Feather: a free Monero desktop wallet

Home | Download | Changelog | Screenshots | Docs | Help

[RSS]

2.6.5 changelog (2024-03-14)

Fixes and improvements

Maintenance

2.6.4 changelog (2024-03-10)

Fixes and improvements

Maintenance

2.6.3 changelog (2024-02-28)

This release fixes Tails detection. Previous releases may be unable to connect to nodes and default to saving wallet files outside the persistent storage on Tails 6.0 or higher.

Fixes and improvements

Maintenance

2.6.2 changelog (2024-01-03)

Fixes and small suggestions.

2.6.1 changelog (2023-12-16)

Bugfix release:

2.6.0 changelog (2023-12-09)

Airgapped signing with animated QR codes

This release features a major overhaul to the offline transaction signing UX and introduces animated QR codes as a way to quickly transfer data between devices.

The offline wallet has a new UI that takes away the clutter and shows only what’s relevant to airgapped signing.

You will no longer need to click through menus to import / export files. A wizard was added that guides you through the process step by step. You can choose whether to transfer using files or animated QR codes.

Feather uses Blockchain Common’s Uniform Resources library (UR for short) to chop up and encode binary data (such as an encrypted unsigned transaction) into URIs, which can then be presented as animated QR codes.

On the other side, a webcam can be used to scan the QR codes, which can then be reconstructed into the original binary data. Scanning can happen out of order, so if it ‘misses’ a QR it can pick it up in the next cycle. You just keep scanning until the progress bar fills up to 100%.

By default, each QR translates to roughly ~50 bytes of binary data and animates at 12.5 fps. This was chosen conservatively to allow even the worst webcams I tested with to scan easily. A signed 2-in/2-out transaction (~2.2 kb) takes roughly 3.4 seconds to display all fragments. With a decent webcam and a big enough screen, you can tweak these values to take as little as 280 ms. You can’t plug in a flash drive that fast.

Key images are kept in sync as you spend, so you will only infrequently have to synchronize them manually. Typically, this is only required when you send your first transaction or don’t have enough outputs with known key images to construct a transaction. When you do need to synchronize, the wizard will guide you through the two extra steps.

A lot of effort went into making the process less prone to breakage, while keeping compatibility with other wallets. You shouldn’t encounter issues when restoring from seed, wiping your wallet cache, using a partially restored view-only wallet, or switching to a different view-only wallet file.

Monero’s current binary format for inputs, outputs, and (un)signed transactions makes implicit assumptions about the state of the wallet that imports the data, which works if everything is done correctly, but is very brittle in practice.

To work around this, the offline wallet no longer stores imported outputs or transaction records. It can’t keep an accurate history because it is not connected to a node (and should never be), so why even try. This allows us take a more functional approach to airgapped signing. Given a set of outputs, it returns the associated key images. Given a unsigned transaction, it returns a signed transaction (if the user approves).

To learn how to set up an airgapped wallet and spend from it, follow the guide here.

A special thanks to r4v3r23 from ANONERO, an airgapped wallet for Android that implements UR, for brainstorming ideas and helping test compatibility.

Plugins

This release introduces a preliminary plugin system. Many features that are not essential wallet functions that were present in the previous release are now plugins.

To manage which plugins are enabled, go to Settings → Plugins. Currently, all plugins are enabled by default. If a plugin is disabled, its code is never instantiated.

The Home tab was divided into 5 plugins: Crowdfunding, Bounties, Reddit, Revuo and Tickers. If none of those plugins are enabled, the Home tab is removed completely. It won’t even show up under ‘View’.

Similarly, disabling the LocalMonero plugin removes the Exchanges tab. Other tabs that are now plugins are Calc and Mining.

The plugin system is a notable improvement over the current state:

Plugins can’t (currently) be loaded dynamically. This means that there is no plugins folder to drop new plugins in. Only plugins that exist in Feather’s source tree and that are included during the build process are available in the app.

There is an ongoing discussion on whether to allow third-party plugins or exchange integrations. I would like to hear your feedback on this. I will not accept new plugins until the plugin interface is finalized and we reach rough consensus on how to move forward on this.

Additional entropy from dice rolls

You can now optionally use dice rolls or coins flips to generate additional entropy for the creation of a Polyseed.

For usage information, check the documentation.

Receive tab

The Receive tab has a new options menu. It is accessible from the settings icon next to the search bar or by right-clicking the table header. Options are now persisted and the index and label columns can now be hidden.

You can now Pin an address to move it to the top of the table and keep it visible regardless of filter settings. This may be useful to keep a quick reference of an address that was given out to an exchange or a friend, or as a reminder to check up on expected payments.

Additions

Bugfixes

Maintenance

How to help verify reproducible builds

Would you like to help users reach greater confidence that Feather is bit-by-bit reproducible across a wide range of systems? And, do you have access to a decent Linux machine?

Here is all you need to do to get builds running:

System requirements

OS      : any GNU/Linux distribution
Storage : 60 GB free
Cores   : 4 or higher (recommended)
Memory  : 2 GB per thread

You will also need a GitHub account and a GPG key to attest your builds.

Install Guix

$ apt install guix

(or the equivalent for your package manager)

Clone Feather

$ git clone https://github.com/feather-wallet/feather.git
$ cd feather
$ git checkout 2.6.0

(Don’t forget to checkout the version you want to build!)

Run the builds

$ ./contrib/guix/guix-build

This may take several hours depending on the speed of your CPU.

Attest your build outputs

Follow the steps here: https://paste.debian.net/plainh/2457c02c

If you get stuck on any step or your hashes don’t match, please let us know. Joining the Matrix/irc channel is best for this.

A special thanks to MoneroArbo and plowsof for submitting their signed build hashes before the release.

2.5.2 changelog (2023-10-19)

Documentation browser

Feather now has an offline documentation browser. It is accessible by pressing the ‘Help’ button in the wizard or by going to Help → Documentation.

Enter a keyword in the search bar to filter the list of articles and highlight matches.

If you spot an error or can’t find what you’re looking for, consider opening an issue on the feather-docs repo.

Improved error messages

In some cases error messages provide too little information to be helpful or too much and it becomes confusing. I recently came across this post, which highlighted this issue and prompted me to make a change.

Most error messages bubble up from the wallet library. It doesn’t shy away from using internal terminology and often includes unnecessary information, like references to the source code. That’s useful for developers, but not so much for users trying to understand what went wrong and what to do about it.

To address this, many error messages were rewritten for clarity and made more actionable. They should now adhere to a format that aims to answer the following questions:

For instance, trying to send a transaction when the wallet has not yet finished synchronizing now shows:

Pressing ‘Help’ opens the docs browser with more information about wallet synchronization to help a curious user understand why the wallet must be synchronized in order to send a transaction.

Writing good documentation for every case is very much a work in progress. If you see a confusing error message, consider reporting it.

Seed recovery

A seed recovery tool was added that can help recover damaged or partial Polyseeds.

Occasionally, I get an e-mail from someone trying to restore a wallet from a backup seed, but they can’t make out what some of the words are. Bad handwriting, a coffee stain, a picture that was badly cropped, etc. Too much information is missing to make it practical to go through by hand, but not enough to make recovery computationally infeasible.

The tool allows you to enter all information you do have about the seed phrase. Regex is supported for partial words. It will then iterate over all possible phrases given the (whole, partial or blank) words provided. Polyseeds include a 11-bit checksum, so only a subset of seed phrases are valid. An address associated with the wallet can optionally be provided to automatically check if any of the valid phrases produce a wallet that contains the address.

For information on how to access and use the tool, see the docs here.

Time machine bump

Feather releases are bootstrappable. This means that the tools used to build Feather are built from source, and the tools that build those tools are too, and the tools that build those tools are too, and so forth.

But surely, this can’t go on forever and something can’t come from nothing. At the root of the package graph sits a binary seed, a minimal set of binaries that can’t be built from source. This used to be the ~60 MB Further Reduced Binary Seed.

With this release, our Guix time-machine was updated to a commit on May 15. Feather builds now benefit from the Full-Source Bootstrap. The root of the package graph is now a heavily annotated 357-byte program, known as hex0.

