Bitcoin Forum
February 23, 2020, 03:02:29 PM *
News: Latest Bitcoin Core release: 0.19.0.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 ... 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 [107] 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 ... 231 »
  Print  
Author Topic: Armory - Discussion Thread  (Read 520991 times)
MoneypakTrader.com
Sr. Member
****
Offline Offline

Activity: 472
Merit: 250


Never spend your money before you have it.


View Profile
April 28, 2013, 03:58:00 AM
 #2121

Any chance of being able to insert watch only btc addresses to manually create a watching wallet without the keys?
It would be nice for tracking a variety of accounts outside of those created in armory.
Thanks again for the great software, I've donated to you before.

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
chrisrico
Hero Member
*****
Offline Offline

Activity: 496
Merit: 500


View Profile
April 28, 2013, 03:10:10 PM
 #2122

Any chance of being able to insert watch only btc addresses to manually create a watching wallet without the keys?
It would be nice for tracking a variety of accounts outside of those created in armory.
Thanks again for the great software, I've donated to you before.

etotheipi has been resistant to this feature because you wouldn't be able to tell if you inserted the public keys into your wallet or a potential attacker, leading you to think you had receive money but not actually having done so.
oakpacific
Hero Member
*****
Offline Offline

Activity: 784
Merit: 1000


View Profile
April 28, 2013, 04:07:02 PM
 #2123

Would there be any risk If I make a backup of my encrypted Armory wallet on Dropbox?  The worst they can do is deleting my backup right? Thanks.

https://tlsnotary.org/ Fraud proofing decentralized fiat-Bitcoin trading.
etotheipi
Legendary
*
Offline Offline

Activity: 1428
Merit: 1005


Core Armory Developer


View Profile WWW
April 28, 2013, 04:15:10 PM
 #2124

Would there be any risk If I make a backup of my encrypted Armory wallet on Dropbox? Thanks.

I liked the analogy someone else made on the forums:

Backing up your wallet to a shared service like Dropbox is like buying a bullet-proof vest, and then asking a random person to shoot you in the chest.  Yes, there's a very good chance your bullet-proof vest will survive, especially if you got a good one (strong passphrase), but if they happen to be hardcore and have military-grade firearms, you might be in trouble.  You'd be best not to test it.

If you don't have a lot of money, it's not so terrible.  But if it would make you cry to have it stolen, I recommend making paper or hard-digital backups (CD/USB).  Or at least put it somewhere that isn't so accessible -- Dropbox doesn't have the best history of securing your data.  It wouldn't surprise me if there were employees at dropbox who go digging for wallet files backed up by users.


Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
runeks
Legendary
*
Offline Offline

Activity: 952
Merit: 1000



View Profile WWW
April 28, 2013, 04:53:43 PM
 #2125

I've started to experience a lot of disconnects from bitcoind from Armory.

This is the log: http://hastebin.com/raw/jepupabacu

What could be the cause of this?

A side note: the notifications for Armory losing connection to Bitcoin-QT persists even after I shut down Armory. I have to log out of my user account in Ubuntu and log back in for them to go away.
QuantumFoam
Full Member
***
Offline Offline

Activity: 200
Merit: 100


|Quantum|World's First Cloud Management Platform


View Profile WWW
April 29, 2013, 05:58:49 PM
 #2126

Those coins become "new" the moment you use them.  So they left your Bitcoin-Qt wallet as old, no-fee-required coins, but they entered your Armory wallet as young coins.  If you sent 0.1 BTC, you're going to have wait 10 days for those coins to mature (1 BTC matures in 1 day).  The fees were supposed to be insignificant in the short-term, only to discourge people spamming the network.  But the price rise has made not entirely negligible anymore.  But $0.07 still isn't so bad compared to the alternatives.

There's been a lot of discussion about how to improve the fee logic to be adaptable to... life Smiley
Yea, it eventually ended up working after I sent 1BTC over and waited a day. I was able to verify the cold storage worked after waiting another couple days to transfer back.

