Armory - Discussion Thread

[etotheipi]

A minute ago I noticed a tx in Armory still is at 2 confirmations only.
'bitcoind getinfo' says 223646 blocks,
Armory says 'connected 223630 blocks'.
Armory 0.87, bitcoind 80000.

Anything I should do, like pulling a log or something?
Else I'll just restart Armory or shutdown my pc to get some sleep..

Ente

Mine does that every now and then as well. Only solution I've found is to shut down and restart. Would be great to have a "resync" button... but if the plan is to go with a standalone Armory, that might be unnecessary.

Indeed.  This is something I noticed which happens when there is a re-org/orphaned block.  It inspired me to re-run some unit-tests that hadn't been run in a while, and led to semi-release of 0.87.2 (only available from the googlecode download page).  I never made an official release, because I had released 0.87 a couple days earlier and didn't want to spam users with it.

Until you upgrade, restarting is the only thing you can do. 

EDIT: Actually, I don't think it was re-orgs, I think actually when two blocks are received at the same time...  well doesn't matter... both were fixed in 0.87.2.

1) The wallet generated by Armory is deterministic; if you have access to the root key you can generate all public/private key pairs that will ever be generated for that wallet. In essence you have access to all the funds attributable to the addresses in that wallet. So my question is: can you explain how the entropy generation is handled for generating the initial root when I generate a new wallet and how this is secure?

I don't have a good way to describe the entropy generation:  it is handled by the Crypto++ library's AutoSeededRandomPool, which is a FIPS-140-2 validated cryptographic library.  It is considered "suitable for cryptographic purposes."

2) I recall from generating a wallet on my main system that, when creating an encrypted wallet, the level of encryption is determined by the speed of the system generating the wallet. Since I am using a crappy computer to generate the wallet will it be secure? Also, can I increase the encryption level manually? (I don't care if it will take the system hours to generate a wallet since it will be a one-time event).

Armory does test system speed and sets the encryption parameters.  This is not the same as the deterministic key generation ... that always takes the same amount of time.  What is adjusted is how long it takes to convert your passphrase into the encryption key used to encrypt your wallet.  Basically, how long you have to wait between entering your passphrase and pressing <Enter>, and when the keys actually get unlocked.   

When you create the new wallet, there will be "Advanced Options" where you can adjust the time and RAM usage of the key-stretching.  The longer the amount of time you specify, the more computation it does, and the more RAM it will use.  Note that RAM usage above 64 kB is acceptable for disarming GPU-acceleration.   If you set the time really long, you will get up to 32 MB, which is extraordinary overkill.  The point is, it is configurable.  You can make it up to 20 seconds if you want, but it will be pretty annoying to sign transactions.

3) If I understand correctly, a paper wallet is a direct representation of the root key that can be used to generate all public/private key pairs that will ever be generated in a wallet AND that this is also true for a encrypted wallet. So:

3a) Won't that circumvent the security of the wallet encryption?  If someone physically gains access to my paper wallet he will still be able to take my funds even though I encrypted the wallet?
3b) Is there a way to make an encrypted paper wallet? Restoring such a paper wallet would require typing in the paper wallet and subsequently decrypting it using the encryption key to decrypt it and once again have access to all public/private key-pairs.

You are correct, the paper backup is not encrypted.  The goal is to protect against digital/virtual threats, not physical threats.   If you are concerned about physical security, you should put it in a safe-deposit box at a bank.  There is no encrypted paper backup option, though there is a "fragmented" backup option coming with the new wallets!  If you really want to encrypt your backup, then make a digital backup of your wallet to a USB key or a CD (which will be encrypted if your wallet is encrypted).  Just be sure to make a couple copies in case one fails.  Though, it's highly recommended you make at least one plaintext backup and keep it physically secured.  Your family will thank you for that (post-mortem) if something terrible were to happen to you.

When I'm done with the new wallets, I'll be reworking the backup system into a single, complete dialog that will walk you through the process and provide all the appropriate warnings.

4) You linked to a site explaining how to disable autorun of inserted USB devices on Windows. How can this be done in Ubuntu 10.0.4?

Luckily, all Linux distros are expected to default to no-autorun at all.  However, the default is to automount and *ask* you if you'd like to run something on the inserted drive.  This isn't the same thing as "no autorun vulnerabilities", but it does cut down on them by an order of magnitude.   You can google for a few ways to configure this behavior.  I left it out because it's probably confusing to some users and not so necessary when the autorun is already disabled.  Here's some links. 

http://ubuntugeek.com/forum/index.php?topic=4639.0
http://ubuntuforums.org/showthread.php?t=974087

[1714148278]

1714148278

[wachtwoord]

Code:

[code]Thanks a lot for your answer. You basically answered all my questions.

With respect to getting the offline machine ready I am on halt. The system installs but at boot-up I get 

[code]
error: no suitable mode found
error: unknown command terminal

after which it booted fine the first time. Then after a reboot the same happens however after logging in (which goes fine) after which the screen distorts for a while, which goes away after a few seconds. Subsequently, I see a background but no menu bars whatsoever. The OS is responsive though with mouse actions working fine and control+alt_t giving me a terminal which also works fine.

I think it is to do with my (old) on-board Intel graphics card. I have followed the instructions here http://ubuntu-tutorials.com/2010/05/06/ubuntu-10-04-lucid-blank-screen-at-startup-workaround/ (note that here it says blank screen but elsewhere people report problems similar to mine and people link to this solution) but to no avail.

Just posting this here in case anyone knows what to do because I am stuck right now. Otherwise I'll probably figure it out sometime (or get a bigger case for the other HW or order a Raspberry pi)


Edit:

Not really a solution but if I start a terminal and type killall gnome-panel suddenly all my menus appear ....
All the other weird behaviour (such as the 2 error messages and the gurbled screen on startup) are still there so not so much a solution. So I would still appreciate feedback. How do I fix this? And in how far is this a stable system/install?

Edit 2:

Okay, I went on anyway and installed the offline Armory package which went really smooth. I created a paper backup (No printer so I used e and paper thanks for the lower case letter only format ) and restored it.

1) This goes very smoothly. I made a typo and it corrected it correctly (I guess there is a error correcting code in there)
2) When restoring a paper wallet and encrypting it is not possible to encrypt it more difficult than the default setting and that is only 128 KB on my system while the menu recommends 2 MB.
3) I Send 0.10 BTC to my cold wallet. After dinner I'll try to get it back

Edit 3:

And at a cost of 0.0005 BTC (fee) I managed to complete the transaction

And possibly related to the problems I describe earlier in this post: In upper-right part of the screen a do not enter traffic sign appeared notifying me I have broken dependencies.

Code:

error brokenCount>0 installed packages have unmet dependencies

It keeps adding [/code] to the end of my post for no apparent reason. I really have put the sight number of tags. This is very annoying.[/code]

[bit365]

I think switching to Hard Drive over Ram storage for the blockchain is a very good idea. Armory is by far my favorite Bitcoin wallet, but the system strain is getting extremely high running it 24/7.

Excited for the future update, thanks for your hard work! 

[SgtSpike]

Feature request!  I'd like a feature where Armory auto-sweeps arriving funds from an imported private key to another known private key. 

Potential use-cases include:
- The private key related to a publicly published donation address has been stolen.  The legitimate owner of said private key would like to sweep any newly-arriving coins to a different address.
- A Casascius coin has been redeemed.  Just in case more coins are sent to the address in the future (accidentally or purposefully), the owner of the coin would like to sweep any newly-arriving coins to a different address.
- Someone purchases a premium Bitcoin address, and to limit potential liability, would like to sweep any newly-arriving coins to a different address.

Obviously, those who work to compromise other people's private keys could use the feature as well, but I think some of them have probably already programmed their own sweeping mechanisms, giving the average consumer a disadvantage without any such tools available to them.  Releasing a feature like this in a manner easily accessible to the public would help to level the playing field.

Ideally, the feature should include functionality to set the transaction fee on a per-address basis.  For example, a high-profile donation address might warrant a fee of 0.01 BTC per transaction to be sure all transactions are forwarded properly.  An address that is expected to receive only small amounts might warrant a much smaller fee.

Thoughts?

[etotheipi]

Since it's going to be a while before the new wallet format, I decided to go ahead and make "Fragmented Backups" available via the command line.   Take your regular (single-sig) wallet, and plug it into the "frag_wallet.py" script, to break it into M-of-N pieces (N pieces, need any M to reconstruct).  Use the unfrag script to test reconstruction to give yourself peace of mind that it really works.  Then distribute the fragments how you see fit.  Recollect M of them at a later time, put them in that directory, and it will recreate the Armory wallet for you!

I was going to wait for the new wallets, since they use considerably less data for the paper backup... but given the infrequency of actually having to use this solution (and it's got built-in error correction), a little inconvenience is acceptable in my mind.  

• Create M-of-N fragmented backup, for any value of N, and 2<=M<=8
• Works with any Armory *.wallet files, encrypted or not (will prompt for passphrase if encrypted)
• Creates N text files that can easily be opened and printed (sorry, no QR codes from terminal)
• Deterministic fragments means you can re-print lost fragments, or create more later (increase N)
• The git-commit version is put in the text file, in case you want to know exactly what version created it
• Error correction up to one character per line.  Identifies which file&line has 2+ errors that can't be corrected automatically.
• Use the "unfrag" script right after "fragging" to test recombining various subsets of fragment files (for your own peace of mind)
• Endless error checking to make sure you get it right, or know what you did wrong.

See my post about it here.

[OpenYourEyes]

Hi I've got a (impossible) feature request and a potential bug:

First, the bug:

With a fully sync'd blockchain, when Armory first loads up and it hasn't registered any new blocks itself, if you hover your cursor over the block count (bottom right) it incorrectly displays the time passed since the last block came in.
Only when Armory discovers a new block itself does it correct.


Second, a feature request:

When Armory is loading up and scanning the blockchain, would it be possible for Armory to display the transactions it's discovered straight away.
Even better would be Amory doing that, and scanning the blockchain backwards (last block>first block), so if you're waiting for a transaction to come through, you could see pretty much instantly when starting Armory if it's come through and how many confirmations it has.
Then when it has scanned right to the beginning of the blockchain, it goes back to the end and updates with any blocks that have come through whilst it's been scanning.

Edit:

Sorry, another feature request:

Having the ability to display the last BTC/USD price within the client itself. I know this isn't the purpose of Armory, but it would be of a great help to me.

[winnetou]

Hi!

I love this client.

Is there a offline linux bundle for ubuntu 12.10 available or does the existing work with it?

thanks for your help

[13Charlie]

Is there a offline linux bundle for ubuntu 12.10 available or does the existing work with it?

+1

?

[chrisrico]

Hi!

I love this client.

Is there a offline linux bundle for ubuntu 12.10 available or does the existing work with it?

thanks for your help

What do you mean "offline linux bundle"? The version of armory from Github compiles just fine on Ubuntu 12.10 with the property dependencies installed.

[winnetou]

Hi!

I love this client.

Is there a offline linux bundle for ubuntu 12.10 available or does the existing work with it?

thanks for your help

What do you mean "offline linux bundle"? The version of armory from Github compiles just fine on Ubuntu 12.10 with the property dependencies installed.

I want to know if the Dependencies-Bundle for Ubuntu 10.04 32-bit (*.zip) also works with 12.10 !?

[chrisrico]

I want to know if the Dependencies-Bundle for Ubuntu 10.04 32-bit (*.zip) also works with 12.10 !?

Ah, I wasn't aware that existed. I don't see any reason it shouldn't work with 12.10, there just might be newer versions of the dependencies available in the repository.

[etotheipi]

Hi!

I love this client.

Is there a offline linux bundle for ubuntu 12.10 available or does the existing work with it?

thanks for your help

What do you mean "offline linux bundle"? The version of armory from Github compiles just fine on Ubuntu 12.10 with the property dependencies installed.

It's for users who want to wipe a computer/laptop and reinstall the OS without any initial connection to the internet. Usually those dependencies are downloaded by the OS.  The bundle is everything you need for a first boot of an offline 10.04-32bit installation to work with Armory.

It *might* work with 12.04/12.10 but only the 32-bit versions.  Please let me know if you try this.  I have been meaning to make a 64-bit version, and/or 12.04/12.10, but I hate adding more things to support (luckily, that's not part of the regular release schedule, only occasionally remake the offline bundle since offline version isn't so important).

[winnetou]

It *might* work with 12.04/12.10 but only the 32-bit versions.  Please let me know if you try this.  I have been meaning to make a 64-bit version, and/or 12.04/12.10, but I hate adding more things to support (luckily, that's not part of the regular release schedule, only occasionally remake the offline bundle since offline version isn't so important).

Okay I will let you know if I will try it. I have one more question regarding to offline wallet: Armory and your site tells me to make a paper backup of my wallet but I guess a digital copy does the job too or can the backup only be restored with a paper wallet? Maybe a stupid question but I want to get sure.

Thank you!

[etotheipi]

It *might* work with 12.04/12.10 but only the 32-bit versions.  Please let me know if you try this.  I have been meaning to make a 64-bit version, and/or 12.04/12.10, but I hate adding more things to support (luckily, that's not part of the regular release schedule, only occasionally remake the offline bundle since offline version isn't so important).

Okay I will let you know if I will try it. I have one more question regarding to offline wallet: Armory and your site tells me to make a paper backup of my wallet but I guess a digital copy does the job too or can the backup only be restored with a paper wallet? Maybe a stupid question but I want to get sure.

Thank you!

Either one will work, though you will need your encryption password for your digital backup.  The reason I recommend paper is because if the paper is intact, it's guaranteed to be useful 10-20 years from now when you need it (even if it's thoroughly faded, you'll still be able to recover it).  Making only one digital backup is like betting your life-savings that a $3 USB key sitting in box somewhere will still work 20 years from now.  I wouldn't make that bet

[winnetou]

It *might* work with 12.04/12.10 but only the 32-bit versions.  Please let me know if you try this.  I have been meaning to make a 64-bit version, and/or 12.04/12.10, but I hate adding more things to support (luckily, that's not part of the regular release schedule, only occasionally remake the offline bundle since offline version isn't so important).

Okay I will let you know if I will try it. I have one more question regarding to offline wallet: Armory and your site tells me to make a paper backup of my wallet but I guess a digital copy does the job too or can the backup only be restored with a paper wallet? Maybe a stupid question but I want to get sure.

Thank you!

Either one will work, though you will need your encryption password for your digital backup.  The reason I recommend paper is because if the paper is intact, it's guaranteed to be useful 10-20 years from now when you need it (even if it's thoroughly faded, you'll still be able to recover it).  Making only one digital backup is like betting your life-savings that a $3 USB key sitting in box somewhere will still work 20 years from now.  I wouldn't make that bet

Okay I understand your intention

Two more question ->
- When my armory wallet is encrypted, is the paper wallet encrypted too?
- Do I have to worry that the wallet format of the paper wallet is no more supported in x years !?

I really love your client and hope you won't stop the development someday!

[etotheipi]

Okay I understand your intention

Two more question ->
- When my armory wallet is encrypted, is the paper wallet encrypted too?
- Do I have to worry that the wallet format of the paper wallet is no more supported in x years !?

I really love your client and hope you won't stop the development someday!

Paper backups are never encrypted.  Part of the reason is to guarantee that you have a useful backup in X years when you need it -- and most people would forget the encryption passphrase by then and it would be like not having a backup at all.

The paper backup displays the "Wallet Version", which is all you need to know.  Even though I'm making a new wallet version now, I will still support the old one.  Even in 10 years, any prior version of Armory that ever worked will let you recover the wallet and print off a list of all your private keys.   Either way, the code to create the private keys from your paper backup should be a permanent part of Armory, even if Armory doesn't produce those wallets anymore, but because I promised you it would still work 10 years from now

[winnetou]

Okay I understand your intention

Two more question ->
- When my armory wallet is encrypted, is the paper wallet encrypted too?
- Do I have to worry that the wallet format of the paper wallet is no more supported in x years !?

I really love your client and hope you won't stop the development someday!

Paper backups are never encrypted.  Part of the reason is to guarantee that you have a useful backup in X years when you need it -- and most people would forget the encryption passphrase by then and it would be like not having a backup at all.

The paper backup displays the "Wallet Version", which is all you need to know.  Even though I'm making a new wallet version now, I will still support the old one.  Even in 10 years, any prior version of Armory that ever worked will let you recover the wallet and print off a list of all your private keys.   Either way, the code to create the private keys from your paper backup should be a permanent part of Armory, even if Armory doesn't produce those wallets anymore, but because I promised you it would still work 10 years from now

You are a great developer. This is the perfect Bitcoin client for highest wallet security! Awesome. I will send you a donation very soon!

[wachtwoord]

Okay I understand your intention

Two more question ->
- When my armory wallet is encrypted, is the paper wallet encrypted too?
- Do I have to worry that the wallet format of the paper wallet is no more supported in x years !?

I really love your client and hope you won't stop the development someday!

Paper backups are never encrypted.  Part of the reason is to guarantee that you have a useful backup in X years when you need it -- and most people would forget the encryption passphrase by then and it would be like not having a backup at all.

The paper backup displays the "Wallet Version", which is all you need to know.  Even though I'm making a new wallet version now, I will still support the old one.  Even in 10 years, any prior version of Armory that ever worked will let you recover the wallet and print off a list of all your private keys.   Either way, the code to create the private keys from your paper backup should be a permanent part of Armory, even if Armory doesn't produce those wallets anymore, but because I promised you it would still work 10 years from now

I've written the paper backup on notes by hand (I don't own a printer) and haven't noted the version of the wallet. It this a necessity?

[etotheipi]

I've written the paper backup on notes by hand (I don't own a printer) and haven't noted the version of the wallet. It this a necessity?

So far, 1.35 is the only wallet version that has ever existed.  And 2.0 will be the next, and hopefully final one.  I expect that there will be a drop-down list to select the version -- given that paper backup information will look dramatically different for each version, it should be clear which version you used, just by the entry fields that show up when you select 1.35.

[cypherdoc]

Okay I understand your intention

Two more question ->
- When my armory wallet is encrypted, is the paper wallet encrypted too?
- Do I have to worry that the wallet format of the paper wallet is no more supported in x years !?

I really love your client and hope you won't stop the development someday!

Paper backups are never encrypted.  Part of the reason is to guarantee that you have a useful backup in X years when you need it -- and most people would forget the encryption passphrase by then and it would be like not having a backup at all.

The paper backup displays the "Wallet Version", which is all you need to know.  Even though I'm making a new wallet version now, I will still support the old one.  Even in 10 years, any prior version of Armory that ever worked will let you recover the wallet and print off a list of all your private keys.   Either way, the code to create the private keys from your paper backup should be a permanent part of Armory, even if Armory doesn't produce those wallets anymore, but because I promised you it would still work 10 years from now

I've written the paper backup on notes by hand (I don't own a printer) and haven't noted the version of the wallet. It this a necessity?

that's a good thing.  ink rollers can't be stolen!

just make sure you can distinguish between 0OIl's.