Electrum: Difference between revisions

From Bitcoin Wiki
Jump to navigation Jump to search
ThomasV (talk | contribs)
Lindsey Graham (talk | contribs)
05/08/24 Updated: Main features, screenshot, docs link, categories, logo, removed typos
 
(82 intermediate revisions by 19 users not shown)
Line 1: Line 1:
[[Image:Electrum_logo.png]]
[[File:Electrum-4.5.4-portable.png|thumb|500px|Electrum 4.5.4 on Windows 10 with showing zero balance and a connected state]]
[[Image:Electrum-walet-logo.png|400px]]
[https://electrum.is Electrum] is a lightweight Bitcoin client, based on a client-server protocol.
It was released on 5 November 2011.
__TOC__
 
== Main features ==
* Encrypted wallet: the file that contains bitcoin [[private keys]] is protected with a password, and never leaves the user's computer.
* Deterministic key generation: If you lose your wallet file, you can recover it from its [[seed phrase|seed]]. You are protected from your own mistakes. (Note that Electrum's seed phrase is not according to the BIP39 standard.)
* Instant on: by default the client does not download the blockchain, it requests that information from a server. No delays, always up-to-date.
* Transactions are signed locally: Your private keys are not shared with the server. You do not have to trust the server with your money.
* [[Cold storage]]: Keeping private keys offline is supported. Has a watch-only mode for online use.
* [[Multi-signature]]: Dividing the power to spend coins between multiple wallets is supported.
* [[Hardware wallet]] integration: Many leading hardware wallets can interface with Electrum, including [[Coldcard]], [[Trezor]] and [[Ledger]].
* Redundancy: You are not tied to a particular server, and the server does not need to know you. One server going down doesn't cause user downtimes.
* No single point of failure: The server code is open source, anyone can run a server. Private keys can be exported and imported into other wallets.
* Firewall friendly: The client does not need to open a port, it simply polls the server for updates.
* Free software: MIT License. Anyone can audit the code.
* Written in Python. The code is short, and easy to review.
* Add-ons: third-party plugins are supported.
* Support for Bitcoin URIs, signed URIs and Bitcoin aliases.
* Two-factor authentication (2FA): Adds an extra layer of security to protect against unauthorized access.
* Customizable transaction fees: Allows users to adjust transaction fees based on network congestion and desired confirmation speed.
* Support for [[Segwit]] and [[Lightning Network]]: Offers access to advanced Bitcoin features for faster and cheaper transactions.
* [[Replace by fee|Replace-by-fee (RBF)]]: Enables users to replace a pending transaction with a higher fee to expedite confirmation.
 
== Verifying Electrum Binaries ==
 
Electrum binaries can be downloaded from https://electrum.org/#download. Next to each download link there is also a signature file which can be downloaded. The signature files are for independently verifying the Electrum files were not tampered with. This step should not be overlooked as users have reported malicious funds-stealing builds of Electeum existing in the wild.
 
To verify the Electrm binaries using the signatures, you need to have GPG installed. Listed below is the process for each operating system. For all operating systems, you must have Electrum's signing key downloaded to verify the Electrum binaries. This can be downloaded from https://raw.githubusercontent.com/spesmilo/electrum/master/pubkeys/ThomasV.asc.
 
=== Windows ===
 
Windows 10 has "Ubuntu on Windows" and allows you ton follow the Linux instructions [[#Linux|below]]
 
On Windows, you should install GPG4Win from this location: https://gpg4win.org/download.html. Once you run the installer, you will be presented with a "components choosing dialog like this:
 
[[File:GPG4Win-Install.png]]


Electrum is a lightweight Bitcoin client, based on a client-server protocol.  
Leave the boxes ticked at their defaults and go to the next step of the installer. When the installation is finished, go to the Windows Start Menu and look for a program named "Kleopatra", and launch it. If you see the following window then GPG4Win has been successfully installed.
It was released on november 5, 2011.


[[Image:Capture-Electrum.png|right|600px|screenshot of Electrum with its Qt gui]]
[[File:GPG4Win-Kleopatra.png]]


'''Main features:'''
Click on the Import button, and navigate to the location you saved the Electrum signing key in (you may have to change the Filter at the bottom right to "All Files" to see the key). Then Kleopatra will give you a message requesting to certify the key:
* Encrypted wallet
 
* Deterministic key generation. If you lose your wallet, you can recover it from its seed.
[[File:GPG4Win-Certify.png]]
* No blockchain download; the client requests that information from a server
 
* Private keys are not shared with the server.
Click yes, and then tick all of the email addresses in the next window to finish the process.
* Firewall friendly: The client does not need to open a port, it simply polls the server for updates.
 
* No single point of failure: The server code is open source, anyone can run a server.
[[File:GPG4Win-Email.png]]
* Python. Very compact code, easy to contribute.
 
After you close the window by clicking the Certify button, click on the Decrypt/Verify button on the main window, and select the signature corresponding to the Electrum binary you have downloaded. If verification is successful, you will get the following window. Otherwise, the signature doesn't match the binary, and you need to download both of them again, and check the URL of the site you are downloading from.
 
[[File:GPG4Win-Verify.png|none|frame|The Kleopatra message when signature verification succeeds.]]
 
[[File:GPG4Win-VerifyFail.png|none|frame|The Kleopatra error message when signature verification fails.]]
 
=== MacOS ===
 
On MacOS, you should use the GPG tools suite from GPGTools: https://gpgtools.org/. Download the .dmg file, double click on it and drag its contents to the Applications folder that appears to start the installation.
 
Inside the installer, click on the Customize button, and uncheck the boxes for the Mail clients. They are not necessary to verify signatures, and are trialware.
 
[[File:GPGTools-Customize.png]][[File:GPGTools-Mail.png]]
 
After the installer is finished, GPG Keychain should open automatically. If not, then open Finder and navigate to the Applications folder to open it yourself. You will be presented with this dialog:
 
[[File:GPGTools-NewKey.png]]
 
GPG Keychain needs to create a keypair to certify other public keys. Choose a name, email address and password that you will remember. Leave the rest of the options at their default and click on Generate Key.
 
In the main window that appears, click on the Import button to import the Electrum signing key you downloaded.
 
[[File:GPGTools-MainWindow.png]]
 
Once it has been imported, double-click on the key to open its properties, and set its trust level to Full.
 
[[File:GPGTools-Properties.png]]
 
Then, you can just double click inside Finder on the Electrum signature for the corresponding binary to start GPG Keychain verification which will inform you about the result and whether the signature and binary are good or not.
 
[[File:GPGTools-Verify.png|none|frame|The GPG Keychain message when signature verification succeeds.]]
 
[[File:GPGTools-VerifyFail.png|none|frame|The GPG Keychain error message when signature verification fails.]]
 
=== Linux ===
 
On Linux, the <code>gpg</code> command line program is preinstalled in most distributions. If for some reason it's not, look for a package called "gnupg", "gpg" or "gpg2" in your package manager.
 
Once that's done with, you run the following GPG commands to import and trust the key which Electrum binaries are signed with, and the signature files are made from:
 
<code>gpg  --import /<path>/<to>/<file>/<location>/ThomasV.asc</code>
 
[[File:GPG-Import.png]]
 
<code>gpg --sign-key 6694D8DE7BE8EE5631BED9502BD5824B7F9470E6</code>
 
Then you download the Electrum program and its signature to the same folder, and check its authenticity with the following GPG command:
 
<code>gpg --verify /<path>/<to>/<file>/<location>/<filename>.asc</code>
 
This is the path to the signature file you downloaded. If verification succeeds, you will get output indicating that the verification was successful.
 
[[File:GPG-Verify.png|none|frame|The GPG message when signature verification succeeds.]]
 
[[File:GPG-VerifyFail.png|none|frame|The GPG message when signature verification fails.]]
 
==Documentation==
 
Documentation is hosted on https://electrum.readthedocs.io/.
 
It includes tutorials for the multi-signature, cold storage and hardware wallet features.
 
==History==
 
Electrum was announced 5 November 2011.<ref>[http://bitcointalk.org/index.php?topic=50936.0 Electrum - a new thin client]</ref>. It has since gone through many changes in each version.
 
