Author

Topic: Armory Wallet Intro Message - Scares me (Read 1637 times)

legendary
Activity: 1400
Merit: 1013
August 03, 2014, 09:57:42 PM
#16
Can't really point fingers as we are lagging behind currently (not for long though!).
At least you've had deterministic wallets from the beginning and never encouraged address reuse. That's not lagging nearly as badly as some...
sr. member
Activity: 389
Merit: 250
August 03, 2014, 09:23:48 PM
#15
You're using Armory for free right? So why would the developers want to risk getting sued if something goes wrong with the program or possibly the incompetence of the user? Just a disclaimer for protection. It doesn't mean the program is any riskier than any other.     
legendary
Activity: 3738
Merit: 1360
Armory Developer
August 03, 2014, 07:39:55 PM
#14
Blockchain.info has a lot to answer for, since they are the single biggest contributing factor to spreading the address reuse poison throughout the ecosystem.

At least Mycelium is actively working on BIP32 - I've heard of no such commitment from BC.i

For various reason, not only privacy, it's about time the community moves on to BIP32 wallets. Can't really point fingers as we are lagging behind currently (not for long though!).
legendary
Activity: 1400
Merit: 1013
August 03, 2014, 05:33:44 PM
#13
You're exposing your private key to an online machine. If you can't see what's going wrong here, you need to do more research. You are literally negating the whole cold storage part. Also, using a single address is bad for your privacy, and the privacy of everyone who trades with you.
Blockchain.info has a lot to answer for, since they are the single biggest contributing factor to spreading the address reuse poison throughout the ecosystem.

At least Mycelium is actively working on BIP32 - I've heard of no such commitment from BC.i
legendary
Activity: 3738
Merit: 1360
Armory Developer
August 03, 2014, 05:12:05 PM
#12
Awesome, I was thinking of using it as my laptop wallet, maybe I should just stick to multibit

I use Mycellium for Phone & Multibit for PC

I absolutely LOVE the way Mycelllium works and lets you work with one address at a time. Here is where I am getting at - I have a cold storage which is in a hidden spot offline - I have Mycellium on my phone which has this address in VIEW mode only meaning no private key is on my phone- But lets just say I want to use only 0.5 or 1BTC and keep the rest exactly where it is? All I need to do is grab my cold storage paper backup select Scan key "Scan it & then shut the Safe door, locking the cold storage back up again" Now in Mycellium it has automatically changed the mode of that address into Send & Receive Instead of Just receive, at this point I send out 1BTC into my transit wallet address and then permanently delete the key from mycellium turning this back into a read only address again and a cold storage.

I am wondering if there is really any-point to use armory on my laptop, instead of multibit.

You're exposing your private key to an online machine. If you can't see what's going wrong here, you need to do more research. You are literally negating the whole cold storage part. Also, using a single address is bad for your privacy, and the privacy of everyone who trades with you.
legendary
Activity: 3738
Merit: 1360
Armory Developer
August 03, 2014, 05:05:04 PM
#11
On a side note, we have some massive backend overhauls coming in soon. We're considering striking the beta tag off once the improved code is hardened and thourougly tested.

That doesn't change the fact that you are running this code at your own risk. I think a lot of open source projects defer responsibility to the user, but I digress.

Due to Bitcoin's decentralized nature and how we work with it, we can't realistically accept the ultimate responsibility of your coins. We simply lack the technological "jurisdiction" to properly investigate a case of coin loss, and have to trust end users word for more than we are comfortable with. It would waste a huge amount of man power to deal with weekend con artists.

Insurance comes a cost. Conventional financial tools and services are insured at a cost to the end user, in the form of various fees and legislations, which trickle down to customer. They also rely on centralized architectures that offer an extreme level of damage control to the service providers. Simply put, the risk is easy to calculate, and the central authority has the power to revert the damage.

On the other hand, charging for pure bitcoin services is hardly sustainable. The technology is open source and decentralized, and purely software. The barrier to entry is essentially inexistent. Competitors would take over your market share in no time. We can't realistically charge you for insurance to cover ourselves.

