benwestgate / bails Goto Github PK

Include the shortcut keys perhaps. Users may not expect having to set a Lock Screen password each start up.

Use screen-locker icon to catch more attention than Bails logo.

Display another reminder after 5 minutes (whatever seems a reasonable maximum time when starting to send coins.) to Lock Screen as they're probably waiting for confirmations.

This is likely due to the off by one, precision or rounding error in #35 and if not due to that, is from subtracting (10 + assumed chainstate) GiB from my available storage rather than 10 + 7 GB. Solve #35 first because it is simpler, then fix this dependant one.

"Skip" verifying your download, should still randomly select from a short list of people I trust until it has 2 good signatures, and just do this in the background. Fail if it can't get 2 Good signatures.

To harden bails-wallet against the rpc-server going down, it should check that it is responsive before trying to fetch an extended private masterkey for App entropy.
homage: @epiccurious

Besides RE-running bails/b which will check for updates to Bitcoin core before starting bails-wallet there is no way to create or restore new Bails wallets.

A logical place for this shortcut is in bails-menu.

For bails-wallet to run standalone it needs:

• A command to kill bitcoin{d,-qt} and wait for it to shutdown
• A command to launch the bitcoin rpc server (use bitcoin-qt-wrapper -min -server -dbcache=-700 usual -maxmempool=5 -startupnotify=?)
• wait for bitcoins -startupnotify to start before any line that needs RPC
• After the descriptor import succeeds close the RPC server and wait for it to shutdown (make this a reused export function)
• Environment variables used in bails-wallet must be set by an autostart
• launch bitcoin-qt-wrapper with a -startupnotify= "wallet $name created success" dialog.

Then bails-menu would be able to call bails-wallet to create or restore an arbitrary amount of wallets without checking for bitcoin-core updates like running install-core to start bails-wallet would.

bails-wallet should probably not run automatically in install-bitcoin if the $DATA_DIR/wallets folder is not empty.

similar to how setup-persistence only runs when there is no persistence unlocked.

https://twitter.com/Herman971757790/status/1682819583084822529?s=20
https://twitter.com/basedminabro/status/1682813282350931968?s=20

For consistency any situation where the script can't proceed and exits should just delete what's in the new download folder and try again just like when sha256sum fails. So lets make that a function that can be called earlier.

Shorten them to match the style used in Create wallet
Make sure to clarify the dialog text about the "seed backup passphrase" as a tester was confused.
When the seed is forgotten make sure to call it "reset wallet passphrase" or "reset wallet encryption passphrase" to make it clear the paper shares are not getting their passphrase reset in any way.

For L1 there should be an option to reset the "seed backup passphrase" by generating a new set of shares without sweeping funds.

"Impressive so far! I was expecting a lot of Terminal input. You did a great job with the popups and notifications instead, much more user friendly." -Anonymous

This step can be either really fast or slow depending on the blockchain progress and how busy the node is.

I should say more obviously, this will be slow, lock your screen if you have to step away from the computer. BEFORE showing the dialog for tails-screen-locker. Otherwise it just sits there and the notification with explanation expires.

During set up there's a a part where it pops random people's (gnu keys? some sort of key?) on screen and asks if you trust them. How do I know if I can trust these people?

If minimized the splash screen does not display giving no startup progress which can be slow on USB sticks.

Since mask values is set to true there is no privacy advantage to minimized anymore.

This would allow users to get help with Bails from inside Tails and share feedback without restarting or photographing their PC.
This will be much faster and easier than slack.
Pidgeon comes pre-installed so will work perfect for this and the channel and server can be added to defaults. A valid concern about phishing attacks and scammers was raised and so each time clicking pidgeon a Warning can displayed.

