Hi Redditors. I am going to post in this thread my experiences in getting my Desktop (Debian) machine running Armory in watch-only mode, and coupling that with an offline Raspberry Pi (which holds my private keys) for signing the transactions previously made in watch-only mode. I actually compiled Armory from source directly on my Pi. This guide is probably more for the bitcoin 'power user', as to run Armory online, and broadcast the signed transactions, you need to have a bitcoin full node running (bitcoind). Basic requirements:
Online machine - running a full node (bitcoind)
Raspberry Pi - I used an old Pi 1 Model B with just 512Mb memory, and 2 USB slots.
2x USB thumb-drives. One for wallet backups, the other for transferring unsigned tx's to the rPi, and signed tx's back to the Desktop.
Armory 0.96.4 for the Raspberry Pi 1, Model B (512Mb RAM, 2xUSB) (compiled from github sourcecode on the Pi itself!)
Using the Pi as an offline complement to a Debian Desktop "watch-only" Armory install.
Desktop Debian Armory watch-only talks to my full node, bitcoind, which is also on the Debian desktop.
I'll post the guide in digestible sections...
I should begin by saying I installed source code from git, and got Armory to build the DB on my desktop initially, WITHOUT creating a wallet.. (This allowed me to debug what was going on a little!)
Go to Bitcoin.org, select Armory.. It leads to a Download from Git: https://github.com/goatpig/BitcoinArmory/releases Followed the procedure for Linux Debian verify code, compile, install, all straight-forward.. Began by running bitcoind, and telling Armory where to find it. This is the command I used, obviously it was all on one line and didn't include the arrows/explanations!:
python ArmoryQt.py \ --satoshi-datadir=/BlockChain/chain20180414/blocks \ # <-----(where my bitcoind blocks live) --datadir=/ArmoryDataDi \ # <-----(this is instead of ~/.armory) --dbdir=/ArmoryDataDidatabases # <-------(again, non std. place used for Armory's databases.. my choice.)
So, on the Desktop, after the initial "build databases" (NB the initial "Build Databases" took about 1.5h and my two CPUs were maxed the whole time, Temps up to 62C. Not ideal; Im not in a rush!) I then wanted to import a watch-only wallet. Before I did this, I took a full backup of the Armory data dir: /ArmoryDataDi (or ~/.armory in a default installation). I'd hate to have to make Armory do another full sync with the bitcoind node!
Next step: offline wallet (with Private Keys) is on a Raspberry Pi. I downloaded the source and managed to compile it on the pi itself! :) Though there were some gymnastics needed to setup the Pi. My Pi is running Raspbian based on Wheezy.. quite old! I did the following on the Pi:
apt-get update apt-get upgrade (<---took about an hour!) apt-get install autotools-dev apt-get install autoconf
Then I followed the instructions exactly as I had done for my Debian Desktop machine, EXCEPT: I had to increase the Pi's swap space. I upped it from 100Mb to 400Mb. The compilation took 7 hours, and my poor SD card got a thrashing. But after compilation, I put the Swap back to 100Mb and Armory runs ok with about 150Mb of memory (no swap needed). Swap increase on the Pi: use your favourite editor, and open the file /etc/dphys-swapfile add/change the following line:
Then, REBOOT the Pi:
sudo shutdown -h -P now
Once the compilation was done on the Pi, put the swap back, rebooted and created an Armory wallet. I added manual entropy and upped the encryption 'time' from 250ms to 2500ms - since the Pi is slow, but I'll be happy to wait for more iterations in the Key Derivation Function. Once the wallet was created, it obviously prompts you for backup. I want to add a private key of my own (i.e. import), so don't do the backup until this is over. I import my Private Key, and Armory checks that this corresponds to a Public Key, which I check is correct. This is the point now where the Pi storage medium (e.g an SD card) has to be properly destroyed if you ever get rid of it. I had thought that now would be a good time to decide if your new wallet will generate Segwit receiving addresses, and also addresses used to receive 'change' after a transaction.. But it seems Armory WON'T let you switch to P2SH-P2WPKH unless your Armory is connected to a node offering "WITNESS" service. Obviously, my Pi is offline and will never connect to a node, so the following will not work on the Pi:
x Use File Settings Fee and address types.
x Set the "Preferred Receive Address Type" to P2SH-P2WPKH
x Also Set the "Change Address" to P2SH-P2WPKH for left-over loose change!
NB: I thought about setting this on the Debian "watch-only" wallet, but that would surely mean doom, as the Pi would not know about those addresses and backups might not keep them.. who knows... So, end result:- no segwit for me just yet in my offline funds.
--If anyone can offer a solution to this, I'd be very grateful--
Ok, now this is a good point to back up your wallet on the Pi. It has your imported keys. I choose a Digital Backup - and put it on a USB key, which will never touch the internet and will be stored off-site. I also chose to encrypt it, because I'm good with passwords.. NB: The Armory paper backup will NOT back up your imported private keys, so keep those somewhere if you're not sweeping them. It would be prudent to have an Armory paper backup anyway, but remember it will likely NOT help you with that imported key. Now for the watch-only copy of the wallet. I want to get the "watch-only" version onto my Desktop Debian machine. On the Pi, I created (exported to a USB key) a "watching-only" copy of my wallet. I would use the RECOMMENDED approach, export the "Entire Wallet File". As you will see below, I initially exported only the ROOT data, which will NOT capture the watching-only part of the Private Key I entered manually above (i.e. the public Key!). Now, back on the Debian Desktop machine... I stopped all my crontab jobs; just give Armory uninterrupted CPU/memory/disk... I also stopped bitcoind and made a backup prior to any watch-only wallet being imported. I already made a backup of Armory on my Desktop, before any wallet import. (this was needed, as I made a mistake.. see below) So on the Debian Desktop machine, I begin by firing up bitcoind. my command for this is:
I know from bitter experience that doing a scan over the blockchain for a new wallet takes a looong time and a lot of CPU, and I'd like it to play nicely; not gobble all the memory and swap and run my 2xCPUs both at 100% for four hours... So... I aim to run with --ram-usage=X and --thread-count=X (For me in the end, X=1 but I began with X=4) I began with --ram-usage=4 (<--- = 4x128Mb) The result is below...
TypeError: cannot concatenate 'str' and 'int' objects
It didn't recognise the ram-usage and carried on, crippling my Debian desktop PC. This is where it gets dangerous; Armory can gobble so much memory and CPU that the windowing environment can cease up, and it can take over 30 minutes just to exit nicely from bitcoind and ArmoryDB. So, I ssh to the machine from another computer, and keep an eye on it with the command
I'd also be able to do a "sudo reboot now" if needed from here.
So, trying to get my --ram-usage command recognised, I tried this line (added quotes):
Loading Armory Engine: Armory Version: 0.96.4 Armory Build: None PyBtcWallet Version: 1.35 Detected Operating system: Linux OS Variant : ('debian', '9.4', '') User home-directory : /home/ Satoshi BTC directory : /BlockChain/chain20180414 Armory home dir : /ArmoryDataDi ArmoryDB directory : /ArmoryDataDidatabases Armory settings file : /ArmoryDataDiArmorySettings.txt Armory log file : /ArmoryDataDiarmorylog.txt Do wallet checking : True (ERROR) ArmoryUtils.py:3723 - Unsupported language specified. Defaulting to English (en) (ERROR) ArmoryQt.py:1833 - Failed to start Armory database: cannot concatenate 'str' and 'int' objects Traceback (most recent call last): File "ArmoryQt.py", line 1808, in startArmoryDBIfNecessary TheSDM.spawnDB(str(ARMORY_HOME_DIR), TheBDM.armoryDBDir) File "/BitcoinArmory/SDM.py", line 387, in spawnDB pargs.append('--ram-usage=' + ARMORY_RAM_USAGE) TypeError: cannot concatenate 'str' and 'int' objects
So, I edit the Armory python file SDM.py:
if ARMORY_RAM_USAGE != -1: pargs.append('--ram-usage=4') #COMMENTED THIS, SO I CAN HARDCODE =4 # ' + ARMORY_RAM_USAGE)
Running it, I now have acknowledgement of the --ram-usage=4:
(WARNING) SDM.py:400 - Spawning DB with command: /BitcoinArmory/ArmoryDB --db-type="DB_FULL" --cookie --satoshi-datadir="/BlockChain/chain20180414/blocks" --datadir="/ArmoryDataDi" --dbdir="/ArmoryDataDidatabases" --ram-usage=4
Also, even with ram-usage=4, it used too much memory, so I told it to quit. It took over 30 minutes to stop semi-nicely. The last thing it reported was:
ERROR - 00:25:21: (StringSockets.cpp:351) FcgiSocket::writeAndRead FcgiError: unexpected fcgi header version
But that didn't seem to matter or corrupt the Armory Database, so I think it's ok. So, I get brave and change SDM.py as below, and I make sure my script has a command line for --ram-usage="ABCDE" and --thread-count="FGHIJ"; the logic being that these strings "ABCDE" will pass the IF criteria below, and my hardcoded values will be used...
if ARMORY_RAM_USAGE != -1: pargs.append('--ram-usage=1') #COMMENTED THIS, SO I CAN HARDCODE =1 # ' + ARMORY_RAM_USAGE) if ARMORY_THREAD_COUNT != -1 pargs.append('--thread-count=1') #COMMENTED THIS, SO I CAN HARDCODE =1 #' + ARMORY_THREAD_COUNT)
So, as usual, I use my script and start this with: ./StartArm.sh (which uses command line:)
(this forces it to use my hard-coded values in SDM.py...) So, this is the command which it reports that it starts with:
(WARNING) SDM.py:400 - Spawning DB with command: /BitcoinArmory/ArmoryDB --db-type="DB_FULL" --cookie --satoshi-datadir="/BlockChain/chain20180414/blocks" --datadir="/ArmoryDataDi" --dbdir="/ArmoryDataDidatabases" --ram-usage=1 --thread-count=1
Again, this is where it gets dangerous; Armory can gobble so much memory and CPU that the windowing environment can cease up. So I ssh to the machine and keep an eye on it with:
So, on the Debian Desktop PC, I inserted the USB stick with the watch-only wallet I exported from the Pi. Start Armory... Import "Entire Wallet File" watch-only copy. Wait 4 hours.. YAY!!! After running Armory for about 30m, the memory usage dropped by 400m... wierd... It took ~2 hours to get 40% completion. After 3.5 hours it's almost there... The memory went up to about 1.7Gb in use and 900Mb of Swap, but the machine remained fairly responsive throughout, apart from a few (10?) periods at the start, where it appeared to freeze for 10-30s at a time. (That's where my ssh session came in handy - I could check the machine was still ok with a "free -h" command) Now, I can: Create an unsigned transaction on my Desktop, Save the tx to USB stick, Move to the Pi, Sign the tx, Move back to the Desktop, Broadcast the signed tx.
My initial Mistake: This caused me to have to roll-back my Armory database, using the backup. so you should try to avoid doing this.. On the Pi, I exported only the ROOT data, which will NOT capture the watching-only part of the Private Key It is RECOMMENDED to use the Digital Export of Entire Wallet File from the Pi when making a watch-only copy. If you just export just the "ROOT data", not the "Entire Wallet File", you'll have problems if you used an imported Private Key in the offline wallet, like I did. Using the ROOT data text import, after it finished... my balance was zero. So,. I tried a Help->Rescan Balance (Restart Armory, takes 1minute to get back up and running) No Luck. Still zero balance. So, I try Rescan Databases.. This will take longer. Nah.. no luck. So, I tried again, thinking it might be to do with the fact that I imported the text "root data" stuff, instead of following the (Recommended) export of watching-wallet file. So, I used my Armory backup, and wound back the ArmoryDataDi to the point before the install of the (zero balance) wallet. (you should not need to do this, as you will hopefully use the RECOMMENDED approach of exporting the "Entire Wallet File"!)
bitcoin-qt ready for use within half an hour … download an up-to-date pruned blockchain
Let us discuss how safe this is :-) This tutorial is for Linux only but people using other operating systems will understand what to do. Download the bitcoin blockchain https://drive.google.com/drive/folders/0B0nH34wIYOSlSG81ZUZUZGZjVkE?usp=sharing This will download (~20 minutes) the 2485 MB file: bitcoin_blockchain_pruned_550MB_19aug2016.tar.gz It contains only blocks, no wallet or log files. It has been created with -prune=550 Unpack tar -zxvf bitcoin_blockchain_pruned_550MB_19aug2016.tar.gz and observe it contains only blocks and chain state data. This will create the directory: .bitcoin_pruned_550MB_19aug2016 Let’s assume you move this to ~/.bitcoin_pruned, so mv .bitcoin_pruned_550MB_19aug2016 ~/.bitcoin_pruned Run bitcoin-qt When you start bitcoin-qt, a new wallet will be created: back it up first. My advice is to use bitcoin-qt 0.13.0rc3, because it creates a HD wallet that never runs out of addresses. Start bitcoin-qt in fast start-up mode first: bitcoin-qt –prune=550 –checklevel=2 –checkblocks=10 –checkblocksverify=10 –datadir=yourpath/.bitcoin_pruned and let it sync quickly. Check more thoroughly next time with 10 -> 500000. You can have a quick look at what’s happening: tail ~/.bitcoin_pruned/debug.log.
FOR NOW, the drawback is that if you want to add addresses (watch-only or spendable) that already contain bitcoins, you have to create the pruned blockchain from scratch yourself, which takes a lot of time (or have someone with a full blockchain rescan the wallet for you). This is not really necessary: if the user is not interested in the history of his transactions, the balances can be obtained directly from the UTXO set. It has already been approved to add this feature in some future Core release: https://github.com/bitcoin/bitcoin/issues?q=is%3Aissue+is%3Aopen+label%3AWallet, #8497. I will automatically update the google drive with new up-to-date blockchains soon. EDIT: openssl dgst -sha256 bitcoin_blockchain_pruned_550MB_19aug2016.tar.gz SHA256(bitcoin_blockchain_pruned_550MB_19aug2016.tar.gz)= ce36bcb9ab691c358b27d3051f8f38452bc182ca636eae992563c60805a9d4b0
Sent BTC from wallet to another, both wallets empty
I wanted to move my bitcoins from Bitcoin QT to Electrum. I took electrum's address, sent it from QT and both wallets are empty. I had to do some critical system funcitons which was the impetus to this move. QT was 50% of my harddrive. I made the move, was too pressed for time to confirm the transaction, and deleted bitcoin folder. I made a backup of the wallet just in case. A few days later, I noticed the funds never made it to electrum. Loaded the backup on QT just to be sure, and QT is empty as well. Are the bitcoins gone or can I investigate this further? It was .91 BTC. edit: Resolved! For anyone who may be having the same issue and searches for this.. There was a lot of good info but litecoin-p2pool pointed out that due to a datadir command I performed to mvoe the directory from C:\ to d:\, I inadvertently created a new wallet. Bringing the original wallet back to d:\ performed a rescan which turned up the coins.
Facilitating Discussion of 0.9.0 FINAL of Bitcoin Core (aka Bitcoin QT)
To facilitate a detailed discussion of some of the finer points of this update, I added numbering to each bullet in release notes, and also posted it to RapGenius, where people can annotate it if they'd like. I'm not a programmer, but I'm curious to hear what programmers and other people smarter than me have to say about all the new changes. http://rapgenius.com/The-bitcoin-dev-team-bitcoin-090-final-lyrics EDIT1 : Doh! Reddit detroyed all the formatting and now i'm on baby duty so can't fix it. EDIT 2: Nap time! Just fixed the formatting :) ---- 0.9.0 RELEASE NOTES ---- Part 1. RPC: 1.1 - New notion of 'conflicted' transactions, reported as confirmations: -1 1.2 - 'listreceivedbyaddress' now provides tx ids 1.3 - Add raw transaction hex to 'gettransaction' output 1.4 - Updated help and tests for 'getreceivedby(account|address)' 1.5 - In 'getblock', accept 2nd 'verbose' parameter, similar to getrawtransaction, but defaulting to 1 for backward compatibility 1.6 - Add 'verifychain', to verify chain database at runtime 1.7 - Add 'dumpwallet' and 'importwallet' RPCs 1.8 - 'keypoolrefill' gains optional size parameter 1.9 - Add 'getbestblockhash', to return tip of best chain 1.10 - Add 'chainwork' (the total work done by all blocks since the genesis block) to 'getblock' output 1.11 - Make RPC password resistant to timing attacks 1.12 - Clarify help messages and add examples 1.13 - Add 'getrawchangeaddress' call for raw transaction change destinations 1.14 - Reject insanely high fees by default in 'sendrawtransaction' 1.15 - Add RPC call 'decodescript' to decode a hex-encoded transaction script 1.16 - Make 'validateaddress' provide redeemScript 1.17 - Add 'getnetworkhashps' to get the calculated network hashrate 1.18 - New RPC 'ping' command to request ping, new 'pingtime' and 'pingwait' fields in 'getpeerinfo' output 1.19 - Adding new 'addrlocal' field to 'getpeerinfo' output 1.20 - Add verbose boolean to 'getrawmempool' 1.21 - Add rpc command 'getunconfirmedbalance' to obtain total unconfirmed balance 1.22 - Explicitly ensure that wallet is unlocked in importprivkey 1.23 - Add check for valid keys in importprivkey Part 2. Command-line options: 2.1 - New option: -nospendzeroconfchange to never spend unconfirmed change outputs 2.2 - New option: -zapwallettxes to rebuild the wallet's transaction information 2.3 - Rename option '-tor' to '-onion' to better reflect what it does 2.4 - Add '-disablewallet' mode to let bitcoind run entirely without wallet (when built with wallet) 2.5 - Update default '-rpcsslciphers' to include TLSv1.2 2.6 - make '-logtimestamps' default on and rework help-message 2.7 - RPC client option: '-rpcwait', to wait for server start 2.8 - Remove '-logtodebugger' 2.9 - Allow -noserver with bitcoind Part 3. Block-chain handling and storage: 3.1 - Update leveldb to 1.15 3.2 - Check for correct genesis (prevent cases where a datadir from the wrong network is accidentally loaded) 3.3 - Allow txindex to be removed and add a reindex dialog 3.4 - Log aborted block database rebuilds 3.5 - Store orphan blocks in serialized form, to save memory 3.6 - Limit the number of orphan blocks in memory to 750 3.7 - Fix non-standard disconnected transactions causing mempool orphans 3.8 - Add a new checkpoint at block 279,000 Part 4. Wallet: 4.1 - Bug fixes and new regression tests to correctly compute the balance of wallets containing double-spent (or mutated) transactions 4.2 - Store key creation time. Calculate whole-wallet birthday 4.3 - Optimize rescan to skip blocks prior to birthday 4.4 - Let user select wallet file with -wallet=foo.dat 4.5 - Consider generated coins mature at 101 instead of 120 blocks 4.6 - Improve wallet load time 4.7 - Don't count txins for priority to encourage sweeping 4.8 - Don't create empty transactions when reading a corrupted wallet 4.9 - Fix rescan to start from beginning after importprivkey 4.10 - Only create signatures with low S values Part 5. Mining: 5.1 - Increase default -blockmaxsize/prioritysize to 750K/50K 5.2 - 'getblocktemplate' does not require a key to create a block template 5.3 - Mining code fee policy now matches relay fee policy Part 6. Protocol and network: 6.1 - Drop the fee required to relay a transaction to 0.01mBTC per kilobyte 6.2 - Send tx relay flag with version 6.3 - New 'reject' P2P message (BIP 0061, see https://gist.github.com/gavinandresen/7079034 for draft) 6.4 - Dump addresses every 15 minutes instead of 10 seconds 6.5 - Relay OP_RETURN data TxOut as standard transaction type 6.6 - Remove CENT-output free transaction rule when relaying 6.7 - Lower maximum size for free transaction creation 6.8 - Send multiple inv messages if mempool.size > MAX_INV_SZ 6.9 - Split MIN_PROTO_VERSION into INIT_PROTO_VERSION and MIN_PEER_PROTO_VERSION 6.10 - Do not treat fFromMe transaction differently when broadcasting 6.11 - Process received messages one at a time without sleeping between messages 6.12 - Improve logging of failed connections 6.13 - Bump protocol version to 70002 6.14 - Add some additional logging to give extra network insight 6.15 - Added new DNS seed from bitcoinstats.com Part 7. Validation: 7.1 - Log reason for non-standard transaction rejection 7.2 - Prune provably-unspendable outputs, and adapt consistency check for it 7.3 - Detect any sufficiently long fork and add a warning 7.4 - Call the -alertnotify script when we see a long or invalid fork 7.5 - Fix multi-block reorg transaction resurrection 7.6 - Reject non-canonically-encoded serialization sizes 7.7 - Reject dust amounts during validation 7.8 - Accept nLockTime transactions that finalize in the next block Part 8. Build system: 8.1 - Switch to autotools-based build system 8.2 - Build without wallet by passing --disable-wallet to configure, this removes the BerkeleyDB dependency 8.3 - Upgrade gitian dependencies (libpng, libz, libupnpc, boost, openssl) to more recent versions 8.4 - Windows 64-bit build support 8.5 - Solaris compatibility fixes 8.6 - Check integrity of gitian input source tarballs 8.7 - Enable full GCC Stack-smashing protection for all OSes Part 9. GUI: 9.1 - Switch to Qt 5.2.0 for Windows build 9.2 - Add payment request (BIP 0070) support 9.3 - Improve options dialog 9.4 - Show transaction fee in new send confirmation dialog 9.5 - Add total balance in overview page 9.6 - Allow user to choose data directory on first start, when data directory ismissing, or when the -choosedatadir option is passed 9.7 - Save and restore window positions 9.8 - Add vout index to transaction id in transactions details dialog 9.9 - Add network traffic graph in debug window 9.10 - Add open URI dialog 9.11 - Add Coin Control Features 9.12 - Improve receive coins workflow: make the 'Receive' tab into a form to request payments, and move historical address list functionality to File menu 9.13 - Rebrand to Bitcoin Core 9.14 - Move initialization/shutdown to a thread. This prevents "Not responding" messages during startup. Also show a window during shutdown 9.15 - Don't regenerate autostart link on every client startup 9.16 - Show and store message of normal bitcoin:URI 9.17 - Fix richtext detection hang issue on very old Qt versions 9.18 - OS X: Make use of the 10.8+ user notification center to display Growl-like notifications 9.19 - OS X: Added NSHighResolutionCapable flag to Info.plist for better font rendering on Retina displays 9.20 - OS X: Fix bitcoin-qt startup crash when clicking dock icon 9.21 - Linux: Fix Gnome bitcoin: URI handler Part 10. Miscellaneous: 10.1 - Add Linux script (contrib/qos/tc.sh) to limit outgoing bandwidth 10.2 - Add '-regtest' mode, similar to testnet but private with instant block generation with 'setgenerate' RPC 10.3 - Add 'linearize.py' script to contrib, for creating bootstrap.dat 10.4 - Add separate bitcoin-cli client
