A minute ago I noticed a tx in Armory still is at 2 confirmations only.
'bitcoind getinfo' says 223646 blocks,
Armory says 'connected 223630 blocks'.
Armory 0.87, bitcoind 80000.
Anything I should do, like pulling a log or something?
Else I'll just restart Armory or shutdown my pc to get some sleep..
Mine does that every now and then as well. Only solution I've found is to shut down and restart. Would be great to have a "resync" button... but if the plan is to go with a standalone Armory, that might be unnecessary.
Indeed. This is something I noticed which happens when there is a re-org/orphaned block. It inspired me to re-run some unit-tests that hadn't been run in a while, and led to semi-release of 0.87.2 (only available from the googlecode download page
). I never made an official release, because I had released 0.87 a couple days earlier and didn't want to spam users with it.
Until you upgrade, restarting is the only thing you can do. EDIT:
Actually, I don't think it was re-orgs, I think actually when two blocks are received at the same time... well doesn't matter... both were fixed in 0.87.2.
1) The wallet generated by Armory is deterministic; if you have access to the root key you can generate all public/private key pairs that will ever be generated for that wallet. In essence you have access to all the funds attributable to the addresses in that wallet. So my question is: can you explain how the entropy generation is handled for generating the initial root when I generate a new wallet and how this is secure?
I don't have a good way to describe the entropy generation: it is handled by the Crypto++ library's AutoSeededRandomPool, which is a FIPS-140-2 validated
cryptographic library. It is considered "suitable for cryptographic purposes."
2) I recall from generating a wallet on my main system that, when creating an encrypted wallet, the level of encryption is determined by the speed of the system generating the wallet. Since I am using a crappy computer to generate the wallet will it be secure? Also, can I increase the encryption level manually? (I don't care if it will take the system hours to generate a wallet since it will be a one-time event).
Armory does test system speed and sets the encryption
parameters. This is not the same as the deterministic key generation ... that always takes the same amount of time. What is adjusted is how long it takes to convert your passphrase into the encryption key used to encrypt your wallet. Basically, how long you have to wait between entering your passphrase and pressing <Enter>, and when the keys actually get unlocked.
When you create the new wallet, there will be "Advanced Options" where you can adjust the time and RAM usage of the key-stretching. The longer the amount of time you specify, the more computation it does, and the more RAM it will use. Note that RAM usage above 64 kB is acceptable for disarming GPU-acceleration. If you set the time really long, you will get up to 32 MB, which is extraordinary overkill. The point is, it is configurable. You can make it up to 20 seconds if you want, but it will be pretty annoying to sign transactions.
3) If I understand correctly, a paper wallet is a direct representation of the root key that can be used to generate all public/private key pairs that will ever be generated in a wallet AND that this is also true for a encrypted wallet. So:
3a) Won't that circumvent the security of the wallet encryption? If someone physically gains access to my paper wallet he will still be able to take my funds even though I encrypted the wallet?
3b) Is there a way to make an encrypted paper wallet? Restoring such a paper wallet would require typing in the paper wallet and subsequently decrypting it using the encryption key to decrypt it and once again have access to all public/private key-pairs.
You are correct, the paper backup is not encrypted. The goal is to protect against digital/virtual threats, not physical threats. If you are concerned about physical security, you should put it in a safe-deposit box at a bank. There is no encrypted paper backup option, though there is a "fragmented" backup option coming with the new wallets! If you really
want to encrypt your backup, then make a digital backup of your wallet to a USB key or a CD (which will be encrypted if your wallet is encrypted). Just be sure to make a couple copies in case one fails. Though, it's highly recommended you make at least one plaintext backup and keep it physically secured. Your family will thank you for that (post-mortem) if something terrible were to happen to you.
When I'm done with the new wallets, I'll be reworking the backup system into a single, complete dialog that will walk you through the process and provide all the appropriate warnings.
4) You linked to a site explaining how to disable autorun of inserted USB devices on Windows. How can this be done in Ubuntu 10.0.4?
Luckily, all Linux distros are expected to default to no-autorun at all. However, the default is to automount and *ask* you if you'd like to run something on the inserted drive. This isn't the same thing as "no autorun vulnerabilities", but it does cut down on them by an order of magnitude. You can google for a few ways to configure this behavior. I left it out because it's probably confusing to some users and not so necessary when the autorun is already disabled. Here's some links. http://ubuntugeek.com/forum/index.php?topic=4639.0http://ubuntuforums.org/showthread.php?t=974087