Re: [Tails-dev] Update Electrum documentation for Tails 1.8 …

Delete this message

Reply to this message
Author: s7r
Date:  
To: sajolida, The Tails public development discussion list, mjenglish
Subject: Re: [Tails-dev] Update Electrum documentation for Tails 1.8 upgrade to version 2.5.4
Hello Sajolida, Michael,

See inline.

On 11/22/2015 2:00 PM, sajolida wrote:
> Michael English:
>> Sajolida, please forward this message to s7r.
>
> Done.
>


Thanks!

>> s7r,
>>
>> If you do not have any specific ideas for updating the Electrum
>> documentation, I volunteer to take the lead. Otherwise, you can
>> draft an updated version of the documentation and I can update
>> where necessary. The goal is to document Electrum specifically
>> for Tails and not duplicate the existing Electrum wiki.
>
> Thanks for the offer.
>
>> Most of the updates like wallet format happen automatically in
>> the background, so they do not need to be documented. I only
>> recommend making two additions.
>>
>> The most obvious change to the user when updating Electrum
>> versions is that the default base unit changes which can be
>> confusing. No, I do not think that we should manually change the
>> default base unit with a config file. That decision should be
>> made upstream. However, users should be aware that the appearance
>> of their Bitcoin balances changes especially when sending
>> Bitcoins.
>


Right, the current page is pretty good:
https://tails.boum.org/doc/anonymous_internet/electrum/index.en.html

I will include few more additions, especially to highlight how
important the seed is and that is also important to have it backed up
even in case you use a persistent Tails install (since that particular
install can break or etc.).

mBTC as default unit should of course be explained. I also want to
include some answered questions about what an Electrum server is, what
it can do and what it cannot do.

>> DoS refers to the SPV vulnerability of servers withholding
>> information from their clients leading to an incorrect balance.
>> Connecting to a trusted .onion server protects against DoS. Yes,
>> it is not a bug, but it is a well-known limitation of SPV that is
>> specifically relevant for Tor users. Pleas read “Bitcoin over Tor
>> is not a good idea” http://arxiv.org/pdf/1410.6079.pdf .
>


This is unrelated to electrum. It applies to Bitcoin Core (the
software implementing bitcoin protocol - full nodes). Bitcoin core has
a peer-ban-score, where the ban score of a peer (remote server that
you are connected to) increases if that peers feeds you trash data or
tries to DoS you.

The attack described in that paper takes advantage of the scarce exit
power in the Tor network (~1000 IP addresses) and speaks from the
point of view where an attacker runs few Tor exit nodes that allow
bitcoin exit traffic, and then uses the other exits to feed enormous
amount of trash data to the bitcoin network, hoping the majority of
bitcoin nodes will ban the other exits which are not under the control
of the attacker. Then, you can only connect to a bitcoin peer via Tor
using one of attacker's exit nodes. Hope this explains - it's just a
summary.

Electrum servers don't have such banning mechanism, they only have
limits of requests per wallet and per address (100/10000).

So, I think it's not worth it to confuse the users and make reference
to this anywhere.

>>> - How would people "manually select a trusted .onion server"?

We shouldn't recommend a particular .onion server. I host some and we
could make it the initial default one, but then the user should be
free to select any server (.onion or not). Also, to ensure a high
quality service and total reliability for Tails users, I would be
happier if I could provide a SSD server for this purpose.

>>> - Where can people find "a trusted .onion server"?

Exactly. People should only trust the server list in Preferences ->
Network because those are servers which are advertised and their utxo
set hash is checked. If one of them has a broken database or database
not matching the other servers it'll get banned.

>>> - How should our current warning about SPV be adapted?


See below.

>
> - Would it be possible to configure Electrum in Tails to use the
> existing onion servers on top of the usual servers? instead of the
> usual servers?

There's no current setting for this, but I made a note for this. Some
option like prefernet=tor.

> - In that case, do we need to trust them all? - What happens if
> some of them go down?


I am not sure I understand the q. We can provide one .onion server for
when connecting for the first time. After that the user can change if
they want.

It would be nice if we could attract some funding for this and have a
SSD server for this (normal hard disks are slower for leveldb).

My server is: 3ffk7iumtx3cegbi.onion but it's not SSD :( from time to
time lags for 2-3 seconds, but reliable (99% uptime).
==============================================

Here are my proposed additions to the doc. page. Feel free to
add/remove/rephrase where you think it's needed:

1. Define 'seed', after first line: "- Your wallet can be recovered
[...]". Add these lines:

- - The seed is the string of words generated by Electrum when creating
a wallet (startup). The exact order of the words matters - if just one
word switches place, electrum will generate an entire new different
wallet (bitcoins from old wallet will be lost forever).

- - Make sure you backup your seed. Don't save it somewhere online in
plain text. Write it on a piece of paper and keep it in your wallet
for example. Keep backups in multiple places. Remember: bitcoin is
like cash - once lost, you don't have a place to go to and complain.
Forgetting the seed is equal to total and permanent loss of the
bitcoins in that wallet. NEVER EVER SHARE YOUR SEED WITH ANYONE.

- - For additional protection, you can also enable a password for your
wallet, so while your system is running private keys are encrypted
with that password.
==============================================

2. Add to "Bitcoin is not anonymous" highlighted section:

Electrum tries hard not to reuse addresses. Once an address is used,
it will be marked as so and a new one will be generated. Addresses are
generated deterministically so all of them can be recovered in case
you restore your wallet from seed.

For every transaction, Electrum will send the change (if any) to a new
address, listed under 'Addresses'/'Change' section. This makes it hard
for observers to analyze the transaction and determine which is the
payment, which is the change, and where it was sent.

If you want to send the bitcoins from a particular address, go to
'Addresses' tab, right-click on the desired address and select 'Send
from'. Please note this will logically allow you to spend only as much
as you have available in that particular address, minus miner's fee.
You can select multiple addresses to send from in a single transaction.
==============================================

3. Add to "If you loose your seed, then you loose your entire wallet
[...] highlighted section:

Even when persistence is activated, it's still very important to
backup the seed of the wallet, so you can restore it in case something
happens to that particular Tails persistent install.
==============================================

4. Add to "Do not blindly trust the bitcoin balance that Electrum
displays [...]" highlighted section:

SPV is vulnerable when it comes to unconfirmed transactions
(zeroconf). It's desired to wait for at least 1 confirmation before
trusting the balance. This is the reason why Electrum will show the
unconfirmed balance separately, for example: Balance: 3 mBTC [+ 12.2
mBTC unconfirmed].
==============================================

5. Add new highlighted (!) section:

The unit in Electrum by default is mBTC. You can change this in Tools
- -> Preferences -> Appearance -> Base unit.
mBTC is the 1000 part of BTC (considerably less):
1 BTC = 1000 mBTC
1 mBTC = 0.001 BTC
==============================================

6. Add a section with information about Electrum servers and their role:

Because it doesn't download the entire bitcoin blockchain so it can
start and sync instantly, Electrum relies on special servers called
Electrum servers. These are run by volunteers. You can select any
server from the list (Tools -> Network), but since everything goes
through Tor it's desired to pick an .onion Electrum server.

Here's a summary about what an Electrum server can do or cannot do:

- - An Electrum server cannot steal your bitcoins;
- - An Electrum server cannot lie about your CONFIRMED balance;
- - An Electrum server cannot generate / sign transactions on your behalf;
- - An Electrum server could hide an incoming (unconfirmed) transaction
from you, but it won't be able to hide it once the transaction gets
confirmed;
- - An Electrum server could not broadcast an outgoing transaction
(payment) sent by you;
- - An Electrum server can see the addresses in your wallet, but it
still cannot tie them to a real IP address, because the connection
goes through Tor.