bitboxswiss / bitbox-wallet-app Goto Github PK
View Code? Open in Web Editor NEWThe BitBoxApp for desktop and mobile.
Home Page: https://bitbox.swiss/app
License: Apache License 2.0
The BitBoxApp for desktop and mobile.
Home Page: https://bitbox.swiss/app
License: Apache License 2.0
When you set up a new wallet on BitBox02 with mnemonic seed, and then create a backup on microSD card the procedure is not finished properly.
When selecting create backup a BitBoxApp asks to unlock the device. After unlocking the device the process is finished there (device idle or waiting the App) but nothing happens in the BBApp. The orange button "Check backup" is inactive.
There should be a message saying something like: "Congrats! You just created a backup and you should double check it in the next steps." or show the orange button "Check backup" as active.
If you go back (Back button is active) and then again to "Manage backups" all is as expected and the backup is visible.
Platform: MacOS
Release: v4.11.0
Device: BitBox02
After canceling on device, the setup wizard stays stuck at "Create Wallet" screen asking for a device name and no way to continue.
My attempts to restart the app led to several other strange states as seen in screen shots below:
"Could not pair with app"
"Unexpected error during restore: unlock failed."
To package BitBox wallet app for Arch Linux AUR from the .AppImage, I extract the bitbox.desktop and bitbox(.png, .svg, etc) to include them in the current desktop environment. But the .AppImage does not include any image files.
$ ./BitBox-4.1.0-x86_64.AppImage --appimage-extract
$ ls -la
drwx------ 8 pizzaman users 4096 Aug 21 14:20 .
drwxr-xr-x 5 pizzaman users 4096 Aug 21 14:20 ..
lrwxrwxrwx 1 pizzaman users 6 Aug 21 14:20 AppRun -> BitBox
-rw-r--r-- 1 pizzaman users 159474 Aug 21 14:20 assets.rcc
-rwxr-xr-x 1 pizzaman users 51268 Aug 21 14:20 BitBox
-rw-r--r-- 1 pizzaman users 155 Aug 21 14:20 bitbox.desktop
-rw-r--r-- 1 pizzaman users 0 Aug 21 14:20 BitBox-x86_64.AppImage
-rw-r--r-- 1 pizzaman users 0 Aug 21 14:20 default.png
lrwxrwxrwx 1 pizzaman users 11 Aug 21 14:20 .DirIcon -> default.png
drwx------ 58 pizzaman users 4096 Aug 21 14:20 doc
drwx------ 2 pizzaman users 4096 Aug 21 14:20 lib
drwx------ 2 pizzaman users 4096 Aug 21 14:20 libexec
-rw-r--r-- 1 pizzaman users 11645848 Aug 21 14:20 libserver.so
drwx------ 9 pizzaman users 4096 Aug 21 14:20 plugins
-rw-r--r-- 1 pizzaman users 145 Aug 21 14:20 qt.conf
drwx------ 2 pizzaman users 4096 Aug 21 14:20 resources
drwx------ 3 pizzaman users 4096 Aug 21 14:20 translations
The only image file is default.png with 0 bytes.
ref. https://wiki.archlinux.org/index.php/desktop_entries#Icons
i'd like to add my eps server to my bitbox app.
After downloading the certificate when pressing check i get the following error:
Failed to unmarshal response: ["ElectrumPersonalServer 0.1.7", 1.2]: Failed to unmarshal JSON: json: cannot unmarshal number into Go value of type string
When i press back then try to add my eps again with "check" button its just working indefinitely.
EPS log says client is connected.
During the initial setup, after closing the app and reopening it with the BitBox 02 plugged in, the Application crashes.
The app should open and continue where it was closed.
The app immediately crashes and probably expects an already created wallet.
Fix/Check the startup code for the application?
Insert SD-Card step
:can someone from digital bitbox send me link to 2.2 desktop so i can move my funds this 4.1 wont let me paste anything
is there any reason to keep fees greyed out before entering an amount? might be useful to check fees before deciding how much to send etc.
add the estimated time on custom fee mode.
My headphones are plugged in my USB-C port. I open the app and it crashes silently after half of a second.
App: Android-4.20.1
Android V10 on Pixel 3
Kernel version:
4.9.210-g28c696160049-ab6386370
#0 Fri Apr 10 23:00:22 UTC 2020
I want to add Bitcore BTX support to Bitbox Hardware Wallet
Whit steps are needed?
chrome crashes when clicking the QR scanner icon
$ git rev-parse HEAD
0b0efe6
steps to reproduce
make servewallet
make webdev
I just recently ugraded to macos 10.15.1 (19B88), but still using bash, not yet migrated to zsh
(not sure if that is relevant at all).
The currently released App (4.14.1) works fine
If I build it mysef make qt-osx
, clicking the qr icon then the whole screen gets stuck with a loading indicator
nodejs is installed twice for travis/linux
search for node --version
on a recent build https://travis-ci.org/digitalbitbox/bitbox-wallet-app/jobs/505799528
# line 444
$ node --version
v10.13.0
# line 1932
node --version
v9.11.2
travis config
https://github.com/digitalbitbox/bitbox-wallet-app/blob/master/.travis.yml#L14
nodejs 9.x in scripts/docker_install.sh
https://github.com/digitalbitbox/bitbox-wallet-app/blob/master/scripts/docker_install.sh#L21
is it possible that nodejs is defined in the docker image?
where is the dockerimage shiftcrypto/qt5
coming from?
(what is the source of https://hub.docker.com/r/shiftcrypto/qt5 used here https://github.com/digitalbitbox/bitbox-wallet-app/blob/13a36957690f4eabd2894f7529083054af6f1018/Dockerfile#L15)
Steps to reprodcue:
EDIT:
Sorry I just realize that it wasn't on firmware 4.1.0...
EDIT2: same with 4.1.0
It is great that Bitbox2 supports mnemonics + passphrase. Unfortunately, not all providers are so clear about the distinction between password (for device) and BIP39 passphrase from which the HD seed is generated.
It would help users if you could be maximal explicit by renaming the optional passphrase
under the Expert settings
to optional BIP39 passphrase
(and change in instructions and website accordingly).
I'm using a popular VPN service. So popular that others are also using it to access CryptoCompare (where BitBox has it's fiat exchange rate from) and run into the rate limit:
Response | "Error" |
---|---|
Message | "You are over your rate limit please upgrade your account!" |
HasWarning | false |
Type | 99 |
RateLimit | |
calls_made | |
second | 1 |
minute | 5 |
hour | 99 |
day | 706 |
month | 95503 |
total_calls | 1204893 |
max_calls | |
second | 20 |
minute | 300 |
hour | 3000 |
day | 10000 |
month | 75000 |
Data | {} |
There is "Show BIP39 Mnemonic" button at the top in the Secrets section and another button at the bottom "Enable Mnemonic Passphrase" in the Expert Settings.
Is the bottom button related to "Show BIP39 Mnemonic" at the top? Why is one at the top in Secrets and the other one at the bottom in the Expert Settings? Unclear and no help text or description.
I suspect the botttom Expert Settings button will let me overwrite the current password with a mnemonic passphrase. Is it going to be BIP39? If I do enable it in the Expert Settings, what will the top "Show BIP39 Mnemonic" do then? Either way, I'd love some help text to confirm this instead of guessing.
There are multiple pitfalls with this:
The best is probably to extend coin control to allow manual selection of unconfirmed outputs. and show the appropriate warnings when one is selected.
Note: Electrum supports it and can be used to perform this if needed, also with the BitBox HW.
Trying to run the app without rebuilding the docker image I did:
docker pull shiftcrypto/bitbox-wallet-app
Which did not fetch the latest because "latest" doesn't point to 6. So then I did:
docker pull shiftcrypto/bitbox-wallet-app:6
But then make dockerdev
didn't work it complained that it couldn't find bitbox-wallet
. So I had to
docker tag shiftcrypto/bitbox-wallet-app:6 bitbox-wallet
I think it should be easier to get started than this. make dockerinit
and make dockerdev
could use the same name that you use on docker hub. :)
I think the above instructions are correct because I managed to run the app.
Hello, The app does not work at the present with "electrum Personal Server" https://github.com/chris-belcher/electrum-personal-server
Would the developers consider the integration or it is not something that can be put in the pipeline?
Thanks
The app is always making a requests to the rates service. It should by default not make any request to any thirdparty service. Ideally this would be an option to turn on with a small description on impact on privacy.
also check bb02.
On your release page you are nicely describing how to verify the signed releases by importing the signing pub keys from keybase. Since curl
does not seem to work via TOR/tails but keybase exposes their service as a hidden service it might be worthwhile to also mention the command for importing signatures via TOR (only changing the first part of the keybase domain):
curl http://keybase5wmilwokqirssclfnsqrjdsi7jdir5wy7y7iu3tanwmtp6oid.onion/benma/pgp_keys.asc?fingerprint=2260e48288882c76afaa319d67a2b160f74db275 | gpg --import
It would be great if the Guide for how to connect to your own node could be more detailed, see also the discussion in #615
With links to the blog post, required/supported software and products
One question is:
– Can I connect directly to Bitcoin Core?
see also @benma answer #615 (comment)
When I switch between "Bitcoin Legacy" and "Bitcoin", I often get stuck in a view where the balance on top reflects the selected wallet "Bitcoin" when switching back from "Bitcoin legacy" but the transaction list is stuck with the last selection...
Discussed with @x1ddos
json.Marshal
is not guaranteed to create the same serialization always. The order of the keys could change, or whitespacing, or other things.
The Hash() should be replaced with a hand rolled hash accumulator over the fields.
Account database filenames depend on this hash, so the new impl. must either be compatible, or think about the consequence of creating new account databases (at the moment this merely means re-downloading the transactions, and get desktop notifications for the transactions again).
As a power user, I would like the ability to setup a new BitBox02 device with an alternative backup procedure.
This follows the Trezor setup procedure and is likely to be familiar to users familiar with those products.
Clicking "normal" in Network Priority when sending from "Legacy Bitcoin" view should show options for fee.
Focus flickers quickly from dropdown to entire qt window and back with no clear way to select fees, and the dropdown menu does not show up. (Pressing tab to switch focus to the dropdown followed by arrow down / up still allows cycling through options to lower fee, but this is probably not obvious to most users.)
Using BitBox-4.0.0-x86_64 on Arch Linux with cinnamon desktop environment.
See attached recording (ignore artifacts showing my desktop background, which seems to be due to the way the recording tool renders frames or something.. what appears visually is a quick shift in focus from the dropdown box to the entire qt window of the app and back again each time the box is clicked):
Hardware wallets have a tendency to be used to hold larger amount unspent outputs.
Addresses holding larger amounts have the tendency to get tainted with outputs near-to-dust limit for on-chain analysis.
Those tainted inputs are usually included in coin-selection.
We should give users a way to "abandon" a certain incoming payment (right click "I want to abandon this incoming payment").
Eventually we automatically warn the user if he receives a second payment on an address with a very small amount (ex <1USD).
Only outgoing transactions are saved to the db and showed as pending, incoming transactions are not shown in the app until they have at least one confirmation. This will probably require Infura (or access to a node) since afaik, etherscan doesn't support the eth_pendingTransactions
json rpc.
the recieve screen on the Bitboxapp shows a greyed out copy button in a grey text field which is entirely useless as (as far as it seems) there is no way it will ever be active, considering the address will only be shown in a new layer when you go verify.
couldnt this just be removed? as someone might easily try to intuitively click it just to realize they have to verify?
The new firmware 7.0.0 has exacerbated the issues with MyEtherWallet. With the previous firmware it wasn't possible to send tokens, with the new one it doesn't even let you access the wallet. I tried with Chrome, Opera, Firefox with the same outcome. The only difference is that with Firefox the device blinks.
https://www.reddit.com/r/MyEtherWallet/comments/c4hb0u/can_somebody_from_mew_and_bitbox_provide_an/
[This is a rare and not very important edge case]
When starting the BitBox with MyEtherWallet (including tapping screen and entering password) and then opening the BitBox app, the BitBox App still shows the default
Please connect your device to get started
For the BitBox02, please tap the device to continue.
despite the fact that this has already been completed. The user would be stuck on that screen if they don't realize that the MyEtherWallet app is still active.
The MyEtherWallet integration on the other hand seems to be smarter and is able to tell me that
Your BitBox02 is busy. Please close all other wallets and try again.
I would suggest to add a similar note into the BitBox app.
Attempt to get headers for https://astuteinternet.dl.sourceforge.net/project/nsis/NSIS%203/3.05/nsis-3.05-setup.exe failed.
The remote file either doesn't exist, is unauthorized, or is forbidden for url 'https://astuteinternet.dl.sourceforge.net/project/nsis/NSIS%203/3.05/nsis-3.05-setup.exe'. Exception calling "GetResponse" with "0" argument(s): "The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel."
Downloading nsis.install
from 'https://astuteinternet.dl.sourceforge.net/project/nsis/NSIS%203/3.05/nsis-3.05-setup.exe'
ERROR: The remote file either doesn't exist, is unauthorized, or is forbidden for url 'https://astuteinternet.dl.sourceforge.net/project/nsis/NSIS%203/3.05/nsis-3.05-setup.exe'. Exception calling "GetResponse" with "0" argument(s): "The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel."
This package is likely not broken for licensed users - see https://chocolatey.org/docs/features-private-cdn.
The install of nsis.install was NOT successful.
Error while running 'C:\ProgramData\chocolatey\lib\nsis.install\tools\chocolateyInstall.ps1'.
See log for details.
https://ci.appveyor.com/project/benma/bitbox-wallet-app/builds/34686468
$ curl -I 'https://astuteinternet.dl.sourceforge.net/project/nsis/NSIS%203/3.05/nsis-3.05-setup.e><
curl: (60) SSL certificate problem: certificate has expired
More details here: https://curl.haxx.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
$ showcert astuteinternet.dl.sourceforge.net -noout -dates
notBefore=May 10 03:04:22 2020 GMT
notAfter=Aug 8 03:04:22 2020 GMT
A recommendation in https://sourceforge.net/p/forge/site-support/21088/ is to use direct download link:
The recommended approach is to use the general direct download link at downloads.sourceforge.net: https://downloads.sourceforge.net/project/nsis/NSIS%203/3.05/nsis-3.05-setup.exe
The *.desktop
file is lacking a Categories=
entry.
According to the menu spec,
By including one of the Main Categories in an application's desktop entry file, the application will be ensured that it will show up in a section of the application menu dedicated to this category. If multiple Main Categories are included in a single desktop entry file, the entry may appear more than once in the menu.
Hence, please add at least one of the following in the Categories=
key.
Main Category | Description | Notes |
---|---|---|
AudioVideo | Application for presenting, creating, or processing multimedia (audio/video) | |
Audio | An audio application | Desktop entry must include AudioVideo as well |
Video | A video application | Desktop entry must include AudioVideo as well |
Development | An application for development | |
Education | Educational software | |
Game | A game | |
Graphics | Application for viewing, creating, or processing graphics | |
Network | Network application such as a web browser | |
Office | An office type application | |
Science | Scientific software | |
Settings | Settings applications | Entries may appear in a separate menu or as part of a "Control Center" |
System | System application, "System Tools" such as say a log viewer or network monitor | |
Utility | Small utility application, "Accessories" |
In addition, you could specify one or more from the longer list of Additional Categories.
Please test the result with desktop-file-validate
and make sure it passes.
electron-builder offers native support for this since v19.22.1.. Please see the category
key at https://www.electron.build/configuration/linux-other.
References:
In the desktop app, while the hidden wallet is opened, the settings still display the hidden wallet menu in an inaccessible/greyed out fashion. However, displaying this information at all seems to offer valuable intelligence to any attacker who seizes physical control of the device in an opened state. This would seem to harm plausible deniability?
!Mike
No blank GUI.
The BitBox-4.0.0-x86_64 app seems to show a blank qt window with no contents after switching desktops and returning the one with the dbb app. See attached screenshot.
I'm using cinnamon desktop environment, on Arch Linux.
Log entries continued appearing in ~/.config/bitbox/log.txt
, so the app appears to still function, apart from not redrawing itself.
When I resize the qt window, the rendering fixed itself and the GUI returned to normal. I can repro this by switching desktops away from the app and returning; the GUI goes blank every time.
This is a minor issue, but in the email and on the device the term is "Factory Reset", in the app you use "Reset Device".
Proposal: use "Factory Reset" everywhere, i.e. change or add the term in the app.
$ /x/BitBox-4.11.0-x86_64.AppImage
/x/BitBox-4.11.0-x86_64.AppImage: error while loading shared libraries:
libserver.so: cannot dynamically load position-independent executable
The environment:
$ uname -a
Linux 4.19.66_1 #1 SMP PREEMPT Sun Aug 11 20:25:01 UTC 2019 x86_64 GNU/Linux
$ file /x/BitBox-4.11.0-x86_64.AppImage
/x/BitBox-4.11.0-x86_64.AppImage: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked,
interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.18, stripped
$ sha256sum /x/BitBox-4.11.0-x86_64.AppImage
e87cbd2d595f9b04b5843afc74a721dc9e990346a184bb8eed754e73e266b67d /x/BitBox-4.11.0-x86_64.AppImage
I haven't investigated yet but here's an strace.txt.
In other words, why should I bother with an Electrum server if I'm already running a bitcoind from https://github.com/bitcoin/bitcoin or something else listed on https://en.bitcoin.it/wiki/Full_node#How_to_run_a_full_node ? For instance, I see bitcoind provides sendrawtransaction RPC. Would it be possible for the BitBox app to use that directly to broadcast a transaction?
It seems the BitBox app supports only Electrum. What was the reasoning? Why not others?
Also, "Connect your own full node" feels a bit confusing. It should either read "Connect your own Electrum server" or support other full nodes like bitcoind otherwise.
I installed the app from the git repository and I checked the signature with gpg --verify
After moving the app in the Application folders, when I try to open the app, MacOS Mojave 10.14.6
gives me this message error:
My security setting after trying to open the app:
Never had any problem with previous version of the app, therefore I reinstalled 4.18.0 and I get the usual notice that allows me to open the app.
Not sure this was a one-off on my system but just in case.
Unfortunately, can't repro after firmware upgrade.
