[Tails-dev] Electrum doc wrt. avoiding the negative effects …

Delete this message

Reply to this message
Author: Minoru
Date:  
To: tails-dev, sajolida
Subject: [Tails-dev] Electrum doc wrt. avoiding the negative effects of DoS [was: Re: Article: Bitcoin over Tor isn't a good idea]
sajolida,

I agree with your changes so far. The reason for the specific
explanation is that Electrum over Tor is extremely vulnerable to
attack. If you read the article http://arxiv.org/pdf/1410.6079v2.pdf
it only takes 2500 USD and publicly available information to have
complete control over which Bitcoin blocks and transactions users are
aware of. Would you still be interested in the additional documentation
that I proposed? I wanted to add three subsections to the Electrum
documentation focused on Tor DoS on SPV:
1. Explain block confirmations (temporary fix for Electrum displaying
money that you actually do not have)
2. Explain watching-only wallets (temporary fix for Electrum not
displaying money that you actually do have)
3. Explain a possible long term solution to this problem by using
trusted Electrum servers accessed by a Tor hidden service (I might
remove this point because I'm not sure if it is currently possible
execute this solution since not many .onion Electrum servers exist and
it is difficult to trust centralized services)
I understand that you want to keep the documentation short and easy to
understand, but Electrum over Tor using SPV has a serious vulnerability
that needs a little more documentation to help users avoid the negative
effects of DoS.

Cheers,
Minoru