Neither the technology nor the economic model support what you have been used to for so long in the fiat system. The protection we offer is raw technological performance, without legal nor implementation boiler plate. If you do not understand the technology, or don't use it as intended, we can't do anything for you.

I think insured Bitcoin funds will only apply in 2 cases: at the customer level with centralized services, and at the business level with trained and trusted operatives who will manipulate the funds within precisely defined steps, in accordance to the insurer and technology provider's strict guidelines. I'd be wary of a service that guarantees your coins outside of these parameters.
full member
Activity: 195
Merit: 100
August 03, 2014, 02:22:14 PM
#10
It is a mandatory announcement. How much did you pay for Armory?  They don't have any money to pay for losses in the microscopically remote change a flaw in Armory is the direct cause.

Bitcoin wallets occupy a unique space - similar to banks only different. Banks are backed by governments.

Suppose your firewall has a bug that let's someone into you computer and they clean out all of your bitcoin. How liable is the firewall vendor? Not very.
sr. member
Activity: 255
Merit: 250
Senior Developer - Armory
July 31, 2014, 08:51:16 AM
#9
That's not to say Alan doesn't have the same kind of mentality, but it's pretty obvious Armory's introducing features at a much faster rate than Core while having a smaller team (both dev and testing), for better or worse (I'd argue for better, but I'm a bit impatient). I don't think Alan & team does too much with the daemon, either, which is probably where your critical bugs would appear... but I'm already way out of my knowledge zone. Smiley

Actually, we do a lot more with the daemon now. Smiley The 0.92 daemon is still in flux to some extent but it's a massive improvement over the one supplied with 0.91, which, frankly, didn't work at all. The daemon will continue to be a priority moving forward. The plan is for it to be rock solid in time for 0.93.

(By the way, I've seen Alan mention that power users can just download the latest armoryd from Github. This will depend on how you do it. Right now, the plan is to rewrite sections of armoryd and ArmoryQt such that they share a common codebase, a process that started in small chunks with 0.92. In the long run, this will reduce bugs and enhance reliability. This will also shift some code around elsewhere in the codebase. In such a case, downloading armoryd.py and nothing else wouldn't be a smart thing to do.)

That being said, I essentially agree with what you wrote. "Beta" is a bit of a misnomer and always has been. For example, if you poke around on your Linux distro, you'll find loads of important programs still at 0.x, even on hardened servers that are supposed to stay up for months at a time. Gmail was a beta product for years, and many people thought it was the greatest thing since sliced bread. So, yes, Armory is still in beta mode, and it should be treated with a bit of caution (i.e., back up your wallets!). It also does its job and gets daily attention from the dev team. If Armory was an unreliable pile of garbage, we wouldn't be here at this moment in time, now would we? Wink
sr. member
Activity: 420
Merit: 250
July 31, 2014, 04:19:14 AM
#8
Awesome, I was thinking of using it as my laptop wallet, maybe I should just stick to multibit

I use Mycellium for Phone & Multibit for PC

I absolutely LOVE the way Mycelllium works and lets you work with one address at a time. Here is where I am getting at - I have a cold storage which is in a hidden spot offline - I have Mycellium on my phone which has this address in VIEW mode only meaning no private key is on my phone- But lets just say I want to use only 0.5 or 1BTC and keep the rest exactly where it is? All I need to do is grab my cold storage paper backup select Scan key "Scan it & then shut the Safe door, locking the cold storage back up again" Now in Mycellium it has automatically changed the mode of that address into Send & Receive Instead of Just receive, at this point I send out 1BTC into my transit wallet address and then permanently delete the key from mycellium turning this back into a read only address again and a cold storage.

I am wondering if there is really any-point to use armory on my laptop, instead of multibit.
legendary
Activity: 2912
Merit: 1060
July 31, 2014, 03:40:20 AM
#7
Armory is the best
donator
Activity: 1218
Merit: 1015
July 31, 2014, 02:42:43 AM
#6
Oh, no, it shouldn't scare you. It's given to ensure you know the program may glitch out, and you should at least have backups, but probably shouldn't let the program have control of your life savings if you're worried about a .00000000000001% chance of something catastrophic happening. It's possible there's an unknown bug which could cause this.

