Armory - Discussion Thread

[chrisrico]

One other annoying thing about the Pi is compiling Armory for it is a pain in the ass.

The nice thing is you can use it like a poor man's Trezor. I connect it to my main computer with a USB->Serial cable (TTY is turned off) for power and data. It runs a script which listens for unsigned transactions and signs them after you enter the wallet passphrase on the Pi's keyboard.

[etotheipi]

One other annoying thing about the Pi is compiling Armory for it is a pain in the ass.

Now that ATI (Armory Technologies, Inc) has more resources, we might be able to increase the priority of a pre-compiled RPi build.  We have a few other important things to get out of the way, but I definitely would be willing to make that a priority in the near future.

[chrisrico]

Now that ATI (Armory Technologies, Inc) has more resources, we might be able to increase the priority of a pre-compiled RPi build.  We have a few other important things to get out of the way, but I definitely would be willing to make that a priority in the near future.

Well, I'll probably be replacing the RPi with a Trezor once those come out, so for me it's not a big deal.

[matt608]

If I created a partition on the hard disk on my macbook and put the offline armoury wallet on that so that the online line + offline armoury were running on the same computer, would that work?  Would that be as secure as a separate device?

Thanks for the answers so far.

(I did try searching for answers to this question but couldn't find them).

[Ente]

One other annoying thing about the Pi is compiling Armory for it is a pain in the ass.

Now that ATI (Armory Technologies, Inc) has more resources, we might be able to increase the priority of a pre-compiled RPi build.  We have a few other important things to get out of the way, but I definitely would be willing to make that a priority in the near future.

More easy RPI integration would be fabulous!
In fact, one of my next projects will be to get that RPI running, which is sitting there and taunting me. An Armory RPI offline wallet would be the choice I trust the most, from all systems I can think of right now. For me, this beats the Trezor hands down, as much as I like the Trezor project.
I already have some more hardware waiting here for that project, like a tiny display and a USB host-switcher..

Ente

[dsattler]

If I created a partition on the hard disk on my macbook and put the offline armoury wallet on that so that the online line + offline armoury were running on the same computer, would that work?  Would that be as secure as a separate device?

Thanks for the answers so far.

(I did try searching for answers to this question but couldn't find them).

No, the idea is that you put the offline wallet on a machine which will never connect to the internet! A separate partition will not do. If you don''t have a spare machine you could try a live boot cd or boot usb stick.

[marcus_of_augustus]

If I created a partition on the hard disk on my macbook and put the offline armoury wallet on that so that the online line + offline armoury were running on the same computer, would that work?  Would that be as secure as a separate device?

Thanks for the answers so far.

(I did try searching for answers to this question but couldn't find them).

No because at some point the naked privates have to be exposed in RAM to do the TX signing... and that's where the dirtiest work happens.

[picobit]

If I created a partition on the hard disk on my macbook and put the offline armoury wallet on that so that the online line + offline armoury were running on the same computer, would that work?  Would that be as secure as a separate device?

Thanks for the answers so far.

(I did try searching for answers to this question but couldn't find them).

No, but it would still be significantly more secure than an online wallet.  An eventual virus or trojan would need to move itself to the "offline" partition to get your password or private keys next time you boot into that partition.  That is of course trivial to do, but it does require that the malware is specifically written to do just that.  The mass-distributed bitcoin stealing software is less likely to pull this off.  The same goes for having the "offline" wallet on a virtual machine with an encrypted disk - safer and less convenient than an ordinary online wallet, less safe but more convenient than a truly offline wallet.

EDIT:  The more I think about the "two partition scheme", the less I like it.  It is probably a fairly standard feature of most malware writing kits to include code that infects any other partitions/disks present on the infected machine.  So the bitcoin stealing malware will quickly make it to the not-so-offline partition.  And since it runs on the same hardware as the online machine, the malware also has access to the network card (although it is hopefully unconfigured) and might offload the data it has stolen.

[matt608]

Ok many thanks all for those answers, it's much appreciated! I'll get a really cheap laptop then.  Any more links to cheap laptops in the UK you'd recommend for this would be welcome... there's so many to choose from its hard to tell if 'refirbished' is safe enough for this.. (I've only ever bought Macs).

[etotheipi]

For those waiting for native message signing & verification ... it's here!

Just posted 0.89.99.14-testing for all OS:  https://bitcointalk.org/index.php?topic=299684.0

That includes the fragmented backup tester as well as message signing compatible with Bitcoin-Qt (version 0).  We hit a hiccup and don't have the version 1 signing & verification ready yet.  It will be compatible only Armory-Armory, but we're hoping to demonstrate its superiority and then encourage others to use it (no formatting issues, only one block of text to copy & paste).

This is very close now to being appropriate for a real release.  At the very least, we'll post it on the website since it is now likely more usable than the previous version (for most prospective users).

[cp1]

If I created a partition on the hard disk on my macbook and put the offline armoury wallet on that so that the online line + offline armoury were running on the same computer, would that work?  Would that be as secure as a separate device?

Thanks for the answers so far.

(I did try searching for answers to this question but couldn't find them).

If you're talking about dual booting to an encrypted linux partition then it's not that bad.  You can mount your "online" partition and sign transactions when booted over to linux.  A USB boot is much better, though.

[etotheipi]

New bug-bounty thread!


[BOUNTY] Help test next major release of Armory! [0.04 BTC/bug]

Help me test, make money! 

[zaico]

Hi. I've been trying to install Armory for 3 days with no luck. Everything is installed (armory+bitcoind) on Ubuntu 12.04 with the .deb from the official web. The problem is that the "Initializing Bitcoin Engine" is complete, but the "Scanning transaction History" stops on 75% with 1'5 minutes and stays like this (i've waited for more then 24h).
Down appears (connected (0 blocks)

It's very weird, while it's working everything goes so slow. It's not mining so, why is it using the CPU?
Thanks!!

[bektar]

Regarding running Armory on a second partition on a macbook… one can encrypt the entire partition using File Vault. That way a regular virus can't affect it from the regular boot partition.

Please note that if one manages to get some malware into the firmware it would persist through rebooting, no matter which partition:(

[etotheipi]

Hi. I've been trying to install Armory for 3 days with no luck. Everything is installed (armory+bitcoind) on Ubuntu 12.04 with the .deb from the official web. The problem is that the "Initializing Bitcoin Engine" is complete, but the "Scanning transaction History" stops on 75% with 1'5 minutes and stays like this (i've waited for more then 24h).
Down appears (connected (0 blocks)

It's very weird, while it's working everything goes so slow. It's not mining so, why is it using the CPU?
Thanks!!

Hi zaico,

Please grab the latest testing release from here:  https://bitcointalk.org/index.php?topic=299684.0

It has a long first-run startup time as it builds a new set of databases it requires for operation (30 min-3 hours), but should startup fairly quickly after that.  You don't need to do anything else except install the new version over the old one (your wallets and settings will be untouched).  This version uses about 1/20th the RAM of the version posted on the website.  In fact, we're just about to update the website even though this is a testing version, since it's proven to be far more reliable!

[etotheipi]

[WARNING] Malicious Armory Website Clone Found!

More info in this thread:  https://bitcointalk.org/index.php?topic=339403.0


Also, just posted the latest testing downloads to the [real] website since they have proven to be more reliable for most people.  Got one more major bug to squash, and some polishing, then I will make this an official release!

[superbit]

Can you walk me through how to verify a download?  I have only ever used the hash of files to verify downloads in the past.

Thanks,

[CircusPeanut]

Instructions for verifying downloaded files are located on the Bitcoin Armory Downloads page here:

https://bitcoinarmory.com/download/

[superbit]

Instructions for verifying downloaded files are located on the Bitcoin Armory Downloads page here:

https://bitcoinarmory.com/download/

Thanks!  I used the SHA-256, matched perfectly.

[superbit]

I just imported a second wallet into my armory client.  The blockchain is up to date but it says 28 months to scan and has been on that number for about 15 minutes, is that normal?