Three primary GUI flows need to be created.
-First flow is satisfying dependencies:
--automated installing of required packages: jq, curl (for downloading Bitcoin Core), gpg (for validating Bitcoin Core)
--automated installing and validation of Bitcoin Core
--once all dependencies setup, shutdown networking and start Bitcoin Core
+1. Satisfying dependencies
+Upon startup, a window should appear checking for dependencies, asking to install any if they're missing. Automated installing of required packages jq, curl (for downloading Bitcoin Core), and gpg (for validating Bitcoin Core) will occur with an optional window showing command line progress. Bitcoin Core will then be validated and installed. The dependency window will disappear, startup window will appear, networking will be down down, Bitcoin Core will be started and the main window will appear. The main window will contains sections or buttons for starting other flows.
NOTE: mount/umount have C bindings (see `man mount.2` and `man umount.2`). The functionality of nmcli, shred, eject, base64, and wipefs should be able to be easily extracted from source-code of their respective packages and can be eliminated as dependencies. mkfs.ext4 is part of the e2fsprogs package and is an essential package in Debian, meaning it must be available and usable (see https://www.debian.org/doc/debian-policy/ch-binary.html#essential-packages for more information). The rest of the commands used above (echo, tr, cat, dd) can be eliminated by simple functions.
-Second flow is creating multi-signature setup:
--entering passphrase and generating cryptsetup key
--choosing, mounting, setting up, unmounting usbs one-by-one
--walkthrough for setting up a live wallet in Bitcoin Core on a separate computer
+2. Second flow is creating multi-signature setup
+Started from the main window. Will ask user for a passphrase and then to confirm passphrase. If they match will use it to setup cryptsetup keys to be used on each usb drive. Will ask user to insert a usb drive. Once usb drive is detected, warning will pop up asking to format and encrypt drive. Background process will start which will encrypt drive using cryptsetup and setup a filesystem on the encrypted drive. Wallet file and descriptor will be copied to drive. Drive will be unmounted and ejected. GUI will ask user to insert the next drive. This continues until all 14 drives are setup. Some testing process should occur here (could be abstract out into it's own flow); GUI tells user to insert drives in a random order to verify setup is completed correctly. After setup, all wallets (but not the multisig descriptor) will be destroyed. Instructions for setting up a live wallet on a separate computer (in Bitcoin Core initially) will be shown to the user.
-Third flow is restoring wallets and signing a psbt:
--instructions for generating a psbt, transferring via usb, validating transfer was successful
--loading psbt into GUI
--insert usb, decrypting, load wallet, signing psbt, saving result, unloading wallet
--saving completed psbt
+3. Restoring wallets and signing a psbt
+Started from the main window. Instructions for generating a psbt shown to the user (how to generate, how to transfer via usb, how to validate transfer, etc.). Window pops up choosing psbt to load. GUI tells user to insert wallet usb, asks for passphrase. Background process will decrypt drive, mount drive, load wallet, sign the psbt, save the result, unload and destroy the wallet, unmount and eject the drive. GUI will ask for next usb drive. Errors for repeating wallets, or invalid wallets should be handled and shown to the user. Once psbt is complete, user will pick where to save transaction. Instructions for broadcasting and validating transfer will e shown to the user.
In addition to the three primary flows, extensive testing framework should be created to validate setup. This testing framework should be able to interact with other Bitcoin software (i.e. Bitcoin Core) and validate results.
Could possibly see use cases for signing arbitrary messages.
+Would also like to work on reproducible builds for this project and static compilation. Would allow for easier setup and binary validation.
+
The major technical improvement would be to remove the dependency on Bitcoin Core (and by extension jq) and replace with custom descriptor functionality and libsecp256k1 (https://github.com/bitcoin-core/secp256k1).
home / projects / cold / commitdiff