In this edition, we conducted an email-based interview with Alan
Reiner, core developer of Bitcoin Armory, a bitcoin wallet
focused on security. Bitcoin Armory is licensed under the terms of GNU
Affero General Public License version 3, or (at your option) any later
Tell us about yourself and Bitcoin Armory
I am the CEO of Armory Technologies, Inc and core developer of Armory
Bitcoin Wallet which is a popular, free software wallet application
focused on security for enterprise business and advanced users. It was
the first and only Bitcoin wallet to make "cold storage" (offline
wallets) accessible through an intuitive user interface, and is one of
the most trusted tools for securing and managing large bitcoin
investments. I have degrees in applied mathematics and engineering
mechanics, and additional background in statistics, data mining, and
cryptography. I spent seven years developing image & video processing
algorithms at a physics lab in Maryland before switching to Armory
full-time and founding Armory Technologies, Inc in mid-2013. I became
one of the top Bitcoin experts in the community, and a trusted source
for security best practices and innovation. My goal is to pioneer the
world of Bitcoin wallets, and make high-security easy to practice even
for "regular" users.
What inspired you to create Bitcoin Armory?
There were no other Bitcoin wallets that provided the security features
I wanted. I knew how to implement them, so I did it! It turns out
other people wanted it, too.
How are people using it?
Of all the DIY Bitcoin wallets out there, Armory is the one focused most
squarely on security. The software is trusted by some of the biggest
Bitcoin holders to keep their coins secure, featuring backup, offline,
and multi-sig features not available elsewhere.
What features do you think really sets Bitcoin Armory apart from similar software?
The ability to manage wallets/crypto keys that are kept on computers
that are not internet-connected, yet be able to gather signatures from
offline devices in a secure manner. And recently, the ability to do
"multi-signature" transactions without a third-party service (all
locally-run instances of our software). You can even combine the two
and do anonymous cold-multisig. These are critical features for major
investors and enterprise users and no other software has it.
Why did you choose the AGPL as Bitcoin Armory's license?
We wanted to make the project free software, as we don't believe that a
piece of software as security-sensitive as ours could survive as a
proprietary application. The ability for code auditing is critical
when people perceive a risk that the developers could inject code to
steal their money. However, we didn't want to limit our monetization
options by picking a permissive license. AGPL gives us the ability to
assert some control (and incentivises dual-licensing) while allowing us
to keep all the source code free.
How can users (technical or otherwise) help contribute to Bitcoin Armory?
Bitcoin Armory software is now maintained by Armory Technologies, Inc.
which is a for-profit startup that will focus on the needs of advanced
and enterprise users. We have accepted code contributions before, but I
doubt few would contribute anymore without being on our payroll. At
this time we have 5 full-time developers, and we haven't had a non-paid
contribution to the codebase in months.
If someone is interested in contributing, we'd encourage them to contact
us and send us their resume. Due to the nature and sensitivity of our
software, there's actually a pretty high learning curve to get over to
be able to make meaningful contributions to the code (that are both
effective and secure).
What's the next big thing for Bitcoin Armory?
We are working on some technical advancements, as well as promoting
our enterprise services. On the technical side, we are focusing on
multi-user encryption features that would allow enterprise clients to
appoint a set of employees to manage each signing device, without any
one employee having exclusive access. Hardware Security Modules
(HSMs) are typically used for this purpose, but are extremely
expensive ($20k+), and we wanted to be able to provide a pure-software
solution that provides most of the same benefits on consumer hardware,
especially for small businesses.
Further, we are ironing out our enterprise services, which will involve
custom adaptations and plugins to the base free software project, as well
as security consulting and training. There's a lot brewing and not
enough time to do it all!
Enjoyed this interview? Check out our previous entry in this series featuring Stephen H. Dawson and the rest of the GNU Remotecontrol team.