Had a question about the on screen keyboard. I noticed the number keys which are labeled "#1, #2" etc, input 2 characters into the textbox when using them. The passcode fails from this. I'm guessing I'm doing something wrong when entering numbers using the on screen keyboard? Is there a special way to get them to just print the number itself and not two characters?

|Quantum|World's First Cloud Management Platform on the Blockchain
etotheipi
Legendary
*
Offline Offline

Activity: 1428
Merit: 1005


Core Armory Developer


View Profile WWW
April 29, 2013, 06:10:55 PM
 #2127

Had a question about the on screen keyboard. I noticed the number keys which are labeled "#1, #2" etc, input 2 characters into the textbox when using them. The passcode fails from this. I'm guessing I'm doing something wrong when entering numbers using the on screen keyboard? Is there a special way to get them to just print the number itself and not two characters?

Well, I'll be damned.  I did screw that up.  I added the "#" symbols late in the design of that in order to help with quick identification when using the scrambled keyboard.  My test password on my testnet wallet doesn't have numbers, so I guess I missed that.

Luckily (?) I never implemented the OSD for password creation, so the user can be sure that they set the password they thought they did (because they have to type it).  But you're right, that the numbers are messed on OSD entry.  I'll fix that and make it part of the next release.  Thanks for catching that!

Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
QuantumFoam
Full Member
***
Offline Offline

Activity: 200
Merit: 100


|Quantum|World's First Cloud Management Platform


View Profile WWW
April 29, 2013, 08:15:25 PM
 #2128

Ah, that explains it. And no problem, glad to help.

|Quantum|World's First Cloud Management Platform on the Blockchain
justusranvier
Legendary
*
Offline Offline

Activity: 1400
Merit: 1006



View Profile
April 29, 2013, 09:21:47 PM
 #2129

Backing up your wallet to a shared service like Dropbox is like buying a bullet-proof vest, and then asking a random person to shoot you in the chest.  Yes, there's a very good chance your bullet-proof vest will survive, especially if you got a good one (strong passphrase), but if they happen to be hardcore and have military-grade firearms, you might be in trouble.  You'd be best not to test it.
Armory could create a special backup file that is AES encrypted using the wallet's root key.

This would mean that you'd need a copy of the root key (probably from a paper backup) in order to actually use the dropbox backup, but it would be secure against offline brute force attacks, and would enable you to sync your wallet and address book seamlessly between multiple devices.

Have you ever used Firefox's Sync feature? Something like that for Armory would be enormously helpful.
MoneypakTrader.com
Sr. Member
****
Offline Offline

Activity: 472
Merit: 250


Never spend your money before you have it.


View Profile
April 29, 2013, 09:42:16 PM
 #2130

Any chance of being able to insert watch only btc addresses to manually create a watching wallet without the keys?
It would be nice for tracking a variety of accounts outside of those created in armory.
Thanks again for the great software, I've donated to you before.
etotheipi has been resistant to this feature because you wouldn't be able to tell if you inserted the public keys into your wallet or a potential attacker, leading you to think you had receive money but not actually having done so.
Not sure what that means. . .
Is this correct:
BTC addresses can be inserted into wallets by directly editing the wallet files?
Functionality for this won't be added to the GUI because an attacker might use the feature to trick users?

chrisrico
Hero Member
*****
Offline Offline

Activity: 496
Merit: 500


View Profile
April 30, 2013, 12:27:40 AM
 #2131

Not sure what that means. . .
Is this correct:
BTC addresses can be inserted into wallets by directly editing the wallet files?
Functionality for this won't be added to the GUI because an attacker might use the feature to trick users?

