Author

Topic: How can we be sure that watchingonly wallet doesn't contain hidden private keys? (Read 938 times)

legendary
Activity: 2912
Merit: 1060
Windows users have to trust compiled binary :/
member
Activity: 113
Merit: 10
Thanks etotheipi. This is just what I was looking for.

I used Notepad++ with the Hex Editor plugin to confirm that the watch-only wallet file differs from the decrypt wallet file. Address 8C0 through 8DF contains mostly zeros in the watch-only file (last 8 bits contains some non-zero values but I'm pretty sure this is not any keys Smiley).

I couldn't read the source code but the hex editor is good enough for me. Thanks
member
Activity: 81
Merit: 10
legendary
Activity: 3794
Merit: 1375
Armory Developer
What it all boils down to is that open source software allows you to manage your own comfort zone in regard of the code you're allowing to run on your machine. You can choose to trust the code maintainer, or people who have reviewed it, or just not trust anyone and verify critical parts yourself.
legendary
Activity: 1428
Merit: 1093
Core Armory Developer
Feel free to open the wallet file in a hex editor and walk through it using the wallet file map.    Watching-only wallets should have all zeros in the private key fields.   Not the easiest thing to do for a random user, but only a few users need to do it to expose any bugs/backdoors.

If you want to review the code, it's in a function called forkOnlineWallet().  You can see it overwrites the private key fields with empty strings before the writeFreshWalletFile() call.

I hope that calms some nerves Smiley
member
Activity: 113
Merit: 10
Let's say I create a wallet on an offline computer and move a watching-only wallet file by USB to my online computer and import it there. Armory will show it as watching-only/offline and won't allow me to spend any bitcoins, but in theory the private keys could have been transferred in the watching-only file and then sent to the Armory developer. Once thousands of wallets are funded by Armory users, the attacker might be tempted to move all bitcoins to an address of his own.

Is this a case of we just have to trust the good will of the developer or is it possible for a user to check that all private keys indeed stays on the offline computer?

I must say that I'm really impressed by the Armory software and since it's announced that Alan is a featured speaker at the Inside Bitcoin Conference in Vegas next week, I'm confident that Armory doesn't have any hidden "features". I've already made a donation Wink However all users might not agree...
Thanks
Jump to: