Safety of Restoring Armory Unencrypted Digital Backup

[Curyous]

I'm testing Armory 0.90 before I use it for cold storage.  When I restored from an unencrypted digital backup, it didn't give me an option to encrypt it, and ended up saving an unencrypted wallet to disk.  Even though I later encrypted the wallet, does it mean that it is now "unsafe" (if you're paranoid) as there is an unencrypted version on my drive somewhere that could be undeleted?

[bitpop]

Armory is good about rewriting it's files. But depends on your disk controller.

But you got bigger problems, where was the file from? Did you wipe that? Did Windows cache the file read? Temp files? Page file?

[etotheipi]

Indeed, when you encrypt your wallet, Armory attempts to replace the unencrypted keys with the encrypted keys, in-place, hoping that the OS will overwrite the originals on disk.  Unfortunately, this is not guaranteed, and it's probably a PhD-level project to figure out how to guarantee overwrite/delete of such data.  But it's the best we can do when you start with an unencrypted wallet on disk, and any subsequent copies to other places/devices are guaranteed not to have the unencrypted data.  An attacker would need low-level access to your disk to look for sectors that were marked deleted but not actually overwritten (luckily, there's a chance that Armory's operations do work, but it's far from guaranteed).

I guess the best thing to do in this situation is to encrypt the HDD of your offline computer so that the initial restore will still be encrypted on disk (even though Armory is doing it unencrypted).  Or restore to a RAM disk, etc, that never touches the harddrive.  Then encrypt the wallet and copy the encrypted version to your harddrive.  Definitely not the most convenient but probably the best you can do without us fixing this...

[bitpop]

I use bitlocker on an offline computer. Or try a virtual machine that is truecrypted