install/binary-distribution.md)
 ## Local block data
 When connecting to a network other than the network previously connected to, you must either delete
 the local block data or use the [`--data-path`](../../public-networks/reference/cli/options.md#data-path) option
 to specify a different data directory.
 To delete the local block data, delete the `database` directory in the
 `besu/build/distribution/besu-<version>` directory.
 ## Genesis configuration
 Besu specifies the genesis configuration, and sets the network ID and bootnodes when connecting to
 [Ropsten](#run-a-node-on-ropsten-testnet), [Rinkeby](#run-a-node-on-rinkeby-testnet),
 [Goerli](#run-a-node-on-goerli-testnet), [Kiln](#run-a-node-on-kiln-testnet),
 [Sepolia](#run-a-node-on-sepolia-testnet), and [Mainnet](#run-a-node-on-ethereum-mainnet).
 When you specify [`--network=dev`](../../public-networks/reference/cli/options.md#network), Besu uses the
 development mode genesis configuration with a fixed low difficulty. A node started with
 [`--network=dev`](../../public-networks/reference/cli/options.md#network) has an empty bootnodes list by
 default.
 The genesis files defining the genesis configurations are in the
 [Besu source files](https://github.com/hyperledger/besu/tree/master/config/src/main/resources).
 To define a genesis configuration, create a genesis file (for example, `genesis.json`) and specify
 the file using the [`--genesis-file`](../../public-networks/reference/cli/options.md#genesis-file) option.
 ## Syncing and storage
 By default, Besu syncs to the current state of the blockchain using
 [fast sync](../../public-networks/how-to/connect/sync-node.md#fast-synchronization) in:
 - Networks specified using [`--network`](../../public-networks/reference/cli/options.md#network) except for the `dev`
  development network.
 - Ethereum Mainnet.
 We recommend using [snap sync](../../public-networks/how-to/connect/sync-node.md#snap-synchronization) for a faster sync, by starting Besu
 with [`--sync-mode=X_SNAP`](../../public-networks/reference/cli/options.md#sync-mode).
 By default, Besu stores data in the [Forest of Tries](../../public-networks/concepts/data-storage-formats.md#forest-of-tries) format.
 We recommend using [Bonsai Tries](../../public-networks/concepts/data-storage-formats.md#bonsai-tries) for lower storage requirements,
 by starting Besu with [`--data-storage-format=BONSAI`](../../public-networks/reference/cli/options.md#data-storage-format).
 ## Confirm node is running
 If you started Besu with the
 [`--rpc-http-enabled`](../../public-networks/reference/cli/options.md#rpc-http-enabled) option, use
 [cURL](https://curl.haxx.se/) to call [JSON-RPC API methods](../reference/api/index.md) to
 confirm the node is running.
 !!!example
    * `eth_chainId` returns the chain ID of the network.
        ```bash
        curl -X POST --data '{"jsonrpc":"2.0","method":"eth_chainId","params":[],"id":1}' localhost:8545
        ```
    * `eth_syncing` returns the starting, current, and highest block.
        ```bash
        curl -X POST --data '{"jsonrpc":"2.0","method":"eth_syncing","params":[],"id":1}' localhost:8545
        ```
        For example, after connecting to Mainnet, `eth_syncing` will return something similar to:
        ```json
        {
          "jsonrpc" : "2.0",
          "id" : 1,
          "result" : {
            "startingBlock" : "0x0",
            "currentBlock" : "0x2d0",
            "highestBlock" : "0x66c0"
          }
        }
        ```
 ## Run a node for testing
 To run a node that mines blocks at a rate suitable for testing purposes:
 ```bash
 besu --network=dev --miner-enabled --miner-coinbase=0xfe3b557e8fb62b89f4916b721be55ceb828dbd73 --rpc-http-cors-origins="all" --host-allowlist="*" --rpc-ws-enabled --rpc-http-enabled --data-path=/tmp/tmpDatdir
 ```
 You can also use the following [configuration file](../../public-networks/how-to/configuration-file.md)
 on the command line to start a node with the same options as above:
 ```toml
 network="dev"
 miner-enabled=true
 miner-coinbase="0xfe3b557e8fb62b89f4916b721be55ceb828dbd73"
 rpc-http-cors-origins=["all"]
 host-allowlist=["*"]
 rpc-ws-enabled=true
 rpc-http-enabled=true
 data-path="/tmp/tmpdata-path"
 ```
 !!! caution
    The following settings are a security risk in production environments:
    * Enabling the HTTP JSON-RPC service
      ([`--rpc-http-enabled`](../../public-networks/reference/cli/options.md#rpc-http-enabled)) and setting
      [`--rpc-http-host`](../../public-networks/reference/cli/options.md#rpc-http-host) to 0.0.0.0 exposes the
      RPC connection on your node to any remote connection.
    * Setting [`--host-allowlist`](../../public-networks/reference/cli/options.md#host-allowlist) to `"*"`
      allows JSON-RPC API access from any host.
    * Setting
      [`--rpc-http-cors-origins`](../../public-networks/reference/cli/options.md#rpc-http-cors-origins) to
      `"all"` or `"*"` allows cross-origin resource sharing (CORS) access from any domain.
 ## Run a node on Ropsten testnet
 To run a node on Ropsten:
 ```bash
 besu --network=ropsten
 ```
 To run a node on Ropsten with the HTTP JSON-RPC service enabled and allow Remix to access the node:
 ```bash
 besu  --network=ropsten --rpc-http-enabled --rpc-http-cors-origins "http://remix.ethereum.org"
 ```
 ## Run a node on Rinkeby testnet
 To run a node on Rinkeby specifying a data directory:
 ```bash
 besu --network=rinkeby --data-path=<path>/<rinkebydata-path>
 ```
 Where `<path>` and `<rinkebydata-path>` are the path and directory to save the Rinkeby chain data
 to.
 ## Run a node on Goerli testnet
 To run a node on [Goerli](https://github.com/goerli/testnet) specifying a data directory:
 ```bash
 besu --network=goerli --data-path=<path>/<goerlidata-path>
 ```
 Where `<path>` and `<goerlidata-path>` are the path and directory to save the Goerli chain data to.
 ## Run a node on Sepolia testnet
 To run a node on [Sepolia](https://github.com/goerli/sepolia) specifying a data directory:
 ```bash
 besu --network=sepolia --data-path=<path>/<sepoliadata-path>
 ```
 Where `<path>` and `<sepoliadata-path>` are the path and directory to save the Sepolia chain data
 to.
 ## Run a node on Ethereum Mainnet
 To run a node on the Ethereum Mainnet:
 ```bash
 besu
 ```
 To run a node on Mainnet with the HTTP JSON-RPC service enabled and available for localhost only:
 ```bash
 besu --rpc-http-enabled
 ```
 ## Besu launcher
 Use the Besu launcher to interactively configure and start a node with the most common options. The
 launcher asks a series of questions and generates a [configuration file](../../public-networks/how-to/configuration-file.md).
 To run the Besu launcher:
 ```bash
 besu --Xlauncher
 ```
 Answer each question, or press ++Enter++ to accept the default value.
 ```bash
 ? Which Ethereum network would you like to use ? rinkeby
 ? Which synchronization mode? fast
 ? Do you want to enable pruning? no
 ? What is the data directory ? /Users/me/besu
 ? Do you want to enable the JSON-RPC HTTP service ? yes
 ? Do you want to configure the JSON-RPC options now ? yes
 ? What is the JSON RPC HTTP host address ? 127.0.0.1
 ? What is the JSON RPC HTTP port ? 8545
 ? Select the list of APIs to enable on JSON-RPC HTTP service [eth, net, web3]
 ? Do you want to enable the JSON-RPC Websocket service ? no
 ? Do you want to enable GraphQL functionality ? no
 ? Do you want to use Ethstats ? no
 ? Do you want to enable NAT ? no
 ? Do you want to enable mining ? no
 ```
 If a configuration file is already present in the directory where the command is executed,
 Besu will start and use the values in the configuration file. To force the launcher to interact
 during a restart, use the `--Xlauncher-force` option, or delete the configuration
 file.
--- a/docs/HowTo/Get-Started/System-Requirements/System-Requirements-Private.md
+++ b/docs/HowTo/Get-Started/System-Requirements/System-Requirements-Private.md
@ -3,27 +3,24 @@ title: Hyperledger Besu system requirements
 description: System requirements to sync and run Besu
 ---
-# System requirements for private networks
+# System requirements
 A Hyperledger Besu private network is a network not connected to Ethereum Mainnet or an Ethereum testnet.
 Private networks typically use a different [chain ID](../../../Concepts/NetworkID-And-ChainID.md) and
 [consensus protocol](../../../Concepts/Consensus-Protocols/Overview-Consensus.md).
 Participation in private networks is typically restricted in some way, so the volume of traffic is
 much lower than Mainnet, resulting in lower system requirements.
 Private network system requirements depend on many factors, including:
 * Size of the world state for the network.
 * Number of transactions submitted to the network.
-* [Block gas limit](../../../Reference/Config-Items.md#genesis-block-parameters).
+* [Block gas limit](../../public-networks/reference/genesis-items.md#genesis-block-parameters).
-* Number and complexity of [JSON-RPC](../../Interact/APIs/Using-JSON-RPC-API.md),
+* Number and complexity of [JSON-RPC](../../public-networks/how-to/use-besu-api/json-rpc.md),
-  [PubSub](../../Interact/APIs/RPC-PubSub.md), or [GraphQL](../../Interact/APIs/GraphQL.md) queries
+  [PubSub](../../public-networks/how-to/use-besu-api/rpc-pubsub.md), or [GraphQL](../../public-networks/how-to/use-besu-api/graphql.md) queries
  handled by the node.
 Participation in private networks is typically restricted in some way, so the volume of traffic is
 much lower than on Mainnet, resulting in lower system requirements.
 ## Determining system requirements
 To determine system requirements, check CPU and disk space requirements using
-[Prometheus](../../Monitor/Metrics.md#monitor-node-performance-using-prometheus). Grafana provides a
+[Prometheus](../../public-networks/how-to/monitor/metrics.md). Grafana provides a
 [sample dashboard](https://grafana.com/grafana/dashboards/10273) for Besu.
 ## Java Virtual Machine size
@ -50,7 +47,7 @@ We recommend you create a VM with the following attributes:
 * (Optional) You can create a shared directory to copy block files or genesis files from the host
  computer to the VM. For details on how to create a shared directory, see "Share Folders" in the
  [Oracle VirtualBox documentation].
-  
+
 ## Disk type
 Use [local SSD storage](https://cloud.google.com/compute/docs/disks) for high throughput nodes (validators and RPC nodes).
--- a/docs/private-networks/how-to/backup.md
+++ b/docs/private-networks/how-to/backup.md
@ -2,7 +2,7 @@
 description: Backing up and restoring Besu
 ---
-# Backups
+# Backup and restore Besu
 In a decentralized blockchain, data replicates between nodes so it's not lost. But backing up
 configuration and data ensures a smoother recovery from corrupted data or other failures.
@ -17,12 +17,12 @@ file under source control.
 If installed locally, the default data location is the Besu installation directory.
 We recommend mounting a
-[separate volume to store data](../Get-Started/Installation-Options/Run-Docker-Image.md#starting-besu). Use the
+[separate volume to store data](../get-started/install/run-docker-image.md). Use the
-[`--data-path`](../../Reference/CLI/CLI-Syntax.md#data-path) command line option to pass the path
+[`--data-path`](../../public-networks/reference/cli/options.md#data-path) command line option to pass the path
 to Besu.
 The default data location is the Besu installation directory, or `/opt/besu/database` if using the
-[Besu Docker image](../Get-Started/Installation-Options/Run-Docker-Image.md).
+[Besu Docker image](../get-started/install/run-docker-image.md).
 Having some data reduces the time to synchronize a new node. You can perform periodic backups of
 the data directory and send the data to your preferred backup mechanism. For example, `cron` job and
@ -46,10 +46,10 @@ If log messages signify a corrupt database, the cleanest way to recover is:
 1. Restore the data from a [previous backup](#data-backups).
 1. Restart the node.
-## Finding peers after restarting
+## Find peers after restarting
 The process for finding peers after restarting is the same as for
 [finding peers after upgrading and restarting].
 <!-- Links -->
-[finding peers after upgrading and restarting]: ../Upgrade/Upgrade-Node.md#finding-peers-on-restarting
+[finding peers after upgrading and restarting]: ../../public-networks/how-to/upgrade-node.md#find-peers-on-restarting
--- a/docs/private-networks/how-to/configure/block-proposal-permissioning.md
+++ b/docs/private-networks/how-to/configure/block-proposal-permissioning.md
@ -10,7 +10,7 @@ description: Block proposal permissioning
    Block proposal permissioning is an early access feature, and functionality and options may be updated between releases.
-You can configure [block proposal permissioning](../../Concepts/PKI.md#block-proposal-permissioning)
+You can configure [block proposal permissioning](../../concepts/pki.md#block-proposal-permissioning)
 to ensure only authorized validator nodes can propose blocks in the network.
 Use certificates issued by a trusted authority to ensure validators are authorized to propose blocks.
@ -20,7 +20,7 @@ Use certificates issued by a trusted authority to ensure validators are authoriz
 **Prerequisites**:
 * A configured network. For example,
-    [see steps 1 to 5 in the QBFT tutorial](../../Tutorials/Private-Network/Create-QBFT-Network.md).
+    [see steps 1 to 5 in the QBFT tutorial](../../tutorials/qbft.md).
 * A keystore containing the certificate and key for each network node.
 * A truststore containing all the trusted certificates for the network.
@ -252,5 +252,5 @@ Text file containing the password to unlock the truststore file.
 PKI truststore type. Valid options are `JKS` and `PKCS12`. The default is `JKS`.
-[QBFT consensus protocol]: ../../HowTo/Configure/Consensus-Protocols/QBFT.md
+[QBFT consensus protocol]: /Consensus-Protocols/QBFT.md
 [certificate revocation list (CRL)]: https://www.securew2.com/blog/certificate-revocation-crl-explained
--- a/docs/private-networks/how-to/configure/bootnodes.md
+++ b/docs/private-networks/how-to/configure/bootnodes.md
@ -0,0 +1,89 @@
 ---
 description: Configuring bootnodoes
 ---
 # Configure bootnodes
 You can use bootnodes to initially discover peers.
 Bootnodes are regular nodes used to discover other nodes.
 In private networks for development or testing purposes, specify at least one bootnode.
 In production networks, [configure two or more nodes as bootnodes](#configure-bootnodes-in-a-production-network).
 !!! tip
    Bootnodes and static nodes are parallel methods for finding peers. Depending on your use case,
    you can use only bootnodes, only static nodes, or both bootnodes and statics nodes.
    To find peers, configure one or more bootnodes. To configure a specific set
    of peer connections, use [static nodes](../../../public-networks/how-to/connect/static-nodes.md).
 !!! note "Mainnet and public testnets"
    For Mainnet and the Rinkeby, Ropsten, Sepolia, and Goerli testnets, Hyperledger Besu has an
    internal list of enode URLs and uses this list automatically when you specify the
    [`--network`](../../../public-networks/reference/cli/options.md#network) option.
 ## Specify a bootnode
 To start a node, specify a bootnode [enode](../../../public-networks/concepts/node-keys.md) for P2P discovery,
 using the [`--bootnodes`](../../../public-networks/reference/cli/options.md#bootnodes) option.
 !!! example
    ```bash
    besu --genesis-file=privateNetworkGenesis.json --data-path=nodeDataPath --bootnodes=enode://c35c3ec90a8a51fd5703594c6303382f3ae6b2ecb99bab2c04b3794f2bc3fc2631dabb0c08af795787a6c004d8f532230ae6e9925cbbefb0b28b79295d615f@127.0.0.1:30303
    ```
 The default host and port advertised to other peers for P2P discovery is `127.0.0.1:30303`. To
 specify a different host or port, use the
 [`--p2p-host`](../../../public-networks/reference/cli/options.md#p2p-host) and
 [`--p2p-port`](../../../public-networks/reference/cli/options.md#p2p-port) options.
 By default, peer discovery listens on all available network interfaces. If the device Besu is
 running on must bind to a specific network interface, specify the interface using the
 [`--p2p-interface`](../../../public-networks/reference/cli/options.md#p2p-interface) option.
 ## Configure bootnodes in a production network
 A network must have at least one operating bootnode. To allow for continuity in the event of
 failure, configure two or more bootnodes in a production network.
 We don't recommend putting bootnodes behind a load balancer because the
 [enode](../../../public-networks/concepts/node-keys.md#enode-url) relates to the node public key, IP address, and
 discovery ports. Any changes to a bootnode enode prevents other nodes from being able to establish
 a connection with the bootnode. This is why we recommend putting more bootnodes on the network
 itself.
 To ensure a bootnode enode doesn't change when recovering from a complete bootnode failure:
 1. Create the [node key pair](../../../public-networks/concepts/node-keys.md) (that is, the private and public key)
   before starting the bootnode.
 1. When creating bootnodes in the cloud (for example, AWS and Azure), attempt to assign a static IP
   address to them. If your network is:
    * Publicly accessible, assign an elastic IP.
    * Internal only, specify a private IP address when you create the instance and record this IP
      address.
 We recommend storing the bootnode configuration under source control.
 To allow for failure, specify all bootnodes on the command line (even to the bootnodes themselves).
 !!! tip
    Having each bootnode list the other bootnodes increases the speed of discovery.
    Nodes ignore their own enode in the bootnodes list so it isn't required to specify different
    bootnode lists to the bootnodes themselves.
 ## Add and remove bootnodes
 Adding new bootnodes is a similar process to creating bootnodes. After creating the bootnodes and
 adding them to the network, update the [`--bootnodes`](../../../public-networks/reference/cli/options.md#bootnodes)
 command line option for each node to include the new bootnodes.
 When adding bootnodes, you don't need to restart running nodes. By updating the
 [`--bootnodes`](../../../public-networks/reference/cli/options.md#bootnodes) option, the next time you restart the
 nodes (for example, when [upgrading](../../../public-networks/how-to/upgrade-node.md)), the nodes
 connect to the new bootnodes.
--- a/docs/private-networks/how-to/configure/consensus/add-validators-without-voting.md
+++ b/docs/private-networks/how-to/configure/consensus/add-validators-without-voting.md
@ -4,7 +4,7 @@ description: How to add or remove validators without voting
 # Add and remove validators without voting
-[QBFT](../Configure/Consensus-Protocols/QBFT.md) or [IBFT 2.0](../Configure/Consensus-Protocols/IBFT.md) network
+[QBFT](qbft.md) or [IBFT 2.0](ibft.md) network
 conditions might not allow voting to change validators.
 For example, if a majority of the current validators are no longer participating in the network, a vote to add or
 remove validators won't be successful.
@ -13,8 +13,8 @@ You can bypass voting and specify new validators using a transition in the genes
 !!! warning
    - In most cases, add or remove validators
-      [by voting or smart contract for QBFT](../Configure/Consensus-Protocols/QBFT.md#add-and-remove-validators);
+      [by voting or smart contract for QBFT](qbft.md#add-and-remove-validators);
-      or [by voting for IBFT 2.0](../Configure/Consensus-Protocols/IBFT.md#add-and-remove-validators).
+      or [by voting for IBFT 2.0](ibft.md#add-and-remove-validators).
      Use transitions only when voting isn't possible.
      Using transitions requires coordinating a rolling update of all the nodes in order to pick up the configuration at
      the correct block height.
@ -145,8 +145,8 @@ To add or remove validators without voting:
 1. Restart all nodes in the network using the updated genesis file.
   You can make a rolling update of the nodes, as long as they're all up before the transition block is processed.
 1. To verify the changes after the transition block, call
-   [`qbft_getValidatorsByBlockNumber`](../../Reference/API-Methods.md#qbft_getvalidatorsbyblocknumber) or
+   [`qbft_getValidatorsByBlockNumber`](../../../reference/api/index.md#qbft_getvalidatorsbyblocknumber) or
-   [`ibft_getValidatorsByBlockNumber`](../../Reference/API-Methods.md#ibft_getvalidatorsbyblocknumber),
+   [`ibft_getValidatorsByBlockNumber`](../../../reference/api/index.md#ibft_getvalidatorsbyblocknumber),
   specifying `latest`.
 !!! caution
@ -157,13 +157,13 @@ To add or remove validators without voting:
 ## Override smart contract validators
 When using
-[QBFT contract validator selection](../Configure/Consensus-Protocols/QBFT.md#add-and-remove-validators-using-a-smart-contract),
+[QBFT contract validator selection](qbft.md#add-and-remove-validators-using-a-smart-contract),
 if network conditions require it, you can bypass the smart contract and specify new validators in the genesis file.
 For example, you lose quorum for your current list of contract validators, and you can't perform a transaction to vote
 more in.
 This requires temporarily
-[switching to block header validator selection mode](../Configure/Consensus-Protocols/QBFT.md#swap-validator-management-methods).
+[switching to block header validator selection mode](qbft.md#swap-validator-management-methods).
 To bypass the smart contract and specify new validators:
--- a/docs/private-networks/how-to/configure/consensus/clique.md
+++ b/docs/private-networks/how-to/configure/consensus/clique.md
@ -4,9 +4,9 @@ path: blob/master/config/src/main/resources/
 source: rinkeby.json
 ---
-# Clique
+# Configure Clique consensus
-Besu implements the [Clique](https://eips.ethereum.org/EIPS/eip-225) proof of authority (PoA) [consensus protocol](../../../Concepts/Consensus-Protocols/Overview-Consensus.md).
+Besu implements the [Clique](https://eips.ethereum.org/EIPS/eip-225) proof of authority (PoA) [consensus protocol](index.md).
 The Rinkeby and Goerli testnets uses Clique and private networks can also use Clique.
 !!! warning
@ -19,11 +19,11 @@ In Clique networks, approved accounts, known as signers, validate transactions a
 take turns to create the next block.
 Existing signers propose and vote to [add or remove signers](#add-and-remove-signers).
-You can [create a private network using Clique](../../../Tutorials/Private-Network/Create-Private-Clique-Network.md).
+You can [create a private network using Clique](../../../tutorials/clique.md).
 ## Genesis file
-To use Clique in a private network, Besu requires a Clique [genesis file](../Genesis-File.md). When connecting to Rinkeby,
+To use Clique in a private network, Besu requires a Clique [genesis file](../../../../public-networks/concepts/genesis-file.md). When connecting to Rinkeby,
 Besu uses the
 [`rinkeby.json`](https://github.com/hyperledger/besu/blob/750580dcca349d22d024cc14a8171b2fa74b505a/config/src/main/resources/rinkeby.json)
 genesis file in the `/besu/config/src/main/resources` directory.
@ -75,15 +75,15 @@ The `extraData` property consists of:
 !!! example "One initial signer"
-    ![One Initial Signer](../../../images/CliqueOneIntialSigner.png)
+    ![One Initial Signer](../../../../images/CliqueOneIntialSigner.png)
 !!! example "Two initial signers"
-    ![Two Initial Signers](../../../images/CliqueTwoIntialSigners.png)
+    ![Two Initial Signers](../../../../images/CliqueTwoIntialSigners.png)
 ### Post-Merge configuration
-After [The Merge](../../../Concepts/Merge.md), the following block fields are modified or deprecated.
+After [The Merge](../../../../public-networks/concepts/the-merge.md), the following block fields are modified or deprecated.
 Their fields **must** contain only the constant values from the following chart.
 | Field | Constant value | Comment |
@ -99,34 +99,34 @@ Additionally, [`extraData`](#extra-data) is limited to 32 bytes of vanity data a
 ## Connect to a Clique network
 To connect to the Rinkeby testnet, start Besu with the
-[`--network=rinkeby`](../../../Reference/CLI/CLI-Syntax.md#network) command line option. To start a
+[`--network=rinkeby`](../../../../public-networks/reference/cli/options.md#network) command line option. To start a
 node on a Clique private network, use the
-[`--genesis-file`](../../../Reference/CLI/CLI-Syntax.md#genesis-file) option to specify the custom
+[`--genesis-file`](../../../../public-networks/reference/cli/options.md#genesis-file) option to specify the custom
 genesis file.
 ## Add and remove signers
 Existing signers propose and vote to add or remove validators using the Clique JSON-RPC API methods.
-Enable the HTTP interface with [`--rpc-http-enabled`](../../../Reference/CLI/CLI-Syntax.md#rpc-http-enabled) or the
+Enable the HTTP interface with [`--rpc-http-enabled`](../../../../public-networks/reference/cli/options.md#rpc-http-enabled) or the
-WebSocket interface with [`--rpc-ws-enabled`](../../../Reference/CLI/CLI-Syntax.md#rpc-ws-enabled).
+WebSocket interface with [`--rpc-ws-enabled`](../../../../public-networks/reference/cli/options.md#rpc-ws-enabled).
 The Clique API methods are disabled by default.
-To enable them, specify the [`--rpc-http-api`](../../../Reference/CLI/CLI-Syntax.md#rpc-http-api) or
+To enable them, specify the [`--rpc-http-api`](../../../../public-networks/reference/cli/options.md#rpc-http-api) or
-[`--rpc-ws-api`](../../../Reference/CLI/CLI-Syntax.md#rpc-ws-api) option and include `CLIQUE`.
+[`--rpc-ws-api`](../../../../public-networks/reference/cli/options.md#rpc-ws-api) option and include `CLIQUE`.
 The methods to add or remove signers are:
-* [`clique_propose`](../../../Reference/API-Methods.md#clique_propose).
+* [`clique_propose`](../../../reference/api/index.md#clique_propose).
-* [`clique_getSigners`](../../../Reference/API-Methods.md#clique_getsigners).
+* [`clique_getSigners`](../../../reference/api/index.md#clique_getsigners).
-* [`clique_discard`](../../../Reference/API-Methods.md#clique_discard).
+* [`clique_discard`](../../../reference/api/index.md#clique_discard).
 To view signer metrics for a specified block range, call
-[`clique_getSignerMetrics`](../../../Reference/API-Methods.md#clique_getsignermetrics).
+[`clique_getSignerMetrics`](../../../reference/api/index.md#clique_getsignermetrics).
 ### Add a signer
 To propose adding a signer to a Clique network, call
-[`clique_propose`](../../../Reference/API-Methods.md#clique_propose), specifying the address of the proposed signer and `true`.
+[`clique_propose`](../../../reference/api/index.md#clique_propose), specifying the address of the proposed signer and `true`.
 A majority of signers must execute the call.
 !!! example "JSON-RPC `clique_propose` request example"
@ -141,7 +141,7 @@ When more than 50% of the existing signers propose adding the signer, with their
 signer can begin signing blocks.
 To return a list of signers and confirm the addition of a proposed signer, call
-[`clique_getSigners`](../../../Reference/API-Methods.md#clique_getsigners).
+[`clique_getSigners`](../../../reference/api/index.md#clique_getsigners).
 !!! example "JSON-RPC `clique_getSigners` request example"
@ -150,7 +150,7 @@ To return a list of signers and confirm the addition of a proposed signer, call
    ```
 To discard your proposal after confirming the addition of a signer, call
-[`clique_discard`](../../../Reference/API-Methods.md#clique_discard) specifying the address of the proposed signer.
+[`clique_discard`](../../../reference/api/index.md#clique_discard) specifying the address of the proposed signer.
 !!! example "JSON-RPC `clique_discard` request example"
@ -161,7 +161,7 @@ To discard your proposal after confirming the addition of a signer, call
 ### Remove a signer
 The process for removing a signer from a Clique network is the same as [adding a signer](#add-a-signer), except you
-specify `false` as the second parameter of [`clique_propose`](../../../Reference/API-Methods.md#clique_propose).
+specify `false` as the second parameter of [`clique_propose`](../../../reference/api/index.md#clique_propose).
 ### Epoch transition
@ -183,11 +183,11 @@ This may cause large, irresolvable forks in a network.
 !!! important
-    We recommend using a more updated consensus protocol such as [IBFT 2.0](IBFT.md) or [QBFT](QBFT.md).
+    We recommend using a more updated consensus protocol such as [IBFT 2.0](ibft.md) or [QBFT](qbft.md).
 ## Migrate from Clique to another consensus protocol
-To migrate a network using Clique to a consensus protocol suitable for production such as [QBFT](QBFT.md), do one of the
+To migrate a network using Clique to a consensus protocol suitable for production such as [QBFT](qbft.md), do one of the
 following:
 * Stop the Clique network and start the new network with the state at the time of migration.
--- a/docs/private-networks/how-to/configure/consensus/ibft.md
+++ b/docs/private-networks/how-to/configure/consensus/ibft.md
@ -2,10 +2,10 @@
 description: Hyperledger Besu IBFT 2.0 proof of authority (PoA) consensus protocol implementation
 ---
-# IBFT 2.0
+# Configure IBFT 2.0 consensus
-Besu implements the IBFT 2.0 proof of authority (PoA) [consensus protocol](../../../Concepts/Consensus-Protocols/Overview-Consensus.md).
+Besu implements the IBFT 2.0 proof of authority (PoA) [consensus protocol](index.md).
-IBFT 2.0 is supported for existing private networks, but [QBFT](QBFT.md) is the recommended enterprise-grade
+IBFT 2.0 is supported for existing private networks, but [QBFT](qbft.md) is the recommended enterprise-grade
 consensus protocol for private networks.
 In IBFT 2.0 networks, approved accounts, known as validators, validate transactions and blocks.
@ -14,7 +14,7 @@ super-majority (greater than or equal to 2/3) of validators must first sign the
 Existing validators propose and vote to [add or remove validators](#add-and-remove-validators).
-You can [create a private network using IBFT](../../../Tutorials/Private-Network/Create-IBFT-Network.md).
+You can [create a private network using IBFT](../../../tutorials/ibft/index.md).
 !!! important
@ -25,11 +25,11 @@ You can [create a private network using IBFT](../../../Tutorials/Private-Network
 !!! tip
    You can use a plugin to securely store a validator's key using the
-    [`--security-module`](../../../Reference/CLI/CLI-Syntax.md#security-module) option.
+   [`--security-module`](../../../../public-networks/reference/cli/options.md#security-module) option.
 ## Genesis file
-To use IBFT 2.0, Besu requires an IBFT 2.0 [genesis file](../Genesis-File.md). The genesis file defines properties
+To use IBFT 2.0, Besu requires an IBFT 2.0 [genesis file](../../../../public-networks/concepts/genesis-file.md). The genesis file defines properties
 specific to IBFT 2.0.
 !!! example "Example IBFT 2.0 genesis file"
@ -82,7 +82,7 @@ The properties with specific values in the IBFT 2.0 genesis files are:
  block identification.
 To start a node on an IBFT 2.0 private network, use the
-[`--genesis-file`](../../../Reference/CLI/CLI-Syntax.md#genesis-file) option to specify the custom
+[`--genesis-file`](../../../../public-networks/reference/cli/options.md#genesis-file) option to specify the custom
 genesis file.
 ### Extra data
@ -107,7 +107,7 @@ Formally, `extraData` in the genesis block contains
 #### Generate extra data
 To generate the `extraData` RLP string for inclusion in the genesis file, use the
-[`rlp encode`](../../../Reference/CLI/CLI-Subcommands.md#rlp) Besu subcommand.
+[`rlp encode`](../../../../public-networks/reference/cli/subcommands.md#rlp) Besu subcommand.
 !!! example
@ -117,7 +117,7 @@ To generate the `extraData` RLP string for inclusion in the genesis file, use th
 Where the `toEncode.json` file contains a list of the initial validators, in ascending order.
 To write the validator address and copy it to the `toEncode.json` file, use the
-[`public-key export-address`](../../../Reference/CLI/CLI-Subcommands.md#export-address) Besu subcommand.
+[`public-key export-address`](../../../../public-networks/reference/cli/subcommands.md#export-address) Besu subcommand.
 For example:
 !!! example "One initial validator in `toEncode.json` file"
@ -171,7 +171,7 @@ To tune the block timeout for your network deployment:
 !!! tip
-    View [`TRACE` logs](../../../Reference/API-Methods.md#admin_changeloglevel) to see round change
+    View [`TRACE` logs](../../../../public-networks/reference/api/index.md#trace-methods) to see round change
    log messages.
 Use a [transition](#transitions) to update the `blockperiodseconds` in an existing network.
@ -180,7 +180,7 @@ Use a [transition](#transitions) to update the `blockperiodseconds` in an existi
 ### Post-Merge configuration
-After [The Merge](../../../Concepts/Merge.md), the following block fields are modified or deprecated.
+After [The Merge](../../../../public-networks/concepts/the-merge.md), the following block fields are modified or deprecated.
 Their fields **must** contain only the constant values from the following chart.
 | Field | Constant value | Comment |
@ -196,31 +196,31 @@ Additionally, [`extraData`](#extra-data) is limited to 32 bytes of vanity data a
 ## Add and remove validators
 Existing validators propose and vote to add or remove validators using the IBFT 2.0 JSON-RPC API methods.
-Enable the HTTP interface with [`--rpc-http-enabled`](../../../Reference/CLI/CLI-Syntax.md#rpc-http-enabled) or the
+Enable the HTTP interface with [`--rpc-http-enabled`](../../../../public-networks/reference/cli/options.md#rpc-http-enabled) or the
-WebSocket interface with [`--rpc-ws-enabled`](../../../Reference/CLI/CLI-Syntax.md#rpc-ws-enabled).
+WebSocket interface with [`--rpc-ws-enabled`](../../../../public-networks/reference/cli/options.md#rpc-ws-enabled).
 The IBFT 2.0 API methods are disabled by default.
-To enable them, specify the [`--rpc-http-api`](../../../Reference/CLI/CLI-Syntax.md#rpc-http-api) or
+To enable them, specify the [`--rpc-http-api`](../../../../public-networks/reference/cli/options.md#rpc-http-api) or
-[`--rpc-ws-api`](../../../Reference/CLI/CLI-Syntax.md#rpc-ws-api) option and include `IBFT`.
+[`--rpc-ws-api`](../../../../public-networks/reference/cli/options.md#rpc-ws-api) option and include `IBFT`.
 The methods to add or remove validators are:
-* [`ibft_getPendingVotes`](../../../Reference/API-Methods.md#ibft_getPendingVotes).
+* [`ibft_getPendingVotes`](../../../reference/api/index.md#ibft_getpendingvotes).
-* [`ibft_proposeValidatorVote`](../../../Reference/API-Methods.md#ibft_proposeValidatorVote).
+* [`ibft_proposeValidatorVote`](../../../reference/api/index.md#ibft_proposevalidatorvote).
-* [`ibft_discardValidatorVote`](../../../Reference/API-Methods.md#ibft_discardValidatorVote).
+* [`ibft_discardValidatorVote`](../../../reference/api/index.md#ibft_discardvalidatorvote).
 To view validator metrics for a specified block range, use
-[`ibft_getSignerMetrics`](../../../Reference/API-Methods.md#ibft_getsignermetrics).
+[`ibft_getSignerMetrics`](../../../../public-networks/reference/api/index.md#ibft_getsignermetrics).
 !!! note
    If network conditions render it impossible to add and remove validators by voting, you can
-    [add and remove validators without voting](../../Troubleshoot/Add-Validators-Without-Voting.md).
+    [add and remove validators without voting](add-validators-without-voting.md).
 ### Add a validator
 To propose adding a validator to an IBFT 2.0 network, call
-[`ibft_proposeValidatorVote`](../../../Reference/API-Methods.md#ibft_proposevalidatorvote), specifying the address of the
+[`ibft_proposeValidatorVote`](../../../reference/api/index.md#ibft_proposevalidatorvote), specifying the address of the
 proposed validator and `true`.
 A majority of validators must execute the call.
@ -231,14 +231,14 @@ A majority of validators must execute the call.
    ```
 When the validator proposes the next block, the protocol inserts one proposal received from
-[`ibft_proposeValidatorVote`](../../../Reference/API-Methods.md#ibft_proposevalidatorvote) into the block.
+[`ibft_proposeValidatorVote`](../../../reference/api/index.md#ibft_proposevalidatorvote) into the block.
 If blocks include all proposals, subsequent blocks proposed by the validator will not contain a vote.
 When more than 50% of the existing validators have published a matching proposal, the protocol adds the proposed
 validator to the validator pool and the validator can begin validating blocks.
 To return a list of validators and confirm the addition of a proposed validator, use
-[`ibft_getValidatorsByBlockNumber`](../../../Reference/API-Methods.md#ibft_getvalidatorsbyblocknumber).
+[`ibft_getValidatorsByBlockNumber`](../../../reference/api/index.md#ibft_getvalidatorsbyblocknumber).
 !!! example "JSON-RPC `ibft_getValidatorsByBlockNumber` request example"
@ -247,7 +247,7 @@ To return a list of validators and confirm the addition of a proposed validator,
    ```
 To discard your proposal after confirming the addition of a validator, call
-[`ibft_discardValidatorVote`](../../../Reference/API-Methods.md#ibft_discardvalidatorvote),
+[`ibft_discardValidatorVote`](../../../reference/api/index.md#ibft_discardvalidatorvote),
 specifying the address of the proposed validator.
 !!! example "JSON-RPC `ibft_discardValidatorVote` request example"
@ -260,7 +260,7 @@ specifying the address of the proposed validator.
 The process for removing a validator from an IBFT 2.0 network is the same as [adding a validator](#add-a-validator)
 except you specify `false` as the second parameter of
-[`ibft_proposeValidatorVote`](../../../Reference/API-Methods.md#ibft_proposevalidatorvote).
+[`ibft_proposeValidatorVote`](../../../reference/api/index.md#ibft_proposevalidatorvote).
 ### Epoch transition
@ -360,7 +360,7 @@ To update an existing network with a new `blockperiodseconds`:
 3. Restart all nodes in the network using the updated genesis file.
 4. To verify the changes after the transition block, call
-   [`ibft_getValidatorsByBlockNumber`](../../../Reference/API-Methods.md#ibft_getvalidatorsbyblocknumber), specifying `latest`.
+   [`ibft_getValidatorsByBlockNumber`](../../../../public-networks/reference/api/index.md#ibft_getvalidatorsbyblocknumber), specifying `latest`.
 ### Configure block rewards on an existing network deployment
--- a/docs/private-networks/how-to/configure/consensus/index.md
+++ b/docs/private-networks/how-to/configure/consensus/index.md
@ -6,19 +6,19 @@ description: Besu consensus protocols
 Besu supports the following consensus protocols:
-* [QBFT](../../HowTo/Configure/Consensus-Protocols/QBFT.md) (proof of authority) - The recommended
+* [QBFT](qbft.md) (proof of authority) - The recommended
  enterprise-grade consensus protocol for private networks.
-* [IBFT 2.0](../../HowTo/Configure/Consensus-Protocols/IBFT.md) (proof of authority) - Supported for existing private networks.
+* [IBFT 2.0](ibft.md) (proof of authority) - Supported for existing private networks.
-* [Clique](../../HowTo/Configure/Consensus-Protocols/Clique.md) (proof of authority) - Not recommended for
+* [Clique](clique.md) (proof of authority) - Not recommended for
  production use.
-  You can [migrate a network using Clique to another consensus protocol](../../HowTo/Configure/Consensus-Protocols/Clique.md#migrate-from-clique-to-another-consensus-protocol).
+  You can [migrate a network using Clique to another consensus protocol](clique.md#migrate-from-clique-to-another-consensus-protocol).
 * [Proof of stake](https://docs.teku.consensys.net/en/latest/Concepts/Proof-of-Stake/) - Used on Ethereum Mainnet
-  post-[Merge](../../Concepts/Merge.md) and can also be used on the [Merge testnet](../../Tutorials/Merge-Testnet.md).
+  post-[Merge](../../../../public-networks/concepts/the-merge.md) and can also be used on the [Merge testnet](../../../../public-networks/tutorials/merge-testnet.md).
 * [Ethash](https://ethereum.org/en/developers/docs/consensus-mechanisms/pow/) (proof of work) - Used on Ethereum Mainnet
-  pre-[Merge](../../Concepts/Merge.md) and can also be used in
+  pre-[Merge](../../../../public-networks/concepts/the-merge.md) and can also be used in
-  [small development networks](../../Tutorials/Private-Network/Create-Private-Network.md).
+  [small development networks](../../../tutorials/ethash.md).
-See a [comparison of the proof of authority consensus protocols](Comparing-PoA.md).
+See a [comparison of the proof of authority consensus protocols](../../../concepts/poa.md).
 The `config` property in the genesis file specifies the consensus protocol for a chain.
--- a/docs/private-networks/how-to/configure/consensus/qbft.md
+++ b/docs/private-networks/how-to/configure/consensus/qbft.md
@ -2,9 +2,9 @@
 description: Hyperledger Besu QBFT proof of authority (PoA) consensus protocol implementation
 ---
-# QBFT
+# Configure QBFT consensus
-Hyperledger Besu implements the QBFT proof of authority (PoA) [consensus protocol](../../../Concepts/Consensus-Protocols/Overview-Consensus.md).
+Hyperledger Besu implements the QBFT proof of authority (PoA) [consensus protocol](index.md).
 QBFT is the recommended enterprise-grade consensus protocol for private networks.
 In QBFT networks, approved accounts, known as validators, validate transactions and blocks.
@ -13,7 +13,7 @@ super-majority (greater than or equal to 2/3) of validators must first sign the
 Existing validators propose and vote to [add or remove validators](#add-and-remove-validators).
-You can [create a private network using QBFT](../../../Tutorials/Private-Network/Create-QBFT-Network.md).
+You can [create a private network using QBFT](../../../tutorials/qbft.md).
 !!! important
@ -24,11 +24,11 @@ You can [create a private network using QBFT](../../../Tutorials/Private-Network
 !!! tip
    You can use a plugin to securely store a validator's key using the
-    [`--security-module`](../../../Reference/CLI/CLI-Syntax.md#security-module) option.
+    [`--security-module`](../../../../public-networks/reference/cli/options.md#security-module) option.
 ## Genesis file
-To use QBFT, define a [genesis file](../Genesis-File.md) that contains the QBFT properties.
+To use QBFT, define a [genesis file](../../../../public-networks/concepts/genesis-file.md) that contains the QBFT properties.
 The genesis file differs depending on the [validator management method](#add-and-remove-validators) you intend to use.
@ -164,7 +164,7 @@ The properties with specific values in the QBFT genesis files are:
  block identification.
 To start a node on a QBFT private network, use the
-[`--genesis-file`](../../../Reference/CLI/CLI-Syntax.md#genesis-file) option to specify the custom
+[`--genesis-file`](../../../../public-networks/reference/cli/options.md#genesis-file) option to specify the custom
 genesis file.
 ### Extra data
@ -200,7 +200,7 @@ Formally, `extraData` in the genesis block contains:
 #### Generate extra data
 To generate the `extraData` RLP string for inclusion in the genesis file,
-use the [`rlp encode`](../../../Reference/CLI/CLI-Subcommands.md#rlp) Besu subcommand.
+use the [`rlp encode`](../../../reference/cli/subcommands.md#rlp) Besu subcommand.
 !!! example
@ -210,7 +210,7 @@ use the [`rlp encode`](../../../Reference/CLI/CLI-Subcommands.md#rlp) Besu subco
 Where the `toEncode.json` file contains a list of the initial validators, in ascending order. To
 write the validator address and copy it to the `toEncode.json` file, use the
-[`public-key export-address`](../../../Reference/CLI/CLI-Subcommands.md#export-address) Besu
+[`public-key export-address`](../../../../public-networks/reference/cli/subcommands.md#export-address) Besu
 subcommand. For example:
 !!! example "Initial validators in `toEncode.json` file"
@ -270,7 +270,7 @@ To tune the block timeout for your network deployment:
 !!! tip
-    View [`TRACE` logs](../../../Reference/API-Methods.md#admin_changeloglevel) to see round change
+    View [`TRACE` logs](../../../../public-networks/reference/api/index.md#admin_changeloglevel) to see round change
    log messages.
 Use a [transition](#transitions) to update the `blockperiodseconds` in an existing network.
@ -279,7 +279,7 @@ Use a [transition](#transitions) to update the `blockperiodseconds` in an existi
 ### Post-Merge configuration
-After [The Merge](../../../Concepts/Merge.md), the following block fields are modified or deprecated.
+After [The Merge](../../../../public-networks/concepts/the-merge.md), the following block fields are modified or deprecated.
 Their fields **must** contain only the constant values from the following chart.
 | Field | Constant value | Comment |
@ -311,31 +311,31 @@ method are configured in the genesis file's `storage` section.
 ### Add and remove validators using block headers
-Enable the HTTP interface with [`--rpc-http-enabled`](../../../Reference/CLI/CLI-Syntax.md#rpc-http-enabled) or the
+Enable the HTTP interface with [`--rpc-http-enabled`](../../../../public-networks/reference/cli/options.md#rpc-http-enabled) or the
-WebSockets interface with [`--rpc-ws-enabled`](../../../Reference/CLI/CLI-Syntax.md#rpc-ws-enabled).
+WebSockets interface with [`--rpc-ws-enabled`](../../../../public-networks/reference/cli/options.md#rpc-ws-enabled).
 The QBFT API methods are disabled by default.
-To enable them, specify the [`--rpc-http-api`](../../../Reference/CLI/CLI-Syntax.md#rpc-http-api) or
+To enable them, specify the [`--rpc-http-api`](../../../../public-networks/reference/cli/options.md#rpc-http-api) or
-[`--rpc-ws-api`](../../../Reference/CLI/CLI-Syntax.md#rpc-ws-api) option and include `QBFT`.
+[`--rpc-ws-api`](../../../../public-networks/reference/cli/options.md#rpc-ws-api) option and include `QBFT`.
 The methods to add or remove validators are:
-* [`qbft_getPendingVotes`](../../../Reference/API-Methods.md#qbft_getpendingvotes).
+* [`qbft_getPendingVotes`](../../../reference/api/index.md#qbft_getpendingvotes).
-* [`qbft_proposeValidatorVote`](../../../Reference/API-Methods.md#qbft_proposevalidatorvote).
+* [`qbft_proposeValidatorVote`](../../../reference/api/index.md#qbft_proposevalidatorvote).
-* [`qbft_discardValidatorVote`](../../../Reference/API-Methods.md#qbft_discardvalidatorvote).
+* [`qbft_discardValidatorVote`](../../../reference/api/index.md#qbft_discardvalidatorvote).
 To view validator metrics for a specified block range, use
-[`qbft_getSignerMetrics`](../../../Reference/API-Methods.md#qbft_getsignermetrics).
+[`qbft_getSignerMetrics`](../../../reference/api/index.md#qbft_getsignermetrics).
 !!! note
    If network conditions render it impossible to add and remove validators by voting, you can
-    [add and remove validators without voting](../../Troubleshoot/Add-Validators-Without-Voting.md).
+    [add and remove validators without voting](add-validators-without-voting.md).
 #### Add a validator
 To propose adding a validator, call
-[`qbft_proposeValidatorVote`](../../../Reference/API-Methods.md#qbft_proposevalidatorvote),
+[`qbft_proposeValidatorVote`](../../../reference/api/index.md#qbft_proposevalidatorvote),
 specifying the address of the proposed validator and `true`. A majority of validators must execute
 the call.
@ -346,7 +346,7 @@ the call.
    ```
 When the validator proposes the next block, the protocol inserts one proposal received from
-[`qbft_proposeValidatorVote`](../../../Reference/API-Methods.md#qbft_proposevalidatorvote) into the
+[`qbft_proposeValidatorVote`](../../../reference/api/index.md#qbft_proposevalidatorvote) into the
 block. If blocks include all proposals, subsequent blocks proposed by the validator will not
 contain a vote.
@ -354,7 +354,7 @@ When more than 50% of the existing validators have published a matching proposal
 adds the proposed validator to the validator pool and the validator can begin validating blocks.
 To return a list of validators and confirm the addition of a proposed validator, use
-[`qbft_getValidatorsByBlockNumber`](../../../Reference/API-Methods.md#qbft_getvalidatorsbyblocknumber).
+[`qbft_getValidatorsByBlockNumber`](../../../reference/api/index.md#qbft_getvalidatorsbyblocknumber).
 !!! example "JSON-RPC `qbft_getValidatorsByBlockNumber` request example"
@ -363,7 +363,7 @@ To return a list of validators and confirm the addition of a proposed validator,
    ```
 To discard your proposal after confirming the addition of a validator, call
-[`qbft_discardValidatorVote`](../../../Reference/API-Methods.md#qbft_discardvalidatorvote),
+[`qbft_discardValidatorVote`](../../../reference/api/index.md#qbft_discardvalidatorvote),
 specifying the address of the proposed validator.
 !!! example "JSON-RPC `qbft_discardValidatorVote` request example"
@ -376,7 +376,7 @@ specifying the address of the proposed validator.
 The process for removing a validator is the same as adding a validator except you specify `false`
 as the second parameter of
-[`qbft_proposeValidatorVote`](../../../Reference/API-Methods.md#qbft_proposevalidatorvote).
+[`qbft_proposeValidatorVote`](../../../reference/api/index.md#qbft_proposevalidatorvote).
 #### Epoch transition
@ -394,7 +394,7 @@ View the [example smart contract](https://github.com/ConsenSys/validator-smart-c
 create and deploy the smart contract.
 You can pre-deploy the validator smart contract in a new QBFT network by specifying the contract details in the
-[genesis file](QBFT.md#genesis-file). For existing QBFT networks you need to compile and deploy the contract
+[genesis file](qbft.md#genesis-file). For existing QBFT networks you need to compile and deploy the contract
 using a transaction, then obtain the contract address from the receipt and use that in a
 [transition](#swap-validator-management-methods).
@ -406,7 +406,7 @@ using a transaction, then obtain the contract address from the receipt and use t
 !!! note
    If network conditions render it impossible to add and remove validators using a smart contract, you can
-    [override smart contract validators](../../Troubleshoot/Add-Validators-Without-Voting.md#override-smart-contract-validators).
+    [override smart contract validators](add-validators-without-voting.md#override-smart-contract-validators).
 ### Minimum number of validators
@ -491,7 +491,7 @@ To update an existing network with a new `blockperiodseconds`:
 3. Restart all nodes in the network using the updated genesis file.
 4. To verify the changes after the transition block, call
-   [`qbft_getValidatorsByBlockNumber`](../../../Reference/API-Methods.md#ibft_getvalidatorsbyblocknumber), specifying `latest`.
+   [`qbft_getValidatorsByBlockNumber`](../../../reference/api/index.md#ibft_getvalidatorsbyblocknumber), specifying `latest`.
 ### Configure block rewards on an existing network deployment
--- a/docs/private-networks/how-to/configure/contracts.md
+++ b/docs/private-networks/how-to/configure/contracts.md
@ -2,9 +2,9 @@
 description: Pre-deploying contracts in the genesis file
 ---
-# Pre-deploying contracts in the genesis file
+# Pre-deploy contracts in the genesis file
-To pre-deploy contracts when starting Besu, specify the contract code in the [genesis file](Genesis-File.md).
+To pre-deploy contracts when starting Besu, specify the contract code in the [genesis file](../../../public-networks/concepts/genesis-file.md).
 !!! example "Contract code in the genesis file"
--- a/docs/private-networks/how-to/configure/curves.md
+++ b/docs/private-networks/how-to/configure/curves.md
@ -2,7 +2,7 @@
 description: Using alternative elliptic curves in Besu
 ---
-# Using alternative elliptic curves
+# Configure alternative elliptic curves
 !!! caution
@ -12,7 +12,7 @@ By default, Besu uses the Ethereum standard `secp256k1` elliptic curve (EC).
 However, when running nodes in a private network, it is possible to configure an alternative elliptic curve.
 The configuration for what elliptic curve Besu will use is done in the network configuration section of genesis file,
-using the [`ecCurve`](../../Reference/Config-Items.md#Configuration_Items) key:
+using the [`ecCurve`](../../../public-networks/reference/genesis-items.md#Configuration_Items) key:
 ```bash
 {
--- a/docs/private-networks/how-to/configure/free-gas.md
+++ b/docs/private-networks/how-to/configure/free-gas.md
@ -2,7 +2,7 @@
 description: Configuring free gas networks
 ---
-# Free gas networks
+# Configure free gas networks
 Transactions use computational resources so have an associated cost. Gas is the cost unit and the
 gas price is the price per gas unit. The transaction cost is the gas used * gas price.
@ -30,7 +30,7 @@ to limit resource use.
 In a free gas network, transactions still use gas but the gas price is zero, meaning the
 transaction cost is zero. Transaction cost = gas used * 0 (the gas price).
-## Configuring free gas in Hyperledger Besu
+## Configure free gas in Besu
 When gas is free, limiting block and contract sizes is less important. In free gas networks, we
 increase the block size limit and set the contract size limit to the maximum value.
@ -74,7 +74,7 @@ size (in bytes).
 ### 3. Start Besu with a minimum gas price of zero
-When starting nodes, set the [minimum gas price](../../Reference/CLI/CLI-Syntax.md#min-gas-price)
+When starting nodes, set the [minimum gas price](../../../public-networks/reference/cli/options.md#min-gas-price)
 to zero.
 === "Command Line"
@ -90,12 +90,12 @@ to zero.
    ```
 !!! important
-    In a free gas network, ensure the [minimum gas price](../../Reference/CLI/CLI-Syntax.md#min-gas-price)
+    In a free gas network, ensure the [minimum gas price](../../../public-networks/reference/cli/options.md#min-gas-price)
    is set to zero for every node.
    Any node with a minimum gas price set higher than zero will silently drop transactions with a zero gas price.
-    You can query a node's gas configuration using [`eth_gasPrice`](../../Reference/API-Methods.md#eth_gasprice).
+    You can query a node's gas configuration using [`eth_gasPrice`](../../../public-networks/reference/api/index.md#eth_gasprice).
-## Configuring free gas in Truffle
+## Configure free gas in Truffle
 If using Truffle to develop on your free gas network, you also need to configure free gas in
 Truffle.
@ -106,7 +106,7 @@ gas limit in Truffle to the maximum possible.
 !!! important
    Besu does not support private key management. To use Besu with Truffle, you must configure
-    a [Truffle wallet](../Develop-Dapps/Truffle.md).
+    a [Truffle wallet](../../../public-networks/how-to/develop/truffle.md).
 ### Update `truffle-config.js`
--- a/docs/private-networks/how-to/configure/tls/client-and-server.md
+++ b/docs/private-networks/how-to/configure/tls/client-and-server.md
@ -2,28 +2,32 @@
 description: Configure TLS
 ---
-# Configure TLS
+# Configure client and server TLS
 Hyperledger Besu supports TLS for client and server communication. For example, you can
-[configure TLS](../../../Concepts/TLS.md) for communication between
+configure TLS for communication between
 [EthSigner](https://docs.ethsigner.consensys.net/en/latest/Concepts/TLS/) and Besu, and Besu and
 [Tessera](https://docs.tessera.consensys.net/HowTo/Configure/TLS/).
 The following diagram displays an example client and server TLS configuration.
 ![Besu client and server TLS](../../../../images/Besu_TLS.png)
 Configure TLS communication from the command line.
-**Prerequisites**:
+## Prerequisites
-* Besu's password-protected PKCS12 keystore.
+* Besu's password-protected PKCS12 keystore
 * File containing the keystore password
 ## Configure client TLS
 Allow clients (for example a dapp, curl, or EthSigner) to send and receive secure HTTP JSON-RPCs.
-**Client Prerequisites**:
+**Client prerequisites**:
 * [Configure the client for TLS]
-* Client's PKCS12 keystore information.
+* Client's PKCS12 keystore information
 ### Create the known clients file
@ -62,36 +66,36 @@ besu --rpc-http-enabled --rpc-http-tls-enabled --rpc-http-tls-client-auth-enable
 The command line:
 * Enables the HTTP JSON-RPC service using the
-  [`--rpc-http-enabled`](../../../Reference/CLI/CLI-Syntax.md#rpc-http-enabled) option.
+  [`--rpc-http-enabled`](../../../../public-networks/reference/cli/options.md#rpc-http-enabled) option.
 * Enables TLS for the HTTP JSON-RPC service using the
-  [`--rpc-http-tls-enabled`](../../../Reference/CLI/CLI-Syntax.md#rpc-http-tls-enabled) option.
+  [`--rpc-http-tls-enabled`](../../../../public-networks/reference/cli/options.md#rpc-http-tls-enabled) option.
 * Enables TLS client authentication using the
-  [`--rpc-http-tls-client-auth-enabled`](../../../Reference/CLI/CLI-Syntax.md#rpc-http-tls-client-auth-enabled) option.
+  [`--rpc-http-tls-client-auth-enabled`](../../../../public-networks/reference/cli/options.md#rpc-http-tls-client-auth-enabled) option.
 * Specifies the keystore using the
-  [`--rpc-http-tls-keystore-file`](../../../Reference/CLI/CLI-Syntax.md#rpc-http-tls-keystore-file)
+  [`--rpc-http-tls-keystore-file`](../../../../public-networks/reference/cli/options.md#rpc-http-tls-keystore-file)
  option.
 * Specifies the file that contains the password to decrypt the keystore using the
-  [`--rpc-http-tls-keystore-password-file`](../../../Reference/CLI/CLI-Syntax.md#rpc-http-tls-keystore-password-file) option.
+  [`--rpc-http-tls-keystore-password-file`](../../../../public-networks/reference/cli/options.md#rpc-http-tls-keystore-password-file) option.
 * [Specifies the clients](#create-the-known-clients-file) allowed to connect to Besu using the
-  [`--rpc-http-tls-known-clients-file`](../../../Reference/CLI/CLI-Syntax.md#rpc-http-tls-known-clients-file) option.
+  [`--rpc-http-tls-known-clients-file`](../../../../public-networks/reference/cli/options.md#rpc-http-tls-known-clients-file) option.
 * specifies the Java cipher suites using the
-  [`--rpc-http-tls-cipher-suite`](../../../Reference/CLI/CLI-Syntax.md#rpc-http-tls-cipher-suite) option.
+  [`--rpc-http-tls-cipher-suite`](../../../../public-networks/reference/cli/options.md#rpc-http-tls-cipher-suite) option.
 * specifies the TLS protocol version using the
-  [`--rpc-http-tls-protocol`](../../../Reference/CLI/CLI-Syntax.md#rpc-http-tls-protocol) option.
+  [`--rpc-http-tls-protocol`](../../../../public-networks/reference/cli/options.md#rpc-http-tls-protocol) option.
 !!! note
-    Set [`--rpc-http-tls-ca-clients-enabled`](../../../Reference/CLI/CLI-Syntax.md#rpc-http-tls-ca-clients-enabled)
+    Set [`--rpc-http-tls-ca-clients-enabled`](../../../../public-networks/reference/cli/options.md#rpc-http-tls-ca-clients-enabled)
    to `true` to allow access to clients with signed and trusted root CAs.
 ## Configure server TLS
 Allow Besu to securely communicate with the server (Tessera).
-**Server Prerequisites**:
+**Server prerequisites**:
 * [Configure the server to allow TLS communication]
-* Server's certificate information.
+* Server's certificate information
 ### Create the known servers file
@ -123,14 +127,14 @@ besu --privacy-tls-enabled --privacy-tls-keystore-file=/Users/me/my_node/keystor
 The command line:
 * Enables TLS with the server using the
-  [`--privacy-tls-enabled`](../../../Reference/CLI/CLI-Syntax.md#privacy-tls-enabled) option.
+  [`--privacy-tls-enabled`](../../../reference/cli/options.md#privacy-tls-enabled) option.
 * Specifies the keystore using the
-  [`--privacy-tls-keystore-file`](../../../Reference/CLI/CLI-Syntax.md#privacy-tls-keystore-file)
+  [`--privacy-tls-keystore-file`](../../../reference/cli/options.md#privacy-tls-keystore-file)
  option.
 * Specifies the file that contains the password to decrypt the keystore using the
-  [`--privacy-tls-keystore-password-file`](../../../Reference/CLI/CLI-Syntax.md#privacy-tls-keystore-password-file) option.
+  [`--privacy-tls-keystore-password-file`](../../../reference/cli/options.md#privacy-tls-keystore-password-file) option.
 * Specifies the trusted servers using the
-  [`--privacy-tls-known-enclave-file`](../../../Reference/CLI/CLI-Syntax.md#privacy-tls-known-enclave-file) option.
+  [`--privacy-tls-known-enclave-file`](../../../reference/cli/options.md#privacy-tls-known-enclave-file) option.
 <!-- Links -->
 [Configure the client for TLS]: https://docs.ethsigner.consensys.net/en/latest/HowTo/Configure-TLS/#server-tls-connection
--- a/docs/private-networks/how-to/configure/tls/p2p.md
+++ b/docs/private-networks/how-to/configure/tls/p2p.md
@ -2,7 +2,7 @@
 description: Configure P2P TLS communication
 ---
-# P2P TLS
+# Configure P2P TLS
 You can configure TLS to secure the P2P communication between nodes by ensuring only authorized nodes can communicate
 with each other. Use certificates issued by a trusted authority to connect authorized nodes in the network.
@ -19,7 +19,7 @@ Besu supports PKCS11, PKCS12, and JKS keystore and truststore types for P2P TLS.
 **Prerequisites**:
 * A configured network. For example,
-    [see steps 1 to 5 in the QBFT tutorial](../../../Tutorials/Private-Network/Create-QBFT-Network.md).
+    [see steps 1 to 5 in the QBFT tutorial](../../../tutorials/qbft.md).
 * Each node requires a keystore that contains the node's certificate and key.
 * A truststore containing all the trusted certificates for the network.
--- a/docs/private-networks/how-to/configure/validators.md
+++ b/docs/private-networks/how-to/configure/validators.md
@ -2,11 +2,11 @@
 description: Configuring validators in production networks
 ---
-# Configuring validators in a production network
+# Configure validators in a production network
-As when [configuring bootnodes](Bootnodes.md):
+As when [configuring bootnodes](bootnodes.md):
-1. Create the [node key pair](../../Concepts/Node-Keys.md) (that is, the private and public key)
+1. Create the [node key pair](../../../public-networks/concepts/node-keys.md) (that is, the private and public key)
   before starting the validator.
 1. When creating validators in the cloud (for example, AWS or Azure), attempt to assign static IP
   addresses to them. If your network is:
@ -31,11 +31,11 @@ You can [vote validators in or out of the validator pool].
 ## Validators as bootnodes
-Validators can also be bootnodes. Other than the [usual configuration for bootnodes](Bootnodes.md),
+Validators can also be bootnodes. Other than the [usual configuration for bootnodes](bootnodes.md),
 you do not need to specify any extra configuration when a validator is also a bootnode.
 If you remove a validator that is also a bootnode, ensure there are enough remaining bootnodes on
 the network.
 <!-- Links -->
-[vote validators in or out of the validator pool]: ../Configure/Consensus-Protocols/IBFT.md#adding-and-removing-validators
+[vote validators in or out of the validator pool]: consensus/ibft.md#add-and-remove-validators
--- a/docs/private-networks/how-to/deploy/ansible.md
+++ b/docs/private-networks/how-to/deploy/ansible.md
@ -3,9 +3,9 @@ title: Deploy Hyperledger Besu with Ansible
 description: Deploying Hyperledger Besu with Ansible role on Galaxy
 ---
-# Deploying Hyperledger Besu with Ansible
+# Deploy Besu with Ansible
-To deploy Hyperledger Besu using Ansible, use the
+To deploy Besu using Ansible, use the
 [Hyperledger Besu role](https://galaxy.ansible.com/consensys/hyperledger_besu) published on Galaxy.
 For more information, see the "Read Me" button on the
--- a/docs/private-networks/how-to/deploy/cloud.md
+++ b/docs/private-networks/how-to/deploy/cloud.md
@ -2,7 +2,7 @@
 description: Deploying Besu to the cloud
 ---
-# Deploying Hyperledger Besu to the cloud
+# Deploy Besu to the cloud
 When deploying Besu to the cloud:
@ -10,4 +10,4 @@ When deploying Besu to the cloud:
  bootnodes and validators.
 * If your network is a multi-region network, consider using VPC Peering to reduce latency.
 * Where required, use VPNs to connect to your on premise systems, or single private chains.
-* If deploying to Kubernetes, please refer to the [tutorial](../../Tutorials/Kubernetes/Overview.md).
+* If deploying to Kubernetes, please refer to the [tutorial](../../tutorials/kubernetes/index.md).
--- a/docs/private-networks/how-to/deploy/ethstats.md
+++ b/docs/private-networks/how-to/deploy/ethstats.md
@ -2,10 +2,10 @@
 description: Ethstats network monitor
 ---
-# Ethstats network monitor
+# Connect to Ethstats network monitor
 Connect to [Ethstats](https://ethstats.net) to display real time and historical [statistics](#statistics) about the network and nodes.
-You can connect to the Ethstats dashboard by [connecting to a client and server](#connecting-through-a-client-and-server) or by [connecting through the command line](#connecting-through-the-command-line).
+You can connect to the Ethstats dashboard by [connecting to a client and server](#connect-through-a-client-and-server) or by [connecting through the command line](#connect-through-the-command-line).
 ## Components
@ -27,17 +27,17 @@ Statistics displayed by Ethstats include:
 - Node logs, which display the data sent by a node.
 - Block history, which provides the ability to go back in time and playback the block propagation through the nodes.
-## Connecting through a client and server
+## Connect through a client and server
 Refer to the external [Ethstats client](https://github.com/goerli/ethstats-client) and [Ethstats server](https://github.com/goerli/ethstats-server) documentation
 for installing those components and connecting to a dashboard.
-## Connecting through the command line
+## Connect through the command line
 You can use command line options to connect a node directly to a [dashboard](https://github.com/goerli/ethstats-client#available-dashboards), without using a client.
-Start a node using the [`--ethstats`](../../Reference/CLI/CLI-Syntax.md#ethstats) option to specify the Ethstats server URL.
+Start a node using the [`--ethstats`](../../../public-networks/reference/cli/options.md#ethstats) option to specify the Ethstats server URL.
-You can specify a contact email to send to the server using [`--ethstats-contact`](../../Reference/CLI/CLI-Syntax.md#ethstats-contact).
+You can specify a contact email to send to the server using [`--ethstats-contact`](../../../public-networks/reference/cli/options.md#ethstats-contact).
 !!! example
@ -51,4 +51,4 @@ You can specify a contact email to send to the server using [`--ethstats-contact
 Open the selected dashboard website. Find your node under the list of nodes to see the statistics for the node and the network.
-![dashboard](../../images/dashboard.png)
+![dashboard](../../../images/dashboard.png)
--- a/docs/private-networks/how-to/deploy/kubernetes.md
+++ b/docs/private-networks/how-to/deploy/kubernetes.md
@ -3,12 +3,12 @@ title: Deploy a Hyperledger Besu private network with Kubernetes
 description: Deploying Hyperledger Besu with Kubernetes
 ---
-# Deploying Hyperledger Besu with Kubernetes
+# Deploy Besu with Kubernetes
 Use the [reference implementations](https://github.com/ConsenSys/quorum-kubernetes) to install
 private networks using Kubernetes (K8s). The repository has full support for cloud providers like
 AWS, Azure, GCP, and IBM, and has production setups that use of identities and cloud-native
 secret storage services like Azure KeyVault and AWS Secrets Manager.
-Refer to the [tutorial](../../Tutorials/Kubernetes/Overview.md) and familiarize yourself with
+Refer to the [tutorial](../../tutorials/kubernetes/index.md) and familiarize yourself with
 the reference implementations, and customize them to your requirements.
--- a/docs/private-networks/how-to/index.md
+++ b/docs/private-networks/how-to/index.md
@ -0,0 +1,34 @@
 ---
 description: private networks how to overview
 ---
 # How to
 This section provides instructional content for private network features.
 The following features are shared with [public networks](../../public-networks/index.md) and the
 content can be found in the public networks section:
 - Configuration:
    - [Use a configuration file](../../public-networks/how-to/configuration-file.md)
    - [Pass JVM options](../../public-networks/how-to/pass-jvm-options.md)
    - [Configure high availability](../../public-networks/how-to/configure-ha/index.md)
    - [Configure mining](../../public-networks/how-to/use-pow/mining.md)
 - [Use the Besu API](../../public-networks/how-to/use-besu-api/index.md):
    - [Use JSON-RPC over HTTP, WS, and IPC](../../public-networks/how-to/use-besu-api/json-rpc.md)
    - [Use RPC Pub/Sub over WS](../../public-networks/how-to/use-besu-api/rpc-pubsub.md)
    - [Use GraphQL over HTTP](../../public-networks/how-to/use-besu-api/graphql.md)
    - [Authenticate JSON-RPC requests](../../public-networks/how-to/use-besu-api/authenticate.md)
    - [Access logs using JSON-RPC API](../../public-networks/how-to/use-besu-api/access-logs.md)
 - Find and connect to peers:
    - [Configure static nodes](../../public-networks/how-to/connect/static-nodes.md)
    - [Configure ports](../../public-networks/how-to/connect/configure-ports.md)
    - [Manage peers](../../public-networks/how-to/connect/manage-peers.md)
    - [Specify NAT method](../../public-networks/how-to/connect/specify-nat.md)
 - Develop dapps:
    - [Use Truffle](../../public-networks/how-to/develop/truffle.md)
    - [Use client libraries](../../public-networks/how-to/develop/client-libraries.md)
 - Troubleshoot:
    - [Use EVM tool](../../public-networks/how-to/troubleshoot/evm-tool.md)
    - [Use Java Flight Recorder](../../public-networks/how-to/troubleshoot/java-flight-recorder.md)
    - [Trace transactions](../../public-networks/how-to/troubleshoot/trace-transactions.md)
--- a/docs/private-networks/how-to/monitor/elastic-stack.md
+++ b/docs/private-networks/how-to/monitor/elastic-stack.md
@ -2,10 +2,10 @@
 description: Using Elastick Stack (ELK) with Hyperledger Besu
 ---
-# Elastic Stack
+# Use Elastic Stack
 [Elastic Stack] (ELK) is an open-source log management platform that is available when using the
-[Developer Quickstart](../../Tutorials/Developer-Quickstart.md).
+[Developer Quickstart](../../tutorials/quickstart.md).
 The [Filebeat] configuration ingests logs and the [Metricbeat] configuration collects metrics from the nodes at regular
 defined intervals and outputs them to Redis for storage.
@ -21,11 +21,11 @@ The [pipeline configuration] defines the JSON format used for Besu logs and auto
 To see the Besu Quickstart network logs in Kibana:
-1. [Start the Developer Quickstart with Besu](../../Tutorials/Developer-Quickstart.md), selecting ELK monitoring.
+1. [Start the Developer Quickstart with Besu](../../tutorials/quickstart.md), selecting ELK monitoring.
 1. Open the [`Kibana logs address`](http://localhost:5601/app/kibana#/discover) listed by the sample networks `list.sh` script.
   The logs display in Kibana.
-    ![Kibana](../../images/KibanaQuickstart.png)
+    ![Kibana](../../../images/KibanaQuickstart.png)
 <!-- Links -->
 [Filebeat]: https://github.com/ConsenSys/quorum-dev-quickstart/blob/b72a0f64d685c851bf8be399a8e33bbdf0e09982/files/common/filebeat/filebeat.yml
--- a/docs/private-networks/how-to/monitor/index.md
+++ b/docs/private-networks/how-to/monitor/index.md
@ -0,0 +1,19 @@
 ---
 description: Monitoring using metrics and logging
 ---
 # Monitoring
 Use monitoring to identify node and network issues. In private networks, you can
 [configure metrics and logging](../../../public-networks/how-to/monitor/index.md) as in public
 networks.
 You can also use the following monitoring tools in private networks:
 - [Elastic Stack](elastic-stack.md)
 - [Quorum Hibernate](quorum-hibernate.md)
 - [Splunk](splunk.md)
 - [OpenTelemetry](opentelemetry.md)
 For an overview of monitoring Hyperledger Besu, view
 [this recording](https://www.youtube.com/watch?v=7BuutRe0I28&feature=youtu.be).
--- a/docs/private-networks/how-to/monitor/opentelemetry.md
+++ b/docs/private-networks/how-to/monitor/opentelemetry.md
@ -2,11 +2,11 @@
 description: Collect Besu information with the OpenTelemetry Collector
 ---
-# OpenTelemetry
+# Use OpenTelemetry
 You can use the OpenTelemetry monitoring and tracing service to gather node metrics and traces.
-To enable OpenTelemetry to access Hyperledger Besu, use the [`--metrics-enabled`](../../Reference/CLI/CLI-Syntax.md#metrics-enabled)
+To enable OpenTelemetry to access Hyperledger Besu, use the [`--metrics-enabled`](../../../public-networks/reference/cli/options.md#metrics-enabled)
-and [`--metrics-protocol=opentelemetry`](../../Reference/CLI/CLI-Syntax.md#metrics-protocol) options.
+and [`--metrics-protocol=opentelemetry`](../../../public-networks/reference/cli/options.md#metrics-protocol) options.
 Use [Splunk](https://splunk.com) to visualize the collected data.
 A [Besu Sync example](https://github.com/splunk/splunk-connect-for-ethereum/tree/master/examples/besu-sync) is available.
@ -140,8 +140,8 @@ Download and install the [OpenTelemetry Collector](https://github.com/open-telem
    You can also refer to this [Docker-compose example](https://github.com/splunk/splunk-connect-for-ethereum/blob/989dc2ccae7d8235bf3ce2a83a18cf0cd1713294/examples/besu-sync/full-sync/docker-compose.yaml).
-1. Start Besu with the [`--metrics-enabled`](../../Reference/CLI/CLI-Syntax.md#metrics-enabled) and
+1. Start Besu with the [`--metrics-enabled`](../../../public-networks/reference/cli/options.md#metrics-enabled) and
-   [`--metrics-protocol=opentelemetry`](../../Reference/CLI/CLI-Syntax.md#metrics-protocol) options.
+   [`--metrics-protocol=opentelemetry`](../../../public-networks/reference/cli/options.md#metrics-protocol) options.
   For example, run the following command to start a single node:
    === "Syntax"
--- a/docs/private-networks/how-to/monitor/quorum-hibernate.md
+++ b/docs/private-networks/how-to/monitor/quorum-hibernate.md
@ -2,7 +2,7 @@
 description: Use Quorum Hibernate with Hyperledger Besu
 ---
-# Quorum Hibernate
+# Use Quorum Hibernate
 [Quorum Hibernate] is a proxy that monitors a node's API traffic and hibernates the node when inactive.
 This reduces infrastructure costs by ensuring only nodes receiving API requests or nodes required to establish consensus
--- a/docs/private-networks/how-to/monitor/splunk.md
+++ b/docs/private-networks/how-to/monitor/splunk.md
@ -2,7 +2,7 @@
 description: Send Hyperledger Besu logs to Splunk
 ---
-# Splunk
+# Use Splunk
 [Splunk](https://splunkbase.splunk.com/app/4866/) is a third-party monitoring solution compatible with Besu.
 A Splunk server can receive Besu logs and enable complex search, visualization, and analysis.
@ -21,7 +21,7 @@ Options for running Splunk and Besu are:
 To view the Quickstart network logs in Splunk:
-1. [Start the Developer Quickstart with Besu](../../Tutorials/Developer-Quickstart.md), selecting Splunk monitoring.
+1. [Start the Developer Quickstart with Besu](../../tutorials/quickstart.md), selecting Splunk monitoring.
 1. Open the [Splunk UI](http://localhost:8000).
 ## Splunk Connect for Ethereum Docker Compose
@ -53,9 +53,9 @@ Docker Compose environment provided by Splunk.
    !!! note
        Splunk enterprise takes some time to start.
-    
+
        Run `docker ps` and wait for the `STATUS` of the 3 containers to be `Up [number] seconds (healthy)`.
-    
+
        ```
        CONTAINER ID        IMAGE                        COMMAND                  CREATED             STATUS                    PORTS                                                                            NAMES
        127600dd1173        splunkdlt/ethlogger:latest   "ethlogger"              53 seconds ago      Up 51 seconds (healthy)                                                                                    ethlogger
@ -65,10 +65,10 @@ Docker Compose environment provided by Splunk.
 ## Use Splunk Enterprise as a Docker container
-### Requirements
+### Prerequisites
 - [Docker](https://docs.docker.com/compose/install/)
- [Besu 1.4.4](https://github.com/hyperledger/besu/blob/750580dcca349d22d024cc14a8171b2fa74b505a/CHANGELOG.md#144) or later [installed](../Get-Started/Installation-Options/Install-Binaries.md)
+- [Besu 1.4.4](https://github.com/hyperledger/besu/blob/750580dcca349d22d024cc14a8171b2fa74b505a/CHANGELOG.md#144) or later [installed](../../get-started/install/binary-distribution.md)
 !!! important
@ -77,9 +77,9 @@ Docker Compose environment provided by Splunk.
 !!! note
-    If running [Besu as a Docker container](../Get-Started/Installation-Options/Run-Docker-Image.md), consider using
+    If running [Besu as a Docker container](../../get-started/install/run-docker-image.md), consider using
    [Splunk Connect for Ethereum Docker Compose](#splunk-connect-for-ethereum-docker-compose) or
-    [Kubernetes](../Deploy/Kubernetes.md) instead of the Splunk Enterprise trial container.
+    [Kubernetes](../deploy/kubernetes.md) instead of the Splunk Enterprise trial container.
 ### Steps
@ -103,7 +103,7 @@ Docker Compose environment provided by Splunk.
    !!! tip
        To follow the logs of the Splunk container:
-    
+
        ```bash
        docker logs -f splunk-demo
        ```
@ -140,17 +140,17 @@ Docker Compose environment provided by Splunk.
    Congratulations! You can now play with the search and other Splunk features to explore your Besu logs.
-    ![Splunk search page](../../images/splunk-ui.png)
+    ![Splunk search page](../../../images/splunk-ui.png)
 1. Stop Besu with ++ctrl+c++.
   Stop the Splunk container with `docker stop splunk-demo`.
 ## Run a Splunk Enterprise instance
-### Requirements
+### Prerequisites
 - [Splunk Enterprise license](https://www.splunk.com/)
- [Besu 1.4.4](https://github.com/hyperledger/besu/blob/master/CHANGELOG.md#144) or later [installed](../Get-Started/Installation-Options/Install-Binaries.md)
+- [Besu 1.4.4](https://github.com/hyperledger/besu/blob/master/CHANGELOG.md#144) or later [installed](../../get-started/install/binary-distribution.md)
 ### Steps
--- a/docs/private-networks/how-to/send-transactions/concurrent-private-transactions.md
+++ b/docs/private-networks/how-to/send-transactions/concurrent-private-transactions.md
@ -2,30 +2,30 @@
 description: Creating and sending concurrent private transactions with Hyperledger Besu
 ---
-# Sending concurrent private transactions
+# Send concurrent private transactions
 Private transaction processing involves two transactions, the private transaction and the
-[privacy marker transaction (PMT)](../../Concepts/Privacy/Private-Transaction-Processing.md).
+[privacy marker transaction (PMT)](../../concepts/privacy/private-transactions/processing.md).
-The private transaction and the PMT each have their own [nonce](../../Concepts/Privacy/Private-Transactions.md#nonces).
+The private transaction and the PMT each have their own [nonce](../../concepts/privacy/private-transactions/index.md#nonces).
 If your private transaction rate requires sending private transactions without waiting for the previous
-private transaction to be mined, using [`eth_getTransactionCount`](../../Reference/API-Methods.md#eth_gettransactioncount)
+private transaction to be mined, using [`eth_getTransactionCount`](../../../public-networks/reference/api/index.md#eth_gettransactioncount)
-and [`eea_sendRawTransaction`](../../Reference/API-Methods.md#eea_sendrawtransaction) may result in
+and [`eea_sendRawTransaction`](../../reference/api/index.md#eea_sendrawtransaction) may result in
-[incorrect nonces](../../Concepts/Privacy/Private-Transactions.md#private-nonce-management).
+[incorrect nonces](../../concepts/privacy/private-transactions/index.md#private-nonce-management).
-In this case, use [`priv_distributeRawTransaction`](Creating-Sending-Private-Transactions.md#priv_distributerawtransaction)
+In this case, use [`priv_distributeRawTransaction`](private-transactions.md#priv_distributerawtransaction)
-instead of [`eea_sendRawTransaction`](../../Reference/API-Methods.md#eea_sendrawtransaction).
+instead of [`eea_sendRawTransaction`](../../reference/api/index.md#eea_sendrawtransaction).
 !!! note
-    You can use [`priv_getTransactionCount`](../../Reference/API-Methods.md#priv_gettransactioncount) or
+    You can use [`priv_getTransactionCount`](../../reference/api/index.md#priv_gettransactioncount) or
-    [`priv_getEeaTransactionCount`](../../Reference/API-Methods.md#priv_geteeatransactioncount) to get the nonce for
+    [`priv_getEeaTransactionCount`](../../reference/api/index.md#priv_geteeatransactioncount) to get the nonce for
    an account for the specified privacy group or participants.
-Send the corresponding PMT using [`eth_sendRawTransaction`](../../Reference/API-Methods.md#eth_sendrawtransaction),
+Send the corresponding PMT using [`eth_sendRawTransaction`](../../../public-networks/reference/api/index.md#eth_sendrawtransaction),
 specifying the public PMT nonce.
 This method allows you to create and send the PMT yourself rather than
-[`eea_sendRawTransaction`](../../Reference/API-Methods.md#eea_sendrawtransaction) handling the PMT.
+[`eea_sendRawTransaction`](../../reference/api/index.md#eea_sendrawtransaction) handling the PMT.
 !!! important
@ -37,6 +37,6 @@ This method allows you to create and send the PMT yourself rather than
    The [web3js-quorum library](https://github.com/ConsenSys/web3js-quorum/tree/master/example/concurrentPrivateTransactions)
    includes an example of how to send concurrent private transactions.
-    The example uses [offchain privacy groups](../../Concepts/Privacy/Privacy-Groups.md).
+    The example uses [offchain privacy groups](../../concepts/privacy/privacy-groups.md).
-    Use [`priv_getPrivacyPrecompileAddress`](../../Reference/API-Methods.md#priv_getprivacyprecompileaddress) to get the
+    Use [`priv_getPrivacyPrecompileAddress`](../../reference/api/index.md#priv_getprivacyprecompileaddress) to get the
    precompile address to specify in the `to` field when creating the PMT.
--- a/docs/private-networks/how-to/send-transactions/index.md
+++ b/docs/private-networks/how-to/send-transactions/index.md
@ -0,0 +1,14 @@
 ---
 description: private networks send transactions overview
 ---
 # Create and send transactions
 In private networks, you can create and [send regular transactions](../../../public-networks/how-to/send-transactions.md)
 as in public networks.
 You can also:
 - [Send private transactions](private-transactions.md).
 - [Send concurrent private transactions](concurrent-private-transactions.md).
 - [Include revert reason in transactions](revert-reason.md).
--- a/docs/private-networks/how-to/send-transactions/private-transactions.md
+++ b/docs/private-networks/how-to/send-transactions/private-transactions.md
@ -2,11 +2,11 @@
 description: Creating and sending private transactions with Hyperledger Besu
 ---
-# Creating and sending private transactions
+# Create and send private transactions
-Create and send [private transactions](../../Concepts/Privacy/Privacy-Overview.md) using:
+Create and send [private transactions](../../concepts/privacy/index.md) using:
-* [web3js-quorum client library](../Interact/Client-Libraries/web3js-quorum.md) or
+* [web3js-quorum client library](../use-privacy/web3js-quorum.md) or
  [web3j client library](https://github.com/web3j/web3j)
 * [`eea_sendTransaction` with EthSigner](https://docs.ethsigner.consensys.net/en/latest/Using-EthSigner/Using-EthSigner/)
 * [`eea_sendRawTransaction`](#eea_sendrawtransaction)
@ -17,7 +17,7 @@ distributed. If any participants are offline when submitting the private transac
 transaction is not attempted and you must resubmit the transaction.
 The `gas` and `gasPrice` specified when sending a private transaction are used by the
-[privacy marker transaction (PMT)](../../Concepts/Privacy/Private-Transaction-Processing.md), not the private transaction itself.
+[privacy marker transaction (PMT)](../../concepts/privacy/private-transactions/processing.md), not the private transaction itself.
 !!! note
@ -26,40 +26,40 @@ The `gas` and `gasPrice` specified when sending a private transaction are used b
 ## `eea_sendRawTransaction`
-[`eea_sendRawTransaction`](../../Reference/API-Methods.md#eea_sendrawtransaction) distributes the
+[`eea_sendRawTransaction`](../../reference/api/index.md#eea_sendrawtransaction) distributes the
 private transaction to the participating nodes, and signs and submits the PMT, as described in
-[Private transaction processing](../../Concepts/Privacy/Private-Transaction-Processing.md).
+[Private transaction processing](../../concepts/privacy/private-transactions/processing.md).
 !!! note
-    If [sending concurrent transactions](Concurrent-Private-Transactions.md), you must use
+    If [sending concurrent transactions](concurrent-private-transactions.md), you must use
    [`priv_distributeRawTransaction`](#priv_distributerawtransaction) instead of
-    [`eea_sendRawTransaction`](../../Reference/API-Methods.md#eea_sendrawtransaction).
+    [`eea_sendRawTransaction`](../../reference/api/index.md#eea_sendrawtransaction).
 ## `priv_distributeRawTransaction`
-Use [`priv_distributeRawTransaction`](../../Reference/API-Methods.md#priv_distributerawtransaction) instead of
+Use [`priv_distributeRawTransaction`](../../reference/api/index.md#priv_distributerawtransaction) instead of
-[`eea_sendRawTransaction`](#eea_sendrawtransaction) when sending [concurrent private transactions](Concurrent-Private-Transactions.md).
+[`eea_sendRawTransaction`](#eea_sendrawtransaction) when sending [concurrent private transactions](concurrent-private-transactions.md).
-[`priv_distributeRawTransaction`](../../Reference/API-Methods.md#priv_distributerawtransaction)
+[`priv_distributeRawTransaction`](../../reference/api/index.md#priv_distributerawtransaction)
 distributes the private transaction to the participating nodes but does not sign and submit the PMT.
-That is, it performs steps 1 to 5 of [Private Transaction Processing](../../Concepts/Privacy/Private-Transaction-Processing.md).
+That is, it performs steps 1 to 5 of [private transaction processing](../../concepts/privacy/private-transactions/processing.md).
 If using
-[`priv_distributeRawTransaction`](../../Reference/API-Methods.md#priv_distributerawtransaction)
+[`priv_distributeRawTransaction`](../../reference/api/index.md#priv_distributerawtransaction)
-instead of [`eea_sendRawTransaction`](../../Reference/API-Methods.md#eea_sendrawtransaction), use
+instead of [`eea_sendRawTransaction`](../../reference/api/index.md#eea_sendrawtransaction), use
 the value returned by
-[`priv_distributeRawTransaction`](../../Reference/API-Methods.md#priv_distributerawtransaction),
+[`priv_distributeRawTransaction`](../../reference/api/index.md#priv_distributerawtransaction),
 which is the enclave key to the private transaction in [Tessera](https://docs.tessera.consensys.net/),
 in the `data` field of a call to
-[`eth_sendRawTransaction`](../../Reference/API-Methods.md#eth_sendrawtransaction).
+[`eth_sendRawTransaction`](../../../public-networks/reference/api/index.md#eth_sendrawtransaction).
 Use the value returned by
-[`priv_getPrivacyPrecompileAddress`](../../Reference/API-Methods.md#priv_getprivacyprecompileaddress), which is the
+[`priv_getPrivacyPrecompileAddress`](../../reference/api/index.md#priv_getprivacyprecompileaddress), which is the
-address of the [privacy precompiled contract](../../Concepts/Privacy/Private-Transaction-Processing.md), in the `to`
+address of the [privacy precompiled contract](../../concepts/privacy/private-transactions/processing.md), in the `to`
 field of the call.
-By using the [public Ethereum transaction](Transactions.md),
+By using the [public Ethereum transaction](../../how-to/send-transactions/index.md),
-[`eth_sendRawTransaction`](../../Reference/API-Methods.md#eth_sendrawtransaction), you are signing
+[`eth_sendRawTransaction`](../../../public-networks/reference/api/index.md#eth_sendrawtransaction), you are signing
 and submitting the PMT yourself instead of having it signed by the Besu node, giving you greater control over the PMT.
 !!! warning
@ -90,7 +90,7 @@ and submitting the PMT yourself instead of having it signed by the Besu node, gi
    }
    ```
-    Send the enclave key in the `data` field, and the [privacy precompile address](../../Reference/API-Methods.md#priv_getprivacyprecompileaddress) in the `to` field of `eth_sendRawTransaction`:
+    Send the enclave key in the `data` field, and the [privacy precompile address](../../reference/api/index.md#priv_getprivacyprecompileaddress) in the `to` field of `eth_sendRawTransaction`:
    ```json
    {
@ -111,15 +111,15 @@ and submitting the PMT yourself instead of having it signed by the Besu node, gi
 To create an [EEA-compliant private transaction], specify `privateFor` when creating the signed
 transaction passed as an input parameter to
-[`eea_sendRawTransaction`](../../Reference/API-Methods.md#eea_sendrawtransaction).
+[`eea_sendRawTransaction`](../../reference/api/index.md#eea_sendrawtransaction).
 To create a [Besu-extended private transaction], specify a `privacyGroupId` when creating the
 signed transaction passed as an input parameter to
-[`eea_sendRawTransaction`](../../Reference/API-Methods.md#eea_sendrawtransaction).
+[`eea_sendRawTransaction`](../../reference/api/index.md#eea_sendrawtransaction).
 ## Unsigned and unencoded private transactions
-The [`eea_sendRawTransaction`](../../Reference/API-Methods.md#eea_sendrawtransaction) parameter is
+The [`eea_sendRawTransaction`](../../reference/api/index.md#eea_sendrawtransaction) parameter is
 a signed RLP-encoded private transaction. Shown below are examples of unsigned and unencoded
 private transactions to create a contract.
@ -158,10 +158,10 @@ private transactions to create a contract.
 !!! tip
    The `example` directory in the
-    [web3js-quorum client library](../Interact/Client-Libraries/web3js-quorum.md) contains examples of
+    [web3js-quorum client library](../use-privacy/web3js-quorum.md) contains examples of
    signing and encoding private transactions.
 <!-- links ---->
-[EEA-compliant private transaction]: ../../Concepts/Privacy/Privacy-Groups.md#enterprise-ethereum-alliance-privacy
+[EEA-compliant private transaction]: ../../concepts/privacy/privacy-groups.md#enterprise-ethereum-alliance-privacy
-[Besu-extended private transaction]: ../../Concepts/Privacy/Privacy-Groups.md#besu-extended-privacy
+[Besu-extended private transaction]: ../../concepts/privacy/privacy-groups.md#besu-extended-privacy
--- a/docs/private-networks/how-to/send-transactions/revert-reason.md
+++ b/docs/private-networks/how-to/send-transactions/revert-reason.md
@ -33,29 +33,29 @@ client an optional string message containing information about the error.
        function withdraw() public {
            if (msg.sender != owner)
                revert Unauthorized();
-    
+
            payable(msg.sender).transfer(address(this).balance);
        }
    }
    ```
-## Enabling revert reason
+## Enable revert reason
-Use the [`--revert-reason-enabled`](../../Reference/CLI/CLI-Syntax.md#revert-reason-enabled)
+Use the [`--revert-reason-enabled`](../../../public-networks/reference/cli/options.md#revert-reason-enabled)
 command line option to include the revert reason in the transaction receipt,
-[`eth_estimateGas`](../../Reference/API-Methods.md#eth_estimategas) error,
+[`eth_estimateGas`](../../../public-networks/reference/api/index.md#eth_estimategas) error,
-[`eth_call`](../../Reference/API-Methods.md#eth_call) error, and
+[`eth_call`](../../../public-networks/reference/api/index.md#eth_call) error, and
-[`trace`](../../Reference/Trace-Types.md#trace) response in Hyperledger Besu.
+[`trace`](../../../public-networks/reference/trace-types.md#trace) response in Hyperledger Besu.
 !!! caution
    Enabling revert reason may use a significant amount of memory. We do not recommend enabling
    revert reason when connected to public Ethereum networks.
-## Where is the revert reason included
+## Where the revert reason is included
 With revert reason enabled, the transaction receipt returned by
-[`eth_getTransactionReceipt`](../../Reference/API-Methods.md#eth_gettransactionreceipt) includes
+[`eth_getTransactionReceipt`](../../../public-networks/reference/api/index.md#eth_gettransactionreceipt) includes
 the revert reason as an ABI-encoded string.
 !!! important
@ -64,7 +64,7 @@ the revert reason as an ABI-encoded string.
    revert reason in the transactions receipt's root hash means the revert reason is only available
    to nodes that execute the transaction when importing the block. That is, the revert reason is
    not available if using fast synchronization
-    ([`--sync-mode=FAST`](../../Reference/CLI/CLI-Syntax.md#sync-mode)).
+    ([`--sync-mode=FAST`](../../../public-networks/reference/cli/options.md#sync-mode)).
 !!! example
@ -90,8 +90,8 @@ the revert reason as an ABI-encoded string.
    }
    ```
-The error returned by [`eth_estimateGas`](../../Reference/API-Methods.md#eth_estimategas) and
+The error returned by [`eth_estimateGas`](../../../public-networks/reference/api/index.md#eth_estimategas) and
-[`eth_call`](../../Reference/API-Methods.md#eth_call) includes the revert reason as an ABI-encoded string in the `data` field.
+[`eth_call`](../../../public-networks/reference/api/index.md#eth_call) includes the revert reason as an ABI-encoded string in the `data` field.
 !!! example "Example of `eth_estimateGas` and `eth_call` error"
@ -107,10 +107,10 @@ The error returned by [`eth_estimateGas`](../../Reference/API-Methods.md#eth_est
    }
    ```
-The list items in the [`trace`](../../Reference/Trace-Types.md#trace) response returned by
+The list items in the [`trace`](../../../public-networks/reference/trace-types.md#trace) response returned by
-[`trace_replayBlockTransactions`](../../Reference/API-Methods.md#trace_replayblocktransactions),
+[`trace_replayBlockTransactions`](../../../public-networks/reference/api/index.md#trace_replayblocktransactions),
-[`trace_block`](../../Reference/API-Methods.md#trace_block), and
+[`trace_block`](../../../public-networks/reference/api/index.md#trace_block), and
-[`trace_transaction`](../../Reference/API-Methods.md#trace_transaction) include the revert reason as an ABI-encoded string.
+[`trace_transaction`](../../../public-networks/reference/api/index.md#trace_transaction) include the revert reason as an ABI-encoded string.
 !!! example "Example of `trace` response list item"
--- a/docs/private-networks/how-to/upgrade.md
+++ b/docs/private-networks/how-to/upgrade.md
@ -0,0 +1,45 @@
 ---
 description: Upgrading protocol versions
 ---
 # Network and protocol upgrades
 !!! important
    Node upgrades upgrade your Besu client to a later version.
    In private networks, you can [upgrade your node](../../public-networks/how-to/upgrade-node.md)
    as in public networks.
 Network upgrades are the mechanism for upgrading the Ethereum protocol.
 Protocol upgrades occur during the network upgrades.
 For Ethereum Mainnet and public testnets, the milestone block definitions are included in Besu.
 Upgrading your Besu client applies the network upgrade.
 For private networks, all network participants must agree on the protocol upgrades and coordinate
 the network upgrades.
 The genesis file specifies the milestone block at which to apply the protocol upgrade.
 ## Upgrade the protocol
 To upgrade the protocol in a private network:
 1. Review included EIPs for breaking changes.
   A [meta EIP](https://eips.ethereum.org/meta) for each protocol upgrade lists included EIPs.
   For example, [Istanbul](https://eips.ethereum.org/EIPS/eip-1679).
 1. Network participants agree on the block number at which to upgrade.
 1. For each node in the network:
     1. Add the [milestone block number](../../public-networks/reference/genesis-items.md#milestone-blocks) to
        the genesis file.
     1. Restart the node before reaching milestone block.
 !!! caution
    To avoid a forked network, all network participants must update their genesis file to include
    the agreed on milestone block and restart their node before reaching the milestone block.
 !!! tip "Tips"
    - For compatibility with future protocol upgrades, don't hardcode any gas price assumptions.
    - Implementing upgradeable contracts enables contracts to be upgraded if a protocol upgrade does
      include breaking changes.
--- a/docs/private-networks/how-to/use-permissioning/local.md
+++ b/docs/private-networks/how-to/use-permissioning/local.md
@ -2,9 +2,9 @@
 description: Hyperledger Besu local permissioning
 ---
-# Local permissioning
+# Use local permissioning
-[Local permissioning](../../Concepts/Permissioning/Permissioning-Overview.md#local) supports node and account allowlisting.
+[Local permissioning](../../concepts/permissioning/index.md#local) supports node and account allowlisting.
 ## Node allowlisting
@ -26,15 +26,15 @@ enabled, communication is only between nodes in the allowlist.
 Node allowlisting is at the node level. That is, each node in the network has a
 [permissions configuration file](#permissions-configuration-file) file in the
-[data directory](../../Reference/CLI/CLI-Syntax.md#data-path) for the node.
+[data directory](../../../public-networks/reference/cli/options.md#data-path) for the node.
 Local permissioning doesn't check that the node using the permissions configuration file is listed in the
 allowlist, it only checks that the remote end of the connection is in the allowlist. Use [onchain permissioning] if you
 need to check both ends of the connection.
-### Specifying bootnodes in the allowlist
+### Specify bootnodes in the allowlist
-The nodes permissions list must include the [bootnodes](../Find-and-Connect/Bootnodes.md) or Hyperledger Besu doesn't
+The nodes permissions list must include the [bootnodes](../configure/bootnodes.md) or Hyperledger Besu doesn't
 start with node permissions enabled.
 !!! example
@ -54,34 +54,34 @@ start with node permissions enabled.
    (for example, if you use Kubernetes implementing a load balancer for ingress and a NAT gateway IP address for egress),
    add both addresses to the allowlist, using the same public key for each IP address. This will allow the node to connect.
-### Enabling node allowlisting
+### Enable node allowlisting
 To enable node allowlisting, specify the
-[`--permissions-nodes-config-file-enabled`](../../Reference/CLI/CLI-Syntax.md#permissions-nodes-config-file-enabled)
+[`--permissions-nodes-config-file-enabled`](../../reference/cli/options.md#permissions-nodes-config-file-enabled)
 option when starting Besu.
 The `PERM` API methods are not enabled by default. To enable the `PERM` API methods, use the
-[`--rpc-http-api`](../../Reference/CLI/CLI-Syntax.md#rpc-http-api) or
+[`--rpc-http-api`](../../../public-networks/reference/cli/options.md#rpc-http-api) or
-[`--rpc-ws-api`](../../Reference/CLI/CLI-Syntax.md#rpc-ws-api) options.
+[`--rpc-ws-api`](../../../public-networks/reference/cli/options.md#rpc-ws-api) options.
-### Updating the node allowlist
+### Update the node allowlist
 To update the nodes allowlist while the node is running, use the following JSON-RPC API methods:
-* [perm_addNodesToAllowlist](../../Reference/API-Methods.md#perm_addnodestoallowlist)
+* [perm_addNodesToAllowlist](../../reference/api/index.md#perm_addnodestoallowlist)
-* [perm_removeNodesFromAllowlist](../../Reference/API-Methods.md#perm_removenodesfromallowlist)
+* [perm_removeNodesFromAllowlist](../../reference/api/index.md#perm_removenodesfromallowlist)
 You can also update the [`permissions_config.toml`](#permissions-configuration-file) file directly
 and then update the allowlist using the
-[`perm_reloadPermissionsFromFile`](../../Reference/API-Methods.md#perm_reloadpermissionsfromfile)
+[`perm_reloadPermissionsFromFile`](../../reference/api/index.md#perm_reloadpermissionsfromfile)
 method.
 Updates to the permissions configuration file persist across node restarts.
-### Viewing the node allowlist
+### View the node allowlist
 To view the nodes allowlist, use the
-[perm_getNodesAllowlist](../../Reference/API-Methods.md#perm_getnodesallowlist) method.
+[perm_getNodesAllowlist](../../reference/api/index.md#perm_getnodesallowlist) method.
 !!! note
@ -111,22 +111,22 @@ permissioning accepts transactions only from accounts in the accounts allowlist.
 Account allowlisting is at the node level. That is, each node in the network has a
 [permissions configuration file](#permissions-configuration-file) in the
-[data directory](../../Reference/CLI/CLI-Syntax.md#data-path) for the node.
+[data directory](../../../public-networks/reference/cli/options.md#data-path) for the node.
 !!! caution "Using account permissioning and privacy"
    Account permissioning is incompatible with
-    [random key signing](../Use-Privacy/Sign-Privacy-Marker-Transactions.md) for
+    [random key signing](../use-privacy/sign-pmts.md) for
-    [privacy marker transactions](../../Concepts/Privacy/Private-Transaction-Processing.md).
+    [privacy marker transactions](../../concepts/privacy/private-transactions/processing.md).
    If using account permissioning and privacy, a signing key must be specified using the
-    [`--privacy-marker-transaction-signing-key-file`](../../Reference/CLI/CLI-Syntax.md#privacy-marker-transaction-signing-key-file)
+    [`--privacy-marker-transaction-signing-key-file`](../../reference/cli/options.md#privacy-marker-transaction-signing-key-file)
    command line option and the corresponding public key included in the accounts allowlist.
 Transaction validation against the accounts allowlist occurs at the following points:
 * Submitted by JSON-RPC API method
-  [`eth_sendRawTransaction`](../../Reference/API-Methods.md#eth_sendrawtransaction)
+  [`eth_sendRawTransaction`](../../../public-networks/reference/api/index.md#eth_sendrawtransaction)
 * Received via propagation from another node
 * Added to a block by a mining node
@ -136,7 +136,7 @@ transactions from accounts that are not on the accounts allowlist of that node.
 The following diagram illustrates applying local and onchain permissioning rules.
-![Permissioning Flow](../../images/PermissioningFlow.png)
+![Permissioning Flow](../../../images/PermissioningFlow.png)
 !!! example "Example of different account allowlists"
@ -162,60 +162,60 @@ The following diagram illustrates applying local and onchain permissioning rules
    by Node B to which it's propagated if the account is not in the Node B allowlist. We
    recommend each node in the network has the same accounts allowlist.
-### Enabling account allowlisting
+### Enable account allowlisting
 To enable account allowlisting, specify the
-[`--permissions-accounts-config-file-enabled`](../../Reference/CLI/CLI-Syntax.md#permissions-accounts-config-file-enabled)
+[`--permissions-accounts-config-file-enabled`](../../reference/cli/options.md#permissions-accounts-config-file-enabled)
 option when starting Besu.
 The `PERM` API methods are not enabled by default. To enable the `PERM` API methods, use the
-[`--rpc-http-api`](../../Reference/CLI/CLI-Syntax.md#rpc-http-api) or
+[`--rpc-http-api`](../../../public-networks/reference/cli/options.md#rpc-http-api) or
-[`--rpc-ws-api`](../../Reference/CLI/CLI-Syntax.md#rpc-ws-api) options.
+[`--rpc-ws-api`](../../../public-networks/reference/cli/options.md#rpc-ws-api) options.
-### Updating the account allowlist
+### Update the account allowlist
 To update the accounts allowlist when the node is running, use the JSON-RPC API methods:
-* [`perm_addAccountsToAllowlist`](../../Reference/API-Methods.md#perm_addaccountstoallowlist)
+* [`perm_addAccountsToAllowlist`](../../reference/api/index.md#perm_addaccountstoallowlist)
-* [`perm_removeAccountsFromAllowlist`](../../Reference/API-Methods.md#perm_removeaccountsfromallowlist).
+* [`perm_removeAccountsFromAllowlist`](../../reference/api/index.md#perm_removeaccountsfromallowlist).
 You can also update the [`permissions_config.toml`](#permissions-configuration-file) file directly
 and use the
-[`perm_reloadPermissionsFromFile`](../../Reference/API-Methods.md#perm_reloadpermissionsfromfile)
+[`perm_reloadPermissionsFromFile`](../../reference/api/index.md#perm_reloadpermissionsfromfile)
 method to update the allowlists.
 Updates to the permissions configuration file persist across node restarts.
-### Viewing the account allowlist
+### View the account allowlist
 To view the accounts allowlist, use the
-[`perm_getAccountsAllowlist`](../../Reference/API-Methods.md#perm_getaccountsallowlist) method.
+[`perm_getAccountsAllowlist`](../../reference/api/index.md#perm_getaccountsallowlist) method.
 ## Permissions configuration file
 The permissions configuration file contains the nodes and accounts allowlists. If the
-[`--permissions-accounts-config-file`](../../Reference/CLI/CLI-Syntax.md#permissions-accounts-config-file)
+[`--permissions-accounts-config-file`](../../reference/cli/options.md#permissions-accounts-config-file)
-and [`--permissions-nodes-config-file`](../../Reference/CLI/CLI-Syntax.md#permissions-nodes-config-file)
+and [`--permissions-nodes-config-file`](../../reference/cli/options.md#permissions-nodes-config-file)
 options are not specified, the name of the permissions configuration file must be
 [`permissions_config.toml`](#permissions-configuration-file) and must be in the
-[data directory](../../Reference/CLI/CLI-Syntax.md#data-path) for the node.
+[data directory](../../../public-networks/reference/cli/options.md#data-path) for the node.
 You can specify the accounts and nodes allowlists in the same file or in separate files for
 accounts and nodes.
 To specify a permissions configuration file (or separate files for accounts and nodes) in any
 location, use the
-[`--permissions-accounts-config-file`](../../Reference/CLI/CLI-Syntax.md#permissions-accounts-config-file)
+[`--permissions-accounts-config-file`](../../reference/cli/options.md#permissions-accounts-config-file)
 and
-[`--permissions-nodes-config-file`](../../Reference/CLI/CLI-Syntax.md#permissions-nodes-config-file)
+[`--permissions-nodes-config-file`](../../reference/cli/options.md#permissions-nodes-config-file)
 options.
 !!!note
-    The [`--permissions-accounts-config-file`](../../Reference/CLI/CLI-Syntax.md#permissions-accounts-config-file)
+    The [`--permissions-accounts-config-file`](../../reference/cli/options.md#permissions-accounts-config-file)
-    and [`permissions-nodes-config-file`](../../Reference/CLI/CLI-Syntax.md#permissions-nodes-config-file)
+    and [`permissions-nodes-config-file`](../../reference/cli/options.md#permissions-nodes-config-file)
    options are not used when running Besu from the
-    [Docker image](../Get-Started/Installation-Options/Run-Docker-Image.md). Use a bind mount to
+    [Docker image](../../get-started/install/run-docker-image.md). Use a bind mount to
    [specify a permissions configuration file with Docker].
 !!! example "Sample permissions configuration file"
@ -227,6 +227,6 @@ options.
    ```
 <!-- Links -->
-[specify a permissions configuration file with Docker]: ../Get-Started/Installation-Options/Run-Docker-Image.md#permissions-configuration-file
+[specify a permissions configuration file with Docker]: ../../get-started/install/run-docker-image.md
-[support domain names]: ../../Concepts/Node-Keys.md#domain-name-support
+[support domain names]: ../../../public-networks/concepts/node-keys.md#domain-name-support
-[onchain permissioning]: ../../Concepts/Permissioning/Onchain-Permissioning.md
+[onchain permissioning]: ../../concepts/permissioning/onchain.md
--- a/docs/private-networks/how-to/use-permissioning/onchain.md
+++ b/docs/private-networks/how-to/use-permissioning/onchain.md
@ -0,0 +1,128 @@
 ---
 description: Updating Hyperledger Besu onchain allowlists
 ---
 # Use onchain permissioning
 When using [onchain permissioning](../../concepts/permissioning/onchain.md), you can update
 [nodes](#update-nodes-allowlist) and [accounts](#update-accounts-allowlist) allowlists using the
 Besu [permissioning management dapp](#deploy-the-permissioning-management-dapp).
 ## Deploy the permissioning management dapp
 To deploy the permissioning management dapp for production:
 1. Retrieve the most recent release (tarball or zip) from the [projects release page].
 1. Unpack the distribution into a directory available to your Web server.
 1. In the root of the unpack directory, add a file called `config.json` replacing the placeholders
   shown below.
   !!! example "`config.json`"
         ```json
         {
           "accountIngressAddress":  "<Address of the account ingress contract>",
           "nodeIngressAddress": "<Address of the node ingress contract>",
           "networkId": "<ID of your Ethereum network>"
         }
         ```
 1. On your Web server, host the contents of the directory as static files and direct root requests
   to `index.html`.
 !!! note "Start a production permissioned network"
    To start a production permissioned network, follow the [onchain permissioning tutorial], but don't
    perform the steps using `yarn` to install, build, and start the development server.
    Instead, follow the steps in this section to deploy the permissioning management dapp to your Web server.
 ## Update nodes allowlist
 To add a node to the Hyperledger Besu nodes allowlist:
 1. On the **Nodes** tab of the permissioning management dapp, select **Add Node**.
   The **Add Node** window displays.
 2. Enter the [enode URL](../../../public-networks/concepts/node-keys.md#enode-url) of the node you are adding and select **Add Node**.
 !!! tip
    If your node has two different IP addresses for ingress and egress
    (for example, if you use Kubernetes implementing a load balancer for ingress and a NAT gateway IP address for egress),
    add both addresses to the allowlist, using the same public key for each IP address. This will allow the node to connect.
 !!! important
    Node allowlists [support domain names] in enode URLs as an experimental feature. Use the `--Xdns-enabled` option
    to enable domain name support.
    If using Kubernetes, enable domain name support and use the `--Xdns-update-enabled` option to ensure that Besu can
    connect to a container after being restarted, even if the IP address of the container changes.
 To remove a node from the nodes allowlist:
 1. On the **Nodes** tab of the permissioning management dapp, hover over the row of the
   node you are removing. A trash can displays.
 1. Select the trash can.
 !!! tip
    If you add a running node, the node does not attempt to reconnect to the bootnode and
    synchronize until peer discovery restarts. To add an allowlisted node as a peer without waiting
    for peer discovery to restart, use
    [`admin_addPeer`](../../../public-networks/reference/api/index.md#admin_addpeer).
    If you add the node to the allowlist before starting the node, using `admin_addPeer` is not
    required because peer discovery is run on node startup.
 !!! tip
    If nodes are not connecting as expected, set the [log level to `TRACE`](../../../public-networks/reference/cli/options.md#logging)
    and search for messages containing `Node permissioning` to identify the issue.
    Ensure the [`--p2p-host`](../../../public-networks/reference/cli/options.md#p2p-host) command line option has been
    correctly configured for all nodes with the
    externally accessible address.
    If you change your network configuration, you may need to update the node allowlist.
 ## Update accounts allowlist
 To add an account to the accounts allowlist:
 1. On the **Accounts** tab of the permissioning management dapp, select **Add Account**.
   The **Add Account** window displays.
 1. Enter the account address in the **Account Address** field and select **Add Account**.
 To remove an account from the accounts allowlist:
 1. On the **Accounts** tab of the permissioning management dapp, hover over the row of
   the account you are removing. A trash can displays.
 1. Select the trash can.
 ## Update admins
 You can add or remove admins in the same way as [accounts](#update-accounts-allowlist), except on the **Admins** tab.
 ## Specify the permissioning contract interface version
 Use the [`--permissions-nodes-contract-version`](../../reference/cli/options.md#permissions-nodes-contract-version)
 command line option to specify the version of the [permissioning contract interface](../../concepts/permissioning/onchain.md#permissioning-contracts).
 The default is 1.
 Specify the contract interface version that maps to the version of the [Enterprise Ethereum Alliance Client Specification](https://entethalliance.org/technical-specifications/)
 the contract interface implements.
 |         | EEA Client Specification | Contract interface |
 |:--------|:-------------------------|:-------------------|
 | Version | 5                        | 1                  |
 | Version | 6                        | 2                  |
 The permissioning contracts in the [`ConsenSys/permissioning-smart-contracts`](https://github.com/ConsenSys/permissioning-smart-contracts)
 repository implement the version 2 contract interface.
 [support domain names]: ../../../public-networks/concepts/node-keys.md#domain-name-support
 [projects release page]: https://github.com/ConsenSys/permissioning-smart-contracts/releases/latest
 [onchain permissioning tutorial]: ../../tutorials/permissioning/onchain.md
--- a/docs/private-networks/how-to/use-privacy/access-private-transactions.md
+++ b/docs/private-networks/how-to/use-privacy/access-private-transactions.md
@ -3,7 +3,7 @@ description: Methods for accessing and managing private transactions and privacy
             Hyperledger Besu
 ---
-# Accessing private and privacy marker transactions
+# Access private and privacy marker transactions
 !!! warning
@ -12,7 +12,7 @@ description: Methods for accessing and managing private transactions and privacy
    and about all the [new Tessera features](https://consensys.net/blog/quorum/tessera-the-privacy-manager-of-choice-for-consensys-quorum-networks).
 A Hyperledger Besu private transaction creates a
-[privacy marker transaction](../../Concepts/Privacy/Private-Transaction-Processing.md) and
+[privacy marker transaction](../../concepts/privacy/private-transactions/processing.md) and
 the private transaction itself.
 ## Transaction receipts
@ -21,9 +21,9 @@ With the transaction hash returned when submitting the private transaction, to g
 receipt for the:
 * Private transaction, use
-  [`priv_getTransactionReceipt`](../../Reference/API-Methods.md#priv_gettransactionreceipt).
+  [`priv_getTransactionReceipt`](../../reference/api/index.md#priv_gettransactionreceipt).
 * Privacy marker transaction, use
-  [`eth_getTransactionReceipt`](../../Reference/API-Methods.md#eth_gettransactionreceipt).
+  [`eth_getTransactionReceipt`](../../../public-networks/reference/api/index.md#eth_gettransactionreceipt).
 The transaction receipt includes a `status` indicating if the transaction failed (`0x0`), succeeded (`0x1`), or
 was invalid (`0x2`).
@ -31,7 +31,7 @@ was invalid (`0x2`).
 !!! example "Private transaction failure example"
    To deploy a private contract, you submit a transaction using
-    [`eea_sendRawTransaction`](../Send-Transactions/Creating-Sending-Private-Transactions.md). If
+    [`eea_sendRawTransaction`](../send-transactions/private-transactions.md). If
    contract deployment fails because of insufficient gas, the privacy marker transaction receipt
    has a status of success and the private transaction receipt has a status of failure.
@ -40,6 +40,6 @@ was invalid (`0x2`).
 With the transaction hash returned when submitting the private transaction, to get the:
 * Private transaction, use
-  [`priv_getPrivateTransaction`](../../Reference/API-Methods.md#priv_getprivatetransaction).
+  [`priv_getPrivateTransaction`](../../reference/api/index.md#priv_getprivatetransaction).
 * Privacy marker transaction, use
-  [`eth_getTransactionByHash`](../../Reference/API-Methods.md#eth_gettransactionbyhash).
+  [`eth_getTransactionByHash`](../../../public-networks/reference/api/index.md#eth_gettransactionbyhash).
--- a/docs/private-networks/how-to/use-privacy/besu-extended.md
+++ b/docs/private-networks/how-to/use-privacy/besu-extended.md
@ -2,7 +2,7 @@
 description: Hyperledger Besu-extended privacy
 ---
-# Using Hyperledger Besu-extended privacy
+# Use Besu-extended privacy
 !!! warning
@ -11,26 +11,26 @@ description: Hyperledger Besu-extended privacy
    and about all the [new Tessera features](https://consensys.net/blog/quorum/tessera-the-privacy-manager-of-choice-for-consensys-quorum-networks).
 Hyperledger Besu provides an extended implementation of privacy allowing you to
-[create a privacy group for a set of participants](../../Concepts/Privacy/Privacy-Groups.md). You
+[create a privacy group for a set of participants](../../concepts/privacy/privacy-groups.md). You
 must specify the privacy group ID when sending private transactions.
-To enable the [`PRIV` API methods](../../Reference/API-Methods.md#priv-methods), use the
+To enable the [`PRIV` API methods](../../reference/api/index.md#priv-methods), use the
-[`--rpc-http-api`](../../Reference/CLI/CLI-Syntax.md#rpc-http-api) or
+[`--rpc-http-api`](../../../public-networks/reference/cli/options.md#rpc-http-api) or
-[`--rpc-ws-api`](../../Reference/CLI/CLI-Syntax.md#rpc-ws-api) command line options.
+[`--rpc-ws-api`](../../../public-networks/reference/cli/options.md#rpc-ws-api) command line options.
 To create the privacy group containing the recipients of a private transaction, use
-[`priv_createPrivacyGroup`](../../Reference/API-Methods.md#priv_createprivacygroup).
+[`priv_createPrivacyGroup`](../../reference/api/index.md#priv_createprivacygroup).
 To create an EEA-compliant private transaction, specify `privacyGroupId` when creating the signed
 transaction passed as an input parameter to
-[`eea_sendRawTransaction`](../../Reference/API-Methods.md#eea_sendrawtransaction).
+[`eea_sendRawTransaction`](../../reference/api/index.md#eea_sendrawtransaction).
 ## Privacy group type
 Privacy groups created using
-[`priv_createPrivacyGroup`](../../Reference/API-Methods.md#priv_createprivacygroup)
+[`priv_createPrivacyGroup`](../../reference/api/index.md#priv_createprivacygroup)
 have a `BESU` privacy group type when returned by
-[`priv_findPrivacyGroup`](../../Reference/API-Methods.md#priv_findprivacygroup).
+[`priv_findPrivacyGroup`](../../reference/api/index.md#priv_findprivacygroup).
 !!! example
--- a/docs/private-networks/how-to/use-privacy/eea-compliant.md
+++ b/docs/private-networks/how-to/use-privacy/eea-compliant.md
@ -2,7 +2,7 @@
 description: Hyperledger Besu JSON-RPC methods to use for EEA-compliant privacy
 ---
-# Using EEA-compliant privacy
+# Use EEA-compliant privacy
 !!! warning
@ -10,23 +10,23 @@ description: Hyperledger Besu JSON-RPC methods to use for EEA-compliant privacy
    Read our [Orion to Tessera migration guide](https://docs.orion.consensys.net/en/latest/Tutorials/Migrating-from-Orion-to-Tessera/)
    and about all the [new Tessera features](https://consensys.net/blog/quorum/tessera-the-privacy-manager-of-choice-for-consensys-quorum-networks).
-When using Hyperledger Besu [EEA-compliant privacy](../../Concepts/Privacy/Privacy-Groups.md), the
+When using Hyperledger Besu [EEA-compliant privacy](../../concepts/privacy/privacy-groups.md), the
 group of nodes specified by `privateFrom` and `privateFor` form a privacy group, to which Tessera
 assigns a unique privacy group ID.
-To enable the [`EEA` API methods](../../Reference/API-Methods.md#eea-methods), use the
+To enable the [`EEA` API methods](../../reference/api/index.md#eea-methods), use the
-[`--rpc-http-api`](../../Reference/CLI/CLI-Syntax.md#rpc-http-api) or
+[`--rpc-http-api`](../../../public-networks/reference/cli/options.md#rpc-http-api) or
-[`--rpc-ws-api`](../../Reference/CLI/CLI-Syntax.md#rpc-ws-api) command line options.
+[`--rpc-ws-api`](../../../public-networks/reference/cli/options.md#rpc-ws-api) command line options.
 To create an EEA-compliant private transaction, specify `privateFor` when creating the signed
 transaction passed as an input parameter to
-[`eea_sendRawTransaction`](../../Reference/API-Methods.md#eea_sendrawtransaction).
+[`eea_sendRawTransaction`](../../reference/api/index.md#eea_sendrawtransaction).
 ## Privacy group type
 Privacy groups created when specifying `privateFrom` and `privateFor` have a `LEGACY` privacy group
 type when returned by
-[`priv_findPrivacyGroup`](../../Reference/API-Methods.md#priv_findprivacygroup).
+[`priv_findPrivacyGroup`](../../reference/api/index.md#priv_findprivacygroup).
 !!! example
--- a/docs/private-networks/how-to/use-privacy/flexible.md
+++ b/docs/private-networks/how-to/use-privacy/flexible.md
@ -2,7 +2,7 @@
 description: Use flexible privacy groups
 ---
-# Using flexible privacy groups
+# Use flexible privacy groups
 !!! warning
@ -11,7 +11,7 @@ description: Use flexible privacy groups
    and about all the [new Tessera features](https://consensys.net/blog/quorum/tessera-the-privacy-manager-of-choice-for-consensys-quorum-networks).
 Use the [`web3js-quorum` library](https://github.com/ConsenSys/web3js-quorum) to create and update
-membership of [flexible privacy groups](../../Concepts/Privacy/Flexible-PrivacyGroups.md).
+membership of [flexible privacy groups](../../concepts/privacy/flexible-privacy.md).
 !!! tip
@ -20,7 +20,7 @@ membership of [flexible privacy groups](../../Concepts/Privacy/Flexible-PrivacyG
 !!! important
-    [Flexible privacy groups](../../Concepts/Privacy/Flexible-PrivacyGroups.md) are an early access
+    [Flexible privacy groups](../../concepts/privacy/flexible-privacy.md) are an early access
    feature. Don't use in production networks.
    The flexible privacy group interfaces may change between releases. There might not be an
@ -28,20 +28,20 @@ membership of [flexible privacy groups](../../Concepts/Privacy/Flexible-PrivacyG
    group functionality in future versions.
    We don't recommend creating flexible privacy groups in a chain with existing
-    [offchain privacy groups](../../Concepts/Privacy/Privacy-Groups.md).
+    [offchain privacy groups](../../concepts/privacy/privacy-groups.md).
-## Enabling flexible privacy groups
+## Enable flexible privacy groups
-Use the [`--privacy-flexible-groups-enabled`](../../Reference/CLI/CLI-Syntax.md#privacy-flexible-groups-enabled)
+Use the [`--privacy-flexible-groups-enabled`](../../reference/cli/options.md#privacy-flexible-groups-enabled)
-command line option to enable [flexible privacy groups](../../Concepts/Privacy/Flexible-PrivacyGroups.md).
+command line option to enable [flexible privacy groups](../../concepts/privacy/flexible-privacy.md).
-When flexible privacy groups are enabled, the [`priv_createPrivacyGroup`](../../Reference/API-Methods.md#priv_createprivacygroup),
+When flexible privacy groups are enabled, the [`priv_createPrivacyGroup`](../../reference/api/index.md#priv_createprivacygroup),
-[`priv_deletePrivacyGroup`](../../Reference/API-Methods.md#priv_deleteprivacygroup),
+[`priv_deletePrivacyGroup`](../../reference/api/index.md#priv_deleteprivacygroup),
-and [`priv_findPrivacyGroup`](../../Reference/API-Methods.md#priv_findprivacygroup) methods for
+and [`priv_findPrivacyGroup`](../../reference/api/index.md#priv_findprivacygroup) methods for
-[offchain privacy groups](../../Concepts/Privacy/Privacy-Groups.md) are disabled.
+[offchain privacy groups](../../concepts/privacy/privacy-groups.md) are disabled.
 ## Simple flexible privacy group example
-To create and find a [flexible privacy group](../../Concepts/Privacy/Flexible-PrivacyGroups.md) using
+To create and find a [flexible privacy group](../../concepts/privacy/flexible-privacy.md) using
 the [`web3js-quorum` library](https://github.com/ConsenSys/web3js-quorum):
 1. Update the `example/keys.js` file to match your network configuration.
@ -62,9 +62,9 @@ the [`web3js-quorum` library](https://github.com/ConsenSys/web3js-quorum):
    expected behavior because private transactions check offchain and onchain to find the privacy
    group for a private transaction.
-## Adding and removing members
+## Add and remove members
-To add and remove members from a [flexible privacy group](../../Concepts/Privacy/Flexible-PrivacyGroups.md),
+To add and remove members from a [flexible privacy group](../../concepts/privacy/flexible-privacy.md),
 use the `addTo` and `removeFrom` methods in the [`web3js-quorum` library](https://github.com/ConsenSys/web3js-quorum)
 client library.
--- a/docs/private-networks/how-to/use-privacy/goquorum-compatible.md
+++ b/docs/private-networks/how-to/use-privacy/goquorum-compatible.md
@ -2,7 +2,7 @@
 description: Use GoQuorum-compatible privacy
 ---
-# Using GoQuorum-compatible privacy
+# Use GoQuorum-compatible privacy
 GoQuorum-compatible privacy mode enables interoperable private transactions between Hyperledger
 Besu and [GoQuorum clients] using the Tessera private transaction manager.
@ -10,10 +10,10 @@ Besu and [GoQuorum clients] using the Tessera private transaction manager.
 This mode requires both networks to run an interoperable consensus algorithm such as [QBFT] to work.
 To run your Besu nodes in GoQuorum-compatible privacy mode, add the `isQuorum:true` flag to your
-[genesis file](../Configure/Genesis-File.md).
+[genesis file](../../../public-networks/concepts/genesis-file.md).
 While in GoQuorum-compatible privacy mode and using Tessera, disable [`orion` mode](https://docs.tessera.consensys.net/en/stable/HowTo/Configure/Orion-Mode/)
-by removing `"mode": "orion",` from the [Tessera configuration file](../../Tutorials/Privacy/Configuring-Multi-Tenancy.md#3-update-the-tessera-configuration-file).
+by removing `"mode": "orion",` from the [Tessera configuration file](../../tutorials/privacy/multi-tenancy.md#3-update-the-tessera-configuration-file).
 ## GoQuorum-compatible private transactions
@ -26,5 +26,5 @@ The following documentation explains [the transaction lifecycle] in GoQuorum-com
 <!--links-->
 [GoQuorum clients]: https://consensys.net/docs/goquorum/en/stable/
-[QBFT]: ../Configure/Consensus-Protocols/QBFT.md
+[QBFT]: ../configure/consensus/qbft.md
 [the transaction lifecycle]: https://consensys.net/docs/goquorum/en/stable/concepts/privacy/private-transaction-lifecycle/
--- a/docs/private-networks/how-to/use-privacy/performance-best-practices.md
+++ b/docs/private-networks/how-to/use-privacy/performance-best-practices.md
@ -1,4 +1,4 @@
-# Private transaction performance best practices
+# Performance best practices
 This document collects deployment and usage tips to help you achieve high performance for private transactions.
 If transaction throughput or latency is not meeting your expectations, please consider the following before raising an issue.
@ -26,7 +26,7 @@ When submitting a private transaction using [web3js-quorum](https://github.com/C
 This limits the throughput to at most one private transaction per block when submitting from a single thread.
 To increase throughput, use web3js-quorum from multiple concurrent threads or processes.
-### Colocate Besu and Tessera
+### Co-locate Besu and Tessera
 Besu has to talk to its local Tessera node frequently while handling a block.
 While we do not recommend running them on the same node, minimizing the latency between Besu and Tessera will improve block processing times.
--- a/docs/private-networks/how-to/use-privacy/privacy-groups.md
+++ b/docs/private-networks/how-to/use-privacy/privacy-groups.md
@ -13,13 +13,13 @@ description: Create and manage privacy groups with Hyperledger Besu
 Hyperledger Besu-extended privacy provides JSON-RPC API methods for creating and managing privacy
 groups:
-* [`priv_createPrivacyGroup`](../../Reference/API-Methods.md#priv_createprivacygroup)
+* [`priv_createPrivacyGroup`](../../reference/api/index.md#priv_createprivacygroup)
-* [`priv_findPrivacyGroup`](../../Reference/API-Methods.md#priv_findprivacygroup)
+* [`priv_findPrivacyGroup`](../../reference/api/index.md#priv_findprivacygroup)
-* [`priv_deletePrivacyGroup`](../../Reference/API-Methods.md#priv_deleteprivacygroup).
+* [`priv_deletePrivacyGroup`](../../reference/api/index.md#priv_deleteprivacygroup).
 !!! tip
    You can find and delete
-    [EEA-compliant privacy groups](../../Concepts/Privacy/Privacy-Groups.md) using
+    [EEA-compliant privacy groups](../../concepts/privacy/privacy-groups.md) using
-    [`priv_findPrivacyGroup`](../../Reference/API-Methods.md#priv_findprivacygroup) and
+    [`priv_findPrivacyGroup`](../../reference/api/index.md#priv_findprivacygroup) and
-    [`priv_deletePrivacyGroup`](../../Reference/API-Methods.md#priv_deleteprivacygroup).
+    [`priv_deletePrivacyGroup`](../../reference/api/index.md#priv_deleteprivacygroup).
--- a/docs/HowTo/Use-Privacy/Sign-Privacy-Marker-Transactions.md
+++ b/docs/HowTo/Use-Privacy/Sign-Privacy-Marker-Transactions.md
@ -2,11 +2,11 @@
 description: How to sign a privacy marker transaction with Hyperledger Besu
 ---
-# Signing privacy marker transactions
+# Sign privacy marker transactions
-You can sign privacy marker transactions with either a random key or a specified key. To sign
+You can sign privacy marker transactions (PMTs) with either a random key or a specified key. To sign
 privacy marker transactions with a specified private key, use
-[`--privacy-marker-transaction-signing-key-file`](../../Reference/CLI/CLI-Syntax.md#privacy-marker-transaction-signing-key-file)
+[`--privacy-marker-transaction-signing-key-file`](../../reference/cli/options.md#privacy-marker-transaction-signing-key-file)
 when starting Hyperledger Besu.
 !!! note
@ -18,23 +18,23 @@ when starting Hyperledger Besu.
 In networks where you pay gas, you must specify a key and the associated account must contain
 adequate funds.
-In [free gas networks](../../HowTo/Configure/FreeGas.md), to provide further anonymity by signing
+In [free gas networks](../configure/free-gas.md), to provide further anonymity by signing
 each privacy marker transaction with a different random key, exclude the
-[`--privacy-marker-transaction-signing-key-file`](../../Reference/CLI/CLI-Syntax.md#privacy-marker-transaction-signing-key-file)
+[`--privacy-marker-transaction-signing-key-file`](../../reference/cli/options.md#privacy-marker-transaction-signing-key-file)
 command line option when starting Besu.
 !!! caution "Using account permissioning and privacy"
-    You cannot use [Account permissioning] with random key signing.
+    You can't use [account permissioning] with random key signing.
    If using account permissioning and privacy, a signing key must be specified using the
-    [`--privacy-marker-transaction-signing-key-file`](../../Reference/CLI/CLI-Syntax.md#privacy-marker-transaction-signing-key-file)
+    [`--privacy-marker-transaction-signing-key-file`](../../reference/cli/options.md#privacy-marker-transaction-signing-key-file)
    command line option and the corresponding public key included in the accounts allowlist.
 !!! note
    Besu signs privacy marker transactions during the
-    [private transaction process](../../Concepts/Privacy/Private-Transaction-Processing.md).
+    [private transaction process](../../concepts/privacy/private-transactions/processing.md).
 <!-- Links -->
-[Account permissioning]: ../../Concepts/Permissioning/Permissioning-Overview.md#account-permissioning
+[account permissioning]: ../../concepts/permissioning/index.md#account-permissioning
--- a/docs/private-networks/how-to/use-privacy/tessera.md
+++ b/docs/private-networks/how-to/use-privacy/tessera.md
@ -10,22 +10,21 @@ description: Running ConsenSys Quorum Tessera with Hyperledger Besu
    Read our [Orion to Tessera migration guide](https://docs.orion.consensys.net/en/latest/Tutorials/Migrating-from-Orion-to-Tessera/)
    and about all the [new Tessera features](https://consensys.net/blog/quorum/tessera-the-privacy-manager-of-choice-for-consensys-quorum-networks).
-To enable [privacy functionality](../../Concepts/Privacy/Privacy-Overview.md) in production
+To enable [privacy functionality](../../concepts/privacy/index.md) in production
 systems, [Tessera](https://docs.tessera.consensys.net/) must be [highly available](#high-availability)
 and [run in a separate instance](#separate-instances) to Hyperledger Besu.
-![Besu-Tessera-High-Availability](../../images/Besu-Tessera-High-Availability.png)
+![Besu-Tessera-High-Availability](../../../images/Besu-Tessera-High-Availability.png)
 !!! note
-    You can also [configure Besu for high availability](../Configure/Configure-HA/High-Availability.md) using load
+    You can also [configure Besu for high availability] using load balancers.
    balancers.
 ## High availability
 Privacy requires you to [configure Tessera for high availability].
 Tessera also requires [`orion` mode](https://docs.tessera.consensys.net/en/stable/HowTo/Configure/Orion-Mode/)
-to be enabled if **not** running Besu in [GoQuorum compatible privacy mode](../../HowTo/Use-Privacy/Use-GoQuorum-compatible-privacy.md).
+to be enabled if **not** running Besu in [GoQuorum compatible privacy mode](goquorum-compatible.md).
 To successfully distribute a private transaction, all private transaction participants must be
 online. If any participants are offline when submitting the private transaction, the transaction is
--- a/docs/private-networks/how-to/use-privacy/web3js-quorum.md
+++ b/docs/private-networks/how-to/use-privacy/web3js-quorum.md
@ -2,7 +2,7 @@
 description: web3js-quorum client library
 ---
-# web3js-quorum client library
+# Use the web3js-quorum client library
 The [web3js-quorum library](https://github.com/ConsenSys/web3js-quorum) adds a property to your web3
 instance by extending [web3](https://github.com/ethereum/web3.js/). Use the library to create and
@ -35,8 +35,8 @@ npm install web3js-quorum
 Initialize your client where:
 * `<JSON-RPC HTTP endpoint>` is the JSON-RPC HTTP endpoint of your Hyperledger Besu node. Specified
-  by the [`--rpc-http-host`](../../../Reference/CLI/CLI-Syntax.md#rpc-http-host) and
+  by the [`--rpc-http-host`](../../../public-networks/reference/cli/options.md#rpc-http-host) and
-  [`--rpc-http-port`](../../../Reference/CLI/CLI-Syntax.md#rpc-http-port) command line options.
+  [`--rpc-http-port`](../../../public-networks/reference/cli/options.md#rpc-http-port) command line options.
 !!! example
@ -60,7 +60,7 @@ Initialize your client where:
    When migrating from web3js-eea to web3js-quorum, use `Web3Quorum`. The constructor doesn't require the chain ID anymore.
    Chain ID is automatically retrieved from the chain using the specified JSON-RPC HTTP endpoint.
-## Deploying a contract with `generateAndSendRawTransaction`
+## Deploy a contract with `generateAndSendRawTransaction`
 To deploy a private contract, you need the contract binary. You can use
 [Solidity](https://solidity.readthedocs.io/en/develop/using-the-compiler.html) to get the
--- a/docs/private-networks/index.md
+++ b/docs/private-networks/index.md
@ -0,0 +1,21 @@
 ---
 description: Private networks overview
 ---
 # Hyperledger Besu for private networks
 You can use Besu to develop enterprise applications requiring secure, high-performance transaction
 processing in a private network.
 A private network is a network not connected to Ethereum Mainnet or an Ethereum testnet.
 Private networks typically use a different [chain ID](../public-networks/concepts/network-and-chain-id.md) and
 proof of authority consensus ([QBFT](how-to/configure/consensus/qbft.md),
 [IBFT 2.0](how-to/configure/consensus/ibft.md), or [Clique](how-to/configure/consensus/clique.md)).
 You can also [create a local development network](tutorials/ethash.md) using proof of work (Ethash).
 Besu supports enterprise features including [privacy](concepts/privacy/index.md) and
 [permissioning](concepts/permissioning/index.md).
 Get started with the [Developer Quickstart](tutorials/quickstart.md) to rapidly generate local
 blockchain networks.
--- a/docs/private-networks/reference/accounts-for-testing.md
+++ b/docs/private-networks/reference/accounts-for-testing.md
@ -9,7 +9,7 @@ network. Hyperledger Besu also provides predefined accounts for use in developme
 ## Development mode
-When you start Besu with the [`--network=dev`](CLI/CLI-Syntax.md#network) command line option, Besu
+When you start Besu with the [`--network=dev`](../../public-networks/reference/cli/options.md#network) command line option, Besu
 uses the `dev.json` genesis file by default.
 The `dev.json` genesis file defines the following accounts used for testing.
@ -23,4 +23,4 @@ network. For an example of how to define accounts in the genesis file, see
 [`dev.json`](https://github.com/hyperledger/besu/blob/750580dcca349d22d024cc14a8171b2fa74b505a/config/src/main/resources/dev.json).
 To start Besu with the genesis file defining the existing accounts, use the
-[`--genesis-file`](CLI/CLI-Syntax.md#genesis-file) command line option .
+[`--genesis-file`](../../public-networks/reference/cli/options.md#genesis-file) command line option .
--- a/docs/private-networks/reference/api/index.md
+++ b/docs/private-networks/reference/api/index.md
--- a/docs/private-networks/reference/api/objects.md
+++ b/docs/private-networks/reference/api/objects.md
@ -0,0 +1,55 @@
 ---
 description: Hyperledger Besu private network API objects reference
 ---
 # Private network API objects
 The following objects are parameters for or returned by Besu private network API methods.