The only problem I can see is this opens an attack vector
Scammers could hang out in the IRC
And be quicker to respond to the user to ask for their shares. You could maybe have admins but then you’d have to trust other people which still opens an attack vector

My proposed solution was a wrapper around pidgeon with safety instructions

Just put a wrapper on the app menu shortcut “Never share private information such as shares, secrets, passphrases, addresses, private keys, xprvs or public keys. The developers will Never Ask you for this information. It can also give a link to sign up information.”

Similar to the Bitcoin-qt console which says

WARNING: Scammers have been active, telling users to type commands here, stealing their wallet contents. Do not use this console without fully understanding the ramifications of a command.

This issue proposes implementing an automatic reduction of the -dbcache setting in Bitcoin Core after the initial sync is completed. Currently, using a larger than default dbcache can lead to extended shutdown times, which can be inconvenient for users. The suggestion is to decrease the -dbcache setting to the default by not specifying it as a launch parameter once the sync is caught up.

The system should not automatically restart bitcoin-qt, but use a lower value on the next start by the user. The proposed value for the reduction of -dbcache setting is to the default, offering a faster shutdown and optimized performance. This enhancement will also address issue #41.

This means the initial -dbcache setting can be the maximum that will not cause an OOM error or significant lag in #41 while a laggy experience or long shutdown time will resolve after sync completes.

https://www.reddit.com/r/Bitcoin/comments/l95p42/bitcoin_core_still_taking_a_long_time_to_sync/

having a larger than default dbcache makes it take a very long time to shut down, as a result you should probably only increase it during your initial sync then reduce it after.

You can leave it at 7GB while you're doing the initial sync, then shut down (which will take 20 minutes or so) and remove the setting so it just uses the default.

Don't restart, just start it up and let it run overnight. Restarting it might momentarily cause a bit more apparent progress but will slow it down overall.

Based on these comments by Gregory Maxwell. The -dbache setting should be reduced by bitcoin-qt-wrapper when the sync is caught up. This should be no further than about 2 weeks or a month of blocks blocks considering my other recommendation to log into Bails at least weekly to not forget its passphrase. A long very long shutdown time every week would make this annoying and be a bad user experience.

The system should NOT restart bitcoin-qt automatically to reduce the -dbcache unless the user restarts it.

Related to #41

          > What about this?

If a persistent storage already exists, prompt the user to enter the passphrase into Bails. Then Bails can check the entropy and make sure the passphrase works to unlock the storage.

Originally posted by @BenWestgate in #24 (comment)

I can evaluate the entropy of existing Persistent Storage passphrases, I cannot check whether they actually work to unlock the storage or not.

The spaced repetition trainer should be Optional in this case since they may have already memorized a strong passphrase.

The instructions should tell them to Restart and "delete their Persistent Storage" if a weak passphrase was used (<12 char, low entropy, used for anything else, etc)

          If a share is typed with spaces in the wrong places the error message is strange. It should display "non-alphanumeric character detected"

Originally posted by @BenWestgate in #13 (comment)

Currently the sync performance of 32 GB USB sticks are most affected by the prune setting.

Currently 10GB is left free, Leaving only enough free to hold the assume_chain_state value may sync faster due to less frequent flushing due to pruning.

Compare performance on a 16GB Memory PC between
-prune= USB_size - (10+assume_chain_state_size)
-prune= USB_size - (assume_chain_state_size)

If the time savings is -20% or more remove the 10 GB buffer.

Then do the same comparison on a 4GB laptop as leaving some space free on the USB can improve the speed of flushes. If it does, A compromise 5 GB free might be used or the offset value determined by system RAM relative to chainstate and/or assume_chainstate size.

One tester thought his PC had frozen and considered restarting it which would have likely corrupted his IBD progress.

The formula used for setting dbcache is picking values that cause 1300+MiB of swapping on 4 and 8 GB Memory.

The core developers do not recommend increasing beyond the default -dbcache=450 on a 4GB system, but my formula is setting 550-850 when Bitcoin-Qt is started.

As a first step, lets decrease dbcache by 100-400MiB so the system response is a bit quicker.

