Pages:
Author

Topic: [ANN] Armory 0.93.1 Official Release - page 5. (Read 16724 times)

legendary
Activity: 1428
Merit: 1093
Core Armory Developer
February 22, 2015, 12:03:33 PM
#29
legendary
Activity: 1764
Merit: 1002
February 22, 2015, 11:50:30 AM
#28
legendary
Activity: 1428
Merit: 1093
Core Armory Developer
February 22, 2015, 11:32:23 AM
#27
I wish people would stop referring to "you are at risk if you don't use RFC6979".  We have seen in the wild, poorly-supported platforms, with poorly implemented RNGs cause problems for people that reuse addresses.  However, Armory only runs on systems with proper RNG capabilities AND using an RNG for ECDSA signing is part of the NIST standard.  RFC6979 is exactly what it says "Request for Comments".  It's not a standard, never been approved by any organization.  I recognize that it might be more trustworthy than the javascript RNG or Android RNG (which have both caused problems in the past), but in our environment I'd prefer to use the NIST/FIPS standard RNG version of signing.

For instance, we're working on HSM integration now, and the whole thing is a giant [$15,000!] FIPS-certified hardware and software stack.  If we tried to implement RFC6979 we'd be breaking all the crypto certifications of the device.   This would mean our HSMs would immediately be unsuitable for any government use.  This means it would be unsuitable for a wide variety of environments that depend on FIPS certifications.  

This doesn't mean that I don't think RFC6979 is useful.  It's that it's a tradeoff between using an approved, standardized process, and using a "proposed" process that addresses shortcomings in some platforms that don't even meet sanity checks for RNG capability.  While I think it would be tough to argue that the RFC6979 process was insecure, we don't like modifying such sensitive parts of crypto processes without at least some review by standards bodies (with real cryptographers).

My attitude on all this is:  I personally believe (using judgement) that RFC6979 is a good choice, as standardizing it across applications solves issues with platforms using weak RNGs, as any shortcomings it might have are better than having a bad RNG behind the signing.  But I'm not going to shove all our users into it (at least without a way to disable it) on platforms that have solid RNGs and can apply the approved signing algorithms.  For now, we've made det-signing opt-in, and I think pending further review we'll switch the default to make it opt-out.  
legendary
Activity: 2912
Merit: 1060
February 22, 2015, 11:21:57 AM
#26

What do you mean by deterministic signing?

It takes the random number generator out of the process for generating a signed transaction. Somehow (I do not know the details). It makes it safer, as the signatures can't leak any information (i.e. something to help calculate the private key...) when using weak RNG implementations, plus some other benefits I expect. Also, it's last on the changelog list for 0.93

Oh so instead of random it uses a rolling nonce

Idk, personally I think a bad write can make you reuse an increment and boom you're done. But what do I know.

If it adds a random number, it sounds very good.
legendary
Activity: 3430
Merit: 3080
February 22, 2015, 11:04:55 AM
#25

What do you mean by deterministic signing?

It takes the random number generator out of the process for generating a signed transaction. Somehow (I do not know the details). It makes it safer, as the signatures can't leak any information (i.e. something to help calculate the private key...) when using weak RNG implementations, plus some other benefits I expect. Also, it's last on the changelog list for 0.93
legendary
Activity: 2912
Merit: 1060
February 22, 2015, 11:00:44 AM
#24
Big congratulations, really pleased with this project and where it's heading right now.

One small question:  when can we expect more info on the safety of enabling deterministic signing?
[...]Of course, personal opinions don't mean squat. There could be some weird thing I missed. So, for now, Alan's going to take a close look once he has a little free time, and we'll decide from there where to go.

Sounds like a good enough reason to justify the disabling by default, you need at least 10 opinions  Cheesy. But I I know, you mean opinions from people who make it their business to know cryptography from all the theory based angles who can spot signatures leaking information in some way no-one's thought of, etc. I might wait just a while to use it, but it sounds like a good thing in principle (it makes address re-use safer/safe IIRC)

What do you mean by deterministic signing?
legendary
Activity: 3430
Merit: 3080
February 22, 2015, 10:58:39 AM
#23
One small question:  when can we expect more info on the safety of enabling deterministic signing?
[...]
Of course, personal opinions don't mean squat. There could be some weird thing I missed. So, for now, Alan's going to take a close look once he has a little free time, and we'll decide from there where to go.

Sounds like a good enough reason to justify the disabling by default, you need at least 10 opinions  Cheesy. But I I know, you mean opinions from people who make it their business to know cryptography from all the theory based angles who can spot signatures leaking information in some way no-one's thought of, etc. I might wait just a while to use it, but it sounds like a good thing in principle (it makes address re-use safer/safe IIRC)
sr. member
Activity: 255
Merit: 250
Senior Developer - Armory
February 22, 2015, 10:22:40 AM
#22
Big congratulations, really pleased with this project and where it's heading right now.

One small question:  when can we expect more info on the safety of enabling deterministic signing?

Thanks, and good question. The long and short of it is that Alan & I are figuring out the best way forward. My personal opinion is that the code is safe to use. I closely followed the path that Crypto++ uses whenever data is signed. (No small feat considering the ugliness of the Crypto++ codebase.) I use the appropriate test suites from RFC 6979 and from the Trezor codebase, and plan to add the libsecp256k1 test vectors sooner or later. I considered the codebase to be safe enough that I conducted several significant mainnet transactions using det signing. (Gotta eat your own dogfood, right?) Everything worked fine, and I didn't lose any coins.

Of course, personal opinions don't mean squat. There could be some weird thing I missed. So, for now, Alan's going to take a close look once he has a little free time, and we'll decide from there where to go.
hero member
Activity: 692
Merit: 500
February 22, 2015, 09:15:50 AM
#21
I've successfully installed armory_0.92.3_rpi_bundle.tar.gz on Pi B / Pi B+ / Pi 2 (raspbian wheezy) and BBB (debian wheezy + ubuntu 14.04).

However on ODROID C1 (Ubuntu 14.04, Feb 10th ISO) there is an error
 ImportError: No module names qt4reactor.  

For some reason qt4reactor.py is allocated view = owner only / change = owner only / execute = nobody.

 sudo chmod +755 /usr/lib/armory/qt4reactor.py fixes the problem, and 0.92.3 works.

In order to get armory_0.93_raspbian-armf.tar.gz working (Secure Downloaded and verified within armory), I copied the 0.92.3 offline bundle's Install_DblClick_RunInTerminal.py, ran

 sudo python Install_DblClick_RunInTerminal.py in the same folder as the 0.93 tar.gz and ran once again

 sudo chmod +755 /usr/lib/armory/qt4reactor.py

Success !
legendary
Activity: 2912
Merit: 1060
February 22, 2015, 08:57:45 AM
#20
Great, can I reuse an old blockchain copy?

Yes
full member
Activity: 224
Merit: 100
February 22, 2015, 08:55:50 AM
#19
thank you very much!
hero member
Activity: 784
Merit: 1000
February 22, 2015, 08:48:42 AM
#18
Great, can I reuse an old blockchain copy?
newbie
Activity: 39
Merit: 0
February 22, 2015, 08:26:48 AM
#17
Thank you for the efforts, keep up the good work !
legendary
Activity: 2912
Merit: 1060
February 22, 2015, 08:02:53 AM
#16
Where can I find more info on supernode?

I am also curious about this supernode functionality, in depth documentation would be useful Smiley

That offering might be more for business with paid support
legendary
Activity: 1512
Merit: 1012
February 22, 2015, 07:59:00 AM
#15
Where can I find more info on supernode?

I am also curious about this supernode functionality, in depth documentation would be useful Smiley
legendary
Activity: 1764
Merit: 1002
February 22, 2015, 07:42:51 AM
#14
Where can I find more info on supernode?
member
Activity: 83
Merit: 10
February 22, 2015, 06:45:14 AM
#13

<- snip ->

You did ask Does anybody else now have a problem of incompatibility?

Try deleting everything from Bitcoin and armory except wallets. Fully sync Bitcoin before starting armory.

Actually Bitcoind shouldn't be running afaik, armory starts qt not d I think, I run it manually though

You might have an old version running somehow or another program running it for you

Thanks for your help. You are right - I did ask that, although it was more of a rhetorical question - I was already assuming that the new version was working ok for a lot of people, otherwise I guess it wouldn't have been released yet!

Anyway, I've got Armory up and running now - I just have to run Bitcoin core/q/d on it's own.
legendary
Activity: 2912
Merit: 1060
February 22, 2015, 06:36:51 AM
#12

<- snip ->


Mine's perfect, delete all the data and start fresh

'Mine's perfect' - that comment doesn't really help me - my wife's is also now running, but we didn't learn much from that either.

I'm running bitcoind independantly - and seem to be getting on better - currently scanning transaction history whereas before Armory 'locked up' almost as soon as bitcoind failed.

You did ask Does anybody else now have a problem of incompatibility?

Try deleting everything from Bitcoin and armory except wallets. Fully sync Bitcoin before starting armory.

Actually Bitcoind shouldn't be running afaik, armory starts qt not d I think, I run it manually though

You might have an old version running somehow or another program running it for you

Or armory is starting the daemon and you're starting qt which kills the daemon
member
Activity: 83
Merit: 10
February 22, 2015, 06:11:55 AM
#11

<- snip ->


Mine's perfect, delete all the data and start fresh

'Mine's perfect' - that comment doesn't really help me - my wife's is also now running, but we didn't learn much from that either.

I'm running bitcoind independantly - and seem to be getting on better - currently scanning transaction history whereas before Armory 'locked up' almost as soon as bitcoind failed.
legendary
Activity: 2912
Merit: 1060
February 22, 2015, 06:02:16 AM
#10
Congrats! Just thinking a few years ago you got laid off and began Armory and here we are, the #1 wallet!
Pages:
Jump to: