Author

Topic: Armory - Discussion Thread - page 218. (Read 521829 times)

newbie
Activity: 22
Merit: 0
February 12, 2012, 09:27:23 AM
Do you plan adding support for non-deterministic wallets? I don't think I would like to use a deterministic one. (I can't really give a reason why, I just don't like the idea.)

Also, if the client will not do block validation, please keep the option to only accept blocks through the satoshi client.

Edit: Oh, by the way, I mentioned I can't create transactions with insanely large transaction fees. Here's the error message I get when trying to send 1 satoshi with a 2200 BTC fee: "SelectCoins returned a list of size zero.  This is problematic and probably not your fault." I don't think this is a real problem, but I thought it's worth mentioning.
full member
Activity: 154
Merit: 102
Bitcoin!
February 11, 2012, 04:19:30 PM
Using LD_PRELOAD fixed it for me.  Thanks!
legendary
Activity: 1428
Merit: 1093
Core Armory Developer
February 10, 2012, 11:03:32 PM
I tried compiling and running Armory on Ubuntu 11.10 and got the following error.  I followed your instructions to the T, and get this:

Code:
********************************************************************************
Loading Armory Engine:
   Armory Version:       0.50
   PyBtcAddress Version: 1.00
   PyBtcWallet  Version: 1.35
Detected Operating system: Linux
   User home-directory   : /home/me
   Satoshi BTC directory : /home/me/.bitcoin/
   Satoshi blk0001.dat   : /home/me/.bitcoin/blk0001.dat
   Armory home dir       : /home/me/.armory/
***ERROR:  C++ block utilities not available.
           Make sure that you have the SWIG-compiled modules
           in the current directory (or added to the PATH)
           Specifically, you need:
                  CppBlockUtils.py     and
                  _CppBlockUtils.so
Traceback (most recent call last):
  File "ArmoryQt.py", line 39, in
    from armoryengine import *
  File "/home/me/BitcoinArmory/armoryengine.py", line 330, in
    TheBDM = Cpp.BlockDataManager().getBDM()
NameError: name 'Cpp' is not defined

Both of the files mentioned in the error message are in the BitcoinArmory directory (where I run python ArmoryQt.py).

btc_artist,

(1)  Did you try the LD_PRELOAD command before running Armory?  I've noticed I need that on any Ubuntu after 10.04:
Code:
 LD_PRELOAD=/usr/lib/libcryptopp.so python ArmoryQt.py
  Make sure that /usr/lib/libcryptopp.so exists, or check for libcrypto++.so and use that instead.   But they should be there if you installed all the packages on the first step.

(2)  If that doesn't work, there's a different problem.  From the project directory, go into a python shell and type "import CppBlockUtils".  It will fail again, but will give you a more-descriptive error message.  If it's something like "InteratedZZ8CHashZ5Function", go back to step 1 (cryptopp has a problem).  If the error is something else, please PM me and I'll address this off-thread.   So far, I haven't seen any other errors besides the cryptopp linking at runtime (which is what the LD_PRELOAD line resolves).
full member
Activity: 154
Merit: 102
Bitcoin!
February 10, 2012, 03:32:13 PM
I tried compiling and running Armory on Ubuntu 11.10 and got the following error.  I followed your instructions to the T, and get this:

Code:
********************************************************************************
Loading Armory Engine:
   Armory Version:       0.50
   PyBtcAddress Version: 1.00
   PyBtcWallet  Version: 1.35
Detected Operating system: Linux
   User home-directory   : /home/me
   Satoshi BTC directory : /home/me/.bitcoin/
   Satoshi blk0001.dat   : /home/me/.bitcoin/blk0001.dat
   Armory home dir       : /home/me/.armory/
***ERROR:  C++ block utilities not available.
           Make sure that you have the SWIG-compiled modules
           in the current directory (or added to the PATH)
           Specifically, you need:
                  CppBlockUtils.py     and
                  _CppBlockUtils.so
Traceback (most recent call last):
  File "ArmoryQt.py", line 39, in
    from armoryengine import *
  File "/home/me/BitcoinArmory/armoryengine.py", line 330, in
    TheBDM = Cpp.BlockDataManager().getBDM()
NameError: name 'Cpp' is not defined

Both of the files mentioned in the error message are in the BitcoinArmory directory (where I run python ArmoryQt.py).
legendary
Activity: 1428
Merit: 1093
Core Armory Developer
February 09, 2012, 09:36:37 PM
Armory doesn't show my outputs from P2Pools generation transactions. Is this related to the "strange" output script that always appears first in these transactions?

Actually, yes!  Until now, I haven't run into any "strange" transactions that "regular" users would be encountering, but this appears to be an exception.  As I look back to the code, I see that once I hit a strange TxOut, the code skips the entire tx, marking it as "Non-standard."  In hindsight, I don't see why I can't just skip that TxOut and keep going.  When I originally wrote the code, I guess I expected the "transaction" to be non-standard or not... didn't consider the individual inputs and outputs.

Could you give me the address (just the address string, no private keys), of an address that receives coins from at least one of these transactions, but also has a few other regular transactions in the blockchain?  There may be a one-line fix to the C++ blockchain utilities, but I won't know for sure until I do some testing with a relevant address.  

I'll look into it ASAP! (PM it to me, so you don't have to advertise any extra addresses to the forum!)

It appears that there really is a one-line fix, or very close to it.  I confirmed it only saw 2/13 tx before, and sees 13/13 with the fix.   But it will have to be more thoroughly tested, so I'll throw it in with the other updates I've been working on, for the next round of testing.  I hope that Armory provides plenty of satisfaction even with the bug, until the next release. Smiley
legendary
Activity: 1428
Merit: 1093
Core Armory Developer
February 09, 2012, 03:57:06 PM
Armory doesn't show my outputs from P2Pools generation transactions. Is this related to the "strange" output script that always appears first in these transactions?

Actually, yes!  Until now, I haven't run into any "strange" transactions that "regular" users would be encountering, but this appears to be an exception.  As I look back to the code, I see that once I hit a strange TxOut, the code skips the entire tx, marking it as "Non-standard."  In hindsight, I don't see why I can't just skip that TxOut and keep going.  When I originally wrote the code, I guess I expected the "transaction" to be non-standard or not... didn't consider the individual inputs and outputs.

Could you give me the address (just the address string, no private keys), of an address that receives coins from at least one of these transactions, but also has a few other regular transactions in the blockchain?  There may be a one-line fix to the C++ blockchain utilities, but I won't know for sure until I do some testing with a relevant address.  

I'll look into it ASAP! (PM it to me, so you don't have to advertise any extra addresses to the forum!)


full member
Activity: 185
Merit: 100
February 09, 2012, 03:25:58 PM
Armory doesn't show my outputs from P2Pools generation transactions. Is this related to the "strange" output script that always appears first in these transactions?
legendary
Activity: 1428
Merit: 1093
Core Armory Developer
February 09, 2012, 08:13:57 AM
Are you familiar with py2app?  I would like to create Mac binaries, if possible, and that seems like a good option for it, especially for Mac where compiling has been so difficult.  Are such binaries likely to work on all Mac systems?  Only 10.6.X systems?  

I was trying to create a binary app with py2app but was not successful. It links to some python files that are not at the specified location.
I will keep trying but if someone else has more knowledge on how to do this then don't wait for me.
As for compatibility I guess it should be fine for 10.6.x and 10.7.x when compiled on 10.6.x.
If you compile a binary I can test it on both systems.

The other option I saw was BundleBuilder.  That might be worth looking into as another option.  Unfortunately, I still don't have any OSX system yet.  But I'm working on it...
legendary
Activity: 1428
Merit: 1093
Core Armory Developer
February 09, 2012, 07:18:58 AM
[...]
I believe Bitcoin needs these devices, but offline systems will do, for now.  As I found out when I sent out an email at my work about spare, ancient laptops:  everyone seems to have one they want to get rid of.  Perhaps Armory gives them a reason to keep it and use it Smiley
Given the ancient laptops have enough memory to keep the blockchain in RAM. :-)

Actually, the offline systems have no RAM requirement at all, as long as it can run a modern OS.   Simply because there is no blockchain to hold.  It only has to hold your wallet.
hero member
Activity: 619
Merit: 500
February 09, 2012, 03:10:46 AM
That looks great.  You make it seem like it was so easy!  I think I'll be getting my hands on a Snow Leopard machine 10.6.7, so I will try these instructions when I get it, and I will update the webpage with this information, too.

Are you familiar with py2app?  I would like to create Mac binaries, if possible, and that seems like a good option for it, especially for Mac where compiling has been so difficult.  Are such binaries likely to work on all Mac systems?  Only 10.6.X systems?  

I was trying to create a binary app with py2app but was not successful. It links to some python files that are not at the specified location.
I will keep trying but if someone else has more knowledge on how to do this then don't wait for me.
As for compatibility I guess it should be fine for 10.6.x and 10.7.x when compiled on 10.6.x.
If you compile a binary I can test it on both systems.

[...]
I believe Bitcoin needs these devices, but offline systems will do, for now.  As I found out when I sent out an email at my work about spare, ancient laptops:  everyone seems to have one they want to get rid of.  Perhaps Armory gives them a reason to keep it and use it Smiley
Given the ancient laptops have enough memory to keep the blockchain in RAM. :-)
legendary
Activity: 1428
Merit: 1093
Core Armory Developer
February 08, 2012, 03:19:41 PM
The problem here is that it's fine that we have a chip that does the signing without revealing the key. But I have no way of knowing if the program I'm using to create transactions that are signed is telling me the truth.
Say I want to create a transaction on my infected computer of 2 BTC to address 1Jks... and the modified program actually sends a transaction of 1000 BTC to address 1H4xor... to the TPM chip which happily signs it and my money is gone.
That's why we need to have a separate device that displays the address(es) and amount(s) from the transaction it's been sent before letting the user affirm with a button whether he approves or not.

That was the fundamental issue I had when developing BIP 0010 for offline/multisig transactions.  How do you verify that the what you're signing is absolutely what you intended?  I do not support a device that blindly signs txs, and that's why I went a step further with BIP 0010 and made sure that input values can be verified (without it, someone can't steal your money, but they can have all your funds emptied into your next transaction's fee).  I wanted to make sure that the signing device has the capability to understand (and verify!) what is being signed and present it to the user.  If someone wants to create a device that blindly signs it... well that's their choice, but I won't be using it.

In the case of offline computers, there might be a way for someone to use my computer to inject a USB virus which infects the offline computer, and then uses that trick my offline computer to show the same incorrect/malicious data.  That's orders of magnitude less likely than someone simply breaking into open ports on my internet connected computer, but a TPM-device would close that gap:  the TPM chip was designed without the ability to modify the software, and without the ability to pull off the private keys.  It's simply a hardware-like black-box wallet with a display. 

I believe Bitcoin needs these devices, but offline systems will do, for now.  As I found out when I sent out an email at my work about spare, ancient laptops:  everyone seems to have one they want to get rid of.  Perhaps Armory gives them a reason to keep it and use it Smiley



legendary
Activity: 980
Merit: 1008
February 08, 2012, 02:02:30 PM
I believe what you're looking for is TPM Chips.  I don't know much about them, but I know a lot of laptops actually come with them.  However, you would need a customized TPM chip, specifically for accommodating multiple private keys, and ECDSA operations which are not usually part of the onboard encryption ops.
The problem here is that it's fine that we have a chip that does the signing without revealing the key. But I have no way of knowing if the program I'm using to create transactions that are signed is telling me the truth.
Say I want to create a transaction on my infected computer of 2 BTC to address 1Jks... and the modified program actually sends a transaction of 1000 BTC to address 1H4xor... to the TPM chip which happily signs it and my money is gone.
That's why we need to have a separate device that displays the address(es) and amount(s) from the transaction it's been sent before letting the user affirm with a button whether he approves or not.

How can I manually import a private key? This is from a paper wallet and I accept any risks.
Create a new wallet, go into "Wallet Properties" and click "Import Private Key".

I believe I mentioned I do use Ironkeys to store my offline wallet.  It does have its own built in encryption chip along with a lot of other cool features.  I'd explain more but i'm on my phone now.  If anyone has questions about it I'd be happy to try and help.
How does it work exactly; does it behave like the hypothetical device I explained above?
donator
Activity: 308
Merit: 250
February 08, 2012, 01:43:35 PM
Would just like to say, that there NEEDS to be a wallet import option in the future for Satoshi wallets. 

... I cannot switch fully over to armory until it has wallet.dat importing, so I hope you plan to have that option!

I absolutely plan to have that, but not until Armory can be used without the Satoshi client running with the same wallet.  I found out yet another thing that can go wrong when you have multiple apps using the same wallet (I've got 8.2 BTC locked by the Satoshi client right now, possibly due to such issues)...


How can I manually import a private key? This is from a paper wallet and I accept any risks.
legendary
Activity: 1400
Merit: 1005
February 08, 2012, 01:19:53 PM
Would just like to say, that there NEEDS to be a wallet import option in the future for Satoshi wallets. 

... I cannot switch fully over to armory until it has wallet.dat importing, so I hope you plan to have that option!

I absolutely plan to have that, but not until Armory can be used without the Satoshi client running with the same wallet.  I found out yet another thing that can go wrong when you have multiple apps using the same wallet (I've got 8.2 BTC locked by the Satoshi client right now, possibly due to such issues)...
Ok.  Smiley
legendary
Activity: 1428
Merit: 1093
Core Armory Developer
February 08, 2012, 12:58:11 PM
Would just like to say, that there NEEDS to be a wallet import option in the future for Satoshi wallets. 

... I cannot switch fully over to armory until it has wallet.dat importing, so I hope you plan to have that option!

I absolutely plan to have that, but not until Armory can be used without the Satoshi client running with the same wallet.  I found out yet another thing that can go wrong when you have multiple apps using the same wallet (I've got 8.2 BTC locked by the Satoshi client right now, possibly due to such issues)...

legendary
Activity: 1764
Merit: 1002
February 08, 2012, 12:15:12 PM
It seems to me that Bitcoin is not only suffering from a lack of software developers, but also from a lack of hardware developers. The perfect savings account for me would be a small USB stick-type device, with a small screen, that with the touch of a button generates a new random key on the device. The USB stick contains no wireless communication chips - it only communicates with a host computer via USB. Whenever you want to spend money from your savings account (which is a key, or multiple keys, generated on this device) you connect the device to your computer, send a transaction to the device using some application, a message pops up on the device saying "Do you want to send X bitcoins to
" and if I press the OK button on the device it signs the transaction and sends it back to the host computer. The key never leaves the device; the device can only sign transactions. If we can implement a secure hardware device like this, the only way to steal the money on your savings account would be to steal the device itself. And if you have to steal the device itself, we can get no better security, if you ask me.

I believe what you're looking for is TPM Chips.  I don't know much about them, but I know a lot of laptops actually come with them.  However, you would need a customized TPM chip, specifically for accommodating multiple private keys, and ECDSA operations which are not usually part of the onboard encryption ops.  Actually, I guess you could have one master key, and use a deterministic key generation algoritm with random access.  Then the device takes the data to be signed, and a list of "key indices."  Then, generating the correct keys will just be a preprocessing step of the signing algorithm.  (btw, I believe the IronKey is a TPM-like device... all encryption/decryption happens on the device itself)

At least, the nice thing about an offline computer is that you could technically do other stuff with it.  It might be slightly less convenient for Bitcoin ops, but as long as you have it, you might as well do financial stuff on it that you would prefer to be offline, anyway.  I'm sure there's other things you can do that would be appropriate for a crappy, offline laptop Smiley





I believe I mentioned I do use Ironkeys to store my offline wallet.  It does have its own built in encryption chip along with a lot of other cool features.  I'd explain more but i'm on my phone now.  If anyone has questions about it I'd be happy to try and help.
legendary
Activity: 1400
Merit: 1005
February 08, 2012, 12:04:02 PM
Would just like to say, that there NEEDS to be a wallet import option in the future for Satoshi wallets.  If I am going to use this wallet solely, I don't want to have to risk not getting payments made to my older addresses.  I don't care if you make it hard to get to, it just needs to be there somewhere.

I have a variety of old addresses everywhere.  I may or may not receive donations or payments to those addresses in the future.

Examples:
- Hard-locked deepbit mining payout address.
- Operation fabulous payout address.
- Firstbits address that I use for many transactions.  Also have it posted on the forum.
- Addresses hardcoded into software for donations.

You get the idea.  Anyway, I cannot switch fully over to armory until it has wallet.dat importing, so I hope you plan to have that option!
donator
Activity: 308
Merit: 250
February 08, 2012, 11:48:24 AM
Yubico makes these Hardware Security Modules which may be suited to the task: https://store.yubico.com/store/catalog/product_info.php?products_id=56
legendary
Activity: 1428
Merit: 1093
Core Armory Developer
February 08, 2012, 11:12:06 AM
It seems to me that Bitcoin is not only suffering from a lack of software developers, but also from a lack of hardware developers. The perfect savings account for me would be a small USB stick-type device, with a small screen, that with the touch of a button generates a new random key on the device. The USB stick contains no wireless communication chips - it only communicates with a host computer via USB. Whenever you want to spend money from your savings account (which is a key, or multiple keys, generated on this device) you connect the device to your computer, send a transaction to the device using some application, a message pops up on the device saying "Do you want to send X bitcoins to
" and if I press the OK button on the device it signs the transaction and sends it back to the host computer. The key never leaves the device; the device can only sign transactions. If we can implement a secure hardware device like this, the only way to steal the money on your savings account would be to steal the device itself. And if you have to steal the device itself, we can get no better security, if you ask me.

I believe what you're looking for is TPM Chips.  I don't know much about them, but I know a lot of laptops actually come with them.  However, you would need a customized TPM chip, specifically for accommodating multiple private keys, and ECDSA operations which are not usually part of the onboard encryption ops.  Actually, I guess you could have one master key, and use a deterministic key generation algoritm with random access.  Then the device takes the data to be signed, and a list of "key indices."  Then, generating the correct keys will just be a preprocessing step of the signing algorithm.  (btw, I believe the IronKey is a TPM-like device... all encryption/decryption happens on the device itself)

At least, the nice thing about an offline computer is that you could technically do other stuff with it.  It might be slightly less convenient for Bitcoin ops, but as long as you have it, you might as well do financial stuff on it that you would prefer to be offline, anyway.  I'm sure there's other things you can do that would be appropriate for a crappy, offline laptop Smiley



legendary
Activity: 980
Merit: 1008
February 08, 2012, 10:51:27 AM
^ Interesting read all of it. I didn't find the post you linked to when I searched for the wallet encryption bug previously so that was very handy information.

It seems to me that Bitcoin is not only suffering from a lack of software developers, but also from a lack of hardware developers. The perfect savings account for me would be a small USB stick-type device, with a small screen, that with the touch of a button generates a new random key on the device. The USB stick contains no wireless communication chips - it only communicates with a host computer via USB. Whenever you want to spend money from your savings account (which is a key, or multiple keys, generated on this device) you connect the device to your computer, send a transaction to the device using some application, a message pops up on the device saying "Do you want to send X bitcoins to
" and if I press the OK button on the device it signs the transaction and sends it back to the host computer. The key never leaves the device; the device can only sign transactions. If we can implement a secure hardware device like this, the only way to steal the money on your savings account would be to steal the device itself. And if you have to steal the device itself, we can get no better security, if you ask me.

Until this type of device enters the market though, I'm going with your offline laptop-method. I've just paid for a used laptop that I'm going to be using as an offline wallet. I will pull the WiFi card out, install Ubuntu and Armory on it, and shuttle offline transactions to on a USB stick until I'm comfortable with sending my entire savings account to it. That seems like it can't get much safer either. Much like the aforementioned device, only a lot bigger and with a smell of old laptop.
Jump to: