Re: Armory - Discussion Thread

...

so the unsigned tx has is located in the unencrypted data portion of the USB stick and can be accessed after you've booted up a desktop computer from the encrypted Linux OS on the USB stick, correct? but where is the Satoshi client/blockchain that you need Armory to access?

running two separate computers is the very idea of Armory (one for the offline wallet and one for the watching-only wallet).

With my USB stick I could do everything on the same PC:
- boot normally from harddisk: internet connection, bitcoind and Armory watching-only wallet. Create unsigned tx and save to the fat partition on the stick
- boot from USB, sign the tx with offline Armory (this needs no block chain)
- reboot from harddisk and send the signed transaction

whenever the system is booted from its harddisk the wallet on the encrypted part of the stick is securely hidden

now that is a cool solution. just to make sure i understand; when you boot from the USB, its like a Live CD session where everything is in RAM. nothing touches the hard drive, right?

it is not necessary to have evrything in RAM - when I boot from USB the encrypted partition may be a writable file system and even contain a swap file if used on a PC with too small RAM.
The only important thing is that this encrypted container is not accessible when the system runs an untrusted/networked OS and I plug in my USB stick.

but once you unencrypt the partition can't malware on the computer reach your private keys?

The partition is unlocked in the boot process from the USB stick and is the root filesystem while using the offline wallet. The harddisk of the computer is not even mounted, so malware on the PC has no chance to run :-)

Of course you never unlock the partition on a running system, only cold boot from the USB stick itself