Armory introduced/introduces many new client-side features over Core (on top of some re-writing/changes with Armoryd). Gavin receives some praise from the community, actually, for being so conservative and not introducing all sorts of new features to Core, and this is because when you introduce more moving parts, you increase the chance for bugs, including potentially-catastrophic bugs. However, it sacrifices many innovative security, usability, and convenience features Armory and other clients have. -So you have to weigh this when making a decision. Long-term, what you really want, especially when dealing with something like Bitcoin clients where it's handling your money, is for a slow release schedule with many, many testers using dev/testing branches before they're pushed.

In game development (where users aren't putting up thousands or more dollars at stake), it's not uncommon for even small-medium sized dev teams (or their publishers) to require, say, 100-500 early testers to put in at least ~5 hours on a dev/testing branch (or complete the game) and complete some kind of survey before they push the update as a stable patch to everyone. I'm not sure even Core matches that amount of QA, though QA in a Bitcoin client is obviously monumentally more important. In development, it's often not that developers are just slow to put in all these cool new, features, but that they're waiting on testers and their surveys, then fixing anything critical which pops up, then requiring the same survey, possibly redoing that process yet again, and only THEN pushing the update out for auto-update applications (if non-critical bugs are identified by testers but where devs feel they don't outweigh the positives, you'll often see that in the "Known Issues" section of the changelog for games). Gavin has that kind of conservative mentality, I think, where relatively little is introduced, and it goes through a somewhat rigorous testing process (I imagine much less rigorous and without nearly as many testers as he'd like) to ensure to a high degree that everything's alright with it before pushing it as a stable update. In the same regard, BIPs take FOREVER.... it's like a budget bill in the US.

That's not to say Alan doesn't have the same kind of mentality, but it's pretty obvious Armory's introducing features at a much faster rate than Core while having a smaller team (both dev and testing), for better or worse (I'd argue for better, but I'm a bit impatient). I don't think Alan & team does too much with the daemon, either, which is probably where your critical bugs would appear... but I'm already way out of my knowledge zone. Smiley
legendary
Activity: 2156
Merit: 1393
You lead and I'll watch you walk away.
July 31, 2014, 02:35:31 AM
#5
Armory is my wallet of choice. It's great but I don't recommend it for new users because it is too feature rich. Why don't you start with Electrum. You will have an encrypted wallet with a recovery feature that's easy to learn and use.
sr. member
Activity: 420
Merit: 250
July 31, 2014, 02:18:09 AM
#4
lol Not ready . I think its too late for that.

Anyway -  In regards to Stock prices dropping and you may loose all your value etc etc- but loosing your bitcoins because of a wallet malfunction is different.

This is where I am getting at.
legendary
Activity: 3038
Merit: 1660
lose: unfind ... loose: untight
July 31, 2014, 02:06:07 AM
#3
Who would feel safe with that?

The former lead developer (i.e. the person with the most clout) for all of Bitcoin still repeats 'Bitcoin is an experiment. Don't invest any money that you cannot afford to lose' (paraphrased).

Perhaps you're not ready for Bitcoin.
sr. member
Activity: 420
Merit: 250
July 31, 2014, 01:53:13 AM
#2
So


Windows
Version   
0.92.1

Is infact VERY SAFE.... I really dont like that message, its almost like they are stating this is in test mode so you may loose your bitcoins. Who would feel safe with that?
sr. member
Activity: 420
Merit: 250
July 31, 2014, 01:11:42 AM
#1
Hi Guys, I thought Armory is supposed to be one of the safest -

After I installed it this is the very thing that stopped me using it , this message below.

You are about to use the most secure and feature-rich bitcoin client software available.
But please remember, this software is still beta - armory developers will not be held responsible for loss of bitcoins resulting from use of this software. << That's a little diss-heartning

Why is Armory still in Beta, I thought its out of Beta
Jump to: