Pages:
Author

Topic: Armory - Discussion Thread - page 34. (Read 521829 times)

legendary
Activity: 1764
Merit: 1002
August 01, 2014, 03:48:04 PM
so i tried to install the offline bundle to 12.04 LT 32 bit Ubuntu but it says a python-qt4 library was missing.
sr. member
Activity: 312
Merit: 250
August 01, 2014, 08:47:33 AM
Quote
@teste
#5 is not possible in an automated fashion (at least not without trust).  If the coins can't move until they both agree, any "automated" coin return process will give one party an edge to scam the other.  For instance, if it's buyer-seller escrow and the coins are supposed to go to the seller after 30 days, then the seller doesn't have to send the merchandise -- they just stop responding for 30 days and they get the money.

If you want #5, you must include a third-party who can arbitrate.  If the coins need to be moved and one party is uncooperative, the third-party can verify the terms of the agreement and help get the coins to where they're supposed to go.


@etotheipi

1- What I would like is a collateral incentive:
(The collateral serves also as incentive to follow the protocol (e.g. that Bob is not lazy or careless and forget to release the payout tx).

2- Question: The bitcoin protocol doesn´t allow to specify a date to automatically return the bitcoins to people that funded the lockbox? (I would like this feature, because a lockbox participant may for example, die.) But I would like to know if is possible too, have an option to (any lockbox participant) extend the term (to return the bitcoins) that "was"specified when creating the lockbox.

Sorry for the bad english. 
hero member
Activity: 763
Merit: 500
July 31, 2014, 10:08:38 PM
I always get a download error when trying to use the secure downloader to upgrade?  What can I do to troubleshoot?
legendary
Activity: 1428
Merit: 1093
Core Armory Developer
July 31, 2014, 03:38:33 PM
Success, so far!

We got 3 BTC in donation matching so far in the first 24 hours!  (6 BTC total donated to EFF, CNC and CDC).  We have updated the listing on the donation match list:

https://bitcoinarmory.com/donation-match-list/

If you've upgraded to 0.92+ and you support the cause, please help out!  You can use any existing Armory wallets and balances, without any trouble or having to create/fund any new wallets or lockboxes.  The process just creates a regular transaction where only half the coins being spent belong to you.  The act of signing the transaction commits you if and only if we also sign it, which commits our funds as well.

You simply import one of the notes, add a note from one of your wallets of equal value, then sign it and send it to us.  The coins never leave your wallet if we never sign it (which commits our funds, too).    We posted some pretty thorough documentation here, and we'd appreciate the feedback on it.  




@teste

1-4 are already part of the process.  The coins enter the lockbox, and stay there until they agree on what to do with them.  If they want to simply return the money back to themselves, they create a transaction doing so and both sign it.  If one party will get all the funds or some proportion of the funds, then they create such a transaction and both sign it.  There's no restrictions on what you can do with it once it's in the Lockbox.  And if not all coins are moved, the rest will remain in the Lockbox and still require multiple signatures.

#5 is not possible in an automated fashion (at least not without trust).  If the coins can't move until they both agree, any "automated" coin return process will give one party an edge to scam the other.  For instance, if it's buyer-seller escrow and the coins are supposed to go to the seller after 30 days, then the seller doesn't have to send the merchandise -- they just stop responding for 30 days and they get the money.

If you want #5, you must include a third-party who can arbitrate.  If the coins need to be moved and one party is uncooperative, the third-party can verify the terms of the agreement and help get the coins to where they're supposed to go.


sr. member
Activity: 312
Merit: 250
July 31, 2014, 01:15:32 PM
Hi,

I would like to know if Armory will implement something like:

1- I create a lockbox (2of2) (Bob and Maria)
2- Bob and Maria will simultfunding the lockbox
3- I want to see an option (If Bob and Maria agree) to be able to return the bitcoins sent to lockbox.
4- If Bob or Maria doesn´t agree to return the bitcoins, the bitcoins sent to lockbox will be locked until one of them agree.
5- I would like to see an option (when creating the 2of 2 lockbox) to specify a date to automatically return the bitcoins, if no action occur.

Possible?
sr. member
Activity: 442
Merit: 250
Found Lost beach - quiet now
July 31, 2014, 12:07:29 PM
I thought using the policy editor to totally disable autorun/autostart on ALL devices on ALL my computers solved these issues but I guess that won't stop this firmware threat.

Good to hear about the "burned-in" firmware. Hopefully this will drive making firmware read-only - may need to name it something else. In the mean time the article does mention that we can protect against BadUSB attacks by limiting the devices that get attached to our computers to those that have remained in the physical possession of a trusted party at all times.
legendary
Activity: 1428
Merit: 1093
Core Armory Developer
July 31, 2014, 09:58:00 AM
Coincidentally, we had an internal conversation a couple months ago about trying to find USB devices that had "burned in" firmware.  My understanding was that the "dynamic" firmware on many USBs is a convenience to the manufacturers, but it is possible to get devices (and should be cheaper) to get one with firmware that can't be swapped.  I guess now is a good time to discuss those options and see if we can find a manufacturer that can guarantee that to be the case.

Of course there are other transfer methods that would be better (theoretically), but the USB capability is a boon for security-vs-convenience for most users.

Someone did post recently to the audio-cable comms thread with a decent xfer solution.  There was still some uncertainty about using it in less-controlled environments (i.e. making sure that both devices can "hear" each other).  But it was promising nonetheless.  If we can make it work, we'll make plugin that people can use for it.

legendary
Activity: 1400
Merit: 1013
July 31, 2014, 09:54:10 AM
Why not just use a CD-RW? Unlike USB, a CD *only* transmits data. As long as the offline system doesn't execute random code it happens to find (*cough* AutoRun), and you verify that the transaction you're signing is the one you mean to, it should be totally secure.
That works as a fallback until something better comes along.

USB method was nice for being much faster than it takes to burn a CDRW twice
sr. member
Activity: 250
Merit: 253
July 31, 2014, 09:50:05 AM
We can't use USB drives any more.

http://arstechnica.com/security/2014/07/this-thumbdrive-hacks-computers-badusb-exploit-makes-devices-turn-evil/

How's that audio cable method coming along?
Why not just use a CD-RW? Unlike USB, a CD *only* transmits data. As long as the offline system doesn't execute random code it happens to find (*cough* AutoRun), and you verify that the transaction you're signing is the one you mean to, it should be totally secure.
legendary
Activity: 1400
Merit: 1013
July 31, 2014, 09:42:55 AM
We can't use USB drives any more.

http://arstechnica.com/security/2014/07/this-thumbdrive-hacks-computers-badusb-exploit-makes-devices-turn-evil/

How's that audio cable method coming along?
sr. member
Activity: 255
Merit: 250
Senior Developer - Armory
July 31, 2014, 08:28:48 AM
Do you have any plans to support Trezor devices?

Yes. Work got sidelined for various reasons but it's still in the cards. I believe Alan explained the current status in a post sometime last week.
legendary
Activity: 2044
Merit: 1055
July 31, 2014, 12:58:27 AM
Something completely different:

Do you have any plans to support Trezor devices?

I've received two of them and it seems to be a very secure - if not the most secure way - to do bitcoin transactions. But the myTrezor web wallet still lacks a lot of functionality in comparison to armory.
sr. member
Activity: 255
Merit: 250
Senior Developer - Armory
July 30, 2014, 07:34:50 PM
I'm using 0.91.2 and not interested in multisig features. V 0.91.2 working great on my Win8 desktop for mostly watch-only wallets and on my XP stand-alone (no network access) for cold storage. Why should upgrade to 0.92.1?

Honestly, you don't really have a reason to.  There are no known security or issues with 0.91.2, and the biggest improvements outside of multisig were the OSX stability improvements.    The only other thing that changed was that we upgraded File-->Export Transaction History.  It did some erroneous things in 0.91.2, and now includes some extra data.

Well, there are also the armoryd improvements. I think enough code was moved around that you can't just drop armoryd into a 0.91.2 installation and expect it to work. That said, most people have no need to use armoryd, so the OP probably has no pressing reason to upgrade.
legendary
Activity: 1428
Merit: 1093
Core Armory Developer
July 30, 2014, 07:17:55 PM
I'm using 0.91.2 and not interested in multisig features. V 0.91.2 working great on my Win8 desktop for mostly watch-only wallets and on my XP stand-alone (no network access) for cold storage. Why should upgrade to 0.92.1?

Honestly, you don't really have a reason to.  There are no known security or issues with 0.91.2, and the biggest improvements outside of multisig were the OSX stability improvements.    The only other thing that changed was that we upgraded File-->Export Transaction History.  It did some erroneous things in 0.91.2, and now includes some extra data. 

Normally, I'd recommend you stay up to date, but given the disruption of having to upgrade multiple systems and no clear benefit for you, you're fine without it.  I'll let someone else chime in if I forgot about something important.  As long as you are using 0.91 or newer, you have the new announcement system and will be notified if there becomes an urgent need to upgrade.
sr. member
Activity: 442
Merit: 250
Found Lost beach - quiet now
July 30, 2014, 07:02:23 PM
I'm using 0.91.2 and not interested in multisig features. V 0.91.2 working great on my Win8 desktop for mostly watch-only wallets and on my XP stand-alone (no network access) for cold storage. Why should upgrade to 0.92.1?
legendary
Activity: 1428
Merit: 1093
Core Armory Developer
July 30, 2014, 06:24:00 PM
I hope I never have to change my wallets, that would be catastrophic

We're working on a new wallet format (have been forever, but so many priorities have popped up since then).  After that release, new wallets will be BIP32 compatible, but will not work with older versions of Armory.  However, we plan to have a migrate feature to import the old wallet chains into the new wallet format so that you can continue to use old wallets with the new version.


But must we migrate? Redoing my backups will suck.

It will be done in a way that you can continue to use your old wallets without any extra work.  The old address chains can still be extended, and can be watching-only.  Old backups will still work.  It will appear as an "imported wallet", and should behave the same as before.  We just won't have the option to create new wallets using the old algorithm or format.
legendary
Activity: 2912
Merit: 1060
July 30, 2014, 06:19:29 PM
I hope I never have to change my wallets, that would be catastrophic

We're working on a new wallet format (have been forever, but so many priorities have popped up since then).  After that release, new wallets will be BIP32 compatible, but will not work with older versions of Armory.  However, we plan to have a migrate feature to import the old wallet chains into the new wallet format so that you can continue to use old wallets with the new version.


But must we migrate? Redoing my backups will suck.
legendary
Activity: 1428
Merit: 1093
Core Armory Developer
July 30, 2014, 06:11:54 PM
I hope I never have to change my wallets, that would be catastrophic

We're working on a new wallet format (have been forever, but so many priorities have popped up since then).  After that release, new wallets will be BIP32 compatible, but will not work with older versions of Armory.  However, we plan to have a migrate feature to import the old wallet chains into the new wallet format so that you can continue to use old wallets with the new version.
legendary
Activity: 2912
Merit: 1060
July 30, 2014, 06:07:48 PM
I hope I never have to change my wallets, that would be catastrophic
legendary
Activity: 1428
Merit: 1093
Core Armory Developer
July 30, 2014, 06:04:10 PM
Will wallets generated on pre 0.92.1 offline and online versions continue to work?

Yes, the wallets are the same, and you can use any wallet on any version of Armory.  It's simply the communication protocol between online and offline computers (for signing transactions) that has changed, meaning that if you upgrade your online computer to 0.92, you will need to upgrade the offline computer as well (or keep a copy of 0.91.2 around just for doing offline transactions)
Pages:
Jump to: