etotheipi, I have a question...maybe you will find it strange and offensive, please excuse my ignorance. Can I really trust Armory?  I mean, if I choose to use it as offline storage for relatively significant sum of bitcoins, what hypothetical risks will I face? Say I have paper backup and go to coma for 2-3-5 years, then I wake up. I can imagine some problems: 1. You will abandon developing Even if development is abandoned, the version you already have installed will probably still work. If bitcoind (or even the entire bitcoin network) has changed in a way where Armory is not compatible, then you could still load the program offline, export your private keys and import them into newer software. 2. Some sort of attack to encryption
3. Attack to keys generation
4. Critical bug
Am I right? I think it is more philosophic question, or about intuition and professional experience. Is there a possibility that I will lose my bitcoins? Thanks.
These questions don't really have any more to do with Armory than they do with any piece of software in existence. tl;dr The armory software and the private keys are pretty separate, so no, there is no risk of losing coins even if etotheipi were to pull a Satoshi and disappear on us. Barring some attack that completely destroys the bitcoin network, your funds are fine. |
|
|
|
I only see a benefit for encrypted paper bills if I am the only one who knows the pass phrase. If someone writes their phrase on the bill and then pays me with it, I don't see any benefit over having an unencrypted private key. In fact, making it harder to spend doesn't even sound like a good thing to me.
If the person who manufactured the bill is someone you trust and is different from the person who wrote the passphrase, then you know the passphrase writer doesn't know the private key. It's the same scenario if a reseller were to buy my two-factor bar and I provide the key under the hologram and he provides the passphrase, giving me only the intermediate code. The trust footprint is reduced to just the possibility that we're colluding (or the possibility he knows of a way to read under my hologram undetected). I understand that it helps a bit with trust in some situations. I was responding to franky saying that this would keep the bills in circulation longer. I don't agree since in that case you probably do not know who printed the bill. |
|
|
|
with the holograms themselves hiding the redeem part to allow for changing between mutliple hands. im now STARTING to consider this as a more secure way of transferring bitcoin without electronic devices needed between each party for daily exchange. as oppose to a one use item like a gift voucher or cheque.
i still see gaps in security where people can say "but im still typing my passphrase into some one elses website"
the only thing i can think to quash those thoughts is that people have their own offline program much like vanitygen or brain wallet which produces the addresses but adding to that it also encrypts the private key locally based on the passphrase they chose.
basically asking users to type in passphrase and how many addresses to produce and it produces a list of clear public addresses and bip38 codes. (no private key in sight) they copy and paste the list to you where you never know the passphrase to encrypt it and are not involved with the encryption process. all you do is just print the public address and bip38 QR Codes to the relevant load/redeem section.
and at redemption. the user then scans the redeem code into the local program(same program as last paragraph) it requests the passphrase and converts it into a usable private key to paste into blockchain.info/mtgox.
by making it slightly harder for people to redeem them in under 3 seconds will actually make people prefer to keep them in circulation for longer.. in theory anyway.. which adds more benefit to the whole reason of paper money, as oppose to cheques/gift voucher methods. meaning that people are not easily tempted to rip off the hologram as soon as they get their hands on a note.
I only see a benefit for encrypted paper bills if I am the only one who knows the pass phrase. If someone writes their phrase on the bill and then pays me with it, I don't see any benefit over having an unencrypted private key. In fact, making it harder to spend doesn't even sound like a good thing to me. |
|
|
|
Perhaps there's a way one can buy access to a bridge and help fund the project in the process?
Amazon lets you do it for essentially free. https://cloud.torproject.org/ |
|
|
|
. . . what stops the your system from making 2 identical addresses on alternate systems?
. . . A billion users, each generating a billion keys a year for a billion years has a ~0% chance of producing a duplicate. This assumes that all users are using a method that generates adequately random keys. If they use some deterministic method and use the same starting point for their determination, then they will have a 100% change of producing duplicates. As an example, if I use echo "Danny" |shasum -a 256 on my Mac to produce my private key, and someone else named Danny comes up with the same idea, we will both have access to the same bitcoins. Well this program does the private key generation for you doesn't it? |
|
|
|
5 BTC? I swear, people are fucking cheap...even if it's just trolling.
Yeah. Seems like perpetual motion would be worth more than 5 BTC... |
|
|
|
|
This thread makes me sad now...
|
|
|
|
I think more people should read the PR wiki page. Many of the "problems" that I hear with bitcoin are misconceptions and not actual problems. |
|
|
|
Red Emerald,
Do fresh OSX users need to install xcode? That's not in the instructions.
And I wonder if there's a way to avoid having the user manually modify their .bashrc. I guess a short script could just run all of those commands for them...? Actually couldn't all of this be bundled into a script?
Sorry I'm being picky, I just see a lot of hurdles for non-techie mac users...
Yes, they need to install Xcode for brew to work. It is in the instructions. https://gist.github.com/4200620brew doctor will tell you to install xcode and the command line tools if you need to. I've made the bashrc stuff easier to do for the non-technical. Someone with an existing bashrc is probably technical enough to know how to do this on their own, but this should work fine for anyone who already has a bashrc. |
|
|
|
I think it is also important to note that the Blockchain.info code is open source: https://github.com/blockchainI think Blockchain is superior to Coinbase because if Blockchain.info were to be hacked, only a small number of users who actively logged in while the server was compromised would lose their coins. If Coinbase is hacked, all their online funds could be stolen. (I learned this the hard way with Bitcoinica) There is also nothing stopping a court order from seizing their cold storage backups from the safety deposit box at the bank. With Blockchain, those are not issues. +1 Coinbase does keep around 90% of their funds encrypted in a bank safe, so that limits the damage a hacker, but not a malicious employee can do. Blockchain.info cannot run off with your funds, and I think this is a very important point. |
|
|
|
Nah it should look like this:  The further Bitcoin moves to the mainstream the less tech-savvy users will be. Even downloading and installing correctly can be a challenge. +1 |
|
|
|
The python pycrypto package uses python-wrapped C implementations for the performance-intensive classes, if my cursory perusal is correct. What I'd consider higher-level applications, like for instance, escrow, refundable deposits or micropayments are not typically that performance sensitive, and happen at "human speed". So as long as the real crypto-crunching hashes and public key algorithms are encapsulated in classes implemented in C, python or ruby are good choices to knit these lower level functions into bigger, more human-relevant applications.
Yeah definitely. Just wanted to make sure you knew. Sometimes people like to implement things in pure-python just for the fun of it. |
|
|
|
That fact that we have debated this topic for more than 2 posts highlights exactly the problem the reddit guy in OP had.
If we, users of bitcointalk.org and people who have a good grasp of what's going on, are debating it then new users are that much more disadvantaged. Please, continue to make whatever argument but my previous sentence is the answer to whatever humph-grumph you come up with.
It seems to me like people who have a good grasp will always debate things more than people with no grasp... Mike Hearn saying blockchain.info could be "the next MyBitcoin" and saying you aren't serious about bitcoin if you have an iPhone is what I've been debating against. It's FUD. There are fundamental differences in how blockchain.info is built that make most of those issues of MyBitcoin non-existent. The iPhone doesn't even have many of these issues, so I really don't understand the attack on the jailbroken app. Additionally, these are different problems than the reddit post's problem with waiting for synchronization. Bitcoin isn't even 1.0 yet and the synchronization problem is being worked on. 0.8 has major improvements in the time it takes to synchronize which make the reddit post moot. No web-provider needs to be trusted or chrome extension checked because the satoshi client will not take very long. However, I'd still say that a web wallet is much easier for the vast majority of users to use. Installing a program that handles the blockchain and manually managing backups is always going to be more effort than creating an account that can be easily accessed from any web browser and automatically handles secure wallet backups. This is why I think that promoting secure web wallets is a good idea. Also, having a large number of users with a ton of coins on a secure web wallet like blockchain.info is not a security risk when they can VERY EASILY move the private keys anywhere else. Especially considering that even if the site is compromised, it can only reveal the private keys for users that log in without checking the chrome extension. If the chrome extension were promoted more and had a very large flashing red warning that completely disabled the page when a change is detected, I think that is enough to completely negate Mike Hearn's worries. If the extension is not detected, every page should have an alert at the top with instructions for installing it. |
|
|
|
Bug report: OS: Mac OSX 10.8.2 Armory Version: 0.85 PyBtcWallet Version: 1.35 Armory just loses connected and it seems like it is infinite loop, that just keeps printing this out over and over, but it never crashes completely and sometimes after 10mins of this it will reconnect and work with no problem. ERROR) armoryengine.py:10344 - Waiting for BDM output that didn't come after 10s.
(ERROR) armoryengine.py:10345 - BDM state is currently: BlockchainReady
(ERROR) armoryengine.py:10346 - Called from: armoryengine.py:10471 (30189323)
(ERROR) armoryengine.py:10347 - BDM currently doing: ReadBlkUpdate (30189323)
(ERROR) armoryengine.py:10348 - Direct traceback
File "/usr/local/share/armory/ArmoryQt.py", line 3629, in <module>
os._exit(QAPP.exec_())
File "/usr/local/Cellar/armory-qt/beta/share/armory/qt4reactor.py", line 231, in _iterate
self.runUntilCurrent()
File "/usr/local/lib/python2.7/site-packages/twisted/internet/base.py", line 800, in runUntilCurrent
call.func(*call.args, **call.kw)
File "/usr/local/share/armory/ArmoryQt.py", line 3247, in Heartbeat
newBlocks = TheBDM.readBlkFileUpdate(wait=True)
File "/usr/local/Cellar/armory-qt/beta/share/armory/armoryengine.py", line 10471, in readBlkFileUpdate
return self.waitForOutputIfNecessary(expectOutput, rndID)
File "/usr/local/Cellar/armory-qt/beta/share/armory/armoryengine.py", line 10349, in waitForOutputIfNecessary
traceback.print_stack()
(ERROR) armoryengine.py:10350 - Traceback:
Traceback (most recent call last):
File "/usr/local/Cellar/armory-qt/beta/share/armory/armoryengine.py", line 10340, in waitForOutputIfNecessary
return self.outputQueue.get(True, MT_WAIT_TIME_SEC)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/Queue.py", line 176, in get
raise Empty
Empty
What version of bitcoind? Was bitcoind doing anything at the time? Was it responsive (to a command like getinfo) while this was happening? |
|
|
|
|
I can't believe this is still going on. Nefario, you have disappointed me.
|
|
|
|
Have you tried importing your blockchain wallet into other clients? As far as I know it's a deterministic wallet which isn't yet well supported. Maybe Electrum can do it. Other clients will catch up at some point so this is more of a practical concern than a long term issue.
It is off-topic but it might be useful to someone: The 'Tools | Import Private Keys' in MultiBit can import the blockchain.info wallet backups (This is both the single and double encrypted ones. Piuk wrote the import code and I hooked it into the UI). When you select the private key import file there is a combo box where you can choose the file extension: ... It takes ages as it has to sync from the genesis block but at least you get your wallet recovered. Super easy. Also, it is not a deterministic wallet. It's just some JSON with encrypted private keys. |
|
|
|
You can't merge mine bitcoin and litecoin. That doesn't work.
So how is it possible to have a mining pool that supports LTC and BTC mining? it should be, on different ports  Run p2pool twice with different settings. You will have one pool for BTC and one pool for LTC. Not one pool with ports for both. |
|
|
|
on my setup everything seems to be going fine on the miner's end but local hash rate shows weird behaviour like sometimes its 0 and sometimes it's twice what it supposed to be... Version: 9.3
Pool rate: 359GH/s (20% stale) Share difficulty: 643
Node uptime: 0.037 days Peers: 6 out, 0 in
Local rate: 21.5MH/s (0.0% DOA) Expected time to share: 35.7 hours
Shares: 0 total (0 orphaned, 0 dead) Efficiency: ???
I think it could be related to this, i get this once in a while in the output: 2012-12-04 13:39:12.779581 P2Pool: 17318 shares in chain (8906 verified/17322 total) Peers: 6 (0 incoming)
2012-12-04 13:39:12.779671 Local: 14316kH/s in last 10.0 minutes Local dead on arrival: ~0.0% (0-66%) Expected time to share: 2.2 days
2012-12-04 13:39:12.779709 Shares: 0 (0 orphan, 0 dead) Stale rate: ??? Efficiency: ??? Current payout: 0.0000 BTC
2012-12-04 13:39:12.779749 Pool: 351GH/s Stale rate: 19.5% Expected time to block: 11.7 hours
2012-12-04 13:39:26.673891 New work for worker! Difficulty: 0.999985 Share difficulty: 644.631003 Total block value: 25.409100 BTC including 508 transactions
2012-12-04 13:39:27.805831 P2Pool: 17319 shares in chain (8907 verified/17323 total) Peers: 6 (0 incoming)
2012-12-04 13:39:27.805917 Local: 14316kH/s in last 10.0 minutes Local dead on arrival: ~0.0% (0-66%) Expected time to share: 2.2 days
2012-12-04 13:39:27.805954 Shares: 0 (0 orphan, 0 dead) Stale rate: ??? Efficiency: ??? Current payout: 0.0000 BTC
2012-12-04 13:39:27.806018 Pool: 351GH/s Stale rate: 19.6% Expected time to block: 11.7 hours
2012-12-04 13:39:28.809477 > Traceback (most recent call last):
2012-12-04 13:39:28.809570 > File "/usr/lib/python2.6/dist-packages/twisted/internet/defer.py", line 371, in _runCallbacks
2012-12-04 13:39:28.809611 > self.result = callback(self.result, *args, **kw)
2012-12-04 13:39:28.809648 > File "/usr/lib/python2.6/dist-packages/twisted/internet/defer.py", line 879, in gotResult
2012-12-04 13:39:28.809685 > _inlineCallbacks(r, g, deferred)
2012-12-04 13:39:28.809720 > File "/usr/lib/python2.6/dist-packages/twisted/internet/defer.py", line 821, in _inlineCallbacks
2012-12-04 13:39:28.809758 > result = result.throwExceptionIntoGenerator(g)
2012-12-04 13:39:28.809794 > File "/usr/lib/python2.6/dist-packages/twisted/python/failure.py", line 338, in throwExceptionIntoGenerator
2012-12-04 13:39:28.809833 > return g.throw(self.type, self.value, self.tb)
2012-12-04 13:39:28.809868 > --- <exception caught here> ---
2012-12-04 13:39:28.809902 > File "/home/shayan/Downloads/p2pool/p2pool/util/deferral.py", line 41, in f
2012-12-04 13:39:28.809938 > result = yield func(*args, **kwargs)
2012-12-04 13:39:28.809973 > File "/usr/lib/python2.6/dist-packages/twisted/internet/defer.py", line 821, in _inlineCallbacks
2012-12-04 13:39:28.810036 > result = result.throwExceptionIntoGenerator(g)
2012-12-04 13:39:28.810073 > File "/usr/lib/python2.6/dist-packages/twisted/python/failure.py", line 338, in throwExceptionIntoGenerator
2012-12-04 13:39:28.810109 > return g.throw(self.type, self.value, self.tb)
2012-12-04 13:39:28.810145 > File "/home/shayan/Downloads/p2pool/p2pool/util/jsonrpc.py", line 71, in callRemote
2012-12-04 13:39:28.810218 > raise Error_for_code(resp['error']['code'])(resp['error']['message'], resp['error'].get('data', None))
2012-12-04 13:39:28.810259 > p2pool.util.jsonrpc.NarrowError: -32601 Method not found
2012-12-04 13:39:37.247657 New work for worker! Difficulty: 0.999985 Share difficulty: 650.315749 Total block value: 25.411100 BTC including 510 transactions
could it be because I'm using merged minings with litecoin? litecoin pool is working fine, there's no problem with anything. just thought it could be related (no idea how  ) You can't merge mine bitcoin and litecoin. That doesn't work. |
|
|
|
What I meant is you have the address queries in your logs tied to IP and so on. Or if you don't, that can change at any point (eg, if you sell the site).
Don't get me wrong, blockchain.info is a really nicely done site. But if 90% of Bitcoin users ended up on My Wallet, I wouldn't feel comfortable with that due to the aforementioned reasons.