 !!! attention
    This reference contains API objects that apply to only private networks.
    For API objects that apply to both private and public networks, see the
    [public network API objects reference](../../../public-networks/reference/api/objects.md).
 ## Private transaction object
 Returned by [`priv_getPrivateTransaction`](index.md#priv_getprivatetransaction).
 | Key | Type | Value |
 |-----|:----:|-------|
 | **from**           | Data, 20&nbsp;bytes               | Address of the sender.                                                          |
 | **gas**            | Quantity                          | Gas provided by the sender.                                                     |
 | **gasPrice**       | Quantity                          | Gas price, in Wei, provided by the sender.                                      |
 | **input**          | Data                              | The data to create or invoke a contract.                                        |
 | **nonce**          | Quantity                          | Number of transactions made by the sender to the privacy group before this one. |
 | **to**             | Data, 20&nbsp;bytes               | `null` if a contract creation transaction, otherwise, the contract address.     |
 | **value**          | Quantity                          | `null` because private transactions cannot transfer Ether.                      |
 | **v**              | Quantity                          | ECDSA Recovery ID.                                                              |
 | **r**              | Data, 32&nbsp;bytes               | ECDSA signature r.                                                              |
 | **s**              | Data, 32&nbsp;bytes               | ECDSA signature s.                                                              |
 | **privateFrom**    | Data, 32&nbsp;bytes               | [Tessera](https://docs.tessera.consensys.net/) public key of the sender.   |
 | **privateFor**     | Array of Data, 32&nbsp;bytes each | [Tessera](https://docs.tessera.consensys.net/) public keys of recipients. Not returned if using `privacyGroupId` to [send the transaction](../../../private-networks/concepts/privacy/privacy-groups.md#privacy-types).  |
 | **privacyGroupId** | Data, 32&nbsp;bytes               | [Tessera](https://docs.tessera.consensys.net/) privacy group ID of recipients. Not returned if using `privateFor` to [send the transaction](../../../private-networks/concepts/privacy/privacy-groups.md#privacy-types). |
 | **restriction**    | String                            | Must be [`restricted`](../../../private-networks/concepts/privacy/private-transactions/index.md).            |
 ## Private transaction receipt object
 Returned by [`priv_getTransactionReceipt`](index.md#priv_gettransactionreceipt).
 | Key | Type | Value |
 |-----|:----:|-------|
 | **blockHash**        | Data, 32&nbsp;bytes  | Hash of block containing this transaction.                                         |
 | **blockNumber**      | Quantity             | Block number of block containing this transaction.                                 |
 | **contractAddress**  | Data, 20&nbsp;bytes  | Contract address created if a contract creation transaction, otherwise, `null`. A failed contract creation transaction still produces a contract address value. |
 | **from**             | Data, 20&nbsp;bytes  | Address of the sender.                                                             |
 | **logs**             | Array                | Array of [log objects](#log-object) generated by this private transaction.         |
 | **to**               | Data, 20&nbsp;bytes  | Address of the receiver, if sending ether, otherwise, null.                        |
 | **transactionIndex** | Quantity, Integer    | Index position of transaction in the block.                                        |
 | **revertReason**     | String               | ABI-encoded string that displays the [reason for reverting the transaction](../../../private-networks/how-to/send-transactions/revert-reason.md). Only available if revert reason is [enabled](../cli/options.md#revert-reason-enabled). |
 | **output**           | Data                 | RLP-encoded return value of a contract call if a value returns, otherwise, `null`. |
 | **commitmentHash**   | Data, 32&nbsp;bytes  | Hash of the privacy marker transaction.                                            |
 | **status**           | Quantity             | Either `0x1` (success) or `0x0` (failure).                                         |
 | **privateFrom**      | Data, 32&nbsp;bytes  | [Tessera](https://docs.tessera.consensys.net/) public key of the sender.           |
 | **privateFor** or **privacyGroupId** | Array or Data, 32&nbsp;bytes | [Tessera](https://docs.tessera.consensys.net/) public keys or privacy group ID of the recipients. |
 | **logsBloom**        | Data, 256&nbsp;bytes | Bloom filter for light clients to quickly retrieve related logs.                   |
--- a/docs/private-networks/reference/cli/options.md
+++ b/docs/private-networks/reference/cli/options.md
@ -0,0 +1,640 @@
 ---
 description: Hyperledger Besu private networks CLI reference
 ---
 # Private network command line options
 This reference describes the syntax of the Hyperledger Besu private network command line interface
 (CLI) options.
 !!! attention
    This reference contains options that apply to only private networks.
    For options that apply to both private and public networks, see the
    [public network options reference](../../../public-networks/reference/cli/options.md).
 ## Specify options
 You can specify Besu options:
 * On the command line.
    ```bash
    besu [OPTIONS] [SUBCOMMAND]
    ```
 * As an environment variable.
  For each command line option, the equivalent environment variable is:
    * Uppercase.
    * `_` replaces `-`.
    * Has a `BESU_` prefix.
  For example, set `--miner-coinbase` using the `BESU_MINER_COINBASE` environment variable.
 * In a [configuration file](../../../public-networks/how-to/configuration-file.md).
 If you specify an option in more than one place, the order of priority is command line, environment
 variable, configuration file.
 If using Bash or Z shell, you can view option suggestions by entering `--` and pressing the Tab key twice.
 ```bash
 besu --Tab+Tab
 ```
 ## Options
 ### `permissions-accounts-config-file`
 === "Syntax"
    ```bash
    --permissions-accounts-config-file=<FILE>
    ```
 === "Example"
    ```bash
    --permissions-accounts-config-file=/home/me/me_configFiles/myPermissionsFile
    ```
 === "Environment variable"
    ```bash
    BESU_PERMISSIONS_ACCOUNTS_CONFIG_FILE=/home/me/me_configFiles/myPermissionsFile
    ```
 === "Configuration file"
    ```bash
    permissions-accounts-config-file="/home/me/me_configFiles/myPermissionsFile"
    ```
 The [accounts permissions configuration file]. The default is the `permissions_config.toml` file in
 the [data directory](../../../public-networks/reference/cli/options.md#data-path).
 !!! tip
    `--permissions-accounts-config-file` and
    [`--permissions-nodes-config-file`](#permissions-nodes-config-file) can use the same file.
 ### `permissions-accounts-config-file-enabled`
 === "Syntax"
    ```bash
    --permissions-accounts-config-file-enabled[=<true|false>]
    ```
 === "Example"
    ```bash
    --permissions-accounts-config-file-enabled=true
    ```
 === "Environment variable"
    ```bash
    BESU_PERMISSIONS_ACCOUNTS_CONFIG_FILE_ENABLED=true
    ```
 === "Configuration file"
    ```bash
    permissions-accounts-config-file-enabled=true
    ```
 Enables or disables file-based account level permissions. The default is `false`.
 ### `permissions-accounts-contract-address`
 === "Syntax"
    ```bash
    --permissions-accounts-contract-address=<ContractAddress>
    ```
 === "Example"
    ```bash
    --permissions-accounts-contract-address=xyz
    ```
 === "Environment variable"
    ```bash
    BESU_PERMISSIONS_ACCOUNTS_CONTRACT_ADDRESS=xyz
    ```
 === "Configuration file"
    ```bash
    permissions-accounts-contract-address=xyz
    ```
 The contract address for
 [onchain account permissioning](../../concepts/permissioning/onchain.md).
 ### `permissions-accounts-contract-enabled`
 === "Syntax"
    ```bash
    --permissions-accounts-contract-enabled[=<true|false>]
    ```
 === "Example"
    ```bash
    --permissions-accounts-contract-enabled=true
    ```
 === "Environment variable"
    ```bash
    BESU_PERMISSIONS_ACCOUNTS_CONTRACT_ENABLED=true
    ```
 === "Configuration file"
    ```bash
    permissions-accounts-contract-enabled=true
    ```
 Enables or disables contract-based
 [onchain account permissioning](../../concepts/permissioning/onchain.md). The default
 is `false`.
 ### `permissions-nodes-config-file`
 === "Syntax"
    ```bash
    --permissions-nodes-config-file=<FILE>
    ```
 === "Example"
    ```bash
    --permissions-nodes-config-file=/home/me/me_configFiles/myPermissionsFile
    ```
 === "Environment variable"
    ```bash
    BESU_PERMISSIONS_NODES_CONFIG_FILE=/home/me/me_configFiles/myPermissionsFile
    ```
 === "Configuration file"
    ```bash
    permissions-nodes-config-file="/home/me/me_configFiles/myPermissionsFile"
    ```
 The [nodes permissions configuration file]. The default is the `permissions_config.toml` file in
 the [data directory](../../../public-networks/reference/cli/options.md#data-path).
 !!! tip
    `--permissions-nodes-config-file` and
    [`--permissions-accounts-config-file`](#permissions-accounts-config-file) can use the same
    file.
 ### `permissions-nodes-config-file-enabled`
 === "Syntax"
    ```bash
    --permissions-nodes-config-file-enabled[=<true|false>]
    ```
 === "Example"
    ```bash
    --permissions-nodes-config-file-enabled=true
    ```
 === "Environment variable"
    ```bash
    BESU_PERMISSIONS_NODES_CONFIG_FILE_ENABLED=true
    ```
 === "Configuration file"
    ```bash
    permissions-nodes-config-file-enabled=true
    ```
 Enables or disables file-based node level permissions. The default is `false`.
 ### `permissions-nodes-contract-address`
 === "Syntax"
    ```bash
    --permissions-nodes-contract-address=<ContractAddress>
    ```
 === "Example"
    ```bash
    --permissions-nodes-contract-address=xyz
    ```
 === "Environment variable"
    ```bash
    BESU_PERMISSIONS_NODES_CONTRACT_ADDRESS=xyz
    ```
 === "Configuration file"
    ```bash
    permissions-nodes-contract-address=xyz
    ```
 The contract address for
 [onchain node permissioning](../../concepts/permissioning/onchain.md).
 ### `permissions-nodes-contract-enabled`
 === "Syntax"
    ```bash
    --permissions-nodes-contract-enabled[=<true|false>]
    ```
 === "Example"
    ```bash
    --permissions-nodes-contract-enabled=true
    ```
 === "Environment variable"
    ```bash
    BESU_PERMISSIONS_NODES_CONTRACT_ENABLED=true
    ```
 === "Configuration file"
    ```bash
    permissions-nodes-contract-enabled=true
    ```
 Enables or disables contract-based
 [onchain node permissioning](../../concepts/permissioning/onchain.md). The default is
 `false`.
 ### `permissions-nodes-contract-version`
 === "Syntax"
    ```bash
    --permissions-nodes-contract-version=<ContractVersion>
    ```
 === "Example"
    ```bash
    --permissions-nodes-contract-version=2
    ```
 === "Environment variable"
    ```bash
    BESU_PERMISSIONS_NODES_CONTRACT_VERSION=2
    ```
 === "Configuration file"
    ```bash
    permissions-nodes-contract-version=2
    ```
 Version of the EEA [node permissioning interface](../../how-to/use-permissioning/onchain.md#specify-the-permissioning-contract-interface-version).
 The default is 1.
 ### `privacy-enabled`
 === "Syntax"
    ```bash
    --privacy-enabled[=<true|false>]
    ```
 === "Example"
    ```bash
    --privacy-enabled=false
    ```
 === "Environment variable"
    ```bash
    BESU_PRIVACY_ENABLED=false
    ```
 === "Configuration file"
    ```bash
    privacy-enabled=false
    ```
 Enables or disables [private transactions](../../concepts/privacy/index.md). The default
 is `false`.
 !!! important
    Using private transactions with [pruning](../../../public-networks/concepts/data-storage-formats.md)
    or [fast sync](../../../public-networks/reference/cli/options.md#sync-mode) is not supported.
 ### `privacy-marker-transaction-signing-key-file`
 === "Syntax"
    ```bash
    --privacy-marker-transaction-signing-key-file=<FILE>
    ```
 === "Example"
    ```bash
    --privacy-marker-transaction-signing-key-file=/home/me/me_node/myPrivateKey
    ```
 === "Environment variable"
    ```bash
    BESU_PRIVACY_MARKER_TRANSACTION_SIGNING_KEY_FILE=/home/me/me_node/myPrivateKey
    ```
 === "Configuration file"
    ```bash
    privacy-marker-transaction-signing-key-file="/home/me/me_node/myPrivateKey"
    ```
 `<FILE>` is the name of the private key file used to
 [sign privacy marker transactions](../../how-to/use-privacy/sign-pmts.md).
 !!! note
    This can be the same file used by [`--node-private-key-file`](../../../public-networks/reference/cli/options.md#node-private-key-file),
    or a different key file to identify who signed the privacy marker transaction.
 You must specify this option if you're using:
 * a privacy network where you pay gas. Also, the associated account must contain adequate funds.
 * [account permissioning] and privacy. You must include the corresponding public key in the
  accounts allowlist.
 If you do not specify this option (for example, in a free gas network), Besu signs each transaction
 with a different randomly generated key.
 ### `privacy-multi-tenancy-enabled`
 === "Syntax"
    ```bash
    --privacy-multi-tenancy-enabled[=<true|false>]
    ```
 === "Example"
    ```bash
    --privacy-multi-tenancy-enabled=false
    ```
 === "Environment variable"
    ```bash
    BESU_PRIVACY_MULTI_TENANCY_ENABLED=false
    ```
 === "Configuration file"
    ```bash
    privacy-multi-tenancy-enabled=false
    ```
 Enables or disables [multi-tenancy](../../concepts/privacy/multi-tenancy.md) for private
 transactions. The default is `false`.
 ### `privacy-flexible-groups-enabled`
 === "Syntax"
    ```bash
    --privacy-flexible-groups-enabled[=<true|false>]
    ```
 === "Example"
    ```bash
    --privacy-flexible-groups-enabled=true
    ```
 === "Environment variable"
    ```bash
    BESU_PRIVACY_FLEXIBLE_GROUPS_ENABLED=true
    ```
 === "Configuration file"
    ```bash
    privacy-flexible-groups-enabled=true
    ```
 Enables or disables [flexible privacy groups](../../concepts/privacy/flexible-privacy.md). The default is `false`.
 Deprecated syntax for this option is `--privacy-onchain-groups-enabled`.
 ### `privacy-public-key-file`
 === "Syntax"
    ```bash
    --privacy-public-key-file=<privacyPublicKeyFile>
    ```
 === "Example"
    ```bash
    --privacy-public-key-file=Tessera/nodeKey.pub
    ```
 === "Environment variable"
    ```bash
    BESU_PRIVACY_PUBLIC_KEY_FILE=Tessera/nodeKey.pub
    ```
 === "Configuration file"
    ```bash
    privacy-public-key-file="Tessera/nodeKey.pub"
    ```
 The [public key of the Tessera node](https://docs.tessera.consensys.net/).
 !!! important
    You cannot specify `privacy-public-key-file` when
    [`--privacy-multi-tenancy-enabled`](#privacy-multi-tenancy-enabled) is `true`
 ### `privacy-tls-enabled`
 === "Syntax"
    ```bash
    --privacy-tls-enabled[=<true|false>]
    ```
 === "Example"
    ```bash
    --privacy-tls-enabled=false
    ```
 === "Environment variable"
    ```bash
    BESU_PRIVACY_TLS_ENABLED=false
    ```
 === "Configuration file"
    ```bash
    privacy-tls-enabled=false
    ```
 Enables or disables [TLS on communication with the private transaction manager]. The default is
 false.
 ### `privacy-tls-keystore-file`
 === "Syntax"
    ```bash
    --privacy-tls-keystore-file=<FILE>
    ```
 === "Example"
    ```bash
    --privacy--keystore-file=/home/me/me_node/key
    ```
 === "Environment variable"
    ```bash
    BESU_PRIVACY_TLS_KEYSTORE_FILE=/home/me/me_node/key
    ```
 === "Configuration file"
    ```bash
    privacy-tls-keystore-file="/home/me/me_node/key"
    ```
 The keystore file (in PKCS #12 format) containing the private key and the certificate presented
 during authentication.
 You must specify `privacy-tls-keystore-file` if [`--privacy-tls-enabled`](#privacy-tls-enabled) is
 `true`.
 ### `privacy-tls-keystore-password-file`
 === "Syntax"
    ```bash
    --privacy-tls-keystore-password-file=<FILE>
    ```
 === "Example"
    ```bash
    --privacy-tls-keystore-password-file=/home/me/me_node/password
    ```
 === "Environment variable"
    ```bash
    BESU_PRIVACY_TLS_KEYSTORE_PASSWORD_FILE=/home/me/me_node/password
    ```
 === "Configuration file"
    ```bash
    privacy-tls-keystore-password-file="/home/me/me_node/password"
    ```
 The path to the file containing the password to decrypt the keystore.
 ### `privacy-tls-known-enclave-file`
 === "Syntax"
    ```bash
    --privacy-tls-known-enclave-file=<FILE>
    ```
 === "Example"
    ```bash
    --privacy-tls-known-enclave-file=/home/me/me_node/knownEnclave
    ```
 === "Environment variable"
    ```bash
    BESU_PRIVACY_TLS_KNOWN_ENCLAVE_FILE=/home/me/me_node/knownEnclave
    ```
 === "Configuration file"
    ```bash
    privacy-tls-known-enclave-file="/home/me/me_node/knownEnclave"
    ```
 The path to the file containing the hostnames, ports, and SHA256 certificate fingerprints of the
 [authorized privacy enclave](../../how-to/configure/tls/client-and-server.md#create-the-known-servers-file).
 ### `privacy-url`
 === "Syntax"
    ```bash
    --privacy-url=<privacyUrl>
    ```
 === "Example"
    ```bash
    --privacy-url=http://127.0.0.1:8888
    ```
 === "Environment variable"
    ```bash
    BESU_PRIVACY_URL=http://127.0.0.1:8888
    ```
 === "Configuration file"
    ```bash
    privacy-url="http://127.0.0.1:8888"
    ```
 The URL on which the
 [Tessera node](../../tutorials/privacy/index.md#3-create-tessera-configuration-files) is
 running.
 <!-- Links -->
 [accounts permissions configuration file]: ../../how-to/use-permissioning/local.md#permissions-configuration-file
 [nodes permissions configuration file]: ../../how-to/use-permissioning/local.md#permissions-configuration-file
 [account permissioning]: ../../concepts/permissioning/index.md#account-permissioning
 [TLS on communication with the private transaction manager]: ../../concepts/privacy/index.md#private-transaction-manager
--- a/docs/private-networks/reference/cli/subcommands.md
+++ b/docs/private-networks/reference/cli/subcommands.md
@ -0,0 +1,139 @@
 ---
 description: Hyperledger Besu command line interface subcommands
 ---
 # Private network subcommands
 This reference describes the syntax of the Hyperledger Besu private network command line interface
 (CLI) subcommands.
 !!! attention
    This reference contains subcommands that apply to only private networks.
    For subcommands that apply to both private and public networks, see the
    [public network subcommands reference](../../../public-networks/reference/cli/subcommands.md).
 To start a Besu node using subcommands, run:
 ```bash
 besu [OPTIONS] [SUBCOMMAND] [SUBCOMMAND OPTIONS]
 ```
 If using Bash or Z shell, you can view subcommand suggestions by pressing the Tab key twice.
 ```bash
 besu Tab+Tab
 ```
 ## `operator`
 Provides operator actions.
 ### `generate-blockchain-config`
 === "Syntax"
    ```bash
    besu operator generate-blockchain-config --config-file=<FILE> --to=<DIRECTORY> [--genesis-file-name=<FILE>] [--private-key-file-name=<FILE>] [--public-key-file-name=<FILE>]
    ```
 === "Example"
    ```bash
    besu operator generate-blockchain-config --config-file=config.json --to=myNetworkFiles
    ```
 Generates an
 [IBFT 2.0](../../how-to/configure/consensus/ibft.md#genesis-file) or
 [QBFT](../../how-to/configure/consensus/qbft.md#genesis-file) genesis file.
 The configuration file has two nested JSON nodes.
 The first is the `genesis` property defining the IBFT 2.0 or QBFT genesis file, except for the
 `extraData` string.
 The second is the `blockchain` property defining the number of key pairs to generate.
 ## `rlp`
 Provides RLP related actions.
 ### `encode`
 === "Syntax"
    ```bash
    besu rlp encode [--from=<FILE>] [--to=<FILE>] [--type=<type>]
    ```
 === "File example"
    ```bash
    besu rlp encode --from=ibft_extra_data.json --to=extra_data_for_ibft_genesis.txt --type=IBFT_EXTRA_DATA
    ```
 === "Standard input/output example"
    ```bash
    cat extra_data.json | besu rlp encode > rlp.txt
    ```
 Encodes the RLP hexadecimal string for use in an [IBFT 2.0](../../how-to/configure/consensus/ibft.md#genesis-file)
 or [QBFT](../../how-to/configure/consensus/qbft.md#genesis-file) genesis file.
 The default type is `IBFT_EXTRA_DATA`.
 Supported types are:
 * `IBFT_EXTRA_DATA` - The IBFT 2.0 genesis file includes the `IBFT_EXTRA_DATA` type in the
  [`extraData`](../../how-to/configure/consensus/ibft.md#extra-data) property.
 * `QBFT_EXTRA_DATA` - The QBFT genesis file includes the `QBFT_EXTRA_DATA` type in the
  [`extraData`](../../how-to/configure/consensus/qbft.md#extra-data) property.
 ???+ summary "IBFT 2.0 extra data"
    To generate the RLP encoded `extraData` string, specify a JSON input that is an array of
    validator addresses in ascending order.
    ??? tip "JSON Schema for IBFT_EXTRA_DATA"
        Use the following JSON Schema to validate that your JSON data is well formed.
        To validate your JSON content, use an online validation tool, such as
        [JSON Schema Validator](https://www.jsonschemavalidator.net/).
        ```json
        {
          "$schema": "http://json-schema.org/draft-07/schema#",
          "$id": "http://org.hyperledger.besu/cli_rlp_ibft_extra_data.json",
          "type": "array",
          "definitions": {},
          "title": "IBFT extra data",
          "description":"JSON format used as input to generate an IBFT extra data RLP string",
          "items": {
            "$id": "#/address",
            "type": "string",
            "title": "Validator address",
            "description":"The validator node address",
            "default": "",
            "examples": [
              "be068f726a13c8d46c44be6ce9d275600e1735a4",
              "5ff6f4b66a46a2b2310a6f3a93aaddc0d9a1c193"
            ],
            "pattern":"^([0-9a-f]{40})$"
          }
        }
        ```
    !!! example "Example IBFT_EXTRA_DATA encoding"
        === "JSON input"
            ```json
            [
              "be068f726a13c8d46c44be6ce9d275600e1735a4",
              "5ff6f4b66a46a2b2310a6f3a93aaddc0d9a1c193"
            ]
            ```
        === "RLP output"
            ```
            0xf853a00000000000000000000000000000000000000000000000000000000000000000ea94be068f726a13c8d46c44be6ce9d275600e1735a4945ff6f4b66a46a2b2310a6f3a93aaddc0d9a1c193808400000000c0
            ```
--- a/docs/private-networks/reference/index.md
+++ b/docs/private-networks/reference/index.md
@ -0,0 +1,22 @@
 ---
 description: private networks reference overview
 ---
 # Reference
 This section provides reference material for private network features.
 The following features and resources are shared with [public networks](../../public-networks/index.md)
 and the content can be found in the public networks section:
 - Besu command line:
    - [Standard options](../../public-networks/reference/cli/options.md)
    - [Standard subcommands](../../public-networks/reference/cli/subcommands.md)
 - Besu API:
    - [Standard Besu API methods](../../public-networks/reference/api/index.md)
    - [Standard Besu API objects](../../public-networks/reference/api/objects.md)
 - [Genesis file items](../../public-networks/reference/genesis-items.md)
 - [EVM tool options](../../public-networks/reference/evm-tool.md)
 - [Transaction trace types](../../public-networks/reference/trace-types.md)
 - [Projects using Besu](../../public-networks/reference/projects-using-besu.md)
 - [Security disclosure policy](../../public-networks/reference/disclosure.md)
--- a/docs/private-networks/reference/plugin-api-interfaces.md
+++ b/docs/private-networks/reference/plugin-api-interfaces.md
@ -4,7 +4,7 @@ description: Plugin interfaces
 # Plugin API interfaces
-API interfaces in Hyperledger Besu allow users to [build plugins](../Concepts/Plugins.md) to
+API interfaces in Hyperledger Besu allow users to [build plugins](../concepts/plugins.md) to
 extend Besu functionality, such as the [Quorum Besu plugins](https://doc.quorumplugins.consensys.net/en/latest/Concepts/Besu-Plugins/Event-Streams/).
 For more information about the available interfaces, see the
@ -59,4 +59,4 @@ the `https://hyperledger.jfrog.io/hyperledger/besu-maven` repository and the `pl
    The `start` step can be ignored and your plugin module will be instantiated when
    the command line interface is parsed and available.
-[privacy marker transactions]: ../Concepts/Privacy/Private-Transaction-Processing.md
+[privacy marker transactions]: ../concepts/privacy/private-transactions/processing.md
--- a/docs/Tutorials/Private-Network-Example-Azure.md
+++ b/docs/Tutorials/Private-Network-Example-Azure.md
@ -21,9 +21,9 @@ endpoint `http://<VM_IP>/jsonrpc`.
 The following is a high-level overview of the deployed network.
-![Image landing](../images/sampleNetworks-poa.png)
+![Image landing](../../images/sampleNetworks-poa.png)
-## Deploying
+## Deploy
 To deploy the private network example on Azure:
@ -34,12 +34,12 @@ To deploy the private network example on Azure:
 1. Click **Get It Now** and **Continue**.
   The Quickstart landing page is displayed.
-    ![Image landing](../images/mp_0_landing.png)
+    ![Image landing](../../images/mp_0_landing.png)
 1. Click **Create**.
   The **Basics** page is displayed.
-     ![Image basics](../images/mp_1_basics.png)
+     ![Image basics](../../images/mp_1_basics.png)
 1. Enter:
@ -68,7 +68,7 @@ To deploy the private network example on Azure:
 To display the block explorer, open a new tab and enter either the IP of the VM or the DNS name.
-![Image be](../images/mp_8_block_explorer.png)
+![Image be](../../images/mp_8_block_explorer.png)
 ## Metrics
@ -80,12 +80,12 @@ To display the dashboard:
 1. Click on home and select the Besu dashboard.
-    ![Grafana screenshot](../images/mp_9_grafana.png)
+    ![Grafana screenshot](../../images/mp_9_grafana.png)
 The dashboard provides a visual way to monitor your network and nodes as the chain progresses.
 Alerting can also be configured.
-## Connecting to VM RPC endpoint
+## Connect to VM RPC endpoint
 You can connect dapps or develop directly from the IDE by using VSCode and connecting to the VM RPC endpoint.
 The endpoint is the DNS name appended with `/jsonrpc`: `http://<DNS_NAME_OF_VM>/jsonrpc`.
@ -102,6 +102,6 @@ ssh username@<DNS_NAME_OF_VM>
 To list all containers running, run `docker ps`.
 Find the complete setup in `/home/<username>/besu-quickstart`.
-![Image ssh](../images/mp_10_ssh.png)
+![Image ssh](../../images/mp_10_ssh.png)
 [Quorum Dev Quickstart on Azure Marketplace]: https://azuremarketplace.microsoft.com/en-us/marketplace/apps/consensys.quorum-dev-quickstart
--- a/docs/Tutorials/Private-Network/Create-Private-Clique-Network.md
+++ b/docs/Tutorials/Private-Network/Create-Private-Clique-Network.md
@ -2,7 +2,7 @@
 description: Hyperledger Besu private network using the Clique (proof of authority) consensus protocol
 ---
-# Create a private network using the Clique (proof of authority) consensus protocol
+# Create a private network using Clique
 A private network provides a configurable network for testing. This private network uses the
 [Clique (proof of authority) consensus protocol].
@ -14,7 +14,7 @@ A private network provides a configurable network for testing. This private netw
 ## Prerequisites
-* [Hyperledger Besu](../../HowTo/Get-Started/Installation-Options/Install-Binaries.md)
+* [Hyperledger Besu](../get-started/install/binary-distribution.md)
 * [Curl (or similar webservice client)](https://curl.haxx.se/download.html).
 ## Steps
@ -24,7 +24,7 @@ Listed on the right-hand side of the page are the steps to create a private netw
 ### 1. Create directories
 Each node requires a data directory for the blockchain data. When the node starts, Besu saves the
-[node key](../../Concepts/Node-Keys.md) in this directory.
+[node key](../../public-networks/concepts/node-keys.md) in this directory.
 Create directories for your private network, each of the three nodes, and a data directory for each
 node:
@ -46,7 +46,7 @@ file. For this Clique network, we'll use Node-1 as the initial signer. This requ
 address for Node-1.
 To get the address for Node-1, in the `Node-1` directory, use the
-[`public-key export-address`](../../Reference/CLI/CLI-Subcommands.md#export-address) subcommand to
+[`public-key export-address`](../../public-networks/reference/cli/subcommands.md#export-address) subcommand to
 write the node address to the specified file (`node1Address` in this example).
 === "MacOS"
@ -65,7 +65,7 @@ write the node address to the specified file (`node1Address` in this example).
 The genesis file defines the genesis block of the blockchain (that is, the start of the
 blockchain). The
-[Clique genesis file](../../HowTo/Configure/Consensus-Protocols/Clique.md#genesis-file) includes
+[Clique genesis file](../how-to/configure/consensus/clique.md#genesis-file) includes
 the address of Node-1 as the initial signer in the `extraData` field.
 All nodes in a network must use the same genesis file.
@ -113,11 +113,12 @@ Copy the following genesis definition to a file called `cliqueGenesis.json` and
 !!! note
-    We recommend specifying the latest [milestone](../../Reference/Config-Items.md#milestone-blocks) when creating the configuration file for a private network.
+    We recommend specifying the latest [milestone](../../public-networks/reference/genesis-items.md#milestone-blocks) when creating
    the genesis file for a private network.
    This ensures you are using the most up-to-date protocol and have access to the most recent opcodes.
 In `extraData`, replace `<Node 1 Address>` with the
-[address for Node-1](#2-get-address-for-node-1), excluding the 0x prefix.
+[address for Node-1](#2-get-the-address-for-node-1), excluding the 0x prefix.
 !!! example
@ -153,15 +154,15 @@ Start Node-1:
 The command line enables:
 * The JSON-RPC API using the
-  [`--rpc-http-enabled`](../../Reference/CLI/CLI-Syntax.md#rpc-http-enabled) option
+  [`--rpc-http-enabled`](../../public-networks/reference/cli/options.md#rpc-http-enabled) option
 * The ETH, NET, and CLIQUE APIs using the
-  [`--rpc-http-api`](../../Reference/CLI/CLI-Syntax.md#rpc-http-api) option
+  [`--rpc-http-api`](../../public-networks/reference/cli/options.md#rpc-http-api) option
 * All-host access to the HTTP JSON-RPC API using the
-  [`--host-allowlist`](../../Reference/CLI/CLI-Syntax.md#host-allowlist) option
+  [`--host-allowlist`](../../public-networks/reference/cli/options.md#host-allowlist) option
 * All-domain access to the node through the HTTP JSON-RPC API using the
-  [`--rpc-http-cors-origins`](../../Reference/CLI/CLI-Syntax.md#rpc-http-cors-origins) option
+  [`--rpc-http-cors-origins`](../../public-networks/reference/cli/options.md#rpc-http-cors-origins) option
-When the node starts, the [enode URL](../../Concepts/Node-Keys.md#enode-url) displays.
+When the node starts, the [enode URL](../../public-networks/concepts/node-keys.md#enode-url) displays.
 Copy the enode URL to specify Node-1 as the bootnode in the following steps.
 ![Node 1 Enode URL](../../images/EnodeStartup.png)
@ -186,14 +187,14 @@ enode URL copied when starting Node-1 as the bootnode:
 The command line specifies:
 * A different port to Node-1 for P2P discovery using the
-  [`--p2p-port`](../../Reference/CLI/CLI-Syntax.md#p2p-port) option.
+  [`--p2p-port`](../../public-networks/reference/cli/options.md#p2p-port) option.
 * A different port to Node-1 for HTTP JSON-RPC using the
-  [`--rpc-http-port`](../../Reference/CLI/CLI-Syntax.md#rpc-http-port) option.
+  [`--rpc-http-port`](../../public-networks/reference/cli/options.md#rpc-http-port) option.
 * The enode URL of Node-1 using the
-  [`--bootnodes`](../../Reference/CLI/CLI-Syntax.md#bootnodes) option.
+  [`--bootnodes`](../../public-networks/reference/cli/options.md#bootnodes) option.
 * The data directory for Node-2 using the
-  [`--data-path`](../../Reference/CLI/CLI-Syntax.md#data-path) option.
+  [`--data-path`](../../public-networks/reference/cli/options.md#data-path) option.
-* Other options as for [Node-1](#5-start-first-node-as-bootnode).
+* Other options as for [Node-1](#4-start-the-first-node-as-the-bootnode).
 ### 6. Start Node-3
@ -215,18 +216,18 @@ enode URL copied when starting Node-1 as the bootnode:
 The command line specifies:
 * A different port to Node-1 and Node-2 for P2P discovery using the
-  [`--p2p-port`](../../Reference/CLI/CLI-Syntax.md#p2p-port) option.
+  [`--p2p-port`](../../public-networks/reference/cli/options.md#p2p-port) option.
 * A different port to Node-1 and Node-2 for HTTP JSON-RPC using the
-  [`--rpc-http-port`](../../Reference/CLI/CLI-Syntax.md#rpc-http-port) option.
+  [`--rpc-http-port`](../../public-networks/reference/cli/options.md#rpc-http-port) option.
 * The data directory for Node-3 using the
-  [`--data-path`](../../Reference/CLI/CLI-Syntax.md#data-path) option.
+  [`--data-path`](../../public-networks/reference/cli/options.md#data-path) option.
-* The bootnode as for [Node-2](#6-start-node-2)
+* The bootnode as for [Node-2](#5-start-node-2).
-* Other options as for [Node-1](#5-start-first-node-as-bootnode).
+* Other options as for [Node-1](#4-start-the-first-node-as-the-bootnode).
 ### 7. Confirm the private network is working
 Start another terminal, use curl to call the JSON-RPC API
-[`net_peerCount`](../../Reference/API-Methods.md#net_peercount) method and confirm the nodes are
+[`net_peerCount`](../../public-networks/reference/api/index.md#net_peercount) method and confirm the nodes are
 functioning as peers:
 ```bash
@ -253,15 +254,14 @@ Use the [Clique API to add] Node-2 or Node-3 as a signer.
 !!! note
    To add Node-2 or Node-3 as a signer you need the
-    [node address as when specifying Node-1](#2-get-address-for-node-1) as the initial signer.
+    [node address as when specifying Node-1](#2-get-the-address-for-node-1) as the initial signer.
 Import accounts to MetaMask and send transactions, as described in the
-[Quickstart tutorial](../Developer-Quickstart.md#create-a-transaction-using-metamask).
+[Quickstart tutorial](quickstart.md#create-a-transaction-using-metamask).
 !!! info
-    Besu does not support
+    Besu doesn't support [private key management](../../public-networks/how-to/send-transactions.md).
    [private key management](../../HowTo/Send-Transactions/Account-Management.md).
 ## Stop the nodes
@ -270,8 +270,8 @@ When finished using the private network, stop all nodes using ++ctrl+c++ in each
 !!!tip
    To restart the Clique network in the future, start from
-    [4. Start First Node as Bootnode](#4-start-first-node-as-bootnode).
+    [4. Start First Node as Bootnode](#4-start-the-first-node-as-the-bootnode).
 <!-- Links -->
-[Clique (proof of authority) consensus protocol]: ../../HowTo/Configure/Consensus-Protocols/Clique.md
+[Clique (proof of authority) consensus protocol]: ../how-to/configure/consensus/clique.md
-[Clique API to add]: ../../HowTo/Configure/Consensus-Protocols/Clique.md#adding-and-removing-signers
+[Clique API to add]: ../how-to/configure/consensus/clique.md#add-and-remove-signers
--- a/docs/private-networks/tutorials/contracts/index.md
+++ b/docs/private-networks/tutorials/contracts/index.md
@ -2,18 +2,18 @@
 description: deploying smart contracts
 ---
-# Deploying smart contracts to an Ethereum chain
+# Deploy smart contracts to an Ethereum chain
 This tutorial shows you how to deploy smart contracts as transactions to a network.
 ## Prerequisites
 This tutorial requires a local blockchain network.
-You can use the [Developer Quickstart](../Developer-Quickstart.md) to rapidly generate one.
+You can use the [Developer Quickstart](../quickstart.md) to rapidly generate one.
 If deploying a private contract, enable privacy on the network (public contracts can also be deployed on privacy-enabled
 networks).
-## Using `eth_sendSignedTransaction`
+## Use `eth_sendSignedTransaction`
 To deploy a smart contract using
 [`eth_sendSignedTransaction`](https://web3js.readthedocs.io/en/v1.2.0/web3-eth.html#sendsignedtransaction), use an
@ -30,7 +30,7 @@ smart contract as an example, create a new file called `compile.js` with the fol
    ```js
    const fs = require('fs').promises;
    const solc = require('solc');
-    
+
    async function main() {
      // Load the contract source code
      const sourceCode = await fs.readFile('SimpleStorage.sol', 'utf8');
@ -40,7 +40,7 @@ smart contract as an example, create a new file called `compile.js` with the fol
      const artifact = JSON.stringify({ abi, bytecode }, null, 2);
      await fs.writeFile('SimpleStorage.json', artifact);
    }
-    
+
    function compile(sourceCode, contractName) {
      // Create the Solidity Compiler Standard Input and Output JSON
      const input = {
@ -56,7 +56,7 @@ smart contract as an example, create a new file called `compile.js` with the fol
        bytecode: artifact.evm.bytecode.object,
      };
    }
-    
+
    main().then(() => process.exit(0));
    ```
@ -85,7 +85,7 @@ The Developer Quickstart provides an [example of a public transaction script](ht
    // use an existing account, or make an account
    const privateKey = "0x8f2a55949038a9610f50fb23b5883af3b4ecb3c3bb792cbcefbd1542c692be63";
    const account = web3.eth.accounts.privateKeyToAccount(privateKey);
-    
+
    // read in the contracts
    const contractJsonPath = path.resolve(__dirname, 'SimpleStorage.json');
    const contractJson = JSON.parse(fs.readFileSync(contractJsonPath));
@ -94,10 +94,10 @@ The Developer Quickstart provides an [example of a public transaction script](ht
    const contractBin = fs.readFileSync(contractBinPath);
    // initialize the default constructor with a value `47 = 0x2F`; this value is appended to the bytecode
    const contractConstructorInit = "000000000000000000000000000000000000000000000000000000000000002F";
-    
+
    // get txnCount for the nonce value
    const txnCount = await web3.eth.getTransactionCount(account.address);
-    
+
    const rawTxOptions = {
      nonce: web3.utils.numberToHex(txnCount),
      from: account.address,
@ -138,7 +138,7 @@ node public_tx.js
 This example code creates the transaction `tx`, signs it with the private key of the account, serializes it, then calls
 `eth_sendSignedTransaction` to deploy the contract.
-## Using `eth_sendTransaction`
+## Use `eth_sendTransaction`
 You can use [`eth_sendTransaction`](https://ethereum.github.io/execution-apis/api-documentation) as an alternative to `eth_sendSignedTransaction`.
 However, Hyperledger Besu does not support the `eth_sendTransaction` API call and keeps account management separate for
@ -146,13 +146,13 @@ stronger security.
 Configure [EthSigner](https://docs.ethsigner.consensys.net/en/stable/) with your Besu node to make the
 `eth_sendTransaction` API call.
-An example can be found in the [Developer Quickstart](../Developer-Quickstart.md) where the RPC node is paired with EthSigner.
+An example can be found in the [Developer Quickstart](../quickstart.md) where the RPC node is paired with EthSigner.
 Refer to the [EthSigner documentation](https://docs.ethsigner.consensys.net/) for configuration details.
 Pass the following parameters to the
 [`eth_sendTransaction`](https://docs.ethsigner.consensys.net/Reference/API-Methods/#eth_sendtransaction) call
 to EthSigner; EthSigner then converts the request to an
-[`eth_sendRawTransaction`](../../Reference/API-Methods.md#eth_sendrawtransaction) call that Besu uses:
+[`eth_sendRawTransaction`](../../../public-networks/reference/api/index.md#eth_sendrawtransaction) call that Besu uses:
 * `to` - address of the receiver. To deploy a contract, set to `null`.
 * `from` - address of the sender account. For example `0x9b790656b9ec0db1936ed84b3bea605873558198`.
@ -184,11 +184,11 @@ Make the request using `eth_sendTransaction`:
    curl -X POST --data '{"jsonrpc":"2.0","method":"eth_sendTransaction","params":[{"from":"0x9b790656b9ec0db1936ed84b3bea605873558198", "to":null, "gas":"0x7600","gasPrice":"0x9184e72a000", "data":"0x608060405234801561001057600080fd5b5060405161014d38038061014d8339818101604052602081101561003357600080fd5b8101908080519060200190929190505050806000819055505060f38061005a6000396000f3fe6080604052348015600f57600080fd5b5060043610603c5760003560e01c80632a1afcd914604157806360fe47b114605d5780636d4ce63c146088575b600080fd5b604760a4565b6040518082815260200191505060405180910390f35b608660048036036020811015607157600080fd5b810190808035906020019092919050505060aa565b005b608e60b4565b6040518082815260200191505060405180910390f35b60005481565b8060008190555050565b6000805490509056fea2646970667358221220e6966e446bd0af8e6af40eb0d8f323dd02f771ba1f11ae05c65d1624ffb3c58264736f6c63430007060033"}], "id":1}' <JSON-RPC-endpoint:port>
    ```
-## Using `eea_sendRawTransaction` for private contracts with web3js-quorum
+## Use `eea_sendRawTransaction` for private contracts with web3js-quorum
-To deploy a private contract to another node or [privacy group](../../Concepts/Privacy/Privacy-Groups.md) member, use the
+To deploy a private contract to another node or [privacy group](../../concepts/privacy/privacy-groups.md) member, use the
 [web3js-quorum](https://www.npmjs.com/package/web3js-quorum) library and
-the [`eea_sendRawTransaction`](../../Reference/API-Methods.md#eea_sendrawtransaction) API call.
+the [`eea_sendRawTransaction`](../../../public-networks/reference/api/index.md#eea_sendrawtransaction) API call.
 You must use this API call instead of [`eth_sendTransaction`](https://ethereum.github.io/execution-apis/api-documentation) because Hyperledger Besu
 keeps account management separate for stronger security.
@ -206,15 +206,15 @@ by running the following commands in a JavaScript console, or by including them
    ```js
    const Web3 = require('web3');
    const Web3Quorum = require('web3js-quorum');
-    
+
    const bytecode="608060405234801561001057600080fd5b5060405161014d38038061014d8339818101604052602081101561003357600080fd5b8101908080519060200190929190505050806000819055505060f38061005a6000396000f3fe6080604052348015600f57600080fd5b5060043610603c5760003560e01c80632a1afcd914604157806360fe47b114605d5780636d4ce63c146088575b600080fd5b604760a4565b6040518082815260200191505060405180910390f35b608660048036036020811015607157600080fd5b810190808035906020019092919050505060aa565b005b608e60b4565b6040518082815260200191505060405180910390f35b60005481565b8060008190555050565b6000805490509056fea2646970667358221220e6966e446bd0af8e6af40eb0d8f323dd02f771ba1f11ae05c65d1624ffb3c58264736f6c63430007060033";
    // initialize the default constructor with a value `47 = 0x2F`; this value is appended to the bytecode
    const contractConstructorInit = "000000000000000000000000000000000000000000000000000000000000002F";
-    
+
    const chainId = 1337;
    const web3 = new Web3(clientUrl);
    const web3quorum = new Web3Quorum(web3, chainId);
-    
+
    const txOptions = {
      data: '0x'+bytecode+contractConstructorInit,
      privateKey: fromPrivateKey,
@ -224,7 +224,7 @@ by running the following commands in a JavaScript console, or by including them
    console.log("Creating contract...");
    const txHash = await web3quorum.priv.generateAndSendRawTransaction(txOptions);
    console.log("Getting contractAddress from txHash: ", txHash);
-    
+
    const privateTxReceipt = await web3quorum.priv.waitForTransactionReceipt(txHash);
    console.log("Private Transaction Receipt: ", privateTxReceipt);
    return privateTxReceipt;
@ -244,23 +244,23 @@ the contract's address.
    This example doesn't use a privacy group and makes a simple node-to-node transaction.
    To use a privacy group:
-    
+
    * Create the privacy group using the public keys of the nodes in the group.
    * Specify the `privacyGroupId` instead of the `privateFor` option in the txOptions above and then send the transaction.
-    
+
    The Developer Quickstart provides an
    [example of a private transaction with a privacy group](https://github.com/ConsenSys/quorum-dev-quickstart/blob/b72a0f64d685c851bf8be399a8e33bbdf0e09982/files/besu/smart_contracts/privacy/scripts/private_tx_privacy_group.js).
-## Using `eea_sendRawTransaction` for private contracts with web3js-eea
+## Use `eea_sendRawTransaction` for private contracts with web3js-eea
 !!! warning
    This web3js-eea library will be deprecated on December 31, 2021.
    Please use the [web3js-quorum](https://www.npmjs.com/package/web3js-quorum) library instead and refer to the previous section.
-To deploy a private contract to another [privacy group](../../Concepts/Privacy/Privacy-Groups.md) member, use the
+To deploy a private contract to another [privacy group](../../concepts/privacy/privacy-groups.md) member, use the
 [web3js-quorum](https://consensys.github.io/web3js-quorum/latest/index.html) library and
-the [`eea_sendRawTransaction`](../../Reference/API-Methods.md#eea_sendrawtransaction) API call.
+the [`eea_sendRawTransaction`](../../../public-networks/reference/api/index.md#eea_sendrawtransaction) API call.
 You must use this API call instead of [`eth_sendTransaction`](https://ethereum.github.io/execution-apis/api-documentation) because Hyperledger Besu
 keeps account management separate for stronger security.
@ -277,11 +277,11 @@ Use `eea_sendRawTransaction` by running the following commands in a JavaScript c
    ```js
    const Web3 = require('web3');
    const EEAClient = require('web3-eea');
-    
+
    const bytecode="608060405234801561001057600080fd5b5060405161014d38038061014d8339818101604052602081101561003357600080fd5b8101908080519060200190929190505050806000819055505060f38061005a6000396000f3fe6080604052348015600f57600080fd5b5060043610603c5760003560e01c80632a1afcd914604157806360fe47b114605d5780636d4ce63c146088575b600080fd5b604760a4565b6040518082815260200191505060405180910390f35b608660048036036020811015607157600080fd5b810190808035906020019092919050505060aa565b005b608e60b4565b6040518082815260200191505060405180910390f35b60005481565b8060008190555050565b6000805490509056fea2646970667358221220e6966e446bd0af8e6af40eb0d8f323dd02f771ba1f11ae05c65d1624ffb3c58264736f6c63430007060033";
    // initialize the default constructor with a value `47 = 0x2F`; this value is appended to the bytecode
    const contractConstructorInit = "000000000000000000000000000000000000000000000000000000000000002F";
-    
+
    const web3 = new Web3(clientUrl);
    const web3eea = new EEAClient(web3, 1337);
    const txOptions = {
@ -293,7 +293,7 @@ Use `eea_sendRawTransaction` by running the following commands in a JavaScript c
    console.log("Creating contract...");
    const txHash = await web3eea.eea.sendRawTransaction(txOptions);
    console.log("Getting contractAddress from txHash: ", txHash);
-    
+
    const privateTxReceipt = await web3.priv.getTransactionReceipt(txHash, fromPublicKey);
    // console.log("Private Transaction Receipt: ", privateTxReceipt);
    return privateTxReceipt;
--- a/docs/Tutorials/Contracts/Calling-Contract-Functions.md
+++ b/docs/Tutorials/Contracts/Calling-Contract-Functions.md
@ -2,16 +2,16 @@
 description: calling smart contracts functions
 ---
-# Interacting with deployed smart contracts
+# Interact with deployed smart contracts
-You can get started with the [Developer Quickstart](../Developer-Quickstart.md) to rapidly generate
+You can get started with the [Developer Quickstart](../quickstart.md) to rapidly generate
 local blockchain networks.
 This tutorial shows you how to interact with smart contracts that have been deployed to a network.
 ## Prerequisites
-* A network with a deployed smart contract as in the [deploying smart contracts tutorial](Deploying-Contracts.md)
+* A network with a deployed smart contract as in the [deploying smart contracts tutorial](index.md)
 ## Interact with public contracts
@ -49,7 +49,7 @@ of these calls can be found in the [Developer Quickstart].
 To perform a read operation, you need the address that the contract was deployed to and the contract's ABI.
 The contract's ABI can be obtained from compiling the contract; see the
-[deploying smart contracts tutorial](Deploying-Contracts.md) for an example.
+[deploying smart contracts tutorial](index.md) for an example.
 Use the [`web3.eth.Contract`](https://web3js.readthedocs.io/en/v1.3.4/web3-eth-contract.html) object to create a new
 instance of the smart contract, then make the `get` function call from the contract's list of methods, which will return the value stored:
@ -172,4 +172,4 @@ async function setValueAtAddress(clientUrl, address, value, contractAbi, fromPri
 To verify that a value has been updated, perform a `get` call after a `set` update call.
-[Developer Quickstart]: ../Developer-Quickstart.md
+[Developer Quickstart]: ../quickstart.md
--- a/docs/private-networks/tutorials/contracts/transfer-funds.md
+++ b/docs/private-networks/tutorials/contracts/transfer-funds.md
@ -2,22 +2,22 @@
 description: funds transfer transactions
 ---
-# Transferring funds between accounts in a transaction
+# Transfer funds between accounts in a transaction
-You can get started with the [Developer Quickstart](../Developer-Quickstart.md) to rapidly generate
+You can get started with the [Developer Quickstart](../quickstart.md) to rapidly generate
 local blockchain networks.
 This tutorial shows you how to transfer funds (ETH) between accounts in a transaction.
 ## Prerequisites
-* A [private network](../Developer-Quickstart.md)
+* A [private network](../quickstart.md)
-## Using `eth_sendSignedTransaction`
+## Use `eth_sendSignedTransaction`
 The simplest way to transfer funds between externally-owned accounts is using
 [`eth_sendSignedTransaction`](https://web3js.readthedocs.io/en/v1.2.11/web3-eth.html#sendsignedtransaction).
-This example uses `eth_sendSignedTransaction` and one of the [test accounts](../../Reference/Accounts-for-Testing.md)
+This example uses `eth_sendSignedTransaction` and one of the [test accounts](../../reference/accounts-for-testing.md)
 to transfer funds to a newly created account.
 !!! critical "Do not use the test accounts on Ethereum Mainnet or any production network."
@ -80,7 +80,7 @@ console.log("Account B has an updatedbalance of: " + accountBBalance);
 A [full example](https://github.com/ConsenSys/quorum-dev-quickstart/blob/1e8cc281098923802845cd829ec20c88513c2e1c/files/besu/smart_contracts/privacy/scripts/eth_tx.js)
 can be found in the Developer Quickstart.
-## Using `eth_sendTransaction`
+## Use `eth_sendTransaction`
 An alternative to using `eth_sendSignedTransaction` is
 [`eth_sendTransaction`](https://web3js.readthedocs.io/en/v1.2.11/web3-eth.html#sendtransaction).
@ -88,7 +88,7 @@ However, Hyperledger Besu does not support the `eth_sendTransaction` API call an
 management separate for stronger security. Instead, Besu uses
 [EthSigner](https://docs.ethsigner.consensys.net/en/stable/) to make the `eth_sendTransaction` API call.
-An example can be found in the [Developer Quickstart](../Developer-Quickstart.md) where the RPC
+An example can be found in the [Developer Quickstart](../quickstart.md) where the RPC
 node is paired with EthSigner. Refer to the
 [EthSigner documentation](https://docs.ethsigner.consensys.net/en/stable/) configuration details.
--- a/docs/Tutorials/Private-Network/Create-Private-Network.md
+++ b/docs/Tutorials/Private-Network/Create-Private-Network.md
@ -2,7 +2,7 @@
 description: Hyperledger Besu private network using Ethash (proof of work) Consensus Protocol tutorial
 ---
-# Create a private network using the Ethash (proof of work) consensus protocol
+# Create a private network using Ethash
 A private network provides a configurable network for testing. By configuring a low difficulty and
 enabling mining, this allows for fast block creation.
@ -17,7 +17,7 @@ public testnets.
 ## Prerequisites
-* [Hyperledger Besu](../../HowTo/Get-Started/Installation-Options/Install-Binaries.md)
+* [Hyperledger Besu](../get-started/install/binary-distribution.md)
 * [Curl (or similar webservice client)](https://curl.haxx.se/download.html).
 ## Steps
@ -27,7 +27,7 @@ Listed on the right-hand side of the page are the steps to create a private netw
 ### 1. Create directories
 Each node requires a data directory for the blockchain data. When the node starts, Besu saves the
-[node key](../../Concepts/Node-Keys.md) in this directory.
+[node key](../../public-networks/concepts/node-keys.md) in this directory.
 Create directories for your private network, each of the three nodes, and a data directory for each
 node:
@ -49,7 +49,7 @@ blockchain). The genesis file includes entries for configuring the blockchain, s
 difficulty and initial accounts and balances.
 All nodes in a network must use the same genesis file. The
-[network ID](../../Concepts/NetworkID-And-ChainID.md) defaults to the `chainID` in the genesis
+[network ID](../../public-networks/concepts/network-and-chain-id.md) defaults to the `chainID` in the genesis
 file. The `fixeddifficulty` enables fast block mining.
 Copy the following genesis definition to a file called `privateNetworkGenesis.json` and save it in
@ -84,12 +84,13 @@ the `Private-Network` directory:
 !!! note
-    We recommend specifying the latest [milestone](../../Reference/Config-Items.md#milestone-blocks) when creating the configuration file for a private network.
+    We recommend specifying the latest [milestone](../../public-networks/reference/genesis-items.md#milestone-blocks) when creating
    the genesis file for a private network.
    This ensures you are using the most up-to-date protocol and have access to the most recent opcodes.
 !!! warning
-    Do not use the accounts in `alloc` in the genesis file on Mainnet or any public network except
+    Don't use the accounts in `alloc` in the genesis file on Mainnet or any public network except
    for testing. The private keys display, which means the accounts are not secure.
 ### 3. Start the first node as a bootnode
@ -111,20 +112,20 @@ Start Node-1:
 The command line enables:
 * Mining and specifies the account to pay mining rewards to using the
-  [`--miner-enabled`](../../Reference/CLI/CLI-Syntax.md#miner-enabled) and
+  [`--miner-enabled`](../../public-networks/reference/cli/options.md#miner-enabled) and
-  [`--miner-coinbase`](../../Reference/CLI/CLI-Syntax.md#miner-coinbase) options.
+  [`--miner-coinbase`](../../public-networks/reference/cli/options.md#miner-coinbase) options.
-* JSON-RPC API using the [`--rpc-http-enabled`](../../Reference/CLI/CLI-Syntax.md#rpc-http-enabled)
+* JSON-RPC API using the [`--rpc-http-enabled`](../../public-networks/reference/cli/options.md#rpc-http-enabled)
  option.
 * All-host access to the HTTP JSON-RPC API using the
-  [`--host-allowlist`](../../Reference/CLI/CLI-Syntax.md#host-allowlist) option.
+  [`--host-allowlist`](../../public-networks/reference/cli/options.md#host-allowlist) option.
 * All-domain access to the node through the HTTP JSON-RPC API using the
-  [`--rpc-http-cors-origins`](../../Reference/CLI/CLI-Syntax.md#rpc-http-cors-origins) option.
+  [`--rpc-http-cors-origins`](../../public-networks/reference/cli/options.md#rpc-http-cors-origins) option.
 !!! info
    The miner coinbase account is one of the accounts defined in the genesis file.
-When the node starts, the [enode URL](../../Concepts/Node-Keys.md#enode-url) displays. Copy the
+When the node starts, the [enode URL](../../public-networks/concepts/node-keys.md#enode-url) displays. Copy the
 enode URL to specify Node-1 as the bootnode in the following steps.
 ![Node 1 Enode URL](../../images/EnodeStartup.png)
@ -149,11 +150,11 @@ enode URL copied when starting Node-1 as the bootnode:
 The command line specifies:
 * A different port to Node-1 for P2P discovery using the
-  [`--p2p-port`](../../Reference/CLI/CLI-Syntax.md#p2p-port) option.
+  [`--p2p-port`](../../public-networks/reference/cli/options.md#p2p-port) option.
 * The enode URL of Node-1 using the
-  [`--bootnodes`](../../Reference/CLI/CLI-Syntax.md#bootnodes) option.
+  [`--bootnodes`](../../public-networks/reference/cli/options.md#bootnodes) option.
 * A data directory for Node-2 using the
-  [`--data-path`](../../Reference/CLI/CLI-Syntax.md#data-path) option.
+  [`--data-path`](../../public-networks/reference/cli/options.md#data-path) option.
 * A genesis file as for Node-1.
 ### 5. Start Node-3
@ -177,13 +178,13 @@ The command line specifies:
 * A different port to Node-1 and Node-2 for P2P discovery.
 * A data directory for Node-3 using the
-  [`--data-path`](../../Reference/CLI/CLI-Syntax.md#data-path) option.
+  [`--data-path`](../../public-networks/reference/cli/options.md#data-path) option.
 * A bootnode and genesis file as for Node-2.
 ### 6. Confirm the private network is working
 Start another terminal, use curl to call the JSON-RPC API
-[`net_peerCount`](../../Reference/API-Methods.md#net_peercount) method and confirm the nodes are
+[`net_peerCount`](../../public-networks/reference/api/index.md#net_peercount) method and confirm the nodes are
 functioning as peers:
 ```bash
@ -204,20 +205,19 @@ Node-3):
 ## Next steps
 Import accounts to MetaMask and send transactions as described in the
-[Quickstart tutorial](../Developer-Quickstart.md#create-a-transaction-using-metamask).
+[Quickstart tutorial](quickstart.md#create-a-transaction-using-metamask).
 !!! info
-    Besu does not support
+    Besu doesn't support [private key management](../../public-networks/how-to/send-transactions.md).
    [private key management](../../HowTo/Send-Transactions/Account-Management.md).
 Send transactions using `eth_sendRawTransaction` to
-[send ether or, deploy or invoke contracts](../../HowTo/Send-Transactions/Transactions.md).
+[send ether or, deploy or invoke contracts](../how-to/send-transactions/index.md).
-Use the [JSON-RPC API](../../HowTo/Interact/APIs/Using-JSON-RPC-API.md).
+Use the [JSON-RPC API](../../public-networks/how-to/use-besu-api/json-rpc.md).
-Start a node with the [`--rpc-ws-enabled`](../../Reference/CLI/CLI-Syntax.md#rpc-ws-enabled) option
+Start a node with the [`--rpc-ws-enabled`](../../public-networks/reference/cli/options.md#rpc-ws-enabled) option
-and use the [RPC Pub/Sub API](../../HowTo/Interact/APIs/RPC-PubSub.md).
+and use the [RPC Pub/Sub API](../../public-networks/how-to/use-besu-api/rpc-pubsub.md).
 ## Stop the nodes
--- a/docs/Tutorials/Private-Network/Create-IBFT-Network.md
+++ b/docs/Tutorials/Private-Network/Create-IBFT-Network.md
@ -2,10 +2,10 @@
 description: Hyperledger Besu private network using the IBFT 2.0 (Proof of Authority) consensus protocol
 ---
-# Create a private network using the IBFT 2.0 (proof of authority) consensus protocol
+# Create a private network using IBFT 2.0
 A private network provides a configurable network for testing. This private network uses the
-[IBFT 2.0 (proof of authority) consensus protocol](../../HowTo/Configure/Consensus-Protocols/IBFT.md).
+[IBFT 2.0 (proof of authority) consensus protocol](../../how-to/configure/consensus/ibft.md).
 !!!important
@ -17,7 +17,7 @@ A private network provides a configurable network for testing. This private netw
 ## Prerequisites
-* [Hyperledger Besu](../../HowTo/Get-Started/Installation-Options/Install-Binaries.md)
+* [Hyperledger Besu](../../get-started/install/binary-distribution.md)
 * [Curl (or similar webservice client)](https://curl.haxx.se/download.html).
 ## Steps
@ -47,7 +47,7 @@ IBFT-Network/
 ### 2. Create a configuration file
 The configuration file defines the
-[IBFT 2.0 genesis file](../../HowTo/Configure/Consensus-Protocols/IBFT.md#genesis-file) and the
+[IBFT 2.0 genesis file](../../how-to/configure/consensus/ibft.md#genesis-file) and the
 number of node key pairs to generate.
 The configuration file has two nested JSON nodes. The first is the `genesis` property defining
@ -105,7 +105,8 @@ in the `IBFT-Network` directory:
 !!! note
-    We recommend specifying the latest [milestone](../../Reference/Config-Items.md#milestone-blocks) when creating the configuration file for a private network.
+    We recommend specifying the latest [milestone](../../../public-networks/reference/genesis-items.md#milestone-blocks)
    when creating the configuration file for a private network.
    This ensures you are using the most up-to-date protocol and have access to the most recent opcodes.
 !!! warning
@ -196,20 +197,20 @@ In the `Node-1` directory, start Node-1:
 The command line:
 * Specifies the data directory for Node-1 using the
-  [`--data-path`](../../Reference/CLI/CLI-Syntax.md#data-path) option.
+  [`--data-path`](../../../public-networks/reference/cli/options.md#data-path) option.
 * Enables the JSON-RPC API using the
-  [`--rpc-http-enabled`](../../Reference/CLI/CLI-Syntax.md#rpc-http-enabled) option.
+  [`--rpc-http-enabled`](../../../public-networks/reference/cli/options.md#rpc-http-enabled) option.
 * Enables the ETH, NET, and IBFT APIs using the
-  [`--rpc-http-api`](../../Reference/CLI/CLI-Syntax.md#rpc-http-api) option.
+  [`--rpc-http-api`](../../../public-networks/reference/cli/options.md#rpc-http-api) option.
 * Enables all-host access to the HTTP JSON-RPC API using the
-  [`--host-allowlist`](../../Reference/CLI/CLI-Syntax.md#host-allowlist) option.
+  [`--host-allowlist`](../../../public-networks/reference/cli/options.md#host-allowlist) option.
 * Enables all-domain access to the node through the HTTP JSON-RPC API using the
-  [`--rpc-http-cors-origins`](../../Reference/CLI/CLI-Syntax.md#rpc-http-cors-origins) option.
+  [`--rpc-http-cors-origins`](../../../public-networks/reference/cli/options.md#rpc-http-cors-origins) option.
-When the node starts, the [enode URL](../../Concepts/Node-Keys.md#enode-url) displays. Copy the
+When the node starts, the [enode URL](../../../public-networks/concepts/node-keys.md#enode-url) displays. Copy the
 enode URL to specify Node-1 as the bootnode in the following steps.
-![Node 1 Enode URL](../../images/EnodeStartup.png)
+![Node 1 Enode URL](../../../images/EnodeStartup.png)
 ### 7. Start Node-2
@ -231,13 +232,13 @@ enode URL copied when starting Node-1 as the bootnode:
 The command line specifies:
 * The data directory for Node-2 using the
-  [`--data-path`](../../Reference/CLI/CLI-Syntax.md#data-path) option.
+  [`--data-path`](../../../public-networks/reference/cli/options.md#data-path) option.
 * A different port to Node-1 for P2P discovery using the
-  [`--p2p-port`](../../Reference/CLI/CLI-Syntax.md#p2p-port) option.
+  [`--p2p-port`](../../../public-networks/reference/cli/options.md#p2p-port) option.
 * A different port to Node-1 for HTTP JSON-RPC using the
-  [`--rpc-http-port`](../../Reference/CLI/CLI-Syntax.md#rpc-http-port) option.
+  [`--rpc-http-port`](../../../public-networks/reference/cli/options.md#rpc-http-port) option.
 * The enode URL of Node-1 using the
-  [`--bootnodes`](../../Reference/CLI/CLI-Syntax.md#bootnodes) option.
+  [`--bootnodes`](../../../public-networks/reference/cli/options.md#bootnodes) option.
 * Other options as for [Node-1](#6-start-the-first-node-as-the-bootnode).
 ### 8. Start Node-3
@ -260,11 +261,11 @@ enode URL copied when starting Node-1 as the bootnode:
 The command line specifies:
 * The data directory for Node-3 using the
-  [`--data-path`](../../Reference/CLI/CLI-Syntax.md#data-path) option.
+  [`--data-path`](../../../public-networks/reference/cli/options.md#data-path) option.
 * A different port to Node-1 and Node-2 for P2P discovery using the
-  [`--p2p-port`](../../Reference/CLI/CLI-Syntax.md#p2p-port) option.
+  [`--p2p-port`](../../../public-networks/reference/cli/options.md#p2p-port) option.
 * A different port to Node-1 and Node-2 for HTTP JSON-RPC using the
-  [`--rpc-http-port`](../../Reference/CLI/CLI-Syntax.md#rpc-http-port) option.
+  [`--rpc-http-port`](../../../public-networks/reference/cli/options.md#rpc-http-port) option.
 * The bootnode as for [Node-2](#7-start-node-2).
 * Other options as for [Node-1](#6-start-the-first-node-as-the-bootnode).
@ -288,18 +289,18 @@ enode URL copied when starting Node-1 as the bootnode:
 The command line specifies:
 * The data directory for Node-4 using the
-  [`--data-path`](../../Reference/CLI/CLI-Syntax.md#data-path) option.
+  [`--data-path`](../../../public-networks/reference/cli/options.md#data-path) option.
 * A different port to Node-1, Node-2, and Node-3 for P2P discovery using the
-  [`--p2p-port`](../../Reference/CLI/CLI-Syntax.md#p2p-port) option.
+  [`--p2p-port`](../../../public-networks/reference/cli/options.md#p2p-port) option.
 * A different port to Node-1, Node-2, and Node-3 for HTTP JSON-RPC using the
-  [`--rpc-http-port`](../../Reference/CLI/CLI-Syntax.md#rpc-http-port) option.
+  [`--rpc-http-port`](../../../public-networks/reference/cli/options.md#rpc-http-port) option.
 * The bootnode as for [Node-2](#7-start-node-2).
 * Other options as for [Node-1](#6-start-the-first-node-as-the-bootnode).
 ### 10. Confirm the private network is working
 Start another terminal, use curl to call the JSON-RPC API
-[`ibft_getvalidatorsbyblocknumber`](../../Reference/API-Methods.md#ibft_getvalidatorsbyblocknumber)
+[`ibft_getvalidatorsbyblocknumber`](../../reference/api/index.md#ibft_getvalidatorsbyblocknumber)
 method and confirm the network has four validators:
 ```bash
@ -338,7 +339,7 @@ Look at the logs to confirm Besu is producing blocks:
    ```
    If the keys were not copied to the correct directory, Besu creates a key when starting up:
-    
+
    ```bash
    2020-12-21 07:33:11.458+10:00 | main | INFO  | KeyPairUtil | Generated new public key 0x1a4a2ade5ebc0a85572e2492e0cdf3e96b8928c75fa55b4425de8849850cf9b3a8cad1e27d98a3d3afac326a5e8788dbe6cc40249715c92825aebb28abe3e346 and stored it to <path to network>/IBFT-Network/Node-1/data/key
    ```
@ -348,7 +349,7 @@ Look at the logs to confirm Besu is producing blocks:
 ## Next steps
-Use the [IBFT API](../../Reference/API-Methods.md#ibft-20-methods) to remove or add validators.
+Use the [IBFT API](../../reference/api/index.md#ibft-20-methods) to remove or add validators.
 !!! note
@ -360,12 +361,11 @@ Use the [IBFT API](../../Reference/API-Methods.md#ibft-20-methods) to remove or
    2.0 requires four validators to be Byzantine fault tolerant.
 Import accounts to MetaMask and send transactions as described in the
-[Quickstart tutorial](../Developer-Quickstart.md#create-a-transaction-using-metamask).
+[Quickstart tutorial](../quickstart.md#create-a-transaction-using-metamask).
 !!! info
-    Besu does not support
+    Besu doesn't support [private key management](../../../public-networks/how-to/send-transactions.md).
    [private key management](../../HowTo/Send-Transactions/Account-Management.md).
 ## Stop the nodes
@ -377,7 +377,7 @@ When finished using the private network, stop all nodes using ++ctrl+c++ in each
    [6. Start First Node as Bootnode](#6-start-the-first-node-as-the-bootnode).
 <!-- Links -->
-[IBFT 2.0 (proof of authority)consensus protocol]: ../../HowTo/Configure/Consensus-Protocols/IBFT.md
+[IBFT 2.0 (proof of authority)consensus protocol]: ../../how-to/configure/consensus/ibft.md
 <!-- Acronyms and Definitions -->
 *[Byzantine fault tolerant]: Ability to function correctly and reach consensus despite nodes failing or propagating incorrect information to peers.
--- a/docs/Tutorials/Private-Network/Adding-removing-IBFT-validators.md
+++ b/docs/Tutorials/Private-Network/Adding-removing-IBFT-validators.md
@ -5,11 +5,11 @@ description: Adding and removing IBFT 2.0 validators
 # Add and remove IBFT 2.0 validators
 This example walks through
-[adding and removing an IBFT 2.0 validator](../../HowTo/Configure/Consensus-Protocols/IBFT.md#add-and-remove-validators).
+[adding and removing an IBFT 2.0 validator](../../how-to/configure/consensus/ibft.md#add-and-remove-validators).
 ## Prerequisites
-* [IBFT 2.0 network as configured in the IBFT 2.0 tutorial](Create-IBFT-Network.md)
+* [IBFT 2.0 network as configured in the IBFT 2.0 tutorial](index.md)
 ## Add a validator
@ -24,7 +24,7 @@ mkdir -p Node-5/data
 ### 2. Start the node
 Change into the working directory for the new Node-5 and start the node, specifying the
-[Node-1 enode URL](Create-IBFT-Network.md#6-start-the-first-node-as-the-bootnode) as the bootnode:
+[Node-1 enode URL](index.md#6-start-the-first-node-as-the-bootnode) as the bootnode:
 ```bash
 besu --data-path=data --genesis-file=../genesis.json --bootnodes=<Node-1 Enode URL> --p2p-port=30307 --rpc-http-enabled --rpc-http-api=ETH,NET,IBFT --host-allowlist="*" --rpc-http-cors-origins="all" --rpc-http-port=8549
@ -33,14 +33,14 @@ besu --data-path=data --genesis-file=../genesis.json --bootnodes=<Node-1 Enode U
 The command line specifies:
 * The data directory for Node-5 using the
-  [`--data-path`](../../Reference/CLI/CLI-Syntax.md#data-path) option.
+  [`--data-path`](../../../public-networks/reference/cli/options.md#data-path) option.
 * A different port to Node-1 for P2P discovery using the
-  [`--p2p-port`](../../Reference/CLI/CLI-Syntax.md#p2p-port) option.
+  [`--p2p-port`](../../../public-networks/reference/cli/options.md#p2p-port) option.
 * A different port to Node-1 for HTTP JSON-RPC using the
-  [`--rpc-http-port`](../../Reference/CLI/CLI-Syntax.md#rpc-http-port) option.
+  [`--rpc-http-port`](../../../public-networks/reference/cli/options.md#rpc-http-port) option.
 * The enode URL of Node-1 using the
-  [`--bootnodes`](../../Reference/CLI/CLI-Syntax.md#bootnodes) option.
+  [`--bootnodes`](../../../public-networks/reference/cli/options.md#bootnodes) option.
-* Other options as for [Node-1](Create-IBFT-Network.md#6-start-the-first-node-as-the-bootnode).
+* Other options as for [Node-1](index.md#6-start-the-first-node-as-the-bootnode).
 ### 3. Copy the address of the node
@ -53,7 +53,7 @@ You can find the address in the logs when starting the new node:
    2021-05-28 09:49:00.881+10:00 | main | INFO  | DefaultP2PNetwork | Node address 0x90626e6a67445aabf1c0615410d108d4733aa90b
    ```
-Or use the [`public-key export-address`](../../Reference/CLI/CLI-Subcommands.md#export-address) subcommand:
+Or use the [`public-key export-address`](../../../public-networks/reference/cli/subcommands.md#export-address) subcommand:
 !!! example
@ -72,7 +72,7 @@ Or use the [`public-key export-address`](../../Reference/CLI/CLI-Subcommands.md#
 ### 4. Propose adding the new validator
 Propose adding the new validator from more than half the number of current validators, using
-[`ibft_proposeValidatorVote`](../../Reference/API-Methods.md#ibft_proposevalidatorvote), specifying the address of the
+[`ibft_proposeValidatorVote`](../../../public-networks/reference/api/index.md#ibft_proposevalidatorvote), specifying the address of the
 proposed validator and `true`:
 !!! example
@ -98,7 +98,7 @@ Repeat the proposal process for this candidate node from at least two of the oth
 ### 5. Verify the addition of the new validator
 Verify that the new validator is now in the list of validators using
-[`ibft_getValidatorsByBlockNumber`](../../Reference/API-Methods.md#ibft_getvalidatorsbyblocknumber):
+[`ibft_getValidatorsByBlockNumber`](../../../public-networks/reference/api/index.md#ibft_getvalidatorsbyblocknumber):
 !!! example
@ -120,4 +120,4 @@ The list of validators contains 5 addresses now.
 The process for removing a validator is similar to [adding a validator](#add-a-validator) starting from step 2,
 except you specify `false` as the second parameter of
-[`ibft_proposeValidatorVote`](../../Reference/API-Methods.md#ibft_proposevalidatorvote).
+[`ibft_proposeValidatorVote`](../../../public-networks/reference/api/index.md#ibft_proposevalidatorvote).
--- a/docs/private-networks/tutorials/kubernetes/charts.md
+++ b/docs/private-networks/tutorials/kubernetes/charts.md
@ -3,10 +3,14 @@ title: Besu Kubernetes - Deploying Charts
 description: Deploying Besu Helm Charts for a Kubernetes cluster
 ---
 # Deploy charts
 You can deploy Besu Helm charts for a Kubernetes cluster.
 ## Prerequisites
 * Clone the [Quorum-Kubernetes](https://github.com/ConsenSys/quorum-kubernetes) repository
-* A [running Kubernetes cluster](./Create-Cluster.md)
+* A [running Kubernetes cluster](cluster.md)
 * Install [Kubectl](https://kubernetes.io/docs/tasks/tools/)
 * Install [Helm3](https://helm.sh/docs/intro/install/)
@ -88,7 +92,7 @@ This tutorial isolates groups of resources (for example, StatefulSets and Servic
    The rest of this tutorial uses `besu` as the namespace,
    but you're free to pick any name when deploying, as long as it's consistent across the
-    [infrastructure scripts](./Create-Cluster.md) and charts.
+    [infrastructure scripts](cluster.md) and charts.
 Run the following in a terminal window:
@ -128,7 +132,7 @@ port and path to use. For example:
     For production use cases, configure Grafana with one of the supported [native auth mechanisms](https://grafana.com/docs/grafana/latest/auth/).
-![k8s-metrics](../../images/kubernetes-grafana.png)
+![k8s-metrics](../../../images/kubernetes-grafana.png)
 Optionally you can also deploy the [Elastic Stack](https://www.elastic.co/elastic-stack/) to view logs (and metrics).
@ -147,7 +151,7 @@ If you install `filebeat`, please create a `filebeat-*` index pattern in `kibana
 If you use The Elastic stack for logs and metrics, please deploy `metricbeat` in a similar manner to `filebeat` and create an index pattern in
 Kibana.
-![k8s-elastic](../../images/kubernetes-elastic.png)
+![k8s-elastic](../../../images/kubernetes-elastic.png)
 To connect to Kibana or Grafana, we also need to deploy an ingress so you can access your monitoring endpoints
 publicly. We use Nginx as our ingress here, and you are free to configure any ingress per your requirements.
@ -174,9 +178,9 @@ or on the command line `kubectl -n quorum get services quorum-monitoring-ingress
 !!! note
    We refer to the ingress here as `external-nginx` because it deals with monitoring endpoints specifically. We
-    also deploy a second ingress called `network-ingress` which is for the blockchain nodes only in [step 8](#8-connecting-to-the-node-from-your-local-machine-via-an-ingress)
+    also deploy a second ingress called `network-ingress` which is for the blockchain nodes only in [step 8](#9-connect-to-the-node-from-your-local-machine-via-an-ingress)
-![`k8s-ingress-external`](../../images/kubernetes-ingress-ip.png)
+![`k8s-ingress-external`](../../../images/kubernetes-ingress-ip.png)
 You can view the Besu dashboard by going to:
@ -260,7 +264,7 @@ parameters in there to match your requirements. To set the number of initial val
 when setting the number of validators.
 One more thing to note is that when `cluster.cloudNativeServices: true` is set, the genesis job will
-not add the [Quickstart](../../Tutorials/Developer-Quickstart.md) test accounts into the genesis file.
+not add the [Quickstart](../quickstart.md) test accounts into the genesis file.
 When you are ready deploy the chart with :
@ -272,9 +276,9 @@ helm install genesis ./charts/besu-genesis --namespace besu --create-namespace -
 Once completed, view the genesis and enodes (the list of static nodes) configuration maps that every Besu node uses,
 and the validator and bootnode node keys as secrets.
-![k8s-genesis-configmaps](../../images/kubernetes-genesis-configmaps.png)
+![k8s-genesis-configmaps](../../../images/kubernetes-genesis-configmaps.png)
-![k8s-genesis-secrets](../../images/kuberenetes-genesis-secrets.png)
+![k8s-genesis-secrets](../../../images/kuberenetes-genesis-secrets.png)
 ### 5. Deploy the bootnodes
@ -344,7 +348,7 @@ helm install bootnode-2 ./charts/besu-node --namespace besu --values ./values/bo
 Once complete, you see two StatefulSets, and the two bootnodes discover themselves and peer.
 Because there are no validators present yet, there are no blocks created, as seen in the following logs.
-![k8s-bootnode-logs](../../images/kubernetes-bootnode-logs.png)
+![k8s-bootnode-logs](../../../images/kubernetes-bootnode-logs.png)
 ### 6. Deploy the validators
@ -395,15 +399,15 @@ helm install validator-4 ./charts/besu-node --namespace besu --values ./values/v
 Once completed, you may need to give the validators a few minutes to peer and for round changes, depending on when the
 first validator was spun up, before the logs display blocks being created.
-![k8s-validator-logs](../../images/kubernetes-validator-logs.png)
+![k8s-validator-logs](../../../images/kubernetes-validator-logs.png)
 ### 7. Add/Remove additional validators to the validator pool
 To add (or remove) more validators to the initial validator pool, you need to deploy a node such as an RPC node (step 8)
-and then [vote](../../HowTo/Configure/Consensus-Protocols/IBFT.md#add-and-remove-validators) that node in. The vote API
+and then [vote](../../how-to/configure/consensus/ibft.md#add-and-remove-validators) that node in. The vote API
 call must be made on a majority of the existing pool and the new node will then become a validator.
-Please refer to the [Ingress Section](#8-connecting-to-the-node-from-your-local-machine-via-an-ingress) for details on
+Please refer to the [Ingress Section](#9-connect-to-the-node-from-your-local-machine-via-an-ingress) for details on
 making the API calls from your local machine or equivalent.
 ### 8. Deploy RPC or Transaction nodes
@ -437,15 +441,15 @@ helm install member-1 ./charts/besu-node --namespace besu --values ./values/txno
 Logs for `member-1` resemble the following for Tessera:
-![`k8s-tx-tessera-logs`](../../images/kubernetes-tx-tessera-logs.png)
+![`k8s-tx-tessera-logs`](../../../images/kubernetes-tx-tessera-logs.png)
 Logs for Besu resemble the following:
-![`k8s-tx-Besu-logs`](../../images/kubernetes-tx-Besu-logs.png)
+![`k8s-tx-Besu-logs`](../../../images/kubernetes-tx-Besu-logs.png)
 !!! note
-    In the examples above we use `member-1` and `rpc-1` as release names for the deployments. You can pick any release
+    In these examples we use `member-1` and `rpc-1` as release names for the deployments. You can pick any release
    name that you'd like to use in place of those as per your requirements.
 ### 9. Connect to the node from your local machine via an ingress
@ -482,7 +486,7 @@ kubectl apply -f ../ingress/ingress-rules-besu.yml
 Once complete, view the IP address listed under the `Ingress` section if you're using the Kubernetes Dashboard
 or on the command line `kubectl -n quorum get services quorum-network-ingress-ingress-nginx-controller`.
-![`k8s-ingress`](../../images/kubernetes-ingress-ip.png)
+![`k8s-ingress`](../../../images/kubernetes-ingress-ip.png)
 The following is an example RPC call, which confirms that the node running the JSON-RPC service is syncing:
@ -524,7 +528,7 @@ blockchain explorer. The Quorum Explorer is not recommended for use in productio
 demonstration or Development purposes only. The Explorer can give an overview over the whole network, such as
 querying each node on the network for node or block information, voting (add/remove) validators from the
 network, demonstrating a SimpleStorage smart contract with privacy enabled, and sending transactions between
-wallets as you would do in MetaMask. Please see the [Explorer](./Quorum-Explorer.md) page for details on how
+wallets as you would do in MetaMask. Please see the [Explorer](quorum-explorer.md) page for details on how
 to use the application.
 !!! warning
@ -542,4 +546,4 @@ helm install quorum-explorer ./charts/explorer --namespace besu --values ./value
 You will also need deploy the ingress (if not already done in [Monitoring](#3-deploy-the-monitoring-chart) to
 access the endpoint on `http://<INGRESS_IP>/explorer`
-![`k8s-explorer`](../../images/kubernetes-explorer.png)
+![`k8s-explorer`](../../../images/kubernetes-explorer.png)
--- a/Show More
+++ b/Show More