Topic: Armory - Discussion Thread - page 145. (Read 521829 times)

Are you going to open a translation project on transifex.com or crowdin.net?

A contentious issue! Search the thread, etotheipi is a little undecided on sanctioning the use of brain wallets (clarity edit: he also has a tentative idea to make them a little less disaster prone)

Will the new design allow you to add brain wallet capability?

I would not have a problem with dealing with a separate password for this.

More about the make-it-BIG qr-code feature request.
Sometimes it's also needed that it's big as the fullscreen, because I "want" to hide everything else.
I don't want that the customer is able to see something else running on the computer while is taking the qr-code.

That'd be amazing if you could get this dealt with too: I have a tendency to use long passwords to encrypt wallets, and some passwords tend to get forgotten, so I end up restoring from paper backup and choosing a new phrase (never, ever write them down). Giving users the option to force them into unlocking the public keys on block loading completion would help overcome this through the repetition, and the fact it'd also be a useful security feature in it's own right is more than a bonus. I may be able to get Armory directly onto my desktop too, as I'm currently using an encrypted VM to provide the same function (just wouldn't currently dare to use the wallet phase to encrypt the VM, you'd be saving me a whole load of RAM overhead and put off me whining about the RAM heavy thing too!)

Actually, blockchain.info essentially does this, and I did not even consider making the two passwords the same.  Anyway, it should be easy to disallow that the two are identical.

What about keyfiles?

Ah hah!  It's funny you bring that up, because I was just in the process of designing my new wallets in such a way this would be possible.  It probably won't be enabled on the first release, but I'm putting "EncryptionObject" entries next to each wallet entry which could be used to implement exactly what you just requested. 

It's becoming quite a massive undertaking, as I've ended up basically rewriting the wallets from scratch.  But it's being rewritten in order to give it the flexibility to things like this without redesigning it again. 

The only problem is that this passphrase will be typed all the time, and the encryption key will have to sit in memory the whole time Armory is open.  There's no way users will pick a different passphrase for their private keys and their public keys, and that makes this a pretty significant risk...  I might only offer the feature on offline/watching-only wallets and plaster warnings everywhere (not that it necessarily helps, but users should be aware of the risks they take by using passwords that protect important things, on things that aren't that important).

But I totally appreciate the desire to not have someone steal your laptop and learn (1) that you have $100k BTC probably at your house on an offline computer and (2) the address to your house.

Feature request: In addition to the existing passwords for the wallets, which are really passwords covering the secret keys of the wallets, it would be nice to have a password for viewing. Now, starting Armory, all the balances and addresses are shown directly.

Agreed.  I just wanted to understand the application to make sure the feature makes sense, and maybe I can add something other twists that would further improve it.

In this case, I'm not sure I can improve it further.  Sounds like "make-it-BIG" is precisely what's needed.  It should be pretty easy to implement, so I should be able to get it into the next release (which will hopefully be soon!).

On that note, please help test and find bugs!  kthxbye

I can see the value as well: some phones do a piss-poor job of focusing up close.  By allowing it to focus on a full screen several feet away, that problem is solved.

It's useful if you are behind a desk in a shop, and you need to show the QR-code and only it to the customer.
Multibit has the same feature.

I suppose that wouldn't be too hard to do.  But what is the application?  So that you can show someone a QR code from the other end of the airport terminal?

I have a feature request
- Wherever is shown a QR-code, if the user double-click on it then it will enlarge to take all the screen (mainly).
Double click again and it will back small.

Reposted from the BOUNTIES thread:

---

Okay!  Since I'm hoping to make this an official release, I've upped the bounties to 0.2 BTC.  Yes, that's almost $3 per bug!  

However for this round, smaller bugs like most of what subSTRATA was posting will not be considered for the 0.2 BTC.  I already fixed 21 bugs/suboptimal features based on subSTRATA's diligent testing, but for this release I'm really looking for the big things that actually prevent users from using the features of the software.  Usually this is stuff like transactions not sending because I broke some networking code, or dialogs that are don't show up, or display garbage.  And of course, crashing.   The minor bugs and polishing will still be rewarded, but only 0.05 BTC.

This version has full QR-code integration and copying payment request links in Windows finally seems to work.  I have also uploaded the new releases to code.google.com because it has all the features I need in a project-hosting site:  scriptable uploads, download counting, folders, etc.

http://bitcoinarmory.googlecode.com/files/armory_0.86.7-testing_win64.msi
http://bitcoinarmory.googlecode.com/files/armory_0.86.7-testing_windows_all.msi

And since this is a new download location, I have signed the SHA1 hashes using the offline signing key, in case anyone wants to verify them.  The nice thing is that google-code shows you the hash there (though it's still preferred you hash the downloaded file, to be sure).  

http://bitcoinarmory.googlecode.com/files/armory_0.86.7-testing_sha1.txt.asc

And just in case you find GPG/PGP annoying, here's a signed message, ironically using Armory's message-signing interface that I said was offlimits for bug reports (it works, but it's messy and hasn't been maintained for a while.  Simply go to "Tools-->Message Signing" and then click on "Import Signature Block" and copy the following text into it:

Check out the new QR stuff in the testing branch!

If you like it enough and use smartphones a lot, you can donate here:

Hi Alan,

That is basically it as I understand it.

The client creates a Bloom filter for the addresses in its wallet(s) and then sets it on the connection (at the bitcoind end, if you like). The bitcoind then applies the filter to all the traffic before it sends it back.

You can bump up the false positive rate as much as you like (+100%, + 1000%, whatever) to trade off privacy at the cost of more bandwidth.

I think from the wiki on it you need about 10 bits per 'unique thing you want to distinguish' so I expect they would have to be kilobit size to be useful.   I'm not sure where the branch is with the bloom filter dev work in to be honest - hopefully someone will chip in!

I understand bloom filters, but I haven't understood how they are used in this context.  Is it:  you send a peer your bloom filter (after your addresses have been applied to it), and they filter out all transactions for which none of the recipient addresses match your bloom filter?  You probably get false positives, but dramatically reduced set.

Although, I thought the filters were generally pretty big, so I wasn't clear how easy it was to share them with other peers.  I'm very interested in this idea, nonetheless.  I'm going to go back to my new wallets, and if I see a link pointing me to where I can learn more about them implementing bloom filters in Bitcoin, I'll happily take a break to read it

Is it possible that it took 3 hours for the transaction to get 1 confirmation?  When it first appeared, did it have one confirmation?  Or was it already confirmed.  Armory has a problem (Windows only) that it doesn't remember zero-confirmation transactions between loads.  So, if it takes 3 hours to get one confirmation ,and you restart Armory right after you send it, you won't see it for that long.