Most of your aforementioned reasons are not valid... Lets go over them again. There are several problems with blockchain.info My Wallet which is why I don't think the project should ever officially recommend it or point users to it. I say that even though it's a really nice site and I regularly use its other services. I just don't think hosted wallets are a good idea: - If the site ever gets hacked, everyone who uses it can lose all their money. I know the owner claims it's not possible, but he's wrong. The reason is that your browser will download new code from the site silently and automatically, and that code can do anything, including sending your private keys to a bad guy. You would never even know it's happened. If you think it's unlikely that the site will get hacked, I wonder where you have been in the past couple of years! Websites get owned all the time, rootkits installed and they begin vending malware. Often they do so in ways that make it hard for the admin to notice there's a problem. Downloadable clients, for better or worse, don't currently have that problem (they have another problem which is that you have to manually fetch updates, but at least they can be given gitian-style updaters fairly easily).
- There is a Chrome extension that is supposed to fix the first issue by alerting you when things change, but that isn't going to work. It's hardly used and the failure mode is an indecipherable error message that users seem to click through without understanding (judging from previous mentions of it on this very forum).
The chrome extensions is sufficient. Maybe it could have a better error message, but a user ignoring the error message is not the sites fault. There should probably be a bigger message telling all the wallet users to install it, but what you are saying is FUD. I keep as much coin on my phone as I do cash in my wallet. It is more likely that I get mugged than the site gets compromised and I ignore the warning message telling me its compromised and I login with my two factor auth anyway. - The site knows all your transactions, your balances and your IP addresses. So it's not very private.
I don't really see this as much of an issue, but if it is a problem for you, use a proxy to access the site and send all your funds through the anonymous mixer (a service not available to the standard the client and as easy to use as checking a checkbox). So to me, this seems MORE private than the satoshi client. - The 2-factor auth isn't really 2-factor auth as you would expect it to be.
The 2-factor mt.gox yubikey auth is limited. The 2-factor through google is perfectly secure. - Although it's definitely arguable, to a financial regulator the site looks and feels like a financial institution. They let users open accounts. They process payments. They take deposits. There is a specific owner in a specific jurisdiction. The fact that the keys for authorizing transactions aren't on the servers is the sort of technical detail they're unlikely to care about. If somebody decides that blockchain.info is actually a bank, everyone on the site will be required to go through AML/KYC (at best) or the owners could be liable (at worst). I hope that doesn't happen but there's no way I'd run a hosted wallet.
Definitely arguable. If the site does go down forever or changes in a way that makes the customer uncomfortable, everyone who has a wallet has an AES encrypted backup that can easily be imported into another client. These backups (which are incredibly easy to use) get sent any time anything in the wallet changes, so it's not like you will have to download them from a compromised site. blockchain.info is completely different than many of the other hosted wallets we have seen. It is not possible for piuk to run away with your coins. If a government seizes his servers, all of his customers are fine because they already have backups of their private keys. Additionally, the jailbroken iPhone app also does not have any of your (IMO invalid) concerns about javascript security. |
|
|
|
It would also be good if you would use git's tag signing feature so those who compile Armory would also have the ability to use your public PGP key to verify the sources.
Of course, I forgot that git supported that! However, my signing key is on my offline computer, I'm going to have to get creative... I'm not sure exactly how to pull that off. I think I know how... +1 Let me know if you need help with git. I'm sure you'll figure it out though. I'll have to defer until tomorrow, but if I had to guess right now, Is'd say I could simply clone the repo onto a USB drive, and then create a new signed tag in the clone while plugged into the offline system. Do a git push <tag> when I get it back to the online system. How does that sound? (besides the fact I may not even have git installed on that system... But i can take care of that) That sounds perfect (assuming you have git on your offline system). I do something similar to get armory onto my offline system. I clone the repo to a USB drive and then plug that into my offline computer. My offline computer has it's origin remote set to the USB drive, so I just `cd ~/src/BitcoinArmory && git pull && make clean && make && make install` and my offline system is up to date. |
|
|
|
|
Show Posts
