Help me understand Private Keys and the Armory offline wallet

[thewayshegoes]

I want to buy a few bitcoins and keep them in an Armory offline wallet but there are some things I don't quite understand.

My plan is:

I will get a computer that has never touched the internet and I don't plan for it to.  I will install the Armory offline client on this computer and create a new wallet.

Here is what I don't quite get (sorry if its confusing):

Once I create the wallet, if I understand correctly, I can then print out a paper wallet, even before I add any bitcoins to the wallet, which has the private keys on it. 

What I don't understand is this: Once I print out that paper wallet, will that paper wallet always let me access my bitcoins regardless of how many bitcoins I send to and from this offline wallet?  Basically, does the paper wallet or private keys change every time I send bitcoins in or out of my wallet?  Or do the private keys on the paper wallet stay the same no matter how many times I move coins in or out, as long as the wallet and addresses are the same?

Thanks.

[Zilarion]

Okay, so every wallet has its own public and private keys. I will quickly explain this concept.

Public keys are known to everyone, however private keys are.. private.
You use a private key to encrypt a piece of text and anyone can then decrypt it with the public key.
And since only you known the private key, it can basically be seen as your autograph only then it's safer.

Your private key hence is basically your autograph or password to your wallet. And you can simply write the privately key (s) down as a "backup".

Now what you do with an offline wallet is have two pcs, one offline and one online. First, you create a transaction and sign it on the offline pc. You then transfer the signed transaction (or encrypted text file) to the online pc and transmit it over the network.  Your private keys have never been online and your transaction is complete .

[JoeJacksonJr]

How does armory, on the offline computer, know if you have been sent coins? How can the offline computer ever be up to date?  Or am I missing something 

[Zilarion]

How does armory, on the offline computer, know if you have been sent coins? How can the offline computer ever be up to date?  Or am I missing something  

Ahh! That's simple,, it doesn't know. But on your online pc you can have a read only wallet (since all transactions are public..)
Where you can keep track of it!

[cp1]

When you send bitcoins from an address it will send the desired bitcoins to the address you told it to, and any left over bitcoins will be sent to a completely different address.  I believe armory is deterministic in that you don't need to keep track of all the newly created addresses.  But if it doesn't, then a paper wallet won't be sufficient unless you print a new one each time you make a transaction. 

[Zilarion]

When you send bitcoins from an address it will send the desired bitcoins to the address you told it to, and any left over bitcoins will be sent to a completely different address.  I believe armory is deterministic in that you don't need to keep track of all the newly created addresses.  But if it doesn't, then a paper wallet won't be sufficient unless you print a new one each time you make a transaction. 

Ehm, I believe you have been misinformed that doesn't match any of my bitcoin knowledge.  Where did you learn this from?

[Birdy]

When you send bitcoins from an address it will send the desired bitcoins to the address you told it to, and any left over bitcoins will be sent to a completely different address.  I believe armory is deterministic in that you don't need to keep track of all the newly created addresses.  But if it doesn't, then a paper wallet won't be sufficient unless you print a new one each time you make a transaction.  

Ehm, I believe you have been misinformed that doesn't match any of my bitcoin knowledge.  Where did you learn this from?

No, it's correct.
You can check it e.g. by installing coin control in the qt-client.
Example:
You have 5 BTC transferred to your paper wallet, when you send 2 BTC to somewhere you will actually send all 5 and get 3 back to a different adress.

I haven't used Armory yet, but I think they have this problem solved by this deterministic approach (need to inform myself about this,too).

[cp1]

Reading up on the deterministic wallet it seems that both Electrum and Armory determine future addresses from a seed value that you keep safe as backup, which it can use to re-determine your addresses.  So you don't need to keep re-backing up your wallet like with bitcoin-qt or multibit if you create a new adddress.

[jeffp86]

Reading up on the deterministic wallet it seems that both Electrum and Armory determine future addresses from a seed value that you keep safe as backup, which it can use to re-determine your addresses.  So you don't need to keep re-backing up your wallet like with bitcoin-qt or multibit if you create a new adddress.

How safe are determinist wallets?

I feel Satoshi didnt use them for a reason.... is there a catch?

[cp1]

Well if someone gets your seed then they get all your private keys.

[jeffp86]

Is it more likely to crack your private key by seeing many of your deterministically generated public addresses?

[cp1]

The private keys have to be the ones that are deterministic so I'd guess no.

[jeffp86]

The private keys have to be the ones that are deterministic so I'd guess no.

Well, if you know all my public addresses, and they're all deterministiclly generated, I would think it would make it easier for a "bad guy" to guess my "seed" that generated these, and therefore get my private key...

[cypher1024]

...get a computer that has never touched the internet and I don't plan for it to.  I will install the Armory offline client on this computer and create a new wallet...

You don't need to go that crazy. Just boot your computer with a live Linux CD.

The Armory guys provide a package specifically for this purpose.

[cp1]

The private keys have to be the ones that are deterministic so I'd guess no.

Well, if you know all my public addresses, and they're all deterministiclly generated, I would think it would make it easier for a "bad guy" to guess my "seed" that generated these, and therefore get my private key...

I don't know enough about it to say no, but since the private key can't be practically determined by the public key, I'd guess that it wouldn't help.