Pages:
Author

Topic: Armory - Discussion Thread - page 52. (Read 521912 times)

legendary
Activity: 1428
Merit: 1093
Core Armory Developer
April 28, 2014, 10:43:17 AM
For multi-sig, are you planning to have watch only wallet capability? 

This would be where you could have 3 watching only wallets installed and it would tell you that a multi-sig payment could be redeemed by 2 of 3 of them.

You could also allow creation of a spending transaction that each private key owner could sign in turn.

This is better for "boards" that have N of M spending requirements.  Each member would have a watching-only wallet for all keys associated with the cold store and one set of private keys.

You could also create 2 level shamir sharing.  For example, you could have 2 of 3 sharing, but each share is then split up into 2 of 3 as well.  This means that each share is protected against loss too by sharing.


This is already supported by the lockboxes!  All parties in a lockbox can be offline keys, created separately and independently.   Each party individually manages their own wallet holding that key, including all the regular methods we have backups... yes you can do a 2-of-4 lockbox between 4 parties, and each party can do a 3-of-5 fragmented backup of their individual wallets (which hold the key).

Speaking of that, we're working on multisig lockboxes on the "devel" branch -- anyone can check it out and play with it.  It's actually looking really good.  Got P2SH working, so you should be able to go above 3-of-3 on mainnet now... but of course I don't recommend using any money you can't afford to lose (yet)!

The lockboxes and all the data passed between devices/parties assumes that all keys are offline, and thus always contain all information needed to sign offline.  The downside to this is that all these message formats have changed, even for regular offline transactions, so all online & offline devices will need to be updated to use this.  But once you do, it does work! 

Will have the last couple pieces of it implemented soon and put out an experimental build to get people playing with.
legendary
Activity: 1232
Merit: 1094
April 28, 2014, 06:05:30 AM
Depends what you mean by "less hassle".  Doing it my way requires more "down payment" to get it setup, but then it's trivial to compile new versions.  Once I push my latest changes to the repo, I can just switch to the RPi directory, pull, and run "make CXX=".  3 minutes later I have an RPi release Smiley

In fact, I think I don't even have to switch directories!  But I do it anyway to be clean.

Heh, true.  I guess it is the difference between a user and a developer.  

Being able to download the pre-compiled files is easier for everyone.

For multi-sig, are you planning to have watch only wallet capability?  

This would be where you could have 3 watching only wallets installed and it would tell you that a multi-sig payment could be redeemed by 2 of 3 of them.

You could also allow creation of a spending transaction that each private key owner could sign in turn.

This is better for "boards" that have N of M spending requirements.  Each member would have a watching-only wallet for all keys associated with the cold store and one set of private keys.

You could also create 2 level shamir sharing.  For example, you could have 2 of 3 sharing, but each share is then split up into 2 of 3 as well.  This means that each share is protected against loss too by sharing.
legendary
Activity: 1428
Merit: 1093
Core Armory Developer
April 27, 2014, 06:45:53 PM
I have been cross-compiling it for Pi on one of my Ubuntu VMs. 

I compiled it using the pi itself.  That is very slow Smiley, but less hassle than cross compiling.

Depends what you mean by "less hassle".  Doing it my way requires more "down payment" to get it setup, but then it's trivial to compile new versions.  Once I push my latest changes to the repo, I can just switch to the RPi directory, pull, and run "make CXX=".  3 minutes later I have an RPi release Smiley

In fact, I think I don't even have to switch directories!  But I do it anyway to be clean.

legendary
Activity: 1232
Merit: 1094
April 27, 2014, 06:40:45 PM
I have been cross-compiling it for Pi on one of my Ubuntu VMs. 

I compiled it using the pi itself.  That is very slow Smiley, but less hassle than cross compiling.
legendary
Activity: 1428
Merit: 1093
Core Armory Developer
April 27, 2014, 06:15:34 PM
I compiled the latest build yesterday, though it would have been with an old OS.

I had to make a tiny tweak in one of the makefiles to get cryptopp to work.

This line needs to be moved up to line 15 (after ISX86 = ...).

I guess the latest version of raspbian works without needing mods?

I have been cross-compiling it for Pi on one of my Ubuntu VMs.  I downloaded crosstool-ng and built the armhf g++ from scratch, then used that to compile _CppBlockUtils.so.  I had to make one small modification to the Armory Makefile to make sure it's linking against the armhf python, but it didn't need any further modification (and that can be easily removed as well).    Once it's all setup, it actually compiles no differently than regular building.   I didn't need to mess with the crypto++ libraries or makefiles at all.

