Topic: Just how secure is Armory? (Read 1454 times)

There is no one that can take your coins if you use a "watching-only" wallet. Your private key isn't included there, it's only a wallet to so your ballance. As you can use blockchain.info and look at your public key.

Very nice and good description of how Armory works.
I am an Armory Fan as well
Perhaps you should add that you can disable the autorun-function on your offline-pc when you are worried about an infected usb-drive.

I *love* Armory.

1)  I can make offline transactions such that my private keys are never exposed to an Internet connection.
2)  The "watch-only" wallets are great for managing cold storage addresses.
3)  Deterministic wallets FTW
4)  Importing and sweeping of private keys and funds is easy and very convenient (just make sure you know what you're doing)
5)  I love the clean GUI

By the way, as far as I know, "offline" wallets refer to wallets with a private key that are *not* exposed to an Internet connection.  To this extent, any wallet on any computer without an Internet connection is an offline wallet.

A "watch-only" wallet is a wallet that is exposed to an Internet connection, but lacks the private key of the wallet it is watching.  For example, imagine that you saved a wallet file to a USB stick before deleting the wallet from your computer.  Now, you take that USB stick and store it, so now you have a cold-storage wallet that is "offline."  Armory allows you to create a "watch-only" copy of this wallet, but this copy lacks the private key.

With this "watch-only" copy, you can go back onto your computer, connect to the Internet, open Armory, and let it synchronize.  After synchronization, you will be able to monitor your balance, receive transactions, and generate new receiving addresses for your cold-storage wallet in real-time.  However, what you *won't* be able to do is make a sending transaction from your watch-only wallet (i.e. because it lacks the private key).

This is where offline transactions come in.  Assuming you have two computers set up (i.e. one with your offline, cold-storage wallet, and the other with your online,  watch-only wallet), you can do the following:

1) Run Armory online on the computer with the watch-only wallet, initiate an offline transaction, then save this transaction to a USB stick.  Because the watch-only wallet doesn't have the private key to sign the transaction, you need to retrieve that information.

2) Take the USB stick, go to your other computer with the cold-storage wallet, and open Armory offline.  You can then sign your offline transaction with the private key information contained in that wallet.  Since Armory is in offline mode and your computer has no Internet connection, the private key is secure.  Now you can save the signed transaction to your USB stick.

3)  Now that you have the signed transaction saved to the USB stick, go back to the online computer with the "watch-only" wallet copy.  You can now load and broadcast this transaction to the network..

...and that is why I love Armory.  It allows me to create multiple, secure copies of my wallet(s) and private key information, and it allows me to send and receive bitcoins without ever having to worry about being the victim of a hack.  It's pretty impossible to hack private key information if it's permanently stored offline

Also, what do you mean by small number of characters in your wallet address? There are nearly 2^256 possible private keys(not exactly full 256 bits but still nearly that much), and even if RIPEMD160 is just 160 bits, thats still a huge number.

Thanks for the info everyone.  Time to do some investigative research.

One more question.
What's the difference (in relation to security) between "Offline" and "watching-only".

THANKS A LOT for help

I believe some time ago there was this one incident, but I can't honestly remember much. But rather than stolen, I think they were lost due to a bug in the software.

Anyone coin ever get stolen using armory?

As long as you setup the offline Armory wallet you should be very secure. Only ever allow a watching only copy of your offline Bitcoin Armory wallet, go online.

Also their is an entire board dedicated to Armory Wallet, where this might already be answered, I even think the dev frequents the board also: https://bitcointalk.org/index.php?board=97.0

I wonder because my wallet address has a rather small number of characters... would it not be entirely possible for someone to happen upon my same wallet address?

Can someone address this issue for me please.

Thanks