Topic: Armory - Discussion Thread - page 9. (Read 521829 times)

Is bitcoin-core up-to-date with the blockchain?
Define "ages". :-)

Ente

I just downloaded newest armory version and was waiting for blockchain to download, but now it got stuck on Build Database and even when I leave it run for ages it did not pass the point.

When a program (such as Armory) reads a file, the file is copied into memory.  As soon as Armory is done using the file, the memory is marked as available for other programs, but until another program claims the memory, you still see it as assigned to Armory because the kernel assumes that there is a chance that Armory will open that file again, and Armory's data is still there.

All modern operating systems do this, so it always look like there is very little RAM free.  I do not know about Windows, but on Linux the kernel still keeps track of that memory after Armory quits, in case some other program happens to want the same file.  As soon as the memory is needed for something else, it is wiped and assigned to that something else.

In addition, as you've pointed out before, the memory usage is somewhat of a misnomer. If the system needs the memory, Armory will surrender it.

Upcoming DB changes will reduce the memory footprint. For now you should manage BitcoinQt manually so that you can restart Armory after a full rescan without having to restart Core.

Anything to be done about armoryd's crazy memory usage? I'm seeing 41GB virt and about 6GB residual. It's causing other processes to start swapping. It is done scanning blocks, this is persistent memory usage. In comparison, bitcoind only uses about 55MB residual.

Restarting the process causes the memory to go down, but then armoryd starts eating up CPU and filling up again. It continually is using the lion's share of resources on the system.

Third party exchanges are always a risk. Though i know of that risk and can act accordingly. I could chose another exchange or website that lets me do the same if i would be concerned.

You say its hard to say which address is the change address. I think its easy as long as more than one change address is used in an outgoing transaction. The thing is that transactions with more than one recipient practically dont exist. They are used by big websites mostly only. That leaves you with direct transactions and transactions with two outputs. And you can say with a very high certainty that those transactions are one involving a change address. Then you can use a website to automatically investigate. You might find out that one address belongs to an exchange. And yes, this is found out by the transaction connections happening inside the exchange too. So you identified the second address owned by that owner. And so on. When this change address is used as a source together with other (change) addresses then you know even more addresses that this wallet contains.

Ok, not reusing addresses can lower that risk to a degree. But the risk is still there because you dont have an overview about the change addresses and where they are connected to.

And there are enough services out there that pay out to the same address again and again. You cant change it all the time. Not to mention those users that use the same address for all of their transactions because they want to.

Unfortunately i dont find the link anymore. It was a tool where you could enter a bitcoin address and it could tell you with high certainty that it belongs to a certain exchange. Not so hard when all addresses are connected somehow.

I really wonder what happens if this get used to its fullest. I mean Bitcoin should become a big thing in the world. Nobody thinks about that it might be possible to identify the owner of some big stash. I think bitcoin is out of the game level and those are real risks in my opinion. Im not at risk unfortunately, or should i say luckily, because i took my really nice share of wrong going bitcoin investments. But i think about what comes in the future. Its not possible to handle things so careless if bitcoin will get real big.

Because they are (by default) fresh addresses. The fact that they might later be combined with other inputs of yours doesn't change this.
I do see that you have a point, which is stronger when addresses are reused. But I also think that you're overestimating how easy it is to know which address in a transaction is the change address and which is the other recipient(s), and overestimating the amount you should trust the third-party exchange to protect your privacy (sure, the blockchain no longer shows that your addresses are maybe connected, but now Bitfinex and anyone able to hack or subpoena them knows your addresses are definitely connected).

Though those change addresses dont help privacy in my opinion. I think they lead to a wrong feeling of security because they look like fresh addresses.

Lets say someone has a wallet, he receives coins from someone and sends some of them to another address. This happens more than once and at one point the coins from these change addresses are sent out too. Now you can pretty easily connect all the dots and you know with a high certainty that all the addresses that sent to those changeaddresses, belong to this one wallet. You might find out that this user has an investment in this or that security. And so on. Because the one who sent you coins first knows one of your addresses. If he can identify one of the sending addresses belongs to an exchange (there are tools for it out there) then he knows your other address is a change address. Since nothing other normally wipes out all the coins on the sending address. And when the coins from this change address are sent with other change addresses then he can identify even more of your wallets addresses. Not only the other change addresses.

The normal change addresses are a tool to connect addresses in one wallet. Thats why i dont use them because i dont know anymore where the coins came from. Where the are connected to. When i send coins to a FRESH deposit address on an exchange and receive the coins back to a fresh address on my wallet only then can i say that this address is secure. Of course you need an exchange with fresh deposit addresses. There are services out there that only provide one address for lifetime. Its way to easy then to connect all the addresses.

In Armory, you can specify a change address. You may need to choose Expert mode, then when you send check the "Use an existing address for change" box and "Specify a change address". Granted, this may mean more manual work than you were envisioning, but it is all built-in.

It's also worth pointing out that Armory chooses inputs in a privacy-conscious way, to preserve as much privacy as possible in a simple wallet scenario.

+1 for some variant of this idea.

Actually, the reworked ZC handler could accommodate for this kind of behavior. I'll look into it eventually, once the coin control is completed.

I just learned there indeed is a plugin system now! Big joy!


I like that proposal. Not restrictive, yet transparent and won't interfere with 99% of the users.

Ente

Yes, I figured as much.  Thanks for confirming it.

EDIT: There are alternatives to locking outputs, though.  You could track the transactions created and then prefer outputs that haven't ever been used in this way, and if that's not possible, prefer outputs that were used in older transactions to those used in newer transactions - and in the case where you do have to reuse outputs, issue a warning ("WARNING: This transactions conflicts with transaction xxx created on xx/xx/xxxx; you will not be able to broadcast both.")

That would mean that if you create several transactions then EITHER everything will just work OR you will be told that it's not going to work.

roy

There is no plugin system in Armory yet. It was in the talks earlier.
Incidently, just minutes ago I asked about the status of that in another thread.. I think this would have a *lot* of potential.

In your case, you might create a solution with armoryd.py, or have someone program it. Should be possible with some python-web-magic which creates/polls the BitFinex address and triggers armoryd to do its part.

Ente

Is there a plugin or something that automatically can create a new deposit address on bitfinex and send all change, which normally would go to change addresses, to bitfinex, then withdraws it to a fresh address?

Im asking because i do this manually when i think its needed to keep my privacy. Bitcoin wallet addresses can be connected way to easy otherwise.

We took the easy way out on this topic (and didn't address it), because the alternatives are more complex under the hood and in the UI.  If you allow Armory to arbitrarily lock inputs from being spent on subsequent transactions, you have to somehow represent to the user the state of the "locks" on your wallet.  This includes some super-arbitrary amount (even though your tx is 1.3 BTC, you have 21.32 locked), and it also leaves open confusion when you end up not signing the transaction (changed your mind, made a mistake in the original and want to recreate it, etc) and now you have coins that are locked unnecessarily and you need to be able to reset the lock state.  If it's not represented clearly, then you have new users who say "what's this Create Unsigned button do?" and they end up with locked coins and emails to us asking why fund are inaccessible.

If there was at least a way to create a tx for X and then always lock exactly X, that would make it reasonable.  But in most cases you have to lock some unexplainable amount more than your transaction is, and in some cases it's just not possible to do multiple offline tx (if you only have one input).

At the end of the day, if you need to create multiple simultaneous offline transactions, you should be sophisticated enough use coin control and understand the limitations.  On that note, we should have an input-level coin-control interface... soon...?  Stay tuned.

Yes.  I do that sometimes.  It works fine, if you are careful, but if you use the same input twice you cannot broadcast the second transaction (and do not get a clear error message).

Each transaction uses the same inputs (assuming none of them are executed), so it would be impossible for Armory to track transactions that are not executed.

Am I right in thinking that when I create an (unsigned) transaction from a watching-only wallet, Armory doesn't keep track of the fact that the relevant outputs were used by that transaction?

And that therefore, if I want to create two (or more) transactions from a watching-only wallet, such that both are spendable without conflicting with each other, then it's my responsibility to use coin control to ensure they spend from different addresses?

Thanks

roy