It worked on my freshboot RPi with those dependencies, but I was also online so I wonder if it really got everything or if it silently installed some stuff in the background.  That's why I wanted someone else to try it.
legendary
Activity: 1232
Merit: 1094
April 27, 2014, 06:08:18 PM
I compiled the latest build yesterday, though it would have been with an old OS.

I had to make a tiny tweak in one of the makefiles to get cryptopp to work.

This line needs to be moved up to line 15 (after ISX86 = ...).

I guess the latest version of raspbian works without needing mods?
legendary
Activity: 1428
Merit: 1093
Core Armory Developer
April 27, 2014, 05:22:06 PM
Anyone with a RaspberryPi try this out!  I finally got my RPi up and working and was able to extract the dependency tree into an offline bundle.  It seemed to work on mine, someone else please try it with a fresh raspbian install and let me know:

https://s3.amazonaws.com/bitcoinarmory-testing/armory_0.91.1-rc1_raspbian.tar.gz
https://s3.amazonaws.com/bitcoinarmory-testing/armory_raspbian_deps.tar.gz

If that works, then I'll finally be able to start packing RPi offline bundles with every release.

I'd like to do the same for Tails, but the latest Tails actually uses python2.6, for which we have temporarily broken support Sad  Until we fix that, I'm going to have to pass on Tails support ...

P.S. -- Holy hell the RPi is slow as dirt! 
legendary
Activity: 1428
Merit: 1093
Core Armory Developer
April 27, 2014, 11:04:08 AM
Is there any way to sweep a private key without typing in on a connected computer ?

Something like :
- enter the bitcoin address on the connected computer in a watch only wallet
- scan the blockchain for all funds on this address
- create a raw transaction to move them to the armory wallet
- move the transaction to the offline computer
- enter the private key there, sign the transaction
- broadcast the transaction back from the online computer ?


That would be a very handy feature!
Sweeping brainwallets, coins, paperwallets and all.

Ente

Had a lot of requests for this.  Right now the only way to do it is to create a new wallet on the offline computer, import the keys, export the new watch-only wallet to the online computer, then perform an offline transaction to move all the coins.  It's four steps... If you have the public key already it could theoretically be three steps, but Armory doesn't allow importing of public keys into WO wallets. 

legendary
Activity: 2126
Merit: 1001
April 27, 2014, 06:46:01 AM
Is there any way to sweep a private key without typing in on a connected computer ?

Something like :
- enter the bitcoin address on the connected computer in a watch only wallet
- scan the blockchain for all funds on this address
- create a raw transaction to move them to the armory wallet
- move the transaction to the offline computer
- enter the private key there, sign the transaction
- broadcast the transaction back from the online computer ?


That would be a very handy feature!
Sweeping brainwallets, coins, paperwallets and all.

Ente
legendary
Activity: 1904
Merit: 1007
April 27, 2014, 04:30:09 AM
-maxconnections=8
-addnode=127.0.0.1

That worked! Thank you.

If you are using Tor, I believe you should avoid -addnode=127.0.0.1.  I believe that Tor connections all appear to be from localhost, so if you are attempting to only allow actual-localhost connections, you won't get what you think you're getting.

(again, I don't know much about Tor -- just relaying a warning I was given a while ago)

I am not, but thank you. I noticed a strange behavior with those 2 line arguments. The transaction history seems to noticeable lag and i stop receiving notifications on transfers.

Ok i am back. So i when using Bitcoin Core with the following arguments: "-datadir", "-maxconnections=8", "-addnode=127.0.0.1" and Armory always with "--datadir=" and "--satoshi-datadir" i get no notifications about transactions. I can't tell for sure if there is a bigger lag than usual. Removing "-maxconnections=8" and "-addnode=127.0.0.1" from Bitcoin Core and keeping everything else bring me back the notifications.

It's not such a big deal, but just wanted to report it.
legendary
Activity: 3794
Merit: 1375
Armory Developer
April 23, 2014, 04:03:38 PM
I have to agree, and will now say the opposite of what I said before:
Forget that "private key" stuff, and stick to your paper wallet, as you were already doing. This is more than 99% sure.
With my previous suggestion, you add more uncertainity than you are removing.

To all of you: Be very careful with "individual private keys" and brainwallets. This probably is among the top 5 reasons people lose all their bitcoins.

Ente

Well yes and no. Low hanging fruit right now are people using an online wallet with 2FA, shoving all their coins in there and backing up the plain private keys in the hotmail account they used for their MMO subscription 10 years ago...
legendary
Activity: 2126
Merit: 1001
April 23, 2014, 02:32:31 PM
I have to agree, and will now say the opposite of what I said before:
Forget that "private key" stuff, and stick to your paper wallet, as you were already doing. This is more than 99% sure.
With my previous suggestion, you add more uncertainity than you are removing.

To all of you: Be very careful with "individual private keys" and brainwallets. This probably is among the top 5 reasons people lose all their bitcoins.

Ente
hero member
Activity: 980
Merit: 507
April 23, 2014, 01:10:19 PM
"Since you are not in a coma, you can do yourself and your family a favor, and print out the private key of your long-term savings as well."

How can I do that?

"You then have to be *very* careful to always reuse it, when transferring some coins from there (normally, the change goes to another address)."

I don't follow you here. I thought that by making a paperbackup, I was already doing all the best for protecting my coins. Could you explain me a little more this private key thing? (I appreciate your time)



I actually don't agree with Ente on those statements.  Print a paper backup of your wallet, and you are protected forever.  Armory is being used on $10M+ worth of BTC.  If Bitcoin has any value, there will always be a copy of Armory floating around that can be used to recover your coins.  Or someone will create something that can produce the private keys from the paper backup.  It's not a terribly complex algorithm.

If you have to worry about change addresses, etc, you are taking unnecessary risks.  Part of the reason I made Armory was to help people avoid dealing with those low level details Smiley

Thanks a lot man! I feel much safer now;)
full member
Activity: 123
Merit: 100
April 23, 2014, 11:59:07 AM
"Since you are not in a coma, you can do yourself and your family a favor, and print out the private key of your long-term savings as well."

How can I do that?

"You then have to be *very* careful to always reuse it, when transferring some coins from there (normally, the change goes to another address)."

I don't follow you here. I thought that by making a paperbackup, I was already doing all the best for protecting my coins. Could you explain me a little more this private key thing? (I appreciate your time)


Your Armory wallet has a "root" private key. All of the private keys in your Armory wallet are generated from that root key in a way that can be repeated at any point now or in the future with or without Armory as long as a copy of the source exists somewhere on the internet.

If for some reason you think that won't be the case in the future, you can lock all of your savings up in one of your Armory Wallet's private keys (One of the private keys that was generated from root private key mentioned above.) You then write that private key down, and keep that in a safe place. That private key can be used to recover your savings even if a time machine was invented and someone goes back in time and un-invent's Bitcoin Armory and deterministic wallets.
legendary
Activity: 1428
Merit: 1093
Core Armory Developer
April 23, 2014, 11:27:00 AM
"Since you are not in a coma, you can do yourself and your family a favor, and print out the private key of your long-term savings as well."

How can I do that?

"You then have to be *very* careful to always reuse it, when transferring some coins from there (normally, the change goes to another address)."

I don't follow you here. I thought that by making a paperbackup, I was already doing all the best for protecting my coins. Could you explain me a little more this private key thing? (I appreciate your time)



I actually don't agree with Ente on those statements.  Print a paper backup of your wallet, and you are protected forever.  Armory is being used on $10M+ worth of BTC.  If Bitcoin has any value, there will always be a copy of Armory floating around that can be used to recover your coins.  Or someone will create something that can produce the private keys from the paper backup.  It's not a terribly complex algorithm.

If you have to worry about change addresses, etc, you are taking unnecessary risks.  Part of the reason I made Armory was to help people avoid dealing with those low level details Smiley
hero member
Activity: 980
Merit: 507
April 23, 2014, 11:23:16 AM
"Since you are not in a coma, you can do yourself and your family a favor, and print out the private key of your long-term savings as well."

How can I do that?

"You then have to be *very* careful to always reuse it, when transferring some coins from there (normally, the change goes to another address)."

I don't follow you here. I thought that by making a paperbackup, I was already doing all the best for protecting my coins. Could you explain me a little more this private key thing? (I appreciate your time)
legendary
Activity: 2126
Merit: 1001
April 23, 2014, 10:52:31 AM
Maybe this is off-topic but I can't seem to find any answer to my doubts.

I'm using Armory 0.90 Beta with Bitcoin-qt 0.8.6

1- I want to update to Bitcoin core 0.9.1 but I don't know how to do it, and I'm bloody terrified of losing my coins.

2 -I have a paper wallet, does this means, that in case Armory breaks down, dissapears, whatever bad may happen to Armory, will I be able to recover my coins? 2a- If not, how can I backup my coins?

As I said, I'm sorry if this is an off-topic.

Your Armory wallet is completely independent from bitcoin-core. Even if you break bitcoin-core, your coins will still be there, Armory will just be offline. As long as you have a paper-backup, you normally can even break Armory without losing coins.

So, normally you should be able to install the newer bitcoin-core version right over the old. Close both bitcoin-core and Armory before doing that, though ;-)

What's that "Armory" that could disappear?
If Alan and the other devs (aka Armory corp) disappear, you still can download and use the Armory client.
In case the Armory software disappears from the net, isn't developed any further or is outlawed, you still have your local copy.
If all fails, and you wake up after a 10 year coma, with *everything* gone, you will surely find someone who recreates your Bitcoin private keys from the seed on your paperbackup.

In any case, you would be able to access your funds, and transfer them to whatever place, service, person, client you like.

Since you are not in a coma, you can do yourself and your family a favor, and print out the private key of your long-term savings as well. You then have to be *very* careful to always reuse it, when transferring some coins from there (normally, the change goes to another address).

You do ask the right questions! Good! :-)

Ente
hero member
Activity: 980
Merit: 507
April 23, 2014, 10:37:31 AM
Maybe this is off-topic but I can't seem to find any answer to my doubts.

I'm using Armory 0.90 Beta with Bitcoin-qt 0.8.6

1- I want to update to Bitcoin core 0.9.1 but I don't know how to do it, and I'm bloody terrified of losing my coins.

2 -I have a paper wallet, does this means, that in case Armory breaks down, dissapears, whatever bad may happen to Armory, will I be able to recover my coins? 2a- If not, how can I backup my coins?

As I said, I'm sorry if this is an off-topic.
legendary
Activity: 1148
Merit: 1018
April 23, 2014, 05:52:05 AM
I managed to get Tor, Armory, and Bitcoin-qt working together.  Here's my setup:

Armory has no command line arguments, the only change is I unselected "Let Armory run Bitcoin-Qt/bitcoind in the background" in settings.

Tor was left with the default settings.

For Bitcoin-qt I first ran the program and deselected "Map port using UPnP" and selected "Connect through SOCKS proxy".  (Proxy IP: 127.0.0.1, Port: 9150, SOCKS Version: 5)  I also created a shortcut with one command line argument ("-conf=Armory.conf" to use a different .conf file in the Bitcoin data directory)
Code:
#For Armory.conf
bind=127.0.0.1
listen=1
Bind = 127.0.0.1 should mean that only local processes can connect to your node.  And listen=1 should mean that it accepts external connections (external as in not from bitcoin-qt itself, not necessarily from outside your computer)

Edit: Added which command line argument I used with bitcoin-qt (-conf=Armory.conf) NOTE: This argument is not necessary to use bitcoin-qt and Tor with Armory!


Thanks for this, it seems the best solution so far.
newbie
Activity: 54
Merit: 0
April 22, 2014, 07:00:21 AM
Did you get any flickering as i have aka constant connected/disconnected switching as one can take from the previous post one page back in my armory log and comment which hasn't been replied to as of yet.
No flickering for me with this setup.

What specific command would i have to add to my bitcoin shortcut to get this working?
I have my computer set up with two .conf files and two shortcuts because I want to be able to use bitcoin-qt with and without Armory.  This complicates my setup a little bit.  If you just want to use bitcoin-qt with Armory all you need to do to prepare bitcoin-qt for Armory is add these two lines to your bitcoin.conf file.
Code:
bind=127.0.0.1
listen=1

Is this any different than just adding the    --satoshi-port=9150    switch to my armory shortcut?
Yes, adding the "--satoshi-port=9150" switch tells Armory to communicate with bitcoin-qt through port 9150 while adding
Code:
bind=127.0.0.1
listen=1
to bitcoin.conf tells bitcoin-qt to listen on all ports but only accept communication from your computer.

Something tells me its not good to have bitcoin core accept external connections.
Code:
bind=127.0.0.1
This line prevents bitcoin-qt from accepting external connections. (external as in from outside your computer)






yep that solved the flickering issue and armory qt is now fully detected and armory uses bitcoin cores net connection ive tested this with wireshark , as soon as ive dropped tor both bitcoin core

and armory stopped dead in theyre tracks well except bitcoin core showing 1 or 2 local connections to armory shown as bitcoin network connections in the network meter of bitcoin wich really isnt a bitcoin network it just thinks armory is due to the bind=127.0.0.1 and listen=1 commands , armory will only connect over bitcoin cores

connection wich in turn only connects over tor as ive setup bitcoin cores network connection to use tors proxy , excellent, on top of that ive disabled online check and added the skip announce

flag to my shortcut to make sure armory only connects over bitcoin cores network not doing any call back home operations, if anyone got some more ideas please do add and having a setup in a standalone vm such setup has its uses for sure theres no denying that either, id say use one or the other or both depending on your needs
Pages:
Jump to: