Author: sajolida Date: To: Michael English, s7r, The Tails public development discussion list Subject: Re: [Tails-dev] Update Electrum documentation for Tails 1.8 upgrade
to version 2.5.4
Michael English: > Yes, waiting for block confirmations is an easier way to protect against
> an out-of-date bitcoin balance than manually connecting to a trusted
> onion server. I still hold my opinion that the Electrum networking
> settings are the best way to protect against DoS, but it unnecessarily
> complicated for little risk. I actually recommended that we document
> block confirmations in March of this year when we first installed
> Electrum in Tails:
> “For my documentation, I already explained the concept of a
> double-spending attack to you. In the case of the Electrum DoS attack,
> the double-spend would be a 0 confirmation transaction. The solution is
> to wait for block confirmations to make sure that you actually have the
> money. Remember: 'An SPV node cannot be persuaded that a transaction
> exists in a block when the transaction does not in fact exist. The SPV
> node establishes the existence of a transaction in a block by
> requesting a merkle path proof and by validating the proof of work in
> the chain of blocks.'”
I think I remember this from March. But at that time I didn't know that
Electrum presented you clearly transactions as unconfirmed or confirmed.
I'm not using Electrum myself, so in this case I need a lot of insight
and guidance as I can't really figure out things myself.
Thanks for your help, and I'm glad we made it in the end!