So in summary, error correction implementations:

• During initial wallet setup, behave like bech32: you can highlight substitution errors, but don't correct anything.
• During recovery, then do whatever you can, including grinding for insertions/deletions, to find the seed. Then show the user the set of corrections and make them re-enter the corrected string (in the hope that they'll make a new corrected backup) before using it.

Originally posted by @apoelstra in BlockstreamResearch/codex32#54 (comment)

Currently implementing 1 edit correction and displaying the suggested code word in "Restore wallet"
Should implement full string substitution detection and highlighting the input string red. "You have typed Errors in the following locations" Press enter to see the correct string again. Do not fix anything at all in their input field. Not even non-bech32 characters, capitalization or length.

2 GB matches 2GB but 6GB was displayed in my dialog and 7GB in the Bitcoin Core GUI. This is likely due to an off by 1MiB error or insufficient precision in my conversion between GB and MiB, check bitcoin core's code for converting between the two formats.

During set up it asks to name wallet. 'Wallet' is already filled in. Any reason not to use 'Wallet'? If not, suggest new user keep 'wallet'

If the user enters the spaces exactly like it was displayed by display_confirm then the share should be accepted. Spaces anywhere else including a trailing space will throw the non-alphanumeric character error.

in order to prevent copy and paste from the display dialog to the entry dialog, a different whitespace character than space will be used and perhaps other invisible characters that throw a warning when detected to not copy and paste and to write the share down.

A demo video to link to in your readme would be sweet. It’s a lot easier than I anticipated it to be based on the feature set, and a demo showing how you can set it all up in ___ minutes would be helpful for people who are apprehensive.

(and link to the README.md from the demo video) Cut out wait times from the video to get a video length under 5-10 minutes.

these notifications should not reach the lock screen, spaced-repetition should clear it's own notifications after they display, it should not clear other notifications however.

Most people write 48 characters in 8-10 inches especially legibly.

On the 'Setup almost complete' popup window, the shutdown Tails link is broken. Clicking on it doesn't appear to do anything, while the second link to read the documentation works fine.

The fix is to replace:
file:///usr/share/doc/tails/website/doc/first steps/shutdown/index.en.html

with:
file:///usr/share/doc/tails/website/doc/first steps/shutdown.en.html

Use less ambiguous dialog, like:
“I want to restore a codex32 backup”

In one dialog choose:

Wallet Name [ Wallet [share_identifier] ]

• Disable Private Keys

Disable private keys for this wallet. Wallets with private keys disabled will have no private keys and cannot have an HD seed or imported private keys. This is ideal for watch-only wallets.

• Non-Persistent Wallet

Prepends /tmp/ to Wallet Name causing it to be stored in tmpfs not ~/Persistent/.bitcoin and lost on shutdown.

If /tmp/ is used

1. Display warning their wallet will be amnesic and all its labels and unused addresses will be forgotten on shutdown. Suggest making a Persistent watch-only wallet first if that is undesired. Describe it as ideal for offline signing wallets because the private keys will never be saved to the USB stick. Provide opportunity to go back.

If the user does not Disable Private Keys display:

1. wallet encryption info
2. wallet encryption warning
3. wallet has been encrypted

else:

1. watch-only wallets info. Provide Opportunity to go back
2. how to spend from this watch-only wallet Provide opportunity to go back.

After the warnings/info is displayed:

1. Current wallet setup complete! dialog and bitcoin-qt opens

Helps address #45 and #34 as "setup complete" is really "wallet setup complete" and the other dialogs are from install-core and don't need to display when just doing bails-wallet operations. Also creates one of the L2 features and gives a more secure set-up.

Watch only wallets can be spent by gathering the shares with their corresponding identifiers and loading them into an offline signing device or Non-persistent Wallet to sign PSBTs on the same USB. Forgetting the keys makes the user safe from rubber hose cryptanalysis.

These steps are all in series. As soon as the user confirms what they will be using or procedes with the default encrypted private keys enabled wallet. bitcoind begins importing the appropriate descriptors and will shutdown and start bitcoin-qt when it finishes.

If the user reaches the end of the information dialogs without bitcoin-qt having started. It will tell them importing descriptors can take some time and reminds them to lock the screen Super+L if they need to step away from their computer.

Alternately, bitcoin-qt could be started right after the user makes a selection so that visual progress bars can be displayed for rescanning. This is preferable since no more RAM heavy hashing needs to be done.

It would be useful to have a follow along guide for intermediate users to paste commands in terminal to achieve the same result as Bails.

@luke from the Bails slack has volunteered deciphering Bails project to write a DIY text and photo guide of it in markdown.

We can post progress updates of this improvement here.

But is your program designed to continue having persistence ask for the password? It's asked me now like 10 times in the last 5-10 minutes. I can see why as I've now memorized an additional set of words but it's getting annoying when I'm trying to get the new codex set.

The interval between prompts was supposed to double between each successful entry of the passphrase, and halve after each unsuccessful entry, but the -50% to +50% random interval adjustment causes it to grow slower than it is supposed to with repeated success.

Solutions:

1. find the geometric average of -50% to +50% and adjust the base interval increasing coefficient so that it averages to doubling each success.
2. Raise the -50% until the geometric average of the random coefficient is 1 so it doubles each time (reduces the "randomness" in the interval)
3. Reduce the decrement on a failed attempt. (the annoyed tester did not fail any attempts so 1 or 2 need to be attempted)

I think option 2 should be tried first, because tripling the interval often made me fail to remember the passphrase, while I often got annoyed if it asked again in the same length of time as before after a success.

Intuitively the interval should always increase on success and decrease on failure.

Once you’re in the beta, it might make sense to stop committing directly onto master and instead, create a fork and merge. It’s a huge pain in the ass but you’ll be able to link issues with PRs to better track what changes over time and why. Better “bookkeeping”.

This has accidentally caused regressions by not having tested the code I push to master. I can use a devel branch.

It's annoying to have to go get these in the middle of setup. -@epiccurious

Disconnect these until
The new backup feature is added & tested working.

More experienced Tails users like @epiccurious and my last tester understand that in order to install software to Tails, they must have a Persistent Storage, and so either click on the Welcome Screen or in the menus to create one.

While it is fine to click "Create a Persistent Storage" on the Welcome Screen. If it is actually setup first, especially without the right features of the Persistent Storage turned on, before running Bails, it will fail or give errors.

Worse, this latest user selected his own 12 character passphrase and it only had 53-bits of entropy which is weak against a State Sponsored attack, as the wallet encryption passphrase. Bitcoin Core recommends 10 or more random characters be used which is 66+ bits for all typeable characters.

The README.md instructions must be updated to Warn against setting up the Persistent Storage before running the Bails command.

Confirm bitcoin-qt-wrapper is executed and if so rename the hidden .desktop to "Bitcoin Core"

I'd say highest priority UX nit at the moment is searching for the current release folder for keys to search/import instead of builder-sigs
nearly half of them did not sign 25.0 yet so it wastes a lot of extra time on an already slow

This issue was reproduced by @epiccurious so the priority was updated to medium.

Another related issue is testing if leaving only assumed chainstate free would sync faster on systems with small storage due to less frequent prune flushes.

At the moment the following capacities may have restricted performance:

64 GB => 56GB for Persistent Storage => 49 GB for blocks
32 GB => 24GB for Persistent Storage => 7 GB for blocks ## This is the ideal USB size to test large RAM and the two different prune settings on for performance comparison. Do the testing on clear net, with 16GB RAM and a REAL USB stick.
16 GB => 8GB for Persistent Storage => (2)1 GB for blocks

With a 32GB USB & 16GB RAM and quad core CPU perform two races to July 1 2023 on clearnet.

In ordinary circumstances there is a privacy benefit of using -onlynet=onion. However because it is more fragile in hostile network circumstances and may need console commands to be as resilient as the default, it is not set on. Users who need the maximum in transaction broadcast privacy can turn this on or off in the bails-menu after a debriefing.
Suggestion by @epiccurious .

related to #5

          If someone else does the same thing. I'll consider adding the warning to wait to setup persistence to the instructions.

It's an interesting case, Bails should install to a tails persistence someone is already using for other stuff, it's just another application. But if they do that, they need the same security assurances, so I have to ask if their passphrase is at least 4-5 random words and if they memorized it or wrote it down somewhere

Originally posted by @BenWestgate in #12 (comment)

I have an FAQ written from an old project I may be able to adapt to Bails.

Free free to post questions about Bails here that are likely to arise.

The only files used in Bails/bin/ are:
bails-menu which is out-dated and needs an update
bails-wallet which creates the wallet and an update will help make it useful to run stand-alone
bitcoin-qt-wrapper which ensures bitcoin starts with correct parameters and occasionally shows a donation invitation
chainstate-preload which helps Bitcoin sync faster after a restart
install-core which installs bitcoin core persistently
persistent-setup which guides the user thru setting up their Tails Persistent Storage

The others are not used or have been deprecated by Tails adding the functionality they used to provide and can be deleted once it is clear which features will be in the Beta 1.0 release. (L1 from design scope)

I needed to let these run in the background so that error correction could begin immediately since it's sometimes slow. But they end up underneath my new dialogs displaying the wrong and corrected share. So lets make them all zenity notifications until I refactor that whole function, if ever. The specific reasons why an input was wrong are still important to display even if they're automatically correction.

It raises the user's Codex32 IQ and makes the error correction have less to correct next time when they understand what they're typing isn't all random noise.

It should also do this in the 'Enter the passphrase of your Persistent Storage' in setup-persistent and 'Set seed backup passphrase' and/or 'Set passphrase for the wallet'.

Ask chatGPT to tweak my .py file for these Gtk dialogs.

Tester 2 reported new error messages, it was determined these were because the dotfiles directory did not exist.

install-core should check if necessary persistent features are activated and guide user to enable them, not setup-persistence.

The welcome to Bails message should be displayed by install-core whenever there is not a dotfiles/.local/bitcoin-core folder.

Which will greet all use cases:

1. user has no persistent storage
2. user has a persistent storage that is not setup correctly
3. user has a persistent storage that is coincidentally setup correctly but has never downloaded bitcoin-core

After rebooting, if I unlock the persistent storage on the boot-up screen, Bitcoin Core auto-starts. But there’s also a popup for enabling Tor that the user needs to click through before Core can connect to peers.

Would it make sense to have Bails check that the user has an active Tor connection? If not, tell the user in a Black banner at the top to connect to Tor (like when the user enables persistent storage features)? At least while the node is still in IBD, since noobs/boomers night not know that the node isn’t syncing.

-@epiccurious

https://tails.net/doc/persistent_storage/backup/index.en.html

Previously Bails had custom code to create backup USBs without a restart. That code was submitted to Tails and now Tails offers the same functionality making it redundant.

The new tool provided Tails needs to be tested so that I can guide and remind users to make backups of their Bails USB to preserve their wallet meta data and blockchain.

As well as to make clones.

this message would make more sense imo

Clicking the X during seed restore should bring them back to the create wallet menu.

If valid shares have already been input, it should remind the user their restore progress will be lost and ask them to confirm.

bails-wallet is longer than expected. The user interface is excellent and bug-free, however the code is not as easy to understand as it could be. The functions especially are not logically grouped or ordered making it more difficult to follow along.
As it is the most security critical file in the project it should have great readability.

It may be helpful to:

1. split it into multiple files based on logical components or functionality.
2. group and sort the functions logically
3. move unused functions for non-mvp features to a new file