Downloads: https://featherwallet.org/download/

Airgapped signing with animated QR codes

This release features a major overhaul to the offline transaction signing UX and introduces animated QR codes as a way to quickly transfer data between devices.

The offline wallet has a new UI that takes away the clutter and shows only what’s relevant to airgapped signing.

You will no longer need to click through menus to import / export files. A wizard was added that guides you through the process step by step. You can choose whether to transfer using files or animated QR codes.

Feather uses Blockchain Common’s Uniform Resources library (UR for short) to chop up and encode binary data (such as an encrypted unsigned transaction) into URIs, which can then be presented as animated QR codes.

On the other side, a webcam can be used to scan the QR codes, which can then be reconstructed into the original binary data. Scanning can happen out of order, so if it ‘misses’ a QR it can pick it up in the next cycle. You just keep scanning until the progress bar fills up to 100%.

By default, each QR translates to roughly ~50 bytes of binary data and animates at 12.5 fps. This was chosen conservatively to allow even the worst webcams I tested with to scan easily. A signed 2-in/2-out transaction (~2.2 kb) takes roughly 3.4 seconds to display all fragments. With a decent webcam and a big enough screen, you can tweak these values to take as little as 280 ms. You can’t plug in a flash drive that fast.

Key images are kept in sync as you spend, so you will only infrequently have to synchronize them manually. Typically this is only required when you send your first transaction or don’t have enough outputs with known key images to construct a transaction. When you do need to synchronize, the wizard will guide you through the two extra steps.

A lot of effort went into making the process less prone to breakage, while keeping compatibility with other wallets. You shouldn’t encounter issues when restoring from seed, wiping your wallet cache, using a partially restored view-only wallet, or switching to a different view-only wallet file.

Monero’s current binary format for inputs, outputs, and (un)signed transactions makes implicit assumptions about the state of the wallet that imports the data, which works if everything is done correctly, but is very brittle in practice.

To work around this, the offline wallet no longer stores imported outputs or transaction records. It can’t keep an accurate history because it is not connected to a node (and should never be), so why even try. This allows us take a more functional approach to airgapped signing. Given a set of outputs, it returns the associated key images. Given a unsigned transaction, it returns a signed transaction (if the user approves).

To learn how to set up an airgapped wallet and spend from it, follow the guide here.

A special thanks to r4v3r23 from ANONERO, an airgapped wallet for Android that implements UR, for brainstorming ideas and helping test compatibility.

Plugins

This release introduces a preliminary plugin system. Many features that are not essential wallet functions that were present in the previous release are now plugins.

To manage which plugins are enabled, go to Settings → Plugins. Currently, all plugins are enabled by default. If a plugin is disabled, its code is never instantiated.

The Home tab was divided into 5 plugins: Crowdfunding, Bounties, Reddit, Revuo and Tickers. If none of those plugins are enabled, the Home tab is removed completely. It won’t even show up under ‘View’.

Similarly, disabling the LocalMonero plugin removes the Exchanges tab. Other tabs that are now plugins are Calc and Mining.

The plugin system is a notable improvement over the current state:

  • It may serve as a mechanism to introduce experimental features that we’d to like collect feedback and iterate on, before considering if they’re useful enough to enable by default. Or allow us to ship niche features that are useful only to a small subset of users, without complicating the default UI.
  • Users that enjoy a more minimal experience now have the option to completely disable features they don’t use. It was already possible to “Hide” optional features, but this goes a step further by preventing the associated code from being executed.
  • (Individual) plugins can easily be disabled during build time, in which case they will simply be absent from the app. This opens the possibility for a “minimal” Feather distribution in the future.
  • Should a plugin cease to be relevant, it can be removed without requiring changes to other parts of the code.

Plugins can’t (currently) be loaded dynamically. This means that there is no plugins folder to drop new plugins in. Only plugins that exist in Feather’s source tree and that are included during the build process are available in the app.

There is an ongoing discussion on whether to allow third-party plugins or exchange integrations. I would like to hear your feedback on this. I will not accept new plugins until the plugin interface is finalized and we reach rough consensus on how to move forward on this.

Additional entropy from dice rolls

You can now optionally use dice rolls or coins flips to generate additional entropy for the creation of a Polyseed.

For usage information, check the documentation.

Receive tab

The Receive tab has a new options menu. It is accessible from the settings icon next to the search bar or by right-clicking the table header. Options are now persisted and the index and label columns can now be hidden.

You can now Pin an address to move it to the top of the table and keep it visible regardless of filter settings. This may be useful to keep a quick reference of an address that was given out to an exchange or a friend, or as a reminder to check up on expected payments.

Additions

  • The CCS tab was renamed to “Crowdfunding”. It now shows active funding campaigns from MAGIC Monero Fund in addition to the CCS. (Thanks to Rucknium for working on the API.)
  • You can now configure the tickers shown in the Tickers plugin. To do this, select the Tickers plugin in the settings and click Configure.
  • Added an option to obscure the seed entry when restoring a seed.
  • Added Trezor Safe 3 to the list of supported hardware devices.
  • The tables in the Bounties and Reddit plugins are now sort-able.
  • Improved error messages when spendable balance is insufficient to pay for the transaction fee.

Bugfixes

  • Failing to enter a valid password when opening a wallet should no longer prevent the program from exiting completely
  • Fixed an issue that could prevent icons in table views from showing on Windows
  • Fixed an issue that triggered a crash when Scan was pressed on the Send tab on Windows
  • The Flatpak release should no longer fail to start the embedded Tor binary
  • Feather should no longer fail to connect to the bundled Tor daemon after a crash
  • Desktop files created with AppImage builds should now write the correct application path
  • Fixed an edge-case where partial view-only wallet restores could show transaction history entries with unrealistic balance mutations
  • Reduced the chance of transaction construction failing due to network issues in the later stages of construction

Maintenance

Updated OpenSSL to 3.2.0
Updated Qt to 6.6.1
Updated Tor to 0.4.8.9

How to help verify reproducible builds

Would you like to help users reach greater confidence that Feather is bit-by-bit reproducible across a wide range of systems? And, do you have access to a decent Linux machine?

Here is all you need to do to get builds running:

(0) System requirements

OS      : any GNU/Linux distribution
Storage : 60 GB free
Cores   : 4 or higher (recommended)
Memory  : 2 GB per thread

You will also need a GitHub account and a GPG key to attest your builds.

(1) Install Guix

$ apt install guix

(or the equivalent for your package manager)

(2) Clone Feather

$ git clone https://github.com/feather-wallet/feather.git
$ cd feather
$ git checkout 2.6.0

(Don’t forget to checkout the version you want to build!)

(3) Run the builds

$ ./contrib/guix/guix-build

This may take several hours depending on the speed of your CPU.

(4) Attest your build outputs

Follow the steps here: https://paste.debian.net/plainh/2457c02c

If you get stuck on any step or your hashes don’t match, please let us know. Joining the Matrix/irc channel is best for this.

A special thanks to MoneroArbo and plowsof for submitting their signed build hashes before the release.

  • alphonse@monero.town
    link
    fedilink
    arrow-up
    0
    ·
    edit-2
    11 months ago

    Thank you very much for your continued hard work.

    I would really like to see feather avoid exchange integrations, but given that I wouldn’t have to load it, i suppose it’s implementation won’t affect me.