Started the BitBox appimage app and upgraded the firmware from 1.0.0 to 3.0.0 like it told me to. Device booted and right after entering my password, the app crashed with:
panic: noise: message is too short
goroutine 194 [running]:
github.com/digitalbitbox/bitbox-wallet-app/backend/devices/bitbox02.(*Device).pair(0xc0002760c0)
/home/someuser/src/bitbox/bitbox-wallet-app/backend/devices/bitbox02/device.go:227 +0x11a8
github.com/digitalbitbox/bitbox-wallet-app/backend/devices/bitbox02.(*Device).init.func1(0xc0002760c0)
/home/someuser/src/bitbox/bitbox-wallet-app/backend/devices/bitbox02/device.go:166 +0x200
created by github.com/digitalbitbox/bitbox-wallet-app/backend/devices/bitbox02.(*Device).init
/home/someuser/src/bitbox/bitbox-wallet-app/backend/devices/bitbox02/device.go:158 +0x122
Received signal 6
#0 0x7f29f4d35fbf <unknown>
#1 0x7f29f3763645 <unknown>
#2 0x7f29f4d364ce <unknown>
#3 0x7f29f19a19b0 <unknown>
#4 0x7f29fa1b9541 <unknown>
r8: 00007f29e907f7e0 r9: 0000000000000001 r10: 0000000000000008 r11: 0000000000000246
r12: 0000000000000582 r13: 00007f29fb4a2380 r14: 0000000000000001 r15: 0000000000000000
di: 0000000000000582 si: 0000000000000585 bp: 000000c000373280 bx: 000000c00005c700
dx: 0000000000000006 ax: 0000000000000000 cx: 00007f29fa1b9541 sp: 000000c000373268
ip: 00007f29fa1b9541 efl: 0000000000000246 cgf: 002b000000000033 erf: 0000000000000000
trp: 0000000000000000 msk: 0000000000000000 cr2: 0000000000000000
[end of stack trace]
Calling _exit(1). Core file will not be generated.
Admittedly, I'm running an oob version of libserver.so because I can't run the appimage as is due to incompatibility with glibc v2.30 - more details on this in #484 - so could be just my setup but still maybe worth checking out.
$ uname -a
Linux 4.19.66_1 #1 SMP PREEMPT Sun Aug 11 20:25:01 UTC 2019 x86_64 GNU/Linux
$ git br -v
* master 47fedb1 Merge branch 'release'
Althouh I didn't see anything interesting in the log file, attaching it anyway.
bitbox-noise-msg-too-short-panic.txt
Crypto ATMs allow to buy bitcoins using cash. Due to the confidential nature of the transaction they are very valuable to increase the privacy level of a bitcoin holder. These machines work by printing a "paper wallet" that contains two strings of characters, represented by QR codes, one for a private key and the other for the corresponding public key that the ATM machine load with the bitcoins bought by the customer.
Once the transaction is concluded, the buyer should quickly send a new transaction to the bitcoin network to move the whole content of the bitcoin purchased to a new address of its own wallet. This function is supported by few software wallets, including electrum, and it is called "sweep private address". By the way, I find this name very confusing.
It would be very useful if bitbox-wallet would introduce this ability with a decent user interface. It would be great to have the possibility to read the qr code from the printed paper and prepare a transaction, to be signed using the bitbox, moving the purchased bitcoins to an address of the bitbox wallet.
Thanks for considering this request.
ElectrumX rejects connections from clients with version < 3.3.
Please see kyuupichan/electrumx#842
BitBox Wallet is reporting version 0.0.1 so I can't connect it to my ElectrumX server.
ElectrumX version 1.12
Logs from the server:
Aug 28 22:20:01 rocknode electrumx_server[23460]: INFO:ElectrumX:[72] SSL 192.168.178.33:33388, 0 total
Aug 28 22:20:10 rocknode electrumx_server[23460]: INFO:ElectrumX:[73] SSL 192.168.178.33:33396, 0 total
Aug 28 22:20:10 rocknode electrumx_server[23460]: INFO:ElectrumX:[73] attempting to crash old client with version 0.0.1
Aug 28 22:20:10 rocknode electrumx_server[23460]: INFO:ElectrumX:[73] changing task concurrency from 10 to 0
Aug 28 22:20:10 rocknode electrumx_server[23460]: INFO:ElectrumX:[73] disconnected whilst throttled
I've just converted the current master with a simple go mod init
and rebuilt libserver without any issues concerning package dependencies.
What's holding you guys back?
If you try, make sure to unset GOPATH
or export GO111MODULE=on
and use a recent version of Go like 1.12.x.
The travis build matrix can be expanded with commands for other Operating Systems.
When supporting and testing builds of this repository, what platforms are supported? Which are expected to be functional and which are tested?
Style guide(s), commit message conventions, etc.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.