ColdPi - Offline bitcoin wallet on a Raspberry Pi

[xabbix]

I know you are probably doing this with good intentions, but it seems a lot of people are putting a lot of trust in these kind of products without thinking about the security possibilities.

If I wanted to steal some bitcoin this would be a fantastic way to do it.  I could modify the armory source to stash any PKs loaded to an obscure location on the SD card.  I could then modify one of the standard linux daemons to wait for an internet connection and then send the contents of this obscure PK file to myself.  I know that this is theoretically an offline wallet but I can see many people in a moment of weakness establishing an internet connection  just long enough to download and install one of their favorite apps that doesn't come in your bundle.

Again, I doubt this is the case, but people really shouldn't be running software on anything that they haven't personally verified the source/binaries.  When setting up an environment verify the OS, the bitcoin client and any other tools that you will need.  There isn't any way to do that with this, a whole lot of blind faith in an anonymous entity is required.

Indeed it is possible for me to steal coins from users who choose to use my compiled Armory version, however it is extremely difficult for me to do that, and impossible if you actually follow my own instructions (which is to NEVER connect the Pi to the internet).

By the way, if anyone is interested in adding something to the bundle, he can do it via USB instead of connecting the device to the internet which is quite convenient even compared to directly plugging the Pi to the internet.

[bitmagi]

By the way, if anyone is interested in adding something to the bundle, he can do it via USB instead of connecting the device to the internet which is quite convenient even compared to directly plugging the Pi to the internet.

How about adding a script with coldpi that removes the ethernet interface and the temptation to easily connect the coldpi to the internet?

[xabbix]

By the way, if anyone is interested in adding something to the bundle, he can do it via USB instead of connecting the device to the internet which is quite convenient even compared to directly plugging the Pi to the internet.

How about adding a script with coldpi that removes the ethernet interface and the temptation to easily connect the coldpi to the internet?

Well I don't want to cripple the device by removing the interface. I will however disable it by default, so even if you connect the cable by mistake nothing will happen until you start the networking service manually.

I'll be uploading the complete Raspberry Pi SD image soon (not just the Armory source as currently available).

[crazy_rabbit]

IT would be cool to bundle this all together on a small mini-itx computer with hard drive that could both run as a full node (support Bitcoin!) and run armory for your cold storage needs. It could be set up to only have the port open to the outside world to connect to the bitcoin network, nothing else.

[xabbix]

IT would be cool to bundle this all together on a small mini-itx computer with hard drive that could both run as a full node (support Bitcoin!) and run armory for your cold storage needs. It could be set up to only have the port open to the outside world to connect to the bitcoin network, nothing else.

In my opinion, if the network cable is plugged to the board, it cannot be considered as 'cold' storage.

[xabbix]

The Cold Pi image can now be downloaded freely, please have a look here:

http://coldpi.com/manuals/install-image.html

Regarding the security issues that were raised earlier in this thread, I've also included bitaddress.org's source code (that can be verified via md5 checksum against the current version on github) so you can now basically generate a new key via the bitaddress.org HTML file and import it into Armory.

By doing so you eliminate my ability to mess around with the Armory key generation function and my ability affect the randomness of the process.

Since the device is not intended and should never be connected to the internet, other than to mess around with the randomness of the genkey function I cannot do much more to gain profit.

Just to state the obvious, I have not infected the Raspberry Pi with any malicious software and have not made any code changes to either the Armory client, Raspbian OS or bitaddress.org HTML file.

[cryptozark]

ELI5 - How does this compare to something like the Trezor?

http://www.bitcointrezor.com

[crazy_rabbit]

Since the device is not intended and should never be connected to the internet, other than to mess around with the randomness of the genkey function I cannot do much more to gain profit.

You, or someone else, could theoretically alter the code in such a way that every address the code generates is actually from the same master seed. So to a regular user it might look random and fair, but in reality you would have the master seed and thus access to everyone who ever generates addresses with it.

Not saying that you did, but it's possible.

[xabbix]

ELI5 - How does this compare to something like the Trezor?

http://www.bitcointrezor.com

Trezor can be used as either hot or cold storage. You can easily move coins to trezor's address and use it as cold storage but also allows you to plug the trezor to an internet machine and safely transfer coins as a hot wallet.

The cold pi is intended for cold storage only. Of course you can still spend coins on the Cold Pi address but the way to do it is a bit more complicated than trezor. You will need to export the watch only address from your cold pi to an internet machine, create a transaction using the watch only address, move the transaction data via USB, sign it on the cold pi and move it back to the internet machine.

[xabbix]

Since the device is not intended and should never be connected to the internet, other than to mess around with the randomness of the genkey function I cannot do much more to gain profit.

You, or someone else, could theoretically alter the code in such a way that every address the code generates is actually from the same master seed. So to a regular user it might look random and fair, but in reality you would have the master seed and thus access to everyone who ever generates addresses with it.

Not saying that you did, but it's possible.

Yes but if you use the bitaddress.org HTML file that I've included (and can be verified via md5 checksum) you can generate the private key there and import it into Armory. So I can't control the master seed or anything else..

[loreannl]

Thanks. I've had some SD card issues in the past with Pi. Although I'm sure it was (partially) user error.

IM sure its not. I have two pi's, my brother has a pi, my neighbor has a pi. All 4 have problems with corrupting SD cards, regardless of brand or type of SD card,  and two of the PIs have loose contacts in the sd card connector (well maybe all 4, but only two you have to wiggle/twist/bend/use tape to make it work at all).  I really wish the Pi could boot from USB.

yes i've had the same problems with the SD cards, the problem lies in the contacts not making good contact in de SD sleeve. If you open the case and put a small rubber pressing the sd card harder down and therefore making better contact, you should not having troubles anymore.

[seriouscoin]

The Cold Pi image can now be downloaded freely, please have a look here:

http://coldpi.com/manuals/install-image.html

Regarding the security issues that were raised earlier in this thread, I've also included bitaddress.org's source code (that can be verified via md5 checksum against the current version on github) so you can now basically generate a new key via the bitaddress.org HTML file and import it into Armory.

By doing so you eliminate my ability to mess around with the Armory key generation function and my ability affect the randomness of the process.

Since the device is not intended and should never be connected to the internet, other than to mess around with the randomness of the genkey function I cannot do much more to gain profit.

Just to state the obvious, I have not infected the Raspberry Pi with any malicious software and have not made any code changes to either the Armory client, Raspbian OS or bitaddress.org HTML file.

Correct me if i'm wrong but you CANT import a wallet created by other client to Amory. To do what you said above, you have to make a new wallet in Armory then import the privatekey/address to that wallet.

So what happens if that wallet was created not by random key generator? can you touch those imported addresses?

[xabbix]

The Cold Pi image can now be downloaded freely, please have a look here:

http://coldpi.com/manuals/install-image.html

Regarding the security issues that were raised earlier in this thread, I've also included bitaddress.org's source code (that can be verified via md5 checksum against the current version on github) so you can now basically generate a new key via the bitaddress.org HTML file and import it into Armory.

By doing so you eliminate my ability to mess around with the Armory key generation function and my ability affect the randomness of the process.

Since the device is not intended and should never be connected to the internet, other than to mess around with the randomness of the genkey function I cannot do much more to gain profit.

Just to state the obvious, I have not infected the Raspberry Pi with any malicious software and have not made any code changes to either the Armory client, Raspbian OS or bitaddress.org HTML file.

Correct me if i'm wrong but you CANT import a wallet created by other client to Amory. To do what you said above, you have to make a new wallet in Armory then import the privatekey/address to that wallet.

So what happens if that wallet was created not by random key generator? can you touch those imported addresses?

You can import a private key into your Armory wallet. Even if I had generated the wallet myself (which I don't, and if you install the image you can see that you'll get the 'create your new armory wallet' splash screen. Also you can check and see that there's no ~/.armory directory before you launch Armory for the first time).

If you choose to import a private key from bitaddress.org's html, as far as I know, there's nothing I could do beforehand to get your coins. However if you choose to 'sweep' the address, that will move the funds to the Armory generated address which is something you would like to avoid if you do not trust me.

[acegilz]

Hi, I am tring to write my sdcard with the image provided here:

http://coldpi.com/manuals/install-image.html

but I always get this error:

Code:

not enough space on disk sector size 512

"Not enough space on disk: Size 15730688 sectors Available: 15523840 sectors Sector size: 512"

Can someone help me editing the iso to remove unecessary things to reduce its space?

I bought the NOOBS card with my pi but it seems that it only comes with 7.32GB and the image provided has 7.40GB...

 Thanks

[SimonBelmond]

Hi, I am tring to write my sdcard with the image provided here:

http://coldpi.com/manuals/install-image.html

but I always get this error:

Code:

not enough space on disk sector size 512

"Not enough space on disk: Size 15730688 sectors Available: 15523840 sectors Sector size: 512"

Can someone help me editing the iso to remove unecessary things to reduce its space?

I bought the NOOBS card with my pi but it seems that it only comes with 7.32GB and the image provided has 7.40GB...

 Thanks

I think you might just have found out what your problem is then. Try a bigger one. Are you properly writing it with an imager program?

[acegilz]

Hi, I am tring to write my sdcard with the image provided here:

http://coldpi.com/manuals/install-image.html

but I always get this error:

Code:

not enough space on disk sector size 512

"Not enough space on disk: Size 15730688 sectors Available: 15523840 sectors Sector size: 512"

Can someone help me editing the iso to remove unecessary things to reduce its space?

I bought the NOOBS card with my pi but it seems that it only comes with 7.32GB and the image provided has 7.40GB...

 Thanks

I think you might just have found out what your problem is then. Try a bigger one. Are you properly writing it with an imager program?

I did it myself with this card following the other guide provided by coldpi:

http://coldpi.com/manuals/install.html

I just thinked that if the other image doesn't fit on 8gb cards you should update this point on the other tutorial:

4.    Insert your SDHC card (8GB+, Class4+)

Thanks anyway

[SimonBelmond]

Hi, I am tring to write my sdcard with the image provided here:

http://coldpi.com/manuals/install-image.html

but I always get this error:

Code:

not enough space on disk sector size 512

"Not enough space on disk: Size 15730688 sectors Available: 15523840 sectors Sector size: 512"

Can someone help me editing the iso to remove unecessary things to reduce its space?

I bought the NOOBS card with my pi but it seems that it only comes with 7.32GB and the image provided has 7.40GB...

 Thanks

I think you might just have found out what your problem is then. Try a bigger one. Are you properly writing it with an imager program?

I did it myself with this card following the other guide provided by coldpi:

http://coldpi.com/manuals/install.html

I just thinked that if the other image doesn't fit on 8gb cards you should update this point on the other tutorial:

4.    Insert your SDHC card (8GB+, Class4+)

Thanks anyway

I'm sorry it didn't work out. You might have to wait for the owner of this thread to drop by. Maybe write hm a PM.