Bitcoin Forum
March 19, 2024, 04:28:15 AM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
  Home Help Search Login Register More  
  Show Posts
Pages: « 1 2 3 [4] 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 ... 232 »
61  Bitcoin / Armory / Re: Send Bitcoin Button Unresponsive on: May 09, 2023, 08:39:37 AM
You would have to post your log file. You can extract it from the Files menu.
62  Bitcoin / Armory / Re: Do I need the whole blockchain installed for Armory to be able to go online? on: May 08, 2023, 07:13:20 AM
You need the whole blockchain to get Armory online indeed. If you cannot afford this, you can extract the relevant private key from Armory and import into a lite wallet like Electrum.
63  Bitcoin / Armory / Re: Help! Bitcoin missing in Armoury Wallet after issues. on: May 08, 2023, 07:11:36 AM
I am hoping it gets returned to my wallet, after an update on the blockchain info page an hour ago, I can now see that the transaction did go through & sit unconfirmed due to a low fee (51 sats per byte). Maybe they will go through but I hope not.
Thanks for posting.

It should mine eventually. If you're willing to pay more in fees, you could CPFP the output.
64  Bitcoin / Armory / Re: Export of wallet keys yields 1000 PrivBase58 keys on: May 03, 2023, 07:15:13 AM
If you restored the wallet paper backup, it will look up 1000 addresses ahead in the key chain. This is because in order to find all the coins on a wallet, you have to guess how deep in the address chain to check. Armory overshoots to 1k addresses on wallet restore to be a safe the side.

As an example, imagine you had a wallet with 100 unused addresses (you gave these addresses to people to pay you but never got anything). On the 101st address, there are coins. If the software only checked the first 10 or 20 addresses, it wouldn't be aware of these coins. You as the user would see the wallet seemingly has no funds and you would may get rid of it.
65  Bitcoin / Armory / Re: Brute-forcing Ubuntu encrypted disks on: April 20, 2023, 07:37:30 AM
I can only imagine that 6 or 7 years ago (when I imagine 18 was being specced) it all seemed "good enough".

Maybe they just forgot about it until LUKS itself receive a major update. Tends to happen in these large projects, you just don't go around turning stones on stuff that appear to work.

Quote
Though at the loss of plausible deniability!

If someone finds a wallet on your system with private keys in it, I think they can reasonably assume the coins are yours. The fact that they have access to the public keys would allow them to trace the movement of the coins too. To improve protection, the new wallet format allows you to encrypt all data in the wallet (not just private keys) with a second passphrase.

This still means the attacker can see your public keys in your local blockchain database. Encrypting that data is a lot more complicated than the wallet, I haven't got around it yet. You'd have to use a supernode to avoid that data leak for now.
66  Bitcoin / Armory / Re: Brute-forcing Ubuntu encrypted disks on: April 19, 2023, 12:35:14 PM
Jeff Garzik linked to this article suggesting older (18.04) Ubuntu encrypted disks might be vulnerable to brute-force attacks:

In general you shouldn't trust on disk encryption schemes for data at rest as it uses a new IV per block, and the IVs have to be deterministic, when the AES candidates expect randomized IVs (iirc). In this case the "vulnerability" was PBKDF2, which does not actually enforce a hash function nor a number of iteration. I don't expect the first instance of LUKS is using SHA512 nor 512k passes, which is the more common use of PBKDF2 you encounter these days.

Still, even with those parameters, I believe PBKDF2 can be brute forced by a state actor nowadays. It is a bit unsettling Ubuntu would use such a weak KDF when you need to unlock your key only at system start (meaning it's ok if it takes a few seconds, it won't degrade user experience).

Quote
A fresh install of a later distro (22.04?) would seem to plug the possible vulnerability.  

The recommendation is to set the KDF manually, which likely can be changed after that fact. Disk encryption schemes do not typically encrypt the all the data on disk with your password. Rather, they encrypt a master key entry, and that master key is used to encrypt the actual data. This allows you to change the encryption key (or parameters in this case) on the cheap. If you really want to be sure of your encryption strength, this is what you need to do. Just updating your OS does no guarantee the default LUKS settings offered by the GUI installer (what most people use unless your an Arch nut) will fit your security needs.

Quote
Does Armory offline run on Ubuntu 22.04?

The dev branch does, but it's not user friendly yet. If you want to run 96.5 on Ubuntu 22.04, you'll need to install both py2 and qt4, or setup a 18.04 VM.

Quote
In passing, this made me wonder if the Armory transaction-signing / key-exposing password has any anti brute-forcing mitigations? Could a 20+ mixed character password still survive today's attacks?

Funny you ask, I looked at the KDF code last week. Armory uses Scrypt, which is a memory intensive KDF. The current parameters allow up to 32MB per pass and target a between 0,25 to 2 seconds long unlock based (this is something you can set to its upper bound at wallet creation/password change). I was considering removing the hardcoded limits.

Of the top of my head, to crack a 20 characters password, you would need something like 10^20 attempts per seconds to be able get a solution within a lifetime. If it takes anywhere near 0.1s to perform a single attempt, I don't think there's enough hardware on the planet to handle that.
67  Bitcoin / Armory / Re: Accept failed with error number: 10038 during doInitialSyncOnLoad on: April 02, 2023, 07:43:30 AM
Thanks for responding!

The reason I'm holding off on updating is because I don't want to re-do my offline laptop.. And IIRC the old version cannot sign the transactions created by newer versions unfortunately.

Do you happen to remember which port ArmoryDB is listening on?

The tx signing message format was extended in 0.96 to support nested segwit scripts. This means, if you are trying to spend coins from a nested segwit script, Armory versions prior to 0.96 will not be able to sign the transaction. My recommendation is for you to update anyways, seeing your online version is already of the 0.96 family.

Quote
Do you happen to remember which port ArmoryDB is listening on?

You are letting ArmoryQt automate your DB process, so it randomizes the port used. As you can see in your logs, this time around it was:
Code:
-INFO  - 16:01:23.062: (c:\users\goat\code\armory3\cppforswig\BDM_Server.h:263) Listening on port 58804

10038 is a Windows socket error code. It happens in either of 2 cases: the client is trying to connect to this port but there is no service running behind it (meaning the server never started or crashed), or the server is trying to listen on this port, but some other process already bound it.
68  Bitcoin / Armory / Re: Accept failed with error number: 10038 during doInitialSyncOnLoad on: March 31, 2023, 06:49:48 AM
You're using an old version of Armory, go get 0.96.5 (https://github.com/goatpig/BitcoinArmory/releases)

As for the specific error, likely something is using the port ArmoryDB is trying to listen on.
69  Bitcoin / Armory / Re: Building Armoury from sources in 2023 on: March 16, 2023, 11:27:26 AM
PS: at /building page at your site there are some blocks with code and there are something wrong with CSS so I decided that there are pictures or js mouse copy/paste disabling code and type most of the codes manually and only at last moment understood that it is selectable and right-mouse-button-clickable  Undecided

I'm not familiar with gh-pages, Andy Chow contributed that part, I'll try to look into it too.
70  Bitcoin / Armory / Re: Building Armoury from sources in 2023 on: March 16, 2023, 11:26:39 AM
@goatpig, maybe the best would be if you set up fresh Win10 machine in VM, install VS 2022 and from that moment record a video of all steps building ArmoryQT?
It will be much more speaking and less time consuming for all. You can even record video without any sounds, just what you're doing, whats happening and a final positive result.
When I will have opportunity then I can write text instructions based on your record and give it to you to place to your site.

PS: at /building page at your site there are some blocks with code and there are something wrong with CSS so I decided that there are pictures or js mouse copy/paste disabling code and type most of the codes manually and only at last moment understood that it is selectable and right-mouse-button-clickable  Undecided

I'm abroad to be the best man at my brother's wedding, I'm nowhere near my work setup. You'd have to wait until Im back in late March to deliver that.
71  Bitcoin / Armory / Re: Building Armoury from sources in 2023 on: March 14, 2023, 03:18:50 PM
Oddly enough it's easier to build on Windows these days cause it doesn't come with a native python install. Ubuntu moved on from py2, which makes life harder.

Quote
Win 10 22H2 - I have installed MSVS 2022 and unsure it is possible/good for OS to install MVSE 2013U3, don't want to crack fine tuned machine.

You should be able to import a msvs 2013 project into 2022, it will offer you to convert it, which you should agree to. Then you need to get it to build, that's the worst part actually.

Quote
NSIS 3.0+ - nsis-3.08-setup.exe

That's to create the installer, not super useful tbh.

Quote
"Swig is not installed like the other packages" - tried to unpack swigwin-3.0.2.zip and swigwin-4.1.1.zip then renamed swigwin-3.0.2/swigwin-4.1.1 dirs to swigwin, there are swig.exe inside it

swig.exe needs to be available in your PATH, that's all you need to do with that.

Quote
Ok, digging again. To build v120 I need VS 2013. "Build tools VS 2013 is not enough, because no c++".

Look for MSVC community, or VS code. MSVS is a bundle (think Office). You want the C++ IDE only, the rest isn't useful.
72  Bitcoin / Armory / Re: Building Armoury from sources in 2023 on: March 14, 2023, 01:34:06 PM
Are you trying to build the dev branch or the latest stable release? Win or *nix? Pick one and I'll try to walk you througgh.
73  Bitcoin / Wallet software / Re: Are there any smartphones out there that are hard wallets too? on: March 01, 2023, 09:10:55 AM
Correct. I think mobile phones cant replace hardware wallet features.

Phones TPM speak PKCS11. As long as you're willing write in the native language (Kotlin or Objective-C), and the TPM lists EC as a supported feature (they all do RSA but EC is present maybe 50% of the time?), then you can do hardware exponentiation and signing. Vaults on phones are "fairly" well implemented from my experience, the material is correctly enclaved to the binary that created the entry, and with the proper options at creation, it will never reveal the private data.

Phones as a primary hardware wallet are useless, but as a secondary signer in a multisig scheme, why not?
74  Bitcoin / Development & Technical Discussion / Re: "Bitcoin’s Future Hinges on Donations, and That’s Got People Worried" on: February 27, 2023, 08:30:56 AM
b. Most of them have been involved in the development of BTC almost since it's earliest days and still have rather tidy sums of the BTC they've acquired during that time so they are certainly not hurting for money. Hell, a few years ago Luke Jr. bragged about still having several thousand BTC ...

Let's not circulate the idea that Core devs are swimming in BTC. $5 wrenches and what not, you know. Also, wasn't there an instance where Luke lost all his coins?
75  Bitcoin / Development & Technical Discussion / Re: AES Rijndael Algorithmus on: February 10, 2023, 08:21:25 AM
You can use pretty much any cipher. It's not restricted to ECB, CBC, or anything like that.
Hello
It's not about restriction its about security & purpose of use.
for example you can use most case aes-cbc-128 its simple and secure. but still there are case people use aes-ctr & aes-gcm
Almost all AES(other then ECB mode) provide good security.
There are also WhiteBox-AES CTR/CBC provide more security then standard.

Block mode and cypher aren't the same thing.

In search of someone who implemented AES encryption with the Rijndael -Algorithm. ("NIST" compliant)
Please write to me, thank you very much!

Is there a reason you want someone who can implement this vs using an existing library?
76  Bitcoin / Development & Technical Discussion / Re: NFTs in the Bitcoin blockchain - Ordinal Theory on: February 06, 2023, 08:12:36 PM
There is a pretty straight forward solution to this, albeit a somewhat brutish one:

The Ordinal protocol sets out to identify single satoshis. It therefor generates outputs that are provably self-unspendable: their value isn't enough to cover for the fee to spend them. To redeem a 1 satoshi output, you would have to create a 0 fee tx, or bring in coins from another output.

If a majority of nodes reject these transactions, this whole ordinal idiocy goes tits up overnight. This can be done without any changes to consensus rules: set your node to a reasonably s/B fee rate. This would limit the propagation of these transactions in the mempool.

A stronger iteration of this approach would be a UASF where nodes would reject transactions that create such outputs. If 2/3rd of the nodes were to enforce such rule, this would force miners to upgrade their nodes as well, as they would rather stay on the main chain than mine ape jpegs. Then the damage can be undone by evicting these outputs from the mempool with a subsequent update.

In general, I'm not too worried. Ethereum has demonstrated that NFTs will move to the next chain down the road when fees get too high for data usage. In general the whole concept of NFTs on chain is dumb, as you need a centralized party to enforce consumption rules. I don't see this fad developing on chains with scarce block size as a consequence.
77  Bitcoin / Armory / Re: Can I pay one of you experts to help me retrieve my armory wallet? on: January 24, 2023, 08:30:11 AM
Quote
Does it matter that I installed bitcoin core first, downloaded the blockchain and then synced up? 

It's better to do it in that order.

Quote
After that, I installed armory 0.96.5, but needed to change the path for armory to the d: drive after the initial install. I checked the status of the box "prune block storage" in bitcoin core, but that wasn't until after the initial installation. 
That's unfortunate, likely you have a pruned copy of the chain, that cannot be used as is by Armory, you would need to resync your node with the pruning off.

Quote
How do I proceed? What checks do I run, which logs do you want posted in pastebin? 

Make sure you have a full chain with Core then start ArmoryQt. If you get pathing issues, try with ArmoryDB on its own. The useful log files are armorylog.txt and armorydb.txt. You can find them in your armory data dir (defaults to C:\Users\*yourusername*\AppData\Roaming\Armory).

Quote
"target" is d:\armory\armoryqt.exe and "start in" is set to d:\armory.

This won't do much for you. You installed armory in D:\ but that's at most 100MB of data. The database which takes several gigs will go to the default folder mentioned before. What you are trying to do is to get Armory (and Core) to save their data in the D:\ drive.

This link will help you through that: https://btcarmory.com/docs/pathing
78  Bitcoin / Armory / Re: I cant put my wallets online? on: January 20, 2023, 01:47:55 PM
Also, Armory won't prepare databases unless you allow bitcoin-qt.exe, ArmoryQt.exe, and ArmoryDB.exe access through any firewall setup you may have (including Windows).

None of these processes need to open a listen socket that allows connections from the WAN, I don't think relaxing firewall settings will do much here (unless you're running some intense SELinux variant). Certainly not an issue on stock Windows.
79  Bitcoin / Armory / Re: Armory 0.96.5 on: January 11, 2023, 08:25:07 AM
interesting choice. I'm frankly suspicious of the way that all these javascript dialects are proliferating and eating everything like an army of king kong/godzilla/ghostbusters marshmallow men, but on the other hand, QT is going weird, gtk already went weird, and they're the only game(s) in town.

I confess to knowing less than zero about javascript-ey thingys and widgets, but like every self-respecting opinionated asshole, I can tell you that I don't like it and that therefore it is bad. Cheesy.

The 3 issues i see with Qt:

- Qt5 will be EOL in 2025
- There are complaints about Qt6 licensing shenanigans
- There aren't that many people who are experienced with pyqt. Qt is typically used with C++. This limits my opportunities: It's hard to find a pro to deliver on the kind of GUI elements I'd rather not deal with.

Also, the qt GUI in Armory is straight up hardcoded into the python code files. This isn't very future proof. Cleaning that up would involve big rewrites, which is why changing graphical libs is on the table. For now I'm trying to hang by with what I got, but I'm warming up to the idea.
80  Bitcoin / Armory / Re: Armory 0.96.5 on: January 10, 2023, 03:22:31 PM
excellent news. not the day job/stuck with pyQt part Cheesy

I'm legit considering paying someone to redo the GUI in flutter/dart.
Pages: « 1 2 3 [4] 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 ... 232 »
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!