It’s source code all the way down! Every step of the build process is auditable and we do not have to trust someone’s potentially malicious binaries.

One important caveat is that while all packages are built from source, the driver that is used to build the initial packages is not. Eliminating this driver is the next step in bootstrappable builds.

(Work is underway to bring bootstrappable builds to the core Monero repo.)

Release attestation

Feather releases are reproducible. Anyone with a x64 Linux machine and Guix (the package manager) installed can create a bit-for-bit identical copy of all release artefacts by running a single command.

The only way to verify that a release is in fact reproducible is to build it multiple times, on different systems. While builds are done inside a container with a normalized build environment, non-determinism can still creep in from (among other things) properties of the build machine, like the kernel, CPU architecture or the bind-mounted filesystem. The more diverse the set of machines the software is built on, the more confident we can be that there are no undocumented requirements for reproduction.

This release adds release attestation, sometimes called verified reproduction. If you’re familiar with Monero’s reproducible build process, this works the same way as gitian.sigs. Anyone can build Feather, sign the hashes of the outputs and submit it to a common repository. The hashes can then be compared to verify that the builds are reproducible.

With release attestation, users that don’t build from source can be more confident that releases are reproducible because multiple contributors will have independently produced identical binaries. Should non-determinism occur, it can be fixed before a release.

A special thanks to /u/MoneroArbo for helping verify reproduction of this release. Their first build (for 2.5.0) revealed an undocumented assumption about the host’s umask, which leaks into the container and can introduce non-determinism when newly created files are archived.

If you would like to help verify this release, follow the instructions here to build Feather and create an attestation. We recommend using a machine with at least 8 cores and 32 GB of memory, though this is not a requirement.

Official Flatpak release

Feather now has an official Flatpak.

A lot of effort has gone into making sure that it has the same build security guarantees as our other releases. The Flatpak is bootstrappable and reproducible. It has no dependency on any third-party runtime and does not require trust in Flathub’s infrastructure.

The repository is hosted on featherwallet.org and all commits are signed with our release signing key, allowing users to verify the authenticity.

It’s also tiny compared to most Flatpaks, weighing in at only ~30 MB (compressed). That’s the (empty) runtime + application. It only includes files that are necessary for the application to run, not even a shell or coreutils.

For more information about the considerations that went into this, see my post here.

To install the official Flatpak, simply run:

flatpak install --from https://featherwallet.org

and follow the instructions here to verify your download.

Bugfixes and improvements

Other changes

Many (statically linked) dependencies were updated in this release. Including Monero to v0.18.3.1, Qt to 6.6.0, OpenSSL to 3.1.3, Boost to 1.83.0, and Tor to 0.4.7.15.

In anticipation of animated QR codes for offline transaction signing, the ZBar library, used for QR code scanning, was replaced with the faster and actively maintained ZXing-cpp library.

Our type2 AppImage runtime was updated to the latest version and now uses fuse3. This does not resolve an issue with AppImageLauncher, which throws an error when trying to install the AppImage. Users are recommended to uninstall AppImageLauncher or remove the .AppImageextension from the file.

This release drops support for Qt 5, which has been EOL since May 26 and no longer receives public security updates. The minimum required Qt version to build Feather is now 6.3. Official releases already switched to Qt 6 in January.

Two documents were added to the repo:

Check out the last document if you’re interested in learning more about where the project is headed.

macOS codesigning requirements

It is becoming increasingly difficult to ship non-codesigned applications for macOS.

Apps for Apple Silicon that target macOS 10.15 or later will not start if downloaded over the internet, even if they are ad-hoc codesigned which is what Feather does now.

A workaround involves removing an xattr using the terminal, but this is not something we can reasonably ask from non-technical users.

It is unfortunately not possible to obtain an Apple-issued Developer ID certificate without jeopardising my identity, which is not something I feel comfortable doing at this time.

If you are able to obtain an Apple-issued codesigning certificate and are willing to grant me access to it, please contact dev@featherwallet.org. Any expenses and time incurred will be compensated in XMR.

Note: while current releases are not “codesigned” according to Apple’s definition, all releases are GPG signed with our release signing key. To verify the authenticity of a release, follow the instructions in the installation guide.

2.4.9 changelog (includes security fixes) (2023-05-24)

Security Advisory

This release includes a fix for a recently disclosed decoy selection vulnerability that was present in the Monero codebase before v0.18.2.2. For more details, see: https://github.com/monero-project/monero/issues/8872

Users are recommended to update as soon as possible.

Full list of changes: https://github.com/feather-wallet/feather/compare/2.4.5...2.4.9

2.4.5 changelog (2023-04-05)

Full list of changes: https://github.com/feather-wallet/feather/compare/2.4.4...2.4.5

2.4.4 changelog (2023-03-23)

2.4.3 changelog (2023-03-15)

Note: includes changes from 2.4.2, which was not released due to a reproducibility defect.

2.4.1 changelog (2023-02-15)

Bugfixes

2.4.0 changelog (2023-02-12)

Settings screen redesign

This release adds a few new options to the settings, with more planned in future releases. The old UI would have become a bit too cluttered, so settings are now conveniently categorized into Appearance, Network, Storage, Display, Transactions and Misc.

Note that Feather ships with reasonable defaults and most users do not need to mess with the settings at all. However, if you have a specific threat model, it should now be easier to find settings relevant to your concern.

Proxy settings

A proxy tab was added to the settings. This tab replaces the current Tor Info dialog, consolidating all network related settings into one place. Feather can be configured to route traffic over Tor, I2P, socks5 or no proxy at all.

By default, Feather will still route most traffic over Tor. But, if you’re unable to connect to the Tor network or would rather use a different proxy, you have the option to change the settings before any network connections are made when Feather is started for the first time (or after).

I2P support

With the new Proxy tab comes the option to configure Feather to route all traffic over I2P.

Feather is now “I2P-aware” and comes with a built-in list of I2P nodes. All wallet functionality, including the websocket connection (if enabled) as well as the built-in updater will continue to work if you switch to I2P.

Instructions on how to set up I2P and configure Feather can be found in the documentation.

The I2P network is currently under a DDoS attack and is very slow as a result. Expect very slow synchronization for now.

The site is now available on I2P as well: http://rwzulgcql2y3n6os2jhmhg6un2m33rylazfnzhf56likav47aylq.b32.i2p

Feather now supports Prestium, a privacy focused, I2P based live operating system. In an upcoming release Feather will be bundled with Prestium. For now, you can download the AppImage for Linux. Proxy settings are autoconfigured to use I2P when Feather is started for the first time on Prestium.

Other changes:

2.3.0 changelog (2023-01-31)

Thanks lovera for testing Feather on ARM64, and all the lovely people hanging out in #feather:monero.social.

PGP verification guides are now available for all supported operating systems (thanks maltfield for the issue):

See the sidebar in the docs for more.

The release signing key is now available in more places for out-of-band verification (^):

https://docs.featherwallet.org/guides/release-signing-key

The built-in updater was not enabled for versions 2.2.x by mistake. Manually download the latest version from https://featherwallet.org/download to upgrade.

2.2.3 changelog (2023-01-13)

Note for macOS users: Before upgrading an existing installation, rename the “feather” app in your Applications folder to “Feather” (capitalized).

2.2.2 changelog (2023-01-06)

Build system changes

This release introduces major changes to Feather’s build system. While this doesn’t affect any user-facing functionality, it does enable faster, more secure releases.

Feather Wallet releases are now bootstrappable. This means that we are able to build our entire toolchain and dependencies from their source code. By leveraging Guix, a reproducible build environment can be set-up on any Linux host in a matter of minutes. The depends build system makes it possible to build for all target platforms from a single machine through cross-compilation. This greatly reduces release engineering overhead and allows for much faster release cycles, which is especially useful for important bug fixes. It also reduces the risk of supply chain attacks, as all dependencies are pinned and upgrades can be thoroughly reviewed. All builds are bit-for-bit reproducible, and all third-party source code can be accessed indefinitely through fallback mechanisms, ensuring that Feather releases remain reproducible.

Additional resources:

New supported platforms

Starting with this release Feather supports Raspberry Pi and Linux ARM64. Support for RISC-V is planned. Linux ARM64 builds aren’t currently listed on the downloads page, but can be found here: https://featherwallet.org/files/releases/

Qt upgrade

Qt was upgraded from 5.15 to 6.4. You may notice some small visual differences compared to the previous version. We’re aware of some text cutoff happening in table headers in dark mode, this will be fixed soon.

macOS release

macOS builds now ship as a .dmg file. The installation instructions were updated to reflect this.

Webcam QR scanner

The webcam QR scanner now works on standalone Linux binaries. On Linux, the scanner no longer depends on GStreamer, but uses V4L2 directly. Considerable changes were made to Qt’s multimedia backend between 5.15 and 6.4, which may have fixed some bugs and introduced others.

Please let us know if you experience any issues with the scanner on this release.

Source tarballs

Signed source tarballs can now be downloaded from the downloads page. If you’re looking to package Feather for your distribution, please hop on #feather:monero.social for guidance.

Windows installer

The installer for Windows was ported from Inno Setup to NSIS. You can run the new installer to upgrade your current Feather installation without uninstalling the old version first.

Hardware wallets on Windows 11

This release fixes an issue that could cause Feather to be unable to access hardware wallets on Windows 11.

2.1.2 changelog (2022-12-20)

(This release is only available for AppImage builds)

Fix issue with embedded version number in previous release.

2.1.1 changelog (2022-12-20)

(This release is only available for AppImage builds)

2.1.0 changelog (2022-08-12)

Notes:

Windows users that installed Feather using the installer should update manually. Download the 2.1.0 installer from featherwallet.org/download and follow the installation procedure like normal.

MacOS builds are now cross-compiled and reproducible. Work on migrating the build system to Guix + depends was expedited due to a persistent issue with native non-static builds. This is a significant change and may inadvertently cause compatibility issues on some versions of macOS. If you were previously able to run Feather but are not able to run 2.1.0, please report it.

All release binaries except macOS were built using Docker. We will gradually phase out Docker builds in favor of bootstrappable Guix builds in future releases after additional testing.

Please note that all Feather versions 1.0.1 and lower will stop working after the August 13 hardfork. Make sure to update your wallet to 2.0.0 or later before contacting support.

Fixes:

Maintenance:

Known issues:

2.0.0 changelog (2022-07-08)

This release is ready for the August 13 hardfork.

Features:

Improvements:

Fixes:

Maintenance:

1.0.1 changelog (2021-11-02)

1.0.0 changelog (2021-10-29)

Beta-9 changelog (2021-09-19)

Beta-8 changelog (2021-06-11)

Features & Improvements:

Fixes:

Beta-7 changelog (2021-05-27)

Features:

Bugfixes:

Misc:

Beta-6 changelog (2021-05-05)

Ledger support:

Updater:

LocalMonero:

Tor networking improvements:

“Route all traffic over Tor, except traffic to node”

All traffic to the Monero Daemon RPC is routed over clearnet. This option is automatically enabled when Feather is connected to a local node.

“Route all traffic over Tor, except initial wallet synchronization”

This is the default. The wallet will sync over clearnet and automatically switch to a .onion node after this is finished. Synchronization requires a lot of data transfer is therefore very slow over Tor.

“Route all traffic over Tor”

This option is automatically enabled on Tails and Whonix or when Feather is started using Torsocks.

Misc:

Beta-5 changelog (2021-03-24)

Notice:

History page:

Transaction proofs:

Transaction info:

Receive page:

Send page:

Sweep output dialog:

Networking:

Multibroadcasting:

Wizard:

Portable mode:

Torsocks:

Misc:

Beta-4 changelog (2021-02-06)

Features:

Wallet:

UI:

Bugfixes:

Misc:

Beta-3 changelog (2020-12-25)

Features:

Wallet:

UI:

Misc:

Beta-2 changelog (2020-12-05)

Features:

Wallet:

UI:

Security:

Misc:

Clearnet | Onion | I2P