It's not that the GUI functionality to add watching only keys is a potential vulnerability, it's that telling users "hey, you received money" when they may not have is.
oakpacific
Hero Member
*****
Offline Offline

Activity: 784
Merit: 1000


View Profile
April 30, 2013, 04:45:44 AM
 #2132

Is there any advantage of using a separate offline computer for offline transactions, over a live USB distribution with Armory in an encrypted partition and only booted to sign transactions on the primary computer with all networks turned off? I can't think of any. Anyone care to enlighten me?

https://tlsnotary.org/ Fraud proofing decentralized fiat-Bitcoin trading.
justusranvier
Legendary
*
Offline Offline

Activity: 1400
Merit: 1006



View Profile
April 30, 2013, 05:12:55 AM
 #2133

Is there any advantage of using a separate offline computer for offline transactions, over a live USB distribution with Armory in an encrypted partition and only booted to sign transactions on the primary computer with all networks turned off? I can't think of any. Anyone care to enlighten me?
BIOS/firmware malware.
oakpacific
Hero Member
*****
Offline Offline

Activity: 784
Merit: 1000


View Profile
April 30, 2013, 05:56:12 AM
 #2134

Is there any advantage of using a separate offline computer for offline transactions, over a live USB distribution with Armory in an encrypted partition and only booted to sign transactions on the primary computer with all networks turned off? I can't think of any. Anyone care to enlighten me?
BIOS/firmware malware.

Yeah sure, but unless I am going to order a LiveCD rather than make my own to install on the offline computer, it can get infected by said malware as well. Roll Eyes

https://tlsnotary.org/ Fraud proofing decentralized fiat-Bitcoin trading.
picobit
Hero Member
*****
Offline Offline

Activity: 547
Merit: 500


Decor in numeris


View Profile
April 30, 2013, 06:45:56 AM
 #2135

Is there any advantage of using a separate offline computer for offline transactions, over a live USB distribution with Armory in an encrypted partition and only booted to sign transactions on the primary computer with all networks turned off? I can't think of any. Anyone care to enlighten me?

It is pretty hypothetical, but if somehow malware was sneaked into the USB distribution, then in principle that malware could write your private keys to the normal harddisk and then another part of the malware could harvest it when booted in online mode.  In principle, the same could of course be done over a USB stick.  Both attacks would of course require tailor-made malware to steal just your bitcoins.  Quite frankly, if anybody worries about this scenario, I think they need help from a psychiatrist rather than from a computer scientist  Wink

Personally, I have an offline wallet in a virtual machine.  That is somewhat less secure than your suggestion of using a live DVD, since in principle the keyboard can be logged on the "real" machine, and the filesystem of my virtual computer can also be read from the "real" machine.  But then, anyone spending time writing specific malware to steal my bitcoins will end up being disappointed Smiley 

(but I also have real offline wallets ...)
opentoe
Legendary
*
Offline Offline

Activity: 1260
Merit: 1000

Personal text my ass....


View Profile WWW
April 30, 2013, 07:01:41 AM
 #2136

Is there a said definition of what an offline wallet is? I'm still trying to understand it because anything that is in the blockchain is live no matter what, right? Right now I have one wallet. I have bitcoin in there, but I want to move those bitcoin into another more secure wallet within Armory. Would that be an "offline" wallet? When I receive bitcoin into this "offline" wallet doesn't it go "online" at that time? I guess I'm looking for a noob response on what an "offline" wallet is. I think I'm thinking too literal here and it is messing me up.


Need help with your Newznab usenet indexer? http://www.newznabforums.com
oakpacific
Hero Member
*****
Offline Offline

Activity: 784
Merit: 1000


View Profile
April 30, 2013, 09:00:06 AM
 #2137

When I receive bitcoin into this "offline" wallet doesn't it go "online" at that time?

That's exactly the point, the answer is a "No". Bitcoin address are just hashes of the public keys, when people send bitcoins to an address, they just persuade the network to change the amount of bitcoins recorded under that hash in the blockchain(the ledger), you can even "send" your bitcoins to a random string corresponding to an address which doesn't below to anyone, but it's pointless, as the point is the "ownership" of the address, which belongs to whoever has the private key, and it's as difficult(read: infeasibly difficult) to reverse a used public address to find its private key, as it's to reverse a unused one.

Now the only thing you have to do to get people to "send" bitcoins to you, is to generate a public key for which you hold the private key. It's entirely doable if you somehow generate your private/public key on an offline device, which since its birth has never been connected to the internet, and publish the public key's hashed form(the address) on the internet, and keep the private key forever offline(like on a paper), that's about enough what you need to do to "receive" bitcoins. An address whose private key never goes on an online computer is considered an offline address, and an offline wallet is essentially just a  collection of offline addresses.

Here we have a problem, we can receive bitcoins now with our offline address, but how can we "send" them? Now you have to rely on the sneaker net to do that. Armory provide a functionality allowing to you to sign any transaction offline: you create a so called "watch only" address on an online Armory installation, and generate a unsigned transaction which doesn't really move your coins, then copy it through some movable storage to the offline computer where an Armory installation with your private key resides, sign it offline, and then move the signed transaction back and publish it, this way you can "send" bitcoins without your private key ever going online.

Hope that I am clear.




https://tlsnotary.org/ Fraud proofing decentralized fiat-Bitcoin trading.
picobit
Hero Member
*****
Offline Offline

Activity: 547
Merit: 500


Decor in numeris


View Profile
April 30, 2013, 03:03:18 PM
 #2138

See also this description of offline wallets: https://bitcoinarmory.com/using-offline-wallets-in-armory/
xcsler
Full Member
***
Offline Offline

Activity: 227
Merit: 100



View Profile
April 30, 2013, 11:10:11 PM
 #2139

I think there are security tradeoffs between having only digital/paper backups in a few locations versus having a Truecrypt backup of your wallet on Dropbox/Cloud. I'm not sure if either way is significantly safer than the other.

opentoe
Legendary
*
Offline Offline

Activity: 1260
Merit: 1000

Personal text my ass....


View Profile WWW
May 01, 2013, 03:52:27 AM
 #2140

When I receive bitcoin into this "offline" wallet doesn't it go "online" at that time?

That's exactly the point, the answer is a "No". Bitcoin address are just hashes of the public keys, when people send bitcoins to an address, they just persuade the network to change the amount of bitcoins recorded under that hash in the blockchain(the ledger), you can even "send" your bitcoins to a random string corresponding to an address which doesn't below to anyone, but it's pointless, as the point is the "ownership" of the address, which belongs to whoever has the private key, and it's as difficult(read: infeasibly difficult) to reverse a used public address to find its private key, as it's to reverse a unused one.

Now the only thing you have to do to get people to "send" bitcoins to you, is to generate a public key for which you hold the private key. It's entirely doable if you somehow generate your private/public key on an offline device, which since its birth has never been connected to the internet, and publish the public key's hashed form(the address) on the internet, and keep the private key forever offline(like on a paper), that's about enough what you need to do to "receive" bitcoins. An address whose private key never goes on an online computer is considered an offline address, and an offline wallet is essentially just a  collection of offline addresses.

Here we have a problem, we can receive bitcoins now with our offline address, but how can we "send" them? Now you have to rely on the sneaker net to do that. Armory provide a functionality allowing to you to sign any transaction offline: you create a so called "watch only" address on an online Armory installation, and generate a unsigned transaction which doesn't really move your coins, then copy it through some movable storage to the offline computer where an Armory installation with your private key resides, sign it offline, and then move the signed transaction back and publish it, this way you can "send" bitcoins without your private key ever going online.

Hope that I am clear.





Thanks for the info. I'm understanding it more and more. I'm not just using it, I also want to understand how it works, that's why I'm spending the time on how it all works also.

Thanks.

Need help with your Newznab usenet indexer? http://www.newznabforums.com
Pages: « 1 ... 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 [107] 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 ... 231 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!