Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Armory
Re: Armory - Discussion Thread
by
molecular
on 23/07/2012, 08:26:30 UTC
Quote from: traderjoe on July 21, 2012, 04:13:58 PM
Armory is the only easy-to-use solution I could find, that doesn't have you trusting an online environment, or relying on a web page that might not be there someday, to transmit the signed transaction.

While I love armory, I disagree on your point.

Quote
#> echo -ne "verylongandsecurenondictionarybasedpw#0" | sha256sum
ba1bb46eb35f1f4854a574f0fb4ca1b6256b58d1ac0fc776b399f2f74deb6f5f  -

is what I do to generate private keys for cold storage savings. Import that into armory (on the offline secure machine) and generate a watch-only copy of the wallet for use on insecure online machines to watch the funds still being there. Delete the real wallet again, it's not needed (this whole armory-step could be skipped, it's merely for the convenience of being able to monitor savings and have an easy-to-access list of the addresses. the address can be computed from the private )

To get to the funds, use a copy of StrongCoins offline transaction generation/signing javascript code (generate tx (moving all funds from one of the savings addresses to an address in my everyday wallet) on insecure machine, sign it on the secure always-offline machine and inject it into the network using the insecure machine again (shuffling data using a usb stick))

https://www.strongcoin.com/blog/the_easiest_way_to_create_secure_offline_bitcoin_transactions

took me some balls to do it, but now my savings are secure from both theft and loss in my brainwallet as long as I can manage to remember the passphrase.

One can also do it with armory instead of strongcoin-offlinetx-script, but firefox+strongcoin-offlinetx-script seem simpler to install onto an offline machine than armory (took me multiple sessions of 1-2 hours to get armory onto the offline ubuntu machine).

I know it would be possible to integrate private-key-import by sha256(passphrase) into armory but I agree with etoteipi that it should not be standard practice, because people can't be trusted to choose good passphrases. However, I like this method because sha256 implementations will always be available and nothing else is needed (except some bitcoin-related infrastructure, which will also be there unless my bitcoins are worthless anyways). Regarding the injection of the signed tx into the network: assuming bitcoin remains opensource, this can rather easily be coded up by someone or myself in case push comes to shove and no service for this should exist... or: if available, I can still use armory to do everything I just described doing with strongcoin-offlinetx-scripts Wink

So go ahead, beam me to Mars naked, I'll have my coins as long as there's bitcoin infrastructure and some air to breathe Wink