Generating a taproot utxo and proving ownership

This whole process could be completely invisible to the user, but unfortunately the current world of Bitcoin wallets requires a manual process.
There are two current Bitcoin wallets in wide usage that actually support taproot wallets: Bitcoin Core, and Sparrow. Neither support exporting the private key of an individual address.
As a result, the autct tool has a method "newkeys", which, as explained there, will generate a single private key, along with the corresponding taproot ("p2tr") address.
Here are the steps in detail:

1. Generate a private key (WIF) in a file, and an address (bech32m), using these commands: target/release/autct -M serve -k none:testdata/fake-keys6.txt -n mainnet, and then target/release/autct -M newkeys -k none -i privkey-file -n mainnet. The location privkey-file> is where an encrypted version of your private key is stored, so don't lose that file, and note down the password you used to create it. Also note down the address of the newly created key.
   The network flag can be changed: -n mainnet|signet|regtest.
   Next, to export it, you need the unencrypted WIF string for the private key. To get that, do: target/release/autct -M decryptkey -k none -i privkey-file -n mainnet
2. If you are using Core (Ignore and go to the next step if using Sparrow)
   . Do the following sub-steps using the RPC:
   bitcoin-cli getdescriptorinfo "tr(WIF)"
   The output of getdescriptorinfo will show you the checksum in the "checksum" field. Copy it. Then:
   bitcoin-cli importdescriptors "[{\"desc\":\"tr(WIF)#abcdefg\",\"timestamp\":\"now\",\"label\":\"anything\"}]" where "abcdefg" should be replaced with your checksum. Copy this syntax exactly; the backslashes are escaping each " except the outer ones.
   You can use e.g. bitcoin-cli getaddressesbylabel anything to sanity check that the address is present in the wallet.
3. Fund the p2tr address from the first step with any amount above 500K sats.
4. After confirmation, download the keyset file from here. It will include your utxo, as long as your utxo was in the blockchain before the starting block of that file.
5. Start the autct server locally: target/release/autct -M serve -k hodlboardmainnet:name-of-keyset-file -n mainnet. Wait until it says Starting server at 127.0.0.1:23333. This can take a few minutes!
6. For the previous, and for the next step, "name-of-keyset-file" must match the name of the file you downloaded from this site. Don't change the name of the file!
7. Generate the proof with the command: target/release/autct -M prove -k hodlboardmainnet:name-of-keyset-file -i privkey-file --base64-proof true. , where the -i argument should match your private key file. Proving can take 10-20 seconds typically.
8. Take the base64 string printed out from the previous step and use it in the signup page here.
9. After you have successfully signed up, sweep the private key into a wallet, either Sparrow (easier for most users), or Bitcoin Core. See a few notes on this below.

Sweeping the funds
If you are using Sparrow: After you've created a new empty wallet, you can go to Tools->Sweep Private Key and then enter the WIF into the first textbox, and choose Script Type : Taproot(P2TR). Then, "Create Transaction" will sweep the funds you earlier used for the proof, into that wallet.

If you are using Core: In this case, you don't need to sweep, but you might want to move the funds, of course: Simply use bitcoin-cli sendtoaddress destination-address amount "" "" true true 3, or similar (check the help of sendtoaddress; the two "" are empty comment fields, the first true means "subtract fee from amount" (so that you don't get change), the second true means RBF, and the 3 is the target blocks to confirmation for the fee estimator).