sy vault recipients add --help
sy-vault-recipients-add 
Add a new recipient. This will re-encrypt all the vaults content.If the '--verified' flag is unset, you will have to
specify the fingerprint directly (as opposed to allowing the recipients email address or name) to indicate you have
assured yourself that it actually belongs to the person.Otherwise the respective key as identified by its fingerprint
will then be imported and signed. It is expected that you have assured the keys fingerprint belongs to the recipient.
Keys will always be exported into the vaults key directory (if set), which includes signatures.Signatures allow others
to use the 'Web of Trust' for convenient encryption.

USAGE:
    sy vault recipients add [FLAGS] [OPTIONS] <userid>...

FLAGS:
    -h, --help        Prints help information
        --verified    If specified, you indicate that the user id to be added truly belongs to a person you know and
                      that you have verified that relationship already. You have used `gpg --sign-key <recipient>` or
                      have set the owner trust to ultimate so that you can encrypt for the recipient.

OPTIONS:
    -p, --partition=<partition>...     Identifies the partition to add the recipient to. This can be done either using
                                       its name or its secrets directory.If unset, the recipient will be added to
                                       naturally selected vault, see the --select flag.
        --signing-key <signing-key>    The userid or fingerprint of the key to use for signing not-yet-verified keys. It
                                       must only be specified if you have access to multiple secret keys which are also
                                       current recipients.

ARGS:
    <userid>...    The key-id of the public key identifying a recipient in your gpg keychain.