Bitcoin Core 0.10.0 released | Wladimir | Feb 16 2015
Wladimir on Feb 16 2015: Bitcoin Core version 0.10.0 is now available from: https://bitcoin.org/bin/0.10.0/ This is a new major version release, bringing both new features and bug fixes. Please report bugs using the issue tracker at github: https://github.com/bitcoin/bitcoin/issues The whole distribution is also available as torrent: https://bitcoin.org/bin/0.10.0/bitcoin-0.10.0.torrent magnet:?xt=urn:btih:170c61fe09dafecfbb97cb4dccd32173383f4e68&dn;=0.10.0&tr;=udp%3A%2F%2Ftracker.openbittorrent.com%3A80%2Fannounce&tr;=udp%3A%2F%2Ftracker.publicbt.com%3A80%2Fannounce&tr;=udp%3A%2F%2Ftracker.ccc.de%3A80%2Fannounce&tr;=udp%3A%2F%2Ftracker.coppersurfer.tk%3A6969&tr;=udp%3A%2F%2Fopen.demonii.com%3A1337&ws;=https%3A%2F%2Fbitcoin.org%2Fbin%2F Upgrading and downgrading How to Upgrade If you are running an older version, shut it down. Wait until it has completely shut down (which might take a few minutes for older versions), then run the installer (on Windows) or just copy over /Applications/Bitcoin-Qt (on Mac) or bitcoind/bitcoin-qt (on Linux). Downgrading warning Because release 0.10.0 makes use of headers-first synchronization and parallel block download (see further), the block files and databases are not backwards-compatible with older versions of Bitcoin Core or other software:
Blocks will be stored on disk out of order (in the order they are
received, really), which makes it incompatible with some tools or other programs. Reindexing using earlier versions will also not work anymore as a result of this.
The block index database will now hold headers for which no block is
stored on disk, which earlier versions won't support. If you want to be able to downgrade smoothly, make a backup of your entire data directory. Without this your node will need start syncing (or importing from bootstrap.dat) anew afterwards. It is possible that the data from a completely synchronised 0.10 node may be usable in older versions as-is, but this is not supported and may break as soon as the older version attempts to reindex. This does not affect wallet forward or backward compatibility. Notable changes Faster synchronization Bitcoin Core now uses 'headers-first synchronization'. This means that we first ask peers for block headers (a total of 27 megabytes, as of December 2014) and validate those. In a second stage, when the headers have been discovered, we download the blocks. However, as we already know about the whole chain in advance, the blocks can be downloaded in parallel from all available peers. In practice, this means a much faster and more robust synchronization. On recent hardware with a decent network link, it can be as little as 3 hours for an initial full synchronization. You may notice a slower progress in the very first few minutes, when headers are still being fetched and verified, but it should gain speed afterwards. A few RPCs were added/updated as a result of this:
getblockchaininfo now returns the number of validated headers in addition to
the number of validated blocks.
getpeerinfo lists both the number of blocks and headers we know we have in
common with each peer. While synchronizing, the heights of the blocks that we have requested from peers (but haven't received yet) are also listed as 'inflight'.
A new RPC getchaintips lists all known branches of the block chain,
including those we only have headers for. Transaction fee changes This release automatically estimates how high a transaction fee (or how high a priority) transactions require to be confirmed quickly. The default settings will create transactions that confirm quickly; see the new 'txconfirmtarget' setting to control the tradeoff between fees and confirmation times. Fees are added by default unless the 'sendfreetransactions' setting is enabled. Prior releases used hard-coded fees (and priorities), and would sometimes create transactions that took a very long time to confirm. Statistics used to estimate fees and priorities are saved in the data directory in the fee_estimates.dat file just before program shutdown, and are read in at startup. New command line options for transaction fee changes:
-txconfirmtarget=n : create transactions that have enough fees (or priority)
so they are likely to begin confirmation within n blocks (default: 1). This setting is over-ridden by the -paytxfee option.
-sendfreetransactions : Send transactions as zero-fee transactions if possible
(default: 0) New RPC commands for fee estimation:
estimatefee nblocks : Returns approximate fee-per-1,000-bytes needed for
a transaction to begin confirmation within nblocks. Returns -1 if not enough transactions have been observed to compute a good estimate.
estimatepriority nblocks : Returns approximate priority needed for
a zero-fee transaction to begin confirmation within nblocks. Returns -1 if not enough free transactions have been observed to compute a good estimate. RPC access control changes Subnet matching for the purpose of access control is now done by matching the binary network address, instead of with string wildcard matching. For the user this means that -rpcallowip takes a subnet specification, which can be
a single IP address (e.g. 184.108.40.206 or fe80::0012:3456:789a:bcde)
a network/CIDR (e.g. 220.127.116.11/24 or fe80::0000/64)
a network/netmask (e.g. 18.104.22.168/255.255.255.0 or fe80::0012:3456:789a:bcde/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff)
An arbitrary number of -rpcallow arguments can be given. An incoming connection will be accepted if its origin address matches one of them. For example: | 0.9.x and before | 0.10.x | |--------------------------------------------|---------------------------------------| | -rpcallowip=192.168.1.1 | -rpcallowip=192.168.1.1 (unchanged) | | -rpcallowip=192.168.1.* | -rpcallowip=192.168.1.0/24 | | -rpcallowip=192.168.* | -rpcallowip=192.168.0.0/16 | | -rpcallowip=* (dangerous!) | -rpcallowip=::/0 (still dangerous!) | Using wildcards will result in the rule being rejected with the following error in debug.log:
Error: Invalid -rpcallowip subnet specification: *. Valid are a single IP (e.g. 22.214.171.124), a network/netmask (e.g. 126.96.36.199/255.255.255.0) or a network/CIDR (e.g. 188.8.131.52/24).
REST interface A new HTTP API is exposed when running with the -rest flag, which allows unauthenticated access to public node data. It is served on the same port as RPC, but does not need a password, and uses plain HTTP instead of JSON-RPC. Assuming a local RPC server running on port 8332, it is possible to request:
In every case, EXT can be bin (for raw binary data), hex (for hex-encoded binary) or json. For more details, see the doc/REST-interface.md document in the repository. RPC Server "Warm-Up" Mode The RPC server is started earlier now, before most of the expensive intialisations like loading the block index. It is available now almost immediately after starting the process. However, until all initialisations are done, it always returns an immediate error with code -28 to all calls. This new behaviour can be useful for clients to know that a server is already started and will be available soon (for instance, so that they do not have to start it themselves). Improved signing security For 0.10 the security of signing against unusual attacks has been improved by making the signatures constant time and deterministic. This change is a result of switching signing to use libsecp256k1 instead of OpenSSL. Libsecp256k1 is a cryptographic library optimized for the curve Bitcoin uses which was created by Bitcoin Core developer Pieter Wuille. There exist attacks against most ECC implementations where an attacker on shared virtual machine hardware could extract a private key if they could cause a target to sign using the same key hundreds of times. While using shared hosts and reusing keys are inadvisable for other reasons, it's a better practice to avoid the exposure. OpenSSL has code in their source repository for derandomization and reduction in timing leaks that we've eagerly wanted to use for a long time, but this functionality has still not made its way into a released version of OpenSSL. Libsecp256k1 achieves significantly stronger protection: As far as we're aware this is the only deployed implementation of constant time signing for the curve Bitcoin uses and we have reason to believe that libsecp256k1 is better tested and more thoroughly reviewed than the implementation in OpenSSL.  https://eprint.iacr.org/2014/161.pdf Watch-only wallet support The wallet can now track transactions to and from wallets for which you know all addresses (or scripts), even without the private keys. This can be used to track payments without needing the private keys online on a possibly vulnerable system. In addition, it can help for (manual) construction of multisig transactions where you are only one of the signers. One new RPC, importaddress, is added which functions similarly to importprivkey, but instead takes an address or script (in hexadecimal) as argument. After using it, outputs credited to this address or script are considered to be received, and transactions consuming these outputs will be considered to be sent. The following RPCs have optional support for watch-only: getbalance, listreceivedbyaddress, listreceivedbyaccount, listtransactions, listaccounts, listsinceblock, gettransaction. See the RPC documentation for those methods for more information. Compared to using getrawtransaction, this mechanism does not require -txindex, scales better, integrates better with the wallet, and is compatible with future block chain pruning functionality. It does mean that all relevant addresses need to added to the wallet before the payment, though. Consensus library Starting from 0.10.0, the Bitcoin Core distribution includes a consensus library. The purpose of this library is to make the verification functionality that is critical to Bitcoin's consensus available to other applications, e.g. to language bindings such as [python-bitcoinlib](https://pypi.python.org/pypi/python-bitcoinlib) or alternative node implementations. This library is called libbitcoinconsensus.so (or, .dll for Windows). Its interface is defined in the C header [bitcoinconsensus.h](https://github.com/bitcoin/bitcoin/blob/0.10/src/script/bitcoinconsensus.h). In its initial version the API includes two functions:
bitcoinconsensus_verify_script verifies a script. It returns whether the indicated input of the provided serialized transaction
correctly spends the passed scriptPubKey under additional constraints indicated by flags
bitcoinconsensus_version returns the API version, currently at an experimental 0
The functionality is planned to be extended to e.g. UTXO management in upcoming releases, but the interface for existing methods should remain stable. Standard script rules relaxed for P2SH addresses The IsStandard() rules have been almost completely removed for P2SH redemption scripts, allowing applications to make use of any valid script type, such as "n-of-m OR y", hash-locked oracle addresses, etc. While the Bitcoin protocol has always supported these types of script, actually using them on mainnet has been previously inconvenient as standard Bitcoin Core nodes wouldn't relay them to miners, nor would most miners include them in blocks they mined. bitcoin-tx It has been observed that many of the RPC functions offered by bitcoind are "pure functions", and operate independently of the bitcoind wallet. This included many of the RPC "raw transaction" API functions, such as createrawtransaction. bitcoin-tx is a newly introduced command line utility designed to enable easy manipulation of bitcoin transactions. A summary of its operation may be obtained via "bitcoin-tx --help" Transactions may be created or signed in a manner similar to the RPC raw tx API. Transactions may be updated, deleting inputs or outputs, or appending new inputs and outputs. Custom scripts may be easily composed using a simple text notation, borrowed from the bitcoin test suite. This tool may be used for experimenting with new transaction types, signing multi-party transactions, and many other uses. Long term, the goal is to deprecate and remove "pure function" RPC API calls, as those do not require a server round-trip to execute. Other utilities "bitcoin-key" and "bitcoin-script" have been proposed, making key and script operations easily accessible via command line. Mining and relay policy enhancements Bitcoin Core's block templates are now for version 3 blocks only, and any mining software relying on its getblocktemplate must be updated in parallel to use libblkmaker either version 0.4.2 or any version from 0.5.1 onward. If you are solo mining, this will affect you the moment you upgrade Bitcoin Core, which must be done prior to BIP66 achieving its 951/1001 status. If you are mining with the stratum mining protocol: this does not affect you. If you are mining with the getblocktemplate protocol to a pool: this will affect you at the pool operator's discretion, which must be no later than BIP66 achieving its 951/1001 status. The prioritisetransaction RPC method has been added to enable miners to manipulate the priority of transactions on an individual basis. Bitcoin Core now supports BIP 22 long polling, so mining software can be notified immediately of new templates rather than having to poll periodically. Support for BIP 23 block proposals is now available in Bitcoin Core's getblocktemplate method. This enables miners to check the basic validity of their next block before expending work on it, reducing risks of accidental hardforks or mining invalid blocks. Two new options to control mining policy:
-datacarrier=0/1 : Relay and mine "data carrier" (OP_RETURN) transactions
if this is 1.
-datacarriersize=n : Maximum size, in bytes, we consider acceptable for
"data carrier" outputs. The relay policy has changed to more properly implement the desired behavior of not relaying free (or very low fee) transactions unless they have a priority above the AllowFreeThreshold(), in which case they are relayed subject to the rate limiter. BIP 66: strict DER encoding for signatures Bitcoin Core 0.10 implements BIP 66, which introduces block version 3, and a new consensus rule, which prohibits non-DER signatures. Such transactions have been non-standard since Bitcoin v0.8.0 (released in February 2013), but were technically still permitted inside blocks. This change breaks the dependency on OpenSSL's signature parsing, and is required if implementations would want to remove all of OpenSSL from the consensus code. The same miner-voting mechanism as in BIP 34 is used: when 751 out of a sequence of 1001 blocks have version number 3 or higher, the new consensus rule becomes active for those blocks. When 951 out of a sequence of 1001 blocks have version number 3 or higher, it becomes mandatory for all blocks. Backward compatibility with current mining software is NOT provided, thus miners should read the first paragraph of "Mining and relay policy enhancements" above. 0.10.0 Change log Detailed release notes follow. This overview includes changes that affect external behavior, not code moves, refactors or string updates. RPC:
f923c07 Support IPv6 lookup in bitcoin-cli even when IPv6 only bound on localhost
b641c9c Fix addnode "onetry": Connect with OpenNetworkConnection