|
Title: Does the Armory wallet format encrypt or protect the chain code? Post by: Carlton Banks on November 24, 2013, 06:48:52 PM From perusing all the talk on developing deterministic wallet formats, and from knowing myself the way Armory operates both when opening the application and when generating a new public key for a given wallet, I have this sense that the answer to my question is "no".
If so, does this mean that the wallet file can be interrogated as to the value of it's chain code, and hence the BTC value of the wallet discovered? (by someone with a copy of any encrypted Armory wallet) Title: Re: Does the Armory wallet format encrypt or protect the chain code? Post by: picobit on November 24, 2013, 07:36:05 PM The Armory wallets unfortunately do not encrypt the bitcoin addresses it generates. So the value of the wallet can be seen by anyone getting hold of the file. It is rumoured that a new format is on its way which addresses this shortcoming.
By the way: The original Bitcoin client has the same problem. Title: Re: Does the Armory wallet format encrypt or protect the chain code? Post by: etotheipi on November 27, 2013, 01:28:04 AM As far as I know all wallet app have this shortcoming. It's not easy to overcome... unless you scan the blockchain on every load :) Because even if you encrypt the watching-only wallet, any data you save between loads can be used to identify what money is in your wallet.
This was one of the benefits to having the super-node version of Armory that maintains a full DB of all spent and unspent UTXOs, so that it can encrypt the watching-only wallet without leaving leaky information all over the disk. You just decrypt the wallet and instantaneously request all the address balances from your local database (among other uses for the super-node version). But the super-node stuff will be put on hold for now. Got some other priorities. What I hope to do is get the blockchain scanning in Armory faster (I missed a lot of database optimizations in 0.90), and then have an option to disable saving data between loads. Then it will behave much like 0.88.1 and earlier where it scanned every load. Then it makes sense to implement the encryption. Title: Re: Does the Armory wallet format encrypt or protect the chain code? Post by: xephyr on November 27, 2013, 04:27:10 AM You can always just run Armory inside a TrueCrypt container so your addresses and balance is hidden when you are not using the wallet.
Title: Re: Does the Armory wallet format encrypt or protect the chain code? Post by: Ente on December 02, 2013, 08:35:50 AM As far as I know all wallet app have this shortcoming. It's not easy to overcome... unless you scan the blockchain on every load :) Because even if you encrypt the watching-only wallet, any data you save between loads can be used to identify what money is in your wallet. It's not *exactly* the same. With an encrypted wallet, noone can see the balance when obtaining an encrypted backup. With unencrypted public data in the wallet, this is possible (without access to the Armory computer). Ente |