Author

Topic: . (Read 1272 times)

legendary
Activity: 3430
Merit: 3080
.
June 06, 2016, 03:36:52 AM
#9
Complete this sentence: Don't feed...      Cool
legendary
Activity: 3430
Merit: 3080
June 05, 2016, 03:01:45 PM
#8
I'm looking forward to this feature; Bitcoin broke new ground with using deterministic builds, and so it's only right that Armory would take up the mantle similarly. I build Armory from the source code myself also, and so don't really need the feature as such (although I'd be happy to contribute my own signatures to help confirm the veracity of official builds to the wider userbase). Another approach might be to try to get Gentoo or ArchLinux interested in packaging Armory for use with their automated client-side compilation, but likely too niche as OS's to cater to if it involved alot of work. Getting Armory into sw repos in general should be an aim IMO, but that's another conversation.

My preferred route is to split Armory into a set of stand alone libraries. I will start with the crypto code, i.e. isolate cryptopp and EncryptionUtils.h/cpp in its own repo, move to cmake for makefiles/msvs projects and dynamically link to it.

Since that will be all C++ with no need for C++11 support, it will be the first candidate for deterministic build. The new wallet code will be delivered that way too, in its own repo with its own fresh code files and dynamically linking to the crypto lib.

With deterministically built shared libraries, I'm thinking of signing the hash and hardcoding both hash and sig into the code base (i.e. have binaries hash and check the sig for the shared libs before loading them), but that's an egg and chicken problem with the crypto lib (you need the crypto methods to hash and check sigs) so I'm still wondering if that's possible/desirable.

An Armory repo would be a valid route too, and as for the chicken and egg issue, it's not like I'm using a separate non-openssl-calling command to check Armory package signatures/hashes today, so using the sys default crypto lib would become a case of choosing your OS responsibly (ever the case, I would argue).
legendary
Activity: 1904
Merit: 1007
June 05, 2016, 08:33:19 AM
#7
Very mature and decent way of approaching things. Thank you very much for everything!
legendary
Activity: 3794
Merit: 1375
Armory Developer
June 04, 2016, 03:00:33 PM
#6
To answer your question, OP, nobody really knows.  It's basically a one-man operation at this point.

I certainly wouldn't go rushing into downloading any new versions of Armory.

When I brought up the same topic in another thread, I eventually got a response from Mr. Goatpig himself:

https://bitcointalksearch.org/topic/--1494369

All I can suggest it, when goatpig puts out his tip cup and says "pls" don't be surprised if he doesn't get the money he desires, says "fuck this shit" and releases a malicious Armory in the future

Good luck.

I'm not sure where you come from or why you think you have a leg to stand on in this matter.

If you've run Armory 0.92 or later, you have run my code. I've contributed over 2/3rd of the public code changes since 0.92.

0.93 is essentially my solo work, the other 5 devs were busy with closed source enterprise code. I was the defacto open source maintainer for over a year before ATI shut down development. If you had participated to the 0.93 and 0.94 testing phases you would have known that.

I'm looking forward to this feature; Bitcoin broke new ground with using deterministic builds, and so it's only right that Armory would take up the mantle similarly. I build Armory from the source code myself also, and so don't really need the feature as such (although I'd be happy to contribute my own signatures to help confirm the veracity of official builds to the wider userbase). Another approach might be to try to get Gentoo or ArchLinux interested in packaging Armory for use with their automated client-side compilation, but likely too niche as OS's to cater to if it involved alot of work. Getting Armory into sw repos in general should be an aim IMO, but that's another conversation.

My preferred route is to split Armory into a set of stand alone libraries. I will start with the crypto code, i.e. isolate cryptopp and EncryptionUtils.h/cpp in its own repo, move to cmake for makefiles/msvs projects and dynamically link to it.

Since that will be all C++ with no need for C++11 support, it will be the first candidate for deterministic build. The new wallet code will be delivered that way too, in its own repo with its own fresh code files and dynamically linking to the crypto lib.

With deterministically built shared libraries, I'm thinking of signing the hash and hardcoding both hash and sig into the code base (i.e. have binaries hash and check the sig for the shared libs before loading them), but that's an egg and chicken problem with the crypto lib (you need the crypto methods to hash and check sigs) so I'm still wondering if that's possible/desirable.
legendary
Activity: 3430
Merit: 3080
June 03, 2016, 06:50:00 PM
#5
We are also working on a system similar to Bitcoin Core's gitian builds which will ensure that the binaries are built from the source code that it is supposed to be built from.

I'm looking forward to this feature; Bitcoin broke new ground with using deterministic builds, and so it's only right that Armory would take up the mantle similarly. I build Armory from the source code myself also, and so don't really need the feature as such (although I'd be happy to contribute my own signatures to help confirm the veracity of official builds to the wider userbase). Another approach might be to try to get Gentoo or ArchLinux interested in packaging Armory for use with their automated client-side compilation, but likely too niche as OS's to cater to if it involved alot of work. Getting Armory into sw repos in general should be an aim IMO, but that's another conversation.
staff
Activity: 3458
Merit: 6793
Just writing some code
June 03, 2016, 06:36:25 PM
#4
To answer your question, OP, nobody really knows.  It's basically a one-man operation at this point.
Please stop spreading misinformation. We know that you didn't get your question answered and are now butthurt. Your posts aren't doing you any favors as you are spreading misinformation and acting like an immature troll.

Armory is not a one-man operation. There are still multiple people who are actively contributing to armory, myself included.

I certainly wouldn't go rushing into downloading any new versions of Armory.
And neither would I. I follow the advised security practice of verifying the source code myself and building from source. You should do this too.

When I brought up the same topic in another thread, I eventually got a response from Mr. Goatpig himself:

https://bitcointalksearch.org/topic/--1494369

All I can suggest it, when goatpig puts out his tip cup and says "pls" don't be surprised if he doesn't get the money he desires, says "fuck this shit" and releases a malicious Armory in the future

Good luck.
Maybe you missed the first part of his statement when he addresses the security:

Don't trust me, review the code and build it yourself. This is open source, you've got that opportunity, don't let it go to waste.

If you can't read code, find someone you trust that did it for you.

If you can't do either, you are at my mercy. Deal with it.

If you can't follow that advice where he EXPLICITLY says "Don't trust me" and you don't do anything else to verify that nothing is malicious, then that is your own fault. If he were to release a malicious Armory version, then the other people who work on armory such as myself, droark, josephbisch, fanquake, etc, would notice that he inserted malicious code into the software. If he did it in the binary and not the git source, then simply following the advice of "review the code and build it yourself ... [or] find someone you trust that did it for you" would protect you from such actions.

We are also working on a system similar to Bitcoin Core's gitian builds which will ensure that the binaries are built from the source code that it is supposed to be built from.
staff
Activity: 3458
Merit: 6793
Just writing some code
June 02, 2016, 11:08:24 AM
#3
How did you determine that Armory under etotheipi was "trusted"?

Either you read the code or you trusted the community to read the code for you or you trusted etotheipi.

You have the same options with Armory under goatpig.

I didn't know. But as I used the software for a long time without issues I assumed I can trust him. Going from one dev to another is an extra risk.
Goatpig was one of the developers when ATI was still working on Armory. There isn't any "extra risk". You can check that it is trustworthy the same way that you would check any other open source software: examine the source code and build the software yourself.
legendary
Activity: 1120
Merit: 1012
May 31, 2016, 11:43:13 AM
#2
How did you determine that Armory under etotheipi was "trusted"?

Either you read the code or you trusted the community to read the code for you or you trusted etotheipi.

You have the same options with Armory under goatpig.
hero member
Activity: 506
Merit: 500
May 31, 2016, 11:14:59 AM
#1
.
Jump to: