Armory - Discussion Thread

[MoneypakTrader.com]

Any chance of being able to insert watch only btc addresses to manually create a watching wallet without the keys?
It would be nice for tracking a variety of accounts outside of those created in armory.
Thanks again for the great software, I've donated to you before.

[1713484258]

1713484258

[1713484258]

1713484258

[1713484258]

1713484258

[1713484258]

1713484258

[chrisrico]

Any chance of being able to insert watch only btc addresses to manually create a watching wallet without the keys?
It would be nice for tracking a variety of accounts outside of those created in armory.
Thanks again for the great software, I've donated to you before.

etotheipi has been resistant to this feature because you wouldn't be able to tell if you inserted the public keys into your wallet or a potential attacker, leading you to think you had receive money but not actually having done so.

[oakpacific]

Would there be any risk If I make a backup of my encrypted Armory wallet on Dropbox?  The worst they can do is deleting my backup right? Thanks.

[etotheipi]

Would there be any risk If I make a backup of my encrypted Armory wallet on Dropbox? Thanks.

I liked the analogy someone else made on the forums:

Backing up your wallet to a shared service like Dropbox is like buying a bullet-proof vest, and then asking a random person to shoot you in the chest.  Yes, there's a very good chance your bullet-proof vest will survive, especially if you got a good one (strong passphrase), but if they happen to be hardcore and have military-grade firearms, you might be in trouble.  You'd be best not to test it.

If you don't have a lot of money, it's not so terrible.  But if it would make you cry to have it stolen, I recommend making paper or hard-digital backups (CD/USB).  Or at least put it somewhere that isn't so accessible -- Dropbox doesn't have the best history of securing your data.  It wouldn't surprise me if there were employees at dropbox who go digging for wallet files backed up by users.

[runeks]

I've started to experience a lot of disconnects from bitcoind from Armory.

This is the log: http://hastebin.com/raw/jepupabacu

What could be the cause of this?

A side note: the notifications for Armory losing connection to Bitcoin-QT persists even after I shut down Armory. I have to log out of my user account in Ubuntu and log back in for them to go away.

[QuantumFoam]

Those coins become "new" the moment you use them.  So they left your Bitcoin-Qt wallet as old, no-fee-required coins, but they entered your Armory wallet as young coins.  If you sent 0.1 BTC, you're going to have wait 10 days for those coins to mature (1 BTC matures in 1 day).  The fees were supposed to be insignificant in the short-term, only to discourge people spamming the network.  But the price rise has made not entirely negligible anymore.  But $0.07 still isn't so bad compared to the alternatives.

There's been a lot of discussion about how to improve the fee logic to be adaptable to... life

Yea, it eventually ended up working after I sent 1BTC over and waited a day. I was able to verify the cold storage worked after waiting another couple days to transfer back.

Had a question about the on screen keyboard. I noticed the number keys which are labeled "#1, #2" etc, input 2 characters into the textbox when using them. The passcode fails from this. I'm guessing I'm doing something wrong when entering numbers using the on screen keyboard? Is there a special way to get them to just print the number itself and not two characters?

[etotheipi]

Had a question about the on screen keyboard. I noticed the number keys which are labeled "#1, #2" etc, input 2 characters into the textbox when using them. The passcode fails from this. I'm guessing I'm doing something wrong when entering numbers using the on screen keyboard? Is there a special way to get them to just print the number itself and not two characters?

Well, I'll be damned.  I did screw that up.  I added the "#" symbols late in the design of that in order to help with quick identification when using the scrambled keyboard.  My test password on my testnet wallet doesn't have numbers, so I guess I missed that.

Luckily (?) I never implemented the OSD for password creation, so the user can be sure that they set the password they thought they did (because they have to type it).  But you're right, that the numbers are messed on OSD entry.  I'll fix that and make it part of the next release.  Thanks for catching that!

[QuantumFoam]

Ah, that explains it. And no problem, glad to help.

[justusranvier]

Backing up your wallet to a shared service like Dropbox is like buying a bullet-proof vest, and then asking a random person to shoot you in the chest.  Yes, there's a very good chance your bullet-proof vest will survive, especially if you got a good one (strong passphrase), but if they happen to be hardcore and have military-grade firearms, you might be in trouble.  You'd be best not to test it.

Armory could create a special backup file that is AES encrypted using the wallet's root key.

This would mean that you'd need a copy of the root key (probably from a paper backup) in order to actually use the dropbox backup, but it would be secure against offline brute force attacks, and would enable you to sync your wallet and address book seamlessly between multiple devices.

Have you ever used Firefox's Sync feature? Something like that for Armory would be enormously helpful.

[MoneypakTrader.com]

Any chance of being able to insert watch only btc addresses to manually create a watching wallet without the keys?
It would be nice for tracking a variety of accounts outside of those created in armory.
Thanks again for the great software, I've donated to you before.

etotheipi has been resistant to this feature because you wouldn't be able to tell if you inserted the public keys into your wallet or a potential attacker, leading you to think you had receive money but not actually having done so.

Not sure what that means. . .
Is this correct:
BTC addresses can be inserted into wallets by directly editing the wallet files?
Functionality for this won't be added to the GUI because an attacker might use the feature to trick users?

[chrisrico]

Not sure what that means. . .
Is this correct:
BTC addresses can be inserted into wallets by directly editing the wallet files?
Functionality for this won't be added to the GUI because an attacker might use the feature to trick users?

It's not that the GUI functionality to add watching only keys is a potential vulnerability, it's that telling users "hey, you received money" when they may not have is.

[oakpacific]

Is there any advantage of using a separate offline computer for offline transactions, over a live USB distribution with Armory in an encrypted partition and only booted to sign transactions on the primary computer with all networks turned off? I can't think of any. Anyone care to enlighten me?

[justusranvier]

Is there any advantage of using a separate offline computer for offline transactions, over a live USB distribution with Armory in an encrypted partition and only booted to sign transactions on the primary computer with all networks turned off? I can't think of any. Anyone care to enlighten me?

BIOS/firmware malware.

[oakpacific]

Is there any advantage of using a separate offline computer for offline transactions, over a live USB distribution with Armory in an encrypted partition and only booted to sign transactions on the primary computer with all networks turned off? I can't think of any. Anyone care to enlighten me?

BIOS/firmware malware.

Yeah sure, but unless I am going to order a LiveCD rather than make my own to install on the offline computer, it can get infected by said malware as well.

[picobit]

Is there any advantage of using a separate offline computer for offline transactions, over a live USB distribution with Armory in an encrypted partition and only booted to sign transactions on the primary computer with all networks turned off? I can't think of any. Anyone care to enlighten me?

It is pretty hypothetical, but if somehow malware was sneaked into the USB distribution, then in principle that malware could write your private keys to the normal harddisk and then another part of the malware could harvest it when booted in online mode.  In principle, the same could of course be done over a USB stick.  Both attacks would of course require tailor-made malware to steal just your bitcoins.  Quite frankly, if anybody worries about this scenario, I think they need help from a psychiatrist rather than from a computer scientist 

Personally, I have an offline wallet in a virtual machine.  That is somewhat less secure than your suggestion of using a live DVD, since in principle the keyboard can be logged on the "real" machine, and the filesystem of my virtual computer can also be read from the "real" machine.  But then, anyone spending time writing specific malware to steal my bitcoins will end up being disappointed  

(but I also have real offline wallets ...)

[opentoe]

Is there a said definition of what an offline wallet is? I'm still trying to understand it because anything that is in the blockchain is live no matter what, right? Right now I have one wallet. I have bitcoin in there, but I want to move those bitcoin into another more secure wallet within Armory. Would that be an "offline" wallet? When I receive bitcoin into this "offline" wallet doesn't it go "online" at that time? I guess I'm looking for a noob response on what an "offline" wallet is. I think I'm thinking too literal here and it is messing me up.

[oakpacific]

When I receive bitcoin into this "offline" wallet doesn't it go "online" at that time?

That's exactly the point, the answer is a "No". Bitcoin address are just hashes of the public keys, when people send bitcoins to an address, they just persuade the network to change the amount of bitcoins recorded under that hash in the blockchain(the ledger), you can even "send" your bitcoins to a random string corresponding to an address which doesn't below to anyone, but it's pointless, as the point is the "ownership" of the address, which belongs to whoever has the private key, and it's as difficult(read: infeasibly difficult) to reverse a used public address to find its private key, as it's to reverse a unused one.

Now the only thing you have to do to get people to "send" bitcoins to you, is to generate a public key for which you hold the private key. It's entirely doable if you somehow generate your private/public key on an offline device, which since its birth has never been connected to the internet, and publish the public key's hashed form(the address) on the internet, and keep the private key forever offline(like on a paper), that's about enough what you need to do to "receive" bitcoins. An address whose private key never goes on an online computer is considered an offline address, and an offline wallet is essentially just a  collection of offline addresses.

Here we have a problem, we can receive bitcoins now with our offline address, but how can we "send" them? Now you have to rely on the sneaker net to do that. Armory provide a functionality allowing to you to sign any transaction offline: you create a so called "watch only" address on an online Armory installation, and generate a unsigned transaction which doesn't really move your coins, then copy it through some movable storage to the offline computer where an Armory installation with your private key resides, sign it offline, and then move the signed transaction back and publish it, this way you can "send" bitcoins without your private key ever going online.

Hope that I am clear.

[picobit]

See also this description of offline wallets: https://bitcoinarmory.com/using-offline-wallets-in-armory/

[xcsler]

I think there are security tradeoffs between having only digital/paper backups in a few locations versus having a Truecrypt backup of your wallet on Dropbox/Cloud. I'm not sure if either way is significantly safer than the other.

[opentoe]

When I receive bitcoin into this "offline" wallet doesn't it go "online" at that time?

That's exactly the point, the answer is a "No". Bitcoin address are just hashes of the public keys, when people send bitcoins to an address, they just persuade the network to change the amount of bitcoins recorded under that hash in the blockchain(the ledger), you can even "send" your bitcoins to a random string corresponding to an address which doesn't below to anyone, but it's pointless, as the point is the "ownership" of the address, which belongs to whoever has the private key, and it's as difficult(read: infeasibly difficult) to reverse a used public address to find its private key, as it's to reverse a unused one.

Now the only thing you have to do to get people to "send" bitcoins to you, is to generate a public key for which you hold the private key. It's entirely doable if you somehow generate your private/public key on an offline device, which since its birth has never been connected to the internet, and publish the public key's hashed form(the address) on the internet, and keep the private key forever offline(like on a paper), that's about enough what you need to do to "receive" bitcoins. An address whose private key never goes on an online computer is considered an offline address, and an offline wallet is essentially just a  collection of offline addresses.

Here we have a problem, we can receive bitcoins now with our offline address, but how can we "send" them? Now you have to rely on the sneaker net to do that. Armory provide a functionality allowing to you to sign any transaction offline: you create a so called "watch only" address on an online Armory installation, and generate a unsigned transaction which doesn't really move your coins, then copy it through some movable storage to the offline computer where an Armory installation with your private key resides, sign it offline, and then move the signed transaction back and publish it, this way you can "send" bitcoins without your private key ever going online.

Hope that I am clear.

Thanks for the info. I'm understanding it more and more. I'm not just using it, I also want to understand how it works, that's why I'm spending the time on how it all works also.

Thanks.