cryptoadvance / specter-desktop Goto Github PK

As every professional Software Project, we'll need a continuousIntegration Setup. For Reasonable alternatives are Travis-CI and Gitlab. I'm tending towards gitlab for the following reasons:

• gitlab, server and client software is openSource
• But it's also available as a service
• Integration with github is as good as Travis-CI and easy to implement (https://docs.gitlab.com/ee/user/project/integrations/github.html )

There is one disadvantage: Third-party-runtime-dependencies are better supported in Travis-CI. For that reason the POC for junction (which i did some time ago) was quite simple as it was possible to simply run the bitcoind within the travis-CI-agent: https://github.com/k9ert/junction/blob/cicd/.travis.yml
There is not even anything specific needed to be done in order to tell Travis-CI that bitcoind will run on some ports on the agents.

But for the above reasons (and more below) i think it's worth doing the extra-effort to run on gitlab. On gitlab, though, it's not possible to start a service opening a port on the agent (at least not on the publicly available agents). For that you need to run a docker-executor and specify a service-image ( https://docs.gitlab.com/ee/ci/docker/using_docker_images.html#what-is-a-service ). At the same time, that means the the tests are no longer in control when/how a bitcoind get spawned. That is imho a pitty as i really like the idea to spin-up the bitcoind as a python fixture ( https://github.com/cryptoadvance/specter-desktop/blob/master/tests/conftest.py#L15 ).

So in order to keep the ability to spinup bitcoinds on demand as a fixture, we could do that via docker. That might also be a major advantage because we might potentially integrate a whole bitcoin-core-node as a docker-image WITHIN specter-desktop.
I've created some code to show how that would work on my fork on the gitlab-branch:
https://github.com/k9ert/specter-desktop/blob/gitlab/tests/conftest.py
In that branch you can simply run the tests via docker by starting:
pytest --docker

Unfortunately such an approach no longer works with the publicly available for-free-gitlab-agents. Priviliged mode is necessary to use "Docker in docker" and therefore we need to run our own agents.
https://docs.gitlab.com/ee/ci/docker/using_docker_build.html#use-docker-in-docker-workflow-with-docker-executor

I'm already running my own agents and would proceed in that direction.

Kaspar Etter from Shiftcrypto wrote a quite interesting article here:
https://medium.com/shiftcrypto/the-pitfalls-of-multisig-when-using-hardware-wallets-9b0e98e4c19c

Roughly three topics where covered and they checked these three topics against coldcard, Ledger and Trezor and created responsible disclosures with their findings.

Specter should selfcheck against these topics mentioned there. For that the different topics need to be understood and checked with Specter. If we have findings, we should create new issues out of that.

Research wanted!

Related to #2

maybe people want to broadcast from other node, or using blockstream.info or other broadcasting service.
When tx is finalized let's offer the user to:

• broadcast from their own node
• broadcast via blockstream.info
• copy raw tx in hex format
• save for later (then tx should stay in pending psbts, but marked as finalized)

We should check with testmempoolaccept that tx is ok.

A working bitcoind (probably in regtest-mode) is essential for specter-development. However, not everyone is that familiar with getting bitcoind to run. Currently we simply assume that it needs to be there but don't give any hints on how to get it in place.
So let's change that with the help of docker.

We're currently already using docker for testing within gitlab. That image can be run like this:
docker run -d --publish 18544:18544 --expose 18544 --publish 18543:18543 --expose 18543 registry.gitlab.com/cryptoadvance/specter-desktop/python-bitcoind:latest

This is far to complicated to my taste. We haven't dicussed mining yet which would make something like "docker exec ..." necessary. Also usually as a developer one wants to develop the solution and run the tests at the same time in parallel. For this to work one wants to use different ports.

For that reason, i'm planning to make that easier via a command line interface with a nice and short handle. How about "btctrl"

Maybe something like:
python3 btctrl --start --mine
This would start the bitcoind and mine a block every 30 seconds. Maybe it could also configure specter-desktop automatically so that you don't have to do that manually.

Thoughts?

At the moment it is very limited, only destination and amount.
Let's show more information: used utxo, all outputs with change marked, corresponding address labels, addresses themselves as well.

From wallet settings we can trigger rescan.
If the node is pruned we can only rescan starting from the last available block.
First available block number is available via getblockchaininfo rpc call.

Important fields in the response:

  "pruned": true,
  "pruneheight": 1383354,

Full listing for my node:

{
  "chain": "test",
  "blocks": 1720504,
  "headers": 1720504,
  "bestblockhash": "000000000000005f7dcfca62b9617ac5dffbda66bdd8ff471448e14bfccd8ba0",
  "difficulty": 6316322.272163243,
  "mediantime": 1587331040,
  "verificationprogress": 0.995420745797055,
  "initialblockdownload": true,
  "chainwork": "000000000000000000000000000000000000000000000154f9f94f314673a06d",
  "size_on_disk": 9869662889,
  "pruned": true,
  "pruneheight": 1383354,
  "automatic_pruning": true,
  "prune_target_size": 10485760000,
  "softforks": {
    "bip34": {
      "type": "buried",
      "active": true,
      "height": 21111
    },
    "bip66": {
      "type": "buried",
      "active": true,
      "height": 330776
    },
    "bip65": {
      "type": "buried",
      "active": true,
      "height": 581885
    },
    "csv": {
      "type": "buried",
      "active": true,
      "height": 770112
    },
    "segwit": {
      "type": "buried",
      "active": true,
      "height": 834624
    }
  },
  "warnings": ""
}

From the Telegram discussion

Use satoshis, because floats are bad.
To improve the UX we can add a note under the amount that recalculates satoshis to BTC.

Also "Sending 3.856e-05 BTC to bc1....." doesn't look right.

In conjunction with #7 I'd like to build a standalone companion app that would leverage the existing codebase to allow for remote multisig partners to sign PSBTs with usb hardware wallets.

We can already support Coldcard downloaded PSBTs and Specter QR code PSBT signing with remote multisig partners by sharing the webserver's TOR onion url with them (though with no current security model it's probably not ideal to give all signers full access to the Specter Desktop UI). But usb wallet support requires a local install, rendering remote co-signers out of luck.

Projects like flaskwebgui and PyFladesk look like pretty promising ways to package a Flask site as a standalone app that can then be packaged and installed on any OS via PyInstaller.

It should be straightforward then to re-use the existing Specter HWI UI flow (detect-unlock-sign) in a separate standalone app that is just intended for remote PSBT signers. In its simplest form the PSBT can be transmitted to the signer through some secure means and then pasted/uploaded into the standalone signing app. The signed PSBT can then be downloaded and transmitted back. This could all be accomplished with any PSBT-compliant signing app, of course. But I haven't come across any that are strictly light clients (i.e. co-signers shouldn't need a full node, Electrum, etc just to sign a PSBT).

A slightly more advanced version could take advantage of our Tor layer and have the standalone app accept a Specter Desktop onion address so it can retrieve the unsigned PSBT from the server, have the user sign it, and then automatically send it back for the Specter Desktop to combine and transmit when complete.

Problem:

Create a wallet in Specter that already has txs (e.g. an already-used Ledger Segwit wallet).

Initial balance will show 0 txs, 0.0 value.

Manually running bitcoin-cli -rpcwallet=specter/my_new_wallet rescanblockchain (from block height) will identify some of the early txs but it looks like the node's internal wallet just doesn't have many pre-computed addresses stored for that new wallet so it misses all txs after the first n (6?).

By comparison Electrum wallets are generated with something like the first 1000 or 2000 addresses.

Current workaround:

In the specter UI keep requesting "new" receive addresses until the last used receive address appears (the Specter UI will say that each addr is unused, but you'll have to compare against your known receive addrs from your previous txs that happened before importing into Specter).

At this point the node's wallet is aware of all of those receive addrs. Now run rescanblockchain manually as listed above and the txs will be found and will become visible in Specter.

Solution:

• Generate many more addresses in the node's version of the wallet upon wallet creation.
• Add a "rescan from" block height option in the UI and pass that on the backend to a rescanblockchain call for that wallet.

First of many related privacy-focused utxo features.

Labeling utxos is step one toward better privacy management. Following the lead of Electrum, Wasabi, etc.

My local machine has a bitcoin.conf file configured to point to my bitcoin core node which is running on a different machine.

The relevant bitcoin.conf entry:

rpcconnect=x.x.x.x

But get_config in rpc.py is trying to parse a nonexistent rpchost attribute.

See what happens in firefox. It ignores overflow css for a table. In Chrome looks ok.

Rather than linking txs out to blockstream, pull tx and block info directly from the attached node (provided it isn't pruned) to avoid leaking any privacy info during tx lookups.

Or alternatively (and less work), allow users to point to an existing local block explorer UI (e.g. if they're running btc-rpc-explorer).

While manually running a slow rescanblockchain via bitcoin-cli if I try to access any Specter UI url:

Exception: Server responded with error code 500: {"result":null,"error":{"code":-4,"message":"Wallet is currently rescanning. Abort existing rescan or wait."},"id":0}

Plenty of other communication/querying issues possible here. Catch the error and display some useful info to the UI ("Node is temporarily unavailable because...", "Can't reach node...", etc).

Hello, I use testnet and send testnet bitcoin to the wallet, but still cannot received, even the transaction is confirmed. I use several faucets and other wallet accounts. Can you give me some advice？ Thank you!

• bitcoin.conf is:
  testnet=1
  rpcuser=bitcoin
  rpcpassword=secure
• setting is:
  
• wallet and trezors:
  

Very keen to get this running but when I run pip install cryptoadvance.specter

I get a long error with this at the end:

Command "/usr/bin/python3 -u -c "import setuptools, tokenize;__file__='/tmp/pip-build-3tssmebc/hidapi/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, __file__, 'exec'))" install --record /tmp/pip-5isalx4n-record/install-record.txt --single-version-externally-managed --compile --user --prefix=" failed with error code 1 in /tmp/pip-build-3tssmebc/hidapi/

I don't know much about python, any ideas of what it may be?

I was able to use the software without issue until my node finished syncing, at which point it returned this browser error

cryptoadvance.specter.rpc.RpcError
cryptoadvance.specter.rpc.RpcError: Server responded with error code 500: {"result":null,"error":{"code":-18,"message":"Requested wallet does not exist or is not loaded"},"id":0}

Opening/closing wallets in CORE does not seem to effect it. Any ideas?

Communication with the remote node over http is not secure - RPC credentials are sent as a plain text over the network - MITM attack is possible.
One option to fix it is to use tor (already implemented), https is also a valid option.

With https there are two options:

• use a valid certificate for the domain name, should work out of the box by setting the protocol for json-rpc to https
• self-signed certificate, requires passing the certificate for verification to the requests module.

I am trying to set up a single key native segwit wallet using an airgapped coldcard. I was able to add the coldcard device without issue but when I go to create the wallet using the key from the coldcard device I run into the error in the title. The error corresponds to this bitcoin core rpc error. I am running v0.19.1 of bitcoin core. I have pasted the relevant logs below.

specter logs:

trying 1 different configs
Detected 1 bitcoin daemons
INFO:werkzeug:127.0.0.1 - - [17/Mar/2020 17:22:00] "GET /new_wallet/ HTTP/1.1" 200 -
trying 1 different configs
Detected 1 bitcoin daemons
INFO:werkzeug:127.0.0.1 - - [17/Mar/2020 17:22:02] "GET /new_wallet/simple/ HTTP/1.1" 200 -
trying 1 different configs
Detected 1 bitcoin daemons
INFO:werkzeug:127.0.0.1 - - [17/Mar/2020 17:22:06] "POST /new_wallet/simple/ HTTP/1.1" 200 -
trying 1 different configs
Detected 1 bitcoin daemons
INFO:werkzeug:127.0.0.1 - - [17/Mar/2020 17:22:08] "POST /new_wallet/simple/ HTTP/1.1" 500 -
Traceback (most recent call last):
  File "/home/paddy/.local/lib/python3.6/site-packages/flask/app.py", line 2463, in __call__
    return self.wsgi_app(environ, start_response)
  File "/home/paddy/.local/lib/python3.6/site-packages/flask/app.py", line 2449, in wsgi_app
    response = self.handle_exception(e)
  File "/home/paddy/.local/lib/python3.6/site-packages/flask/app.py", line 1866, in handle_exception
    reraise(exc_type, exc_value, tb)
  File "/home/paddy/.local/lib/python3.6/site-packages/flask/_compat.py", line 39, in reraise
    raise value
  File "/home/paddy/.local/lib/python3.6/site-packages/flask/app.py", line 2446, in wsgi_app
    response = self.full_dispatch_request()
  File "/home/paddy/.local/lib/python3.6/site-packages/flask/app.py", line 1951, in full_dispatch_request
    rv = self.handle_user_exception(e)
  File "/home/paddy/.local/lib/python3.6/site-packages/flask/app.py", line 1820, in handle_user_exception
    reraise(exc_type, exc_value, tb)
  File "/home/paddy/.local/lib/python3.6/site-packages/flask/_compat.py", line 39, in reraise
    raise value
  File "/home/paddy/.local/lib/python3.6/site-packages/flask/app.py", line 1949, in full_dispatch_request
    rv = self.dispatch_request()
  File "/home/paddy/.local/lib/python3.6/site-packages/flask/app.py", line 1935, in dispatch_request
    return self.view_functions[rule.endpoint](**req.view_args)
  File "/home/paddy/.local/lib/python3.6/site-packages/flask_login/utils.py", line 269, in decorated_view
    return func(*args, **kwargs)
  File "/home/paddy/.local/lib/python3.6/site-packages/cryptoadvance/specter/controller.py", line 225, in new_wallet_simple
    wallet = app.specter.wallets.create_simple(wallet_name, wallet_type, key, device)
  File "/home/paddy/.local/lib/python3.6/site-packages/cryptoadvance/specter/logic.py", line 433, in create_simple
    w = Wallet(o, self)
  File "/home/paddy/.local/lib/python3.6/site-packages/cryptoadvance/specter/logic.py", line 513, in __init__
    self._dict["address"] = self.get_address(0)
  File "/home/paddy/.local/lib/python3.6/site-packages/cryptoadvance/specter/logic.py", line 611, in get_address
    return self.cli.deriveaddresses(self._dict[desc], [index, index+1])[0]
  File "/home/paddy/.local/lib/python3.6/site-packages/cryptoadvance/specter/rpc.py", line 208, in fn
    raise RpcError("Server responded with error code %d: %s" % (r.status_code, r.text), r)
cryptoadvance.specter.rpc.RpcError: Server responded with error code 500: {"result":null,"error":{"code":-5,"message":"Fingerprint is not 4 bytes (11 characters instead of 8 characters)"},"id":0}
INFO:werkzeug:127.0.0.1 - - [17/Mar/2020 17:22:08] "GET /new_wallet/simple/?__debugger__=yes&cmd=resource&f=style.css HTTP/1.1" 200 -
INFO:werkzeug:127.0.0.1 - - [17/Mar/2020 17:22:08] "GET /new_wallet/simple/?__debugger__=yes&cmd=resource&f=jquery.js HTTP/1.1" 200 -
INFO:werkzeug:127.0.0.1 - - [17/Mar/2020 17:22:08] "GET /new_wallet/simple/?__debugger__=yes&cmd=resource&f=debugger.js HTTP/1.1" 200 -
INFO:werkzeug:127.0.0.1 - - [17/Mar/2020 17:22:08] "GET /new_wallet/simple/?__debugger__=yes&cmd=resource&f=console.png HTTP/1.1" 200 -
INFO:werkzeug:127.0.0.1 - - [17/Mar/2020 17:22:08] "GET /new_wallet/simple/?__debugger__=yes&cmd=resource&f=console.png HTTP/1.1" 200 -

bitcoin core debug.log:

2020-03-18T00:22:08Z Using BerkeleyDB version Berkeley DB 4.8.30: (April  9, 2010)
2020-03-18T00:22:08Z Using wallet /home/paddy/.bitcoin/specter977a002719b56150/test
2020-03-18T00:22:08Z BerkeleyEnvironment::Open: LogDir=/home/paddy/.bitcoin/specter977a002719b56150/test/database ErrorFile=/home/paddy/.bitcoin/specter977a002719b56150/test/db.log
2020-03-18T00:22:08Z init message: Loading wallet...
2020-03-18T00:22:08Z BerkeleyEnvironment::Open: LogDir=/home/paddy/.bitcoin/specter977a002719b56150/test/database ErrorFile=/home/paddy/.bitcoin/specter977a002719b56150/test/db.log
2020-03-18T00:22:08Z [specter977a002719b56150/test] Wallet File Version = 10500
2020-03-18T00:22:08Z [specter977a002719b56150/test] Keys: 0 plaintext, 0 encrypted, 0 w/ metadata, 0 total. Unknown wallet records: 0
2020-03-18T00:22:08Z [specter977a002719b56150/test] Performing wallet upgrade to 169900
2020-03-18T00:22:08Z [specter977a002719b56150/test] Wallet completed loading in              27ms
2020-03-18T00:22:08Z [specter977a002719b56150/test] setKeyPool.size() = 0
2020-03-18T00:22:08Z [specter977a002719b56150/test] mapWallet.size() = 0
2020-03-18T00:22:08Z [specter977a002719b56150/test] mapAddressBook.size() = 0

Implement access restrictions so that other machines on the local network can't get in. Also ensures that if your Tor onion address were to ever get leaked, a password prompt would still inhibit external access.

Continuing with uxto-focused privacy with #39 and #40.

Save a label for each new receive address. When an incoming tx uses that addr, apply the label to the resulting utxo. Same as in Electrum, Wasabi, etc.

When running specter-desktop as specified in the README Flask is not auto-reloading when python, html, or css files change.

At the moment every time I generate a new address (wallet file is changed) it goes to the end of the list. It's annoying when wallets get reordered all the time.
We can implement it either by sorting wallets by file name, file creation date or include a field in the wallet file with the creation timestamp.

Hi fellows!
I started writing a miniapp that works purely with HWI. It is pretty much in progress and I would like to discuss it before I go too deep into that.

Here is the link to the app https://github.com/stepansnigirev/hwibridge

The app is not relying on Bitcoin Core and any Specter logic. It works only with HWI and it is fully stateless. It detects devices, parses PSBT, and allows you to sign transactions with relevant hardware wallets. But I am reusing all static files of Specter and HWI code as well. So it makes sense to merge it into specter repo when it's ready. I also started playing with eel there, it might be a good way to pack the app into a single binary.

The idea I have is to make a stand-alone app that can be used in two different use-cases:

• Airgap your USB hardware wallets. You can use it on your air-gapped laptop, scan PSBT from Specter on your online machine, sign with hardware wallets and display signed PSBT as QR code as well. Also should work with files transferred over SD card. So both Ledger and Trezor get airgap properties of Specter or Coldcard if you connect them to a cheap 100$ air-gapped laptop.
• Work as a bridge to HWI on your local machine. If Specter is running in the cloud or node-in-the-box, but you can't connect hardware wallets to that machine, you can run this as a bridge and allow certain domains to access HWI api over localhost.

The second use case is actually my case - I can't run a full node at home because my internet is very shitty, so I run Specter on a cheap VPS. But then I can't use USB hardware wallets, and that's sad. So this bridge would help me. I know that I can configure Specter to talk to remote Bitcoin Core node, but due to large number of requests it is pretty laggy - so for the best performance Specter should run on the same machine as Core.

The questions are:

• should it be in a separate repo or in Specter?
• what functionality can we move to the bridge and how to integrate remote bridge in Specter?
• what should the user be able to do in the bridge interface?
• what do you think about eel?

Related to #37

I created a mainnet nested segwit 2of3 wallet with a variety of usb wallets. But it immediately crashes the system:

File "/Users/kdmukai/dev/bitcoin/specter-desktop/src/specter/specter.py", line 597, in sort_descriptor
pubkeys = self.cli.getaddressinfo(address)["pubkeys"]
KeyError: 'pubkeys'

Inspecting the self.cli.getaddressinfo(address) I see that there is no 'pubkeys' attr, but there is one in the 'embedded' section. So I added a check for that:

        # get pubkeys involved
        address_info = self.cli.getaddressinfo(address)
        if 'pubkeys' in address_info:
            pubkeys = address_info["pubkeys"]
        elif 'embedded' in address_info and 'pubkeys' in address_info['embedded']:
            pubkeys = address_info["embedded"]["pubkeys"]
        else:
            raise Exception("Could not find 'pubkeys' in address info:\n%s" % json.dumps(address_info, indent=2))

That gets me through that part. But then the next hurdle is at:

File "/Users/kdmukai/dev/bitcoin/specter-desktop/src/specter/specter.py", line 543, in get_address
return self.cli.deriveaddresses(sorted_desc)[0]
File "/Users/kdmukai/dev/bitcoin/specter-desktop/src/specter/rpc.py", line 175, in fn
raise Exception("Server responded with error code %d: %s" % (r.status_code, r.text))
Exception: Server responded with error code 500: {"result":null,"error":{"code":-5,"message":"Cannot have sh in non-top level"},"id":0}

The descriptor it's working on begins:
wsh(sh(multi(2,...

But when I look at the specter wallet json it lists:

    "recv_descriptor": "sh(wsh(multi(2,...
    "change_descriptor": "sh(wsh(multi(2,

So the while the wallet's descriptor nesting is correct, it's getting transposed when loaded into Specter. Pull request on the way.

Running:
Bitcoin Core version v0.19.0.1-a284bbbee

I am probably doing it wrong but when I run:
pip install cryptoadvance.specter

I get:

ERROR: No matching distribution found for cryptoadvance.specter

Any advice for getting it working on mac?

At the moment when I sign with a USB device, HWI tries to find a device with the correct type but ignores the fingerprint. We can get the fingerprint of the device from the corresponding dictionary and filter available devices with matching fingerprints.

I bet that if at the moment one tries to sign with two Trezors connected one will fail.

Haven't dug much into this yet but the following test from #30 failed while I was running bitcoind locally in -regtest, though I suspect the regtest part is irrelevant (my dev system points to my mainnet full node on a different machine; when running bitcoind locally it's only in regtest).

=================================================== test session starts ===================================================
platform darwin -- Python 3.7.2, pytest-5.2.2, py-1.8.0, pluggy-0.13.1
rootdir: /Users/kdmukai/dev/bitcoin/specter-desktop
collected 3 items                                                                                                         

tests/test_specter.py ..F                                                                                           [100%]

======================================================== FAILURES =========================================================
______________________________________________________ test_specter _______________________________________________________

specter_not_configured = <specter.Specter object at 0x105f5f8d0>

    def test_specter(specter_not_configured):
        specter_not_configured.check()
        assert specter_not_configured.wallets is not None
        assert specter_not_configured.devices is not None
        some_json = specter_not_configured.test_rpc()
>       assert some_json["out"] == ""
E       assert '{\n    "bloc...nings": ""\n}' == ''
E         - {
E         -     "blocks": 216,
E         -     "difficulty": 4.656542373906925e-10,
E         -     "networkhashps": 0.0009210894953580927,
E         -     "pooledtx": 1,
E         -     "chain": "regtest",
E         -     "warnings": ""...
E         
E         ...Full output truncated (2 lines hidden), use '-vv' to show

tests/test_specter.py:29: AssertionError
-------------------------------------------------- Captured stdout setup --------------------------------------------------
trying 1 different configs
Detected 1 bitcoin daemons
not loaded wallets: []
-------------------------------------------------- Captured stdout call ---------------------------------------------------
trying 1 different configs
Detected 1 bitcoin daemons
not loaded wallets: []
trying 1 different configs
Detected 1 bitcoin daemons
=============================================== 1 failed, 2 passed in 0.86s ===============================================

Workaround

End the local bitcoind process and then the tests will pass once again.

I am thinking about including a hot storage functionality into the app by implementing a new device type - call it a "Hot storage" or "This computer".

Motivation:

I really like using Specter-desktop for my cold storage, but for small transactions I don't want to use my hardware wallet — my laptop is always with me, but I don't take my hardware wallets with me all the time.
At the moment I have to use another app for these small transactions without a hardware wallet - I would prefer to use Specter-desktop for this as well.

Future bonuses

If we have hot storage functionality we could later add CoinJoin and Lightning to the app.
Implementing hot storage as a device type also allows us to add the computer to the multisig setup. Or maybe even run Specter on an airgapped computer or raspberry pi purely for signing.

I think this signing functionality can be implemented as a new miniapp that can be included in Specter as an addon. But I don't know yet what would be the best architecture for a plugin system.
In principle future extensions like CoinJoin and Lightning can be also implemented as plugins.

@k9ert , @kdmukai , what do you think? Makes sense or totally insane?

HWI has a method to display address on the device. It works for single key wallets, for multisig it is not available yet, but I think it makes sense to implement this feature. Kinda critical for hardware wallets.

Can we get some Testnet vectors for a 2 of three multisig PSBT with one signature that your use in a QR and provide us with the bip39 for the second signature, so that we can test FullyNoded2 against it?

Thanks!

cc/ @Fonta1n3

— Christopher Allen

We have exactly one place where we use HWI binary as a subprocess.
https://github.com/cryptoadvance/specter-desktop/blob/master/src/cryptoadvance/specter/views/hwi.py#L50

This means that if hwi is not in PATH everything fails.
We should get rid of that. We can locate hwi.py using hwilib.__path__ and call it from there instead.

Running pytest and seeing:

No such image: registry.gitlab.com/cryptoadvance/specter-desktop/python-bitcoind:latest

Provide an option in the Settings UI to quickly switch back-and-forth between previously saved settings for mainnet, regtest, etc.

Picking up the conversation in #54 it seems like we should be able to query bitcoin core to characterize the current fee distribution in the mempool (e.g. btc-rpc-explorer's Mempool Summary page) in order to give some rough guidance about what a reasonable fee vs time tradeoff might be at the moment.

On the flask side when there is no javascript involved we have an error message appearing on top of the screen.

When we do javascript stuff we do alert. It's visually not great so we could create a javascript error messagebox instead.

Currently javascript errors can happen when specter is:

• communicating with the hardware wallet over HWI
• combining psbt transactions
• anything I am missing?

You can specify network-specific parameters in bitcoin.conf in sections like these.

The rpc.get_rpcconfig function in this project can't parse this options.

I am very intrigued by your wallet, and would like to test it but so far I am running into the error messages shown below.
I am running Debian 9 in a Qubes VM. I have a full, indexed node available on localhost

user@BTC-Node:~/Repositories/specter-desktop$ python3 server.py
can't load wallets... Server responded with error code 401:
can't load wallets... Server responded with error code 401:

• Serving Flask app "server" (lazy loading)
• Environment: production
  WARNING: This is a development server. Do not use it in a production deployment.
  Use a production WSGI server instead.
• Debug mode: on
• Running on http://127.0.0.1:25441/ (Press CTRL+C to quit)
• Restarting with stat
  can't load wallets... Server responded with error code 401:
  can't load wallets... Server responded with error code 401:
• Debugger is active!
• Debugger PIN: 100-013-407

If you navigate away from the send screen while signing on a device, then you can't resume the transaction.

Continuing with privacy-focused utxo improvements.

Select exactly which utxos will be involved in a particular transaction. In conjunction with #39 we would get much closer to Electrum, Wasabi, etc. level of utxo privacy management.

• Collapse the left nav into a burger menu
• Change the QR code displays to use the includes/overlay.html popups to maximize display without clipping?

Start specter-desktop on a machine that does not have a bitcoin.conf file (or is in a non-standard location). Also make sure there is no ~/.spector/config.json.

The default Specter.config sets autodetect: True. But of course autodetect will fail because it can't find bitcoin.conf.

However when manual RPC settings are entered via the UI neither "Test" nor "Save" will be able to connect because both continue to carry the autodetect: True setting. The relevant else code in get_cli in specter.py will never be run.

Maybe just stuff it towards the bottom of the left nav?

Enable on-hover QR code of the addr?

Abstract

I came across some errors/warnings in master while implementing #104 which should be dealt with in a seperate PR

[Vue warn]: Error compiling template:

value="[[amount]]": Interpolation inside attributes has been removed. Use v-bind or the colon shorthand instead. For example, instead of <div id="{{ val }}">, use <div :id="val">.

10 |  				<br><br>
11 |  				Amount:<br>
12 |  				<input type="number" name="amount" v-model="amount" value="[[amount]]" id="amount" v-bind:max="max_amount_sendable" min="0" step="1e-8" autocomplete="off">
   |                                                          ^^^^^^^^^^^^^^^^^^
13 |  				<div class="notification error" v-if="above_wallet_amount || needs_more_selected_coins">
14 |  					<ul>

(found in <Root>) vue.js:634:17

[Vue warn]: Cannot find element: #spend_coins

• Search in default folders for Linux, Mac and Windows
• Parse .cookie file if it is present
• Parse either rpcuser & rpcpassword or one-line credentials from bitcoin.conf
• Add an option to provide a path to bitcoin folder in the config menu

I've somewhat standardized my python projects with a loose adherence to PEP-8 standards. My typical setup.cfg:

[pycodestyle]
ignore = E303,W391
max-line-length = 90

Thoughts? If acceptable I'll start light reformatting as I touch different areas.

 Traceback (most recent call last):
   File "/usr/lib/python3.7/runpy.py", line 193, in _run_module_as_main
     "__main__", mod_spec)
   File "/usr/lib/python3.7/runpy.py", line 85, in _run_code
     exec(code, run_globals)
   File "/home/bitcoin/.local/lib/python3.7/site-packages/cryptoadvance/specter/__main__.py", line 
     from .bitcoind import (BitcoindDockerController,
   File "/home/bitcoin/.local/lib/python3.7/site-packages/cryptoadvance/specter/bitcoind.py", line 
     from .server import DATA_FOLDER
   File "/home/bitcoin/.local/lib/python3.7/site-packages/cryptoadvance/specter/server.py", line 13
     from .views.hwi import hwi_views
   File "/home/bitcoin/.local/lib/python3.7/site-packages/cryptoadvance/specter/views/hwi.py", line
     from .specter_hwi import SpecterClient, enumerate as specter_enumerate
   File "/home/bitcoin/.local/lib/python3.7/site-packages/cryptoadvance/specter/views/specter_hwi.p
     import serial.tools.list_ports
 ModuleNotFoundError: No module named 'serial.tools'

This is cause by accidentally inserting the serial-dependency this commit
d9b9b2b

So removing this line in requirements.txt would solve that issue:
serial==0.0.97

Or some other deterministic method. That saves users from having to remember the order.

Some xpubs are likely to have existing historical transactions (especially USB hardware wallets) that the bitcoin node's wallet would be unaware of without doing a deeper historical rescanblockchain <height>.

Could either be on the wallet creation screen or maybe an option on the wallet settings page.

Maybe best to hide more advanced features like this on the wallet settings page to reduce UI clutter.