Topic: Armory - Discussion Thread - page 43. (Read 521749 times)

Encrypt the whole OS with Truecrypt and you dont have to bother anymore... though TC is somewhat in a strange state... now that the devs dont want to work on it anymore.

Well the most sensitive keys will be kept on an offline computer which presumably runs nothing else except offline Armory.  There's not really a way to run through your RAM there.  Plus, I'd rather run out of swap than have the keys accidentally hit the hard drive unencrypted without warning.  But yes, it is possible to have encrypted swap, though I don't think you can use hibernate if you do that, so you'd be disabling hibernate which is 80% the reason you wanted encrypted swap to begin with.

I'd recommend to encrypt the swap (maybe with a passphrase instead of a random one time password, I don't trust the entropy pool while booting up). No swap at all might get nasty if you hit your ram constraints.

I wish this were true, but it's a common misperception about mlock().  mlock() actually cannot prevent keys from getting swapped, and it is pretty much guaranteed if you hibernate.  It's one reason we recommend that high-security device disable swap space entirely -- it's not like you're going to need it running offline Armory, anyway, which has a very limited resource footprint.  And hibernate as well, but I'm not sure hibernate works without a swap partition (good question, but go ahead and disable both). 
 

Even worse, mlock() cannot guarantee that key material is not paged even outside of hibernate.  mlock() is simply a very strong suggestion not to swap that key data, but if your really stress your system, it might happen.  This is why Armory guarantees that key material stays in RAM self-destructs after 5 seconds of being unlocked.  This pretty much guarantees that the user can't accidentally end up with key data in swap, unless they hibernate within 5 seconds of signing a transaction.  Luckily, Armory enforces a 5 sec delay before showing you if a transaction succeeded

Is it possible at least when coming back from hibernation, Armory show a message asking to restart Armory to syncronize again.

https://bitcoinarmory.com:8443

Make a ticket and attach your log file (the whole thing)


Thats the gist of it, but it isnt limited to unencrypted private key. Pretty much anything crypto (public keys included) is held in mlock'ed memory. 

Im happy to see this

I noticed a problem with 0.91.2 -
I had recently re-installed everything on my computer and rebuilt everything.  With Armory, I had loaded the first two wallets that I have and processed the block chain until the balances were shown. 

I added a fourth wallet and Armory has sat at "Scanning Transaction History" and "100%" for almost an hour.  The last entries in the log are:
INFO  - 1402836130: (..\BlockUtils.cpp:4567) Scanning Wallet #1 from height 0
-INFO  - 1402836131: (..\BlockUtils.cpp:4567) Scanning Wallet #2 from height 0
-INFO  - 1402836138: (..\BlockUtils.cpp:4567) Scanning Wallet #3 from height 0
-INFO  - 1402836145: (..\BlockUtils.cpp:4567) Scanning Wallet #4 from height 0
-INFO  - 1402836146: (..\BlockUtils.cpp:4888) Saving wallet history to DB
-INFO  - 1402836146: (..\BlockUtils.cpp:5920) Enabling zero-conf tracking (lite)
-DEBUG - 1402836657: (..\BlockUtils.cpp:5599) Organizing chain
-DEBUG - 1402836657: (..\BlockUtils.cpp:5723) Done organizing chain
-DEBUG - 1402836657: (..\BlockUtils.cpp:5599) Organizing chain
-DEBUG - 1402836657: (..\BlockUtils.cpp:5723) Done organizing chain
-INFO  - 1402836657: (..\BlockUtils.cpp:5143) Added new blocks to memory pool: 2
-INFO  - 1402836657: (..\BlockUtils.cpp:4888) Saving wallet history to DB

I am using a Lenovo V570 laptop with Win 7 Home x64.   Cpu 25% utilized and 5Gb RAM free.  If I restart Armory, it states 18 minutes to scan transactions. 

Is there are problem in using Bitcoin Core?  or something else going on?
Thanks,

No, that won't help. Armory is using mlock to help store your keys securely.


The goal here is that your unencrypted private keys are never written to disk (swap) where they could more easily be recovered.

When this be implemented, will help in any way?: https://github.com/bitcoin/bitcoin/issues/4124

Why Bitcoin-Qt Core is able to recover syncronization from hibernation and Armory cant?

 

Nothing can be done about this. Some of Armory's stack is forced in the RAM through mlock. Hibernation copies the entire RAM into the swap partition. Since that would defeat mlock's purpose, mlock'ed memory is not copied imaged in on hibernation. Armory won't be able to recover from that.

Hi,

I have a problem:

1- I hibernate the laptop with Armory opened.
2- I back from hibernate.
3- Armory doesnt syncronize. (To syncronize again I need to restart Armory).

OS: Ubuntu 64

No but you can donate asking for csv

thanks for reply but I would like to use some GUI managed by windows, any chance?

Try armoryd

is there any way yo bulk transfer to multiple recipients?

I mean, I am developing a web application and would like to have the possibility of export some kind of list instead of process one transaction at each time.. thanks

Just download

New version will download for you

Yes that's normal

Hello everyone, I've been using Armory since last year and I was just wondering what is the best way to update the client? I currently have version 0.88. Do I have to uninstall it and download the latest version? Or is there a way to update it?

edit: Also my Armory folder under app data/Roaming is 30 gbs. Is that normal?