Bitcoin Forum
March 19, 2024, 06:47:27 AM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 [34] 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 ... 231 »
  Print  
Author Topic: Armory - Discussion Thread  (Read 521670 times)
Raoul Duke
aka psy
Legendary
*
Offline Offline

Activity: 1358
Merit: 1002



View Profile
April 22, 2012, 11:25:22 PM
 #661

So out of interest, what is the basic strategy for Armory's physical handling of wallets?

Specifically;

1) are unencrypted private keys ever held on disk (or only ever in RAM)?

2) how are any old copies of wallet files that reside on disk at any point deleted/erased?


Here is a relevant question: Have you asked the same questions to the regular Bitcoin client developers?

I have, and the answer by them is:  "This problem is out of scope of our software.  This is an OS/filesystem issue, not an application issue." 

And of course:  after the wallet-not-actually-encrypted but 0.4.0, their wallets are now born encrypted, too.  If your wallet is unencrypted and then encrypted, they just delete the old wallet and rewrite a new, born-encrypted wallet.  But that's because in their case, they don't have a way to truly purge the old wallet using BSDDB.   Nonetheless, their implementation would suffer from the same filesystem issues.

I wasn't asking you etho! Thanks for spoiling my fun! Tongue
1710830847
Hero Member
*
Offline Offline

Posts: 1710830847

View Profile Personal Message (Offline)

Ignore
1710830847
Reply with quote  #2

1710830847
Report to moderator
1710830847
Hero Member
*
Offline Offline

Posts: 1710830847

View Profile Personal Message (Offline)

Ignore
1710830847
Reply with quote  #2

1710830847
Report to moderator
1710830847
Hero Member
*
Offline Offline

Posts: 1710830847

View Profile Personal Message (Offline)

Ignore
1710830847
Reply with quote  #2

1710830847
Report to moderator
Make sure you back up your wallet regularly! Unlike a bank account, nobody can help you if you lose access to your BTC.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1710830847
Hero Member
*
Offline Offline

Posts: 1710830847

View Profile Personal Message (Offline)

Ignore
1710830847
Reply with quote  #2

1710830847
Report to moderator
1710830847
Hero Member
*
Offline Offline

Posts: 1710830847

View Profile Personal Message (Offline)

Ignore
1710830847
Reply with quote  #2

1710830847
Report to moderator
etotheipi (OP)
Legendary
*
Offline Offline

Activity: 1428
Merit: 1093


Core Armory Developer


View Profile WWW
April 23, 2012, 12:26:31 AM
Last edit: April 23, 2012, 02:07:48 AM by etotheipi
 #662

A Linux testing release:  Armory 0.75-alpha

-- System tray operations and notifications (teaser provided earlier)
-- URI handling

The URI handling works great (besides being a little ugly) on Ubuntu 10.04 and earlier, and it automatically registers itself on load (asking for permission if something else is there already).  Ubuntu 10.10+ has a bug in the OS, so registration happens at installation, and won't re-register until it is reinstalled -- better than nothing!  I need to improve the layout/design of the URI-select window, but it does work!

Debian/Ubuntu 32-bit / Python 2.6 (Ubuntu 9.04-10.10)
Debian/Ubuntu 64-bit / Python 2.6 (Ubuntu 9.04-10.10)
Debian/Ubuntu 64-bit / Python 2.7 (Ubuntu 11.04+)

There's a small issue with the .debs that they don't install the testnet and offline menu entries if the previous Armory was not removed.  So you can use "sudo dpkg -r armory" to remove the previous armory before installing the new one, or use Synaptic:  search for "Armory" then "mark for removal" and then apply.   Just another bug to figure out...

Please test!  (it's the "urihandle" branch, for those on a different distro that still compile manually).

Windows URIs next!

Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
Raoul Duke
aka psy
Legendary
*
Offline Offline

Activity: 1358
Merit: 1002



View Profile
April 23, 2012, 12:44:43 AM
 #663

Python 2.7 package says dependency not satisfied libpython2.6 Wink
etotheipi (OP)
Legendary
*
Offline Offline

Activity: 1428
Merit: 1093


Core Armory Developer


View Profile WWW
April 23, 2012, 12:56:01 AM
 #664

Python 2.7 package says dependency not satisfied libpython2.6 Wink

Whoops!   Just replaced the download with the correct one.

Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
marcus_of_augustus
Legendary
*
Offline Offline

Activity: 3920
Merit: 2347


Eadem mutata resurgo


View Profile
April 23, 2012, 03:09:48 AM
 #665

So out of interest, what is the basic strategy for Armory's physical handling of wallets?

Specifically;

1) are unencrypted private keys ever held on disk (or only ever in RAM)?

2) how are any old copies of wallet files that reside on disk at any point deleted/erased?

i would just use an offline wallet which is why i chose Armory to begin with. 

Well thanks for the useless, random, tangential comment. Offline or online is not relevant to my question, if you don't realise that yet.

I think his point was that the questions you ask are irrelevant if your computer is offline.  Stored in RAM or HDD, encrypted or not, doesn't really matter.  The only thing to worry about is eventually discarding it, but if you stored any significant coins on it, ever, thermite is the only real solution Smiley

Not true, I was considering every possibility. One particular offline example, thief comes in and physically takes your "offline" drive (and contents of house safe). If people are going to feel comfortable about storing life-savings on offline (or online) drives at home the stakes go up. You must have considered physical loss surely?

etotheipi (OP)
Legendary
*
Offline Offline

Activity: 1428
Merit: 1093


Core Armory Developer


View Profile WWW
April 23, 2012, 03:29:39 AM
 #666

Not true, I was considering every possibility. One particular offline example, thief comes in and physically takes your "offline" drive (and contents of house safe). If people are going to feel comfortable about storing life-savings on offline (or online) drives at home the stakes go up. You must have considered physical loss surely?

Well, of course!  But that's two orders of magnitude less likely than virtual threats, which can sweep across thousands of computers from the safety of Tor and grab all the low-hanging fruit (users with shitty security).  I believe that 99.9%+ percent of Bitcoin thefts will be due to virtual security, not physical security.  For someone to physically steal your offline system from your house they have to:

(1) Be targeting you because they know you have money, or
(2) Be a low-life burglar that wouldn't have a clue how to do a low-level scan for residue private keys from your hard-drive (if they even know what Bitcoin is).

And I believe that if someone is targeting you and gets physical access to the system, it's because you have lots of money and would've been using encryption from the start.  There's just not many situations I can think of where it would make a tremendous difference whether the secure-delete option was implemented (if it were possible).  On top of that, no matter what security procedures I implement, you'll almost always be compromised if the attacker is targeting you and has physical access.  There's too many things they can do between planting keyloggers, viruses, trojans, etc.

The more-important part is the GPU-resistent key-stretching used for Armory wallets.  That's gives you the best chance of protection from virtual threats and physical threats (mainly physical, though).  As I conceded, it doesn't hurt for me try to overwrite the wallets in-place when deleting.  It may provide no benefit whatsoever, but it's the best I can do.

Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
R-
Full Member
***
Offline Offline

Activity: 238
Merit: 100

Pasta


View Profile WWW
April 23, 2012, 07:40:58 AM
 #667

Question for Etho, will the full version of Armory be coming out on 32 bit soon?

Thanks!
marcus_of_augustus
Legendary
*
Offline Offline

Activity: 3920
Merit: 2347


Eadem mutata resurgo


View Profile
April 23, 2012, 09:01:58 AM
 #668

Ok, thanks for your replies, for me it was important to get to the bottom of the physical handling of the keys.

One final line of questions, your tutorial recommends  "Load Armory on the offline computer"
http://bitcoinarmory.com/index.php/using-offline-wallets-in-armory

Do you have a recommended method for this? Is it the same method for Armory s/ware updates and dependency updates, etc? Should the offline computer have OS installed from a DVD/CD and OS s/ware updates done via USB? I mean how rigorous is the "offline" status of this machine? Like "absolutely never been connected" ... or something less so maybe?

etotheipi (OP)
Legendary
*
Offline Offline

Activity: 1428
Merit: 1093


Core Armory Developer


View Profile WWW
April 23, 2012, 02:43:00 PM
 #669

Question for Etho, will the full version of Armory be coming out on 32 bit soon?

Thanks!

Sorry BitAvenue.  Unfortunately, my efforts have failed at getting Armory to work on Windows 32-bit.  It does work in Linux 32-bit, though.

It might be another month before I can even start thinking about fixing this.  It will be fixed, but it might not be until I get native networking (and thus have to rework my blockchain code, anyway).

P.S. -- my screenname is "Eto"... it's actually:  e-to-the-i-pi


Ok, thanks for your replies, for me it was important to get to the bottom of the physical handling of the keys.

One final line of questions, your tutorial recommends  "Load Armory on the offline computer"
http://bitcoinarmory.com/index.php/using-offline-wallets-in-armory

Do you have a recommended method for this? Is it the same method for Armory s/ware updates and dependency updates, etc? Should the offline computer have OS installed from a DVD/CD and OS s/ware updates done via USB? I mean how rigorous is the "offline" status of this machine? Like "absolutely never been connected" ... or something less so maybe?

I was just discussing this with someone else.  I usually recommend using Linux, setting up the system online and disconnect before you create your first wallet.  But, with my recent release of .deb files, I found it's a lot easier now to setup everything from entirely offline... it's only 30 MB of downloads!

I'm waiting for some more testing/feedback before I completely release it.  But if you are experienced with Linux and have a spare online linux system, this can be super easy:

(1) Load the offline OS (preferably Ubuntu 10.04 / 32-bit, since I'll eventually be distributing offline packages for that).
(2) Go to Synaptic package manager and search-for-and-mark-for-installation:  "python-qt4" and "python-twisted"
(3) File-->Generate Download Script
(4) It will create a bash script of wget commands for all dependencies:  about 30 of them.
(5) Take to online linux system, double-click, Run In Terminal.
(6) Take back to offline system and "Add Downloaded Packages" from Synaptic (below the "Generate Download Script")

That will install all the dependencies, and then you only have to run the .deb file I posted.  I will eventually be releasing a single .tar.gz that includes all these debs, along with Armory itself, so you only need to move one file and everything will work!




Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
etotheipi (OP)
Legendary
*
Offline Offline

Activity: 1428
Merit: 1093


Core Armory Developer


View Profile WWW
April 23, 2012, 11:34:46 PM
 #670


Armory Version 0.75-alpha on Windows!  (Testing Release)

I just posted a .msi file for installing Armory version 0.75.  This has a ton of new stuff in it, mostly stuff that makes it feel like a real program! 

Please try it, test it and give me feedback.

This has been stated before, but here's the official aggregation of features between 0.74 and 0.75:

  • Full installers on both Windows (.msi) and Debian/Ubuntu (.deb).  Creates menu entries for Armory/Testnet/Offline
  • System-tray icon and notifications.  Be notified immediately when coins are received.
  • URI-handling!  In Windows and Ubuntu <11.04, it will automatically check on load whether Armory is registered for handling "bitcoin:" links and either register it if nothing is registered, or it will ask you to switch if something else is there.   On Ubuntu 11.04+, it will do it on installation only, due to a bug in the Unity desktop.  (P.S. - this was a lot of work!  Geezuz)



As usual, I've done what feels like a lot of testing, but users inevitably find all sorts of stupid issues I didn't.  Please help test and I can make 0.75 final.

Just be aware the blockchain is getting bigger, and the loading time is getting longer on Windows.  I hope kr105 comes through, claiming he knows how to fix the windows MMAP code, but I'll be doing some fixes on it, too...eventually.

Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
etotheipi (OP)
Legendary
*
Offline Offline

Activity: 1428
Merit: 1093


Core Armory Developer


View Profile WWW
April 27, 2012, 01:16:51 AM
 #671

Just found a bug that that makes clicking on URLs not work when you have only one wallet.  D'OH!  I have half a dozen wallets, so I never test Armory with only one wallet...

I will be fixing that soon.  But for now, if you want "bitcoin:" links to work and you have only one wallet, just create a second dummy wallet.   You can delete the second wallet once I have it fixed, but I suspect it may be a little bit before I get the time to recompile and re-release everything...


Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
unclescrooge
aka Raphy
Hero Member
*****
Offline Offline

Activity: 868
Merit: 1000


View Profile
May 01, 2012, 12:49:11 PM
 #672

Hello,

I'm currently testing your app. I have to say, I'm impressed. I love it already (and I'll love it more when it will be standalone Cheesy).

I have a question though: how do I create new adresses in the adress book without having to send funds?

Thanks
Raphy
etotheipi (OP)
Legendary
*
Offline Offline

Activity: 1428
Merit: 1093


Core Armory Developer


View Profile WWW
May 01, 2012, 12:56:24 PM
 #673

Hi Raphy,

I'm not sure I completely understand.  When you press the "Receive Bitcoins" button, it should pop up a new address.  Technically, you don't have to use that address, and certainly not right away.  Even if you cancel out, you're going to get another new address when you hit the "Receive Bitcoins" button again.  Rinse and repeat.



Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
unclescrooge
aka Raphy
Hero Member
*****
Offline Offline

Activity: 868
Merit: 1000


View Profile
May 01, 2012, 01:09:01 PM
 #674

Sorry, I was talking about sending adresses (adresses of other wallets). So "create adresse" was not the right word, rather registering existing public adresses to send bitcoins to.

If I send btc to a new adress this new address will be kept in the adress book ?
etotheipi (OP)
Legendary
*
Offline Offline

Activity: 1428
Merit: 1093


Core Armory Developer


View Profile WWW
May 01, 2012, 01:43:57 PM
 #675

Sorry, I was talking about sending adresses (adresses of other wallets). So "create adresse" was not the right word, rather registering existing public adresses to send bitcoins to.

If I send btc to a new adress this new address will be kept in the adress book ?


Ahh,  yes I misunderstood.   There is currently no way to do this,  but I hope to add it in the next major release.   At the moment, no address book is ever stored on your system directly.   It's all rederived from blockchain information every load.   It's slightly inconvenient,  but it's dramatically simpler in code.

I'll add it to my list for the next release (and it won't be too hard). Thanks for the feedback!

Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
unclescrooge
aka Raphy
Hero Member
*****
Offline Offline

Activity: 868
Merit: 1000


View Profile
May 01, 2012, 09:04:30 PM
Last edit: May 01, 2012, 09:39:48 PM by Raphy
 #676

You're welcome.

I'm on linux. Do you have an command-line option to debug armory? I think it could help you if there's a crash or something.
etotheipi (OP)
Legendary
*
Offline Offline

Activity: 1428
Merit: 1093


Core Armory Developer


View Profile WWW
May 01, 2012, 09:28:48 PM
 #677

You're welcoming.

I'm on linux. Do you have an command-line option to debug armory? I think it could help you if there's a crash or something.

There's no crash.  But one of the things that gives Armory its robustness (in some aspects) is that Armory is so fast at scanning the blockchain, that I can keep track of all transactions and addresses simply by rescanning and recollecting the data on every load.  This removes the necessity to create special files for storing the data which could become corrupted, or somehow become un-sync'd, etc.  But that means that I can't add arbitrary data to it, either.  At the moment, you have to get your address linked to the other address by sending it some money...

However, it will be fairly easy to just add address data to the wallet format.  I'll be sure to make it part of the upcoming wallet updates...

If you suspect something is crashing, you can run Armory from the CLI:  "python /usr/share/armory/ArmoryQt.py".  This will show you all the command-line output and any errors.  It almost always has an error and useful information if you click a button and it doesn't do anything. 

I wish I had started Armory with a proper logging system in place.  It's on my to-do list to go through and implement it, but so far there have been a very few bug-reports, so it hasn't been high priority Smiley 

Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
jl2012
Legendary
*
Offline Offline

Activity: 1792
Merit: 1087


View Profile
May 06, 2012, 05:28:38 PM
 #678

I tried to send a big-size transaction with very low transaction fee, and it kept as 0 confirmation after 24 hours. Since I'm unable to spend the coins again with Armory, I imported the account private key to Satoshi client and send the stuck coins to another account (with recommended tx fee). Eventually, the tx sent by Satoshi client was confirmed. In Armory, however, the 0-confirmation tx is still there, with the related "change" record (also 0 confirmation). I tried to delete the wallet and recovered it with paper backup and these records are still there. What can I do? Thanks!

Donation address: 374iXxS4BuqFHsEwwxUuH3nvJ69Y7Hqur3 (Bitcoin ONLY)
LRDGENPLYrcTRssGoZrsCT1hngaH3BVkM4 (LTC)
PGP: D3CC 1772 8600 5BB8 FF67 3294 C524 2A1A B393 6517
etotheipi (OP)
Legendary
*
Offline Offline

Activity: 1428
Merit: 1093


Core Armory Developer


View Profile WWW
May 06, 2012, 05:41:22 PM
 #679

I tried to send a big-size transaction with very low transaction fee, and it kept as 0 confirmation after 24 hours. Since I'm unable to spend the coins again with Armory, I imported the account private key to Satoshi client and send the stuck coins to another account (with recommended tx fee). Eventually, the tx sent by Satoshi client was confirmed. In Armory, however, the 0-confirmation tx is still there, with the related "change" record (also 0 confirmation). I tried to delete the wallet and recovered it with paper backup and these records are still there. What can I do? Thanks!

Ahh, this is very annoying!  The best thing to do is to delete the memory pool file:

Code:
Linux:      /home/username/.armory/mempool.bin
Windows:    C:\Users\username\AppData\Roaming\Armory\mempool.bin

I know it's super-annoying, but luckily this should happen only very rarely (after all, this is the first report of this happening...).  I will add an option to let the user clear the memory pool, but I don't know yet where to put that option and how to explain it.  Perhaps under "Advanced" options.  Though, I would need an options menu, first...

Question:  Was the transaction stuck due to Armory sending the transaction with a low fee?  I ask because I tried to force transaction fees on the user that would guarantee this exact thing doesn't happen.  If it failed (i.e. Armory allowed you to send a tx with a fee too small), I'd really like to see that transaction to figure out why.  If it was Armory's fault, can you give me the Tx ID?  PM is fine if you don't want to put it up publicly. 


Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
jl2012
Legendary
*
Offline Offline

Activity: 1792
Merit: 1087


View Profile
May 06, 2012, 05:53:22 PM
 #680

It is fixed, thanks!

I override the mandatory tx fee function in the armory conf file. So this is my problem, not a bug.

I tried to send a big-size transaction with very low transaction fee, and it kept as 0 confirmation after 24 hours. Since I'm unable to spend the coins again with Armory, I imported the account private key to Satoshi client and send the stuck coins to another account (with recommended tx fee). Eventually, the tx sent by Satoshi client was confirmed. In Armory, however, the 0-confirmation tx is still there, with the related "change" record (also 0 confirmation). I tried to delete the wallet and recovered it with paper backup and these records are still there. What can I do? Thanks!

Ahh, this is very annoying!  The best thing to do is to delete the memory pool file:

Code:
Linux:      /home/username/.armory/mempool.bin
Windows:    C:\Users\username\AppData\Roaming\Armory\mempool.bin

I know it's super-annoying, but luckily this should happen only very rarely (after all, this is the first report of this happening...).  I will add an option to let the user clear the memory pool, but I don't know yet where to put that option and how to explain it.  Perhaps under "Advanced" options.  Though, I would need an options menu, first...

Question:  Was the transaction stuck due to Armory sending the transaction with a low fee?  I ask because I tried to force transaction fees on the user that would guarantee this exact thing doesn't happen.  If it failed (i.e. Armory allowed you to send a tx with a fee too small), I'd really like to see that transaction to figure out why.  If it was Armory's fault, can you give me the Tx ID?  PM is fine if you don't want to put it up publicly. 



Donation address: 374iXxS4BuqFHsEwwxUuH3nvJ69Y7Hqur3 (Bitcoin ONLY)
LRDGENPLYrcTRssGoZrsCT1hngaH3BVkM4 (LTC)
PGP: D3CC 1772 8600 5BB8 FF67 3294 C524 2A1A B393 6517
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 [34] 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 ... 231 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!