[[Image:Capture-Electrum.png|thumb|500px|An early version of Electrum with its Qt GUI]]
 
Version 1.7 added support for third-party plugins.
 
Version 2.0 introduced support for the [[Trezor]] hardware wallet, TrustedCoin 2FA, [[multisig]] wallets and changed the way the wallet files are stored by using [[BIP_0032|BIP32]] derivation. These wallets are incompatible with older versions.
 
Version 2.4.3 added support for the [[Hardware_wallet#KeepKey:_Your_Private_Bitcoin_Vault|KeepKey]] hardware wallet.
 
Version 2.6 introduced the new Kivy GUI for the Android client.


__TOC__
Version 2.7 added a fee slider, [[RBF]] functionality and support for [[Hardware_wallet#Ledger_Nano_S|Ledger Nano S]]. The wallet format has also been changed, making them incompatible with older versions.


===Graphical User Interfaces===
Version 3.0 introduced a new server protocol and support for generating [[Segwit]] wallets.
Electrum has two GUIs: one that is based on Gtk, and a newer one based on Qt. The Qt GUI is enabled by default. To use the gtk interface, type:
<pre>
$ ./electrum -g gtk
</pre>
In addition, Electrum has a rich set of commands for the command line interface.


===Brain Wallet===
On December 27, 2018, an advisory was published<ref>[https://bitcointalk.org/index.php?topic=5090097.0 Electrum vulnerability allows arbitrary messages, phishing]</ref> about a phishing vulnerability where the server returns a fake update message after a transaction is broadcasted<ref>[https://dailyreposter.com/2019/05/07/electrum-under-attack-hackers-phish-4m-in-bitcoin/ Electrum Under Attack: Hackers Phish $4M in Bitcoin]</ref>, with a link to a phishing domain with a malicious Electrum binary. Users who ran the malicious binary reported theft of all bitcoin funds. A mitigation was applied in version 3.2.1 which renders the rich-text message in plain-text, making it less convincing.


Electrum uses a type 2 deterministic key generation algorithm.
Version 4.0.0 introduced support for [[Lightning Network]] wallets.
This means that all the keys are derived from a seed.


Typical seeds have 128 bits of entropy. Electrum provides mnemonic code in order to represent the seed.
== Server software ==


Example:
The server code is open source, anyone can run a server. There are several implementations.
*hexadecimal: 431a62f1c86555d3c45e5c4d9e10c8c7
*mnemonic: "constant forest adore false green weave stop guy fur freeze giggle clock"


You can display the seed with the command line interface. Example:
Public Electrum servers run by strangers can easily spy on Electrum users. For this reason many people run their own server. For maximum [[Full node#Why should you use a full node wallet|trustlessness, privacy and security]]; users should point Electrum to their own servers.
<pre>
$ ./electrum seed
Password:
431a62f1c86555d3c45e5c4d9e10c8c7 "constant forest adore false green weave stop guy fur freeze giggle clock"
</pre>


===Multiple wallets===
=== bwt ===
Electrum uses one single file per wallet. Your default wallet is located in your user account.
If you want to use another wallet, use the -w option followed by the wallet path and name:
<pre>
$ ./electrum -w /path/to/my/wallet/wallet_name
</pre>


===Export and import addresses===
'''bwt''' is a lightweight and performant HD wallet indexer backed by a bitcoin full node that [https://github.com/shesek/bwt#electrum-plugin can also be installed as an Electrum plugin].


You can export your private keys using the 'addresses' command:
=== ElectrumX ===
<pre>
$ ./electrum addresses -ak
Password:
1LGoehbyeX4QBEPK1a6dhyaoMQZfqg5LKX:5JBSttEGhjEcPidSovW66Rin2EZ6LEHZ2qx8Pu2RqqNaDTBVWaF 
1KcsBJa2cCxVkGJfSsg5bUeXN7Y5uLa8mP:5KiP4uiNT6KG8jnXbainCM8rDWRrgxt3PAyut4FFpDoCo1Rh6VM 
1PXsn7LVXTccGhJPTUL8r2EGB4fF9kvex3:5Kj8mvBJReyk8xEBMx5cTnciQCxto5JmudiTPkqwMcd61Kf1Jqc 
1KteSFTAphyByLTtUfFiVQ9s7fMVmx7c2h:5JeZ3FTbWcksLt3PKydd5U9p952UQRHwv3LoxzCA9LZ7V2bku5p 
1GE5ZChAobeTEPLHDCDDKTSg3XvLkcQFjS:5JwtGEygTwF2nouhRVzW3w5DWZd1sCgxLtnd1v51wjkbUrp5sqH 
12YNehfAoYTiwjTXULwaZqTCauu2D61fq6:5Jvcq19ePCXKcVun4n7US99CsrEByUK2kgxXBA3rBVBqYZjhfwD  [change]
</pre>
There are two options in this example:
* option -a means: 'list all addresses'. if you don't use it, change addresses are not listed.
* option -k means: display the private keys


You can also import addresses into an electrum wallet, with the 'import' command:
ElectrumX is the latest iteration of general purpose Electrum servers. Written in Python, it tries to be as efficient as possible to keep synchronization times low. ElectrumX is able to serve thousands of clients at once, it is suited to be an always-on server that contributes to bitcoin. Make sure that the version of ElectrumX you download supports Bitcoin. As of May 2020 some versions of ElectrumX only support [[altcoin]]s.
<pre>
$ ./electrum import 1LGoehbyeX4QBEPK1a6dhyaoMQZfqg5LKX:5JBSttEGhjEcPidSovW66Rin2EZ6LEHZ2qx8Pu2RqqNaDTBVWaF
keypair imported
</pre>
Note that imported keys do not belong to the deterministic sequence of your wallet; if you import keys in a wallet, you must back it up!


===Offline wallet===
GitHub: https://github.com/spesmilo/electrumx


It is possible to create a transaction on an offline computer,
<!-- seems less relevant now... not sure
and to broadcast them from another computer, with a wallet that does not have the seed or private keys.
Interview with author: https://btcmanager.com/nobody-has-setup-an-electrum-server-for-over-a-year/ archive: https://archive.is/lUnfa -->
=== Electrum Personal Server ===


====How to prepare an offline wallet ====
Electrum Personal Server has a different approach to a normal server. It is intended to be used by a single person only. Instead of creating a database of every transaction and address ever used on the bitcoin blockchain, Electrum Personal Server only tracks the user's own wallets. This allows it to be much more efficient with resources, it does not need any extra data files and is compatible with [[Bitcoin Core]]'s pruning feature.
*step 1: create a wallet on your offline computer
<pre>
$ ./electrum -w wallet create
</pre>
*step 2: save the seed of your wallet to a file that will remain on the offline computer:
<pre>
./electrum -w wallet seed | awk '{print $1}'> seedfile
</pre>
*step 3: blank the seed in your wallet file.
For example, under linux, you may type:
<pre>
$ cat w | sed "s/`cat seedfile`/trololololo/g" > wallet.no_seed
</pre>
or you can open the file in an editor and do it manually. After this step you may remove the wallet file:
<pre>
rm wallet
</pre>
*step 4: transfer the wallet.no_seed file to the online computer.
For example, copy the wallet file to a usb stick:
<pre>
$ cp wallet.no_seed /my/usb/wallet.no_seed
</pre>
and once you have plugged the usb key to the online computer:
<pre>
$ cp /my/usb/wallet.no_seed ./wallet.no_seed
</pre>
*step 5: run electrum on the online computer; this will synchronize your wallet with the bitcoin network, and you will be able to monitor incoming transactions:
<pre>
./electrum -w wallet.no_seed
</pre>


====How to send a transaction with an offline wallet====
Electrum Personal Server is probably the best way to combine Electrum's feature-richness (hardware wallet integration, multi-signature, [[seed phrase]], etc) with a [[full node]]'s strong security and privacy.
*step 1: copy the synchronized wallet file to your offline computer
<pre>
$ cp wallet.no_seed /usb/stick/wallet.no_seed
</pre>
*step 2: edit the wallet file and restore the seed :
<pre>
$ cat w | sed "s/trololololo/`cat seedfile`/g" > wallet.seed
</pre>
you may also do this manually with a file editor if you do not know how to use sed.


*step 3: create the transaction
GitHub: https://github.com/chris-belcher/electrum-personal-server
<pre>
./electrum -w wallet.seed mktx <recipient> <amount>  >  tx_file
</pre>
*step 4: with the usb stick, copy the transaction to the online computer:
<pre>
$cp tx_file /usb/tx_file
</pre>
and, on the online computer:
<pre>
$cp /usb/tx_file tx_file
</pre>
*step 5: broadcast the transaction:
<pre>
./electrum sendtx <transaction> `cat tx_file`
</pre>


=== List of commands ===
==See also==


{| class="wikitable sortable"
* [[Thin Client Security]]
|-
* [[Hardware wallet]]
! command !! description !! syntax !! requires password !! needs to be online
* [[Seed phrase]]
|-
* [[Multi-signature]]
| help || display the help for a command || help [command] || no || no
* [[Cold storage]]
|-
| validateaddress || check is the argument is a valid bitcoin address || validateaddress <address> || no || no
|-
| balance || shows the balance of your wallet or of an address || balance [address] || no || yes
|-
| contacts || print your list of contacts || contacts || no || no
|-
| create || create a new wallet || create || no || no
|-
| restore || restore a wallet from seed || restore || no || yes
|-
| payto || create and broadcast a transaction || payto [-s sourceaddr] [-c changeaddr] |-f fee] <address> <amount> || yes || yes
|-
| mktx || create a transaction and dump it || mktx [-s sourceaddr] [-c changeaddr] |-f fee] <address> <amount>  || yes || no
|-
| sendtx || broadcast a transaction || sendtx <tx> || no || yes
|-
| password || update your password || password || yes || no
|-
| addresses || show your list of addresses, optionally with private keys. || addresses [-a] [-b] [-k] || iff -k || no
|-
| history || print the transaction history || history || no || yes
|-
| label || change the label of a transaction or address || label <label> || no || no
|-
| seed || print your seed || seed || yes || no
|-
| import || import a keypair || import <address:private_key> || yes || no
|-
| signmessage || sign a message (as in bitcoind) || signmessage <address> <message> || yes || no
|-
| verifymessage || verify a message (as in bitcoind) || verifymessage <address> <signature> <message> || no || no
|-
| eval || call python eval || eval <expression> || no || no
|}


=== Security ===
==External Links==


See [[Thin Client Security]]
* [http://electrum.org/ Electrum] project website
* [https://github.com/spesmilo/electrum/ Electrum] project source


===links===
==References==
*homepage: http://ecdsa.org/electrum
<references />
*source code: https://gitorious.org/electrum
*download: <tt>git clone git://gitorious.org/electrum/electrum.git</tt>


[[category:Clients]]
[[Category:Clients]]
[[Category:Open Source]]
[[Category:Free Software]]
[[Category:License/MIT]]
[[Category:Android]]

Latest revision as of 00:02, 8 May 2024

Electrum 4.5.4 on Windows 10 with showing zero balance and a connected state

Electrum is a lightweight Bitcoin client, based on a client-server protocol. It was released on 5 November 2011.

Main features

  • Encrypted wallet: the file that contains bitcoin private keys is protected with a password, and never leaves the user's computer.
  • Deterministic key generation: If you lose your wallet file, you can recover it from its seed. You are protected from your own mistakes. (Note that Electrum's seed phrase is not according to the BIP39 standard.)
  • Instant on: by default the client does not download the blockchain, it requests that information from a server. No delays, always up-to-date.
  • Transactions are signed locally: Your private keys are not shared with the server. You do not have to trust the server with your money.
  • Cold storage: Keeping private keys offline is supported. Has a watch-only mode for online use.
  • Multi-signature: Dividing the power to spend coins between multiple wallets is supported.
  • Hardware wallet integration: Many leading hardware wallets can interface with Electrum, including Coldcard, Trezor and Ledger.
  • Redundancy: You are not tied to a particular server, and the server does not need to know you. One server going down doesn't cause user downtimes.
  • No single point of failure: The server code is open source, anyone can run a server. Private keys can be exported and imported into other wallets.
  • Firewall friendly: The client does not need to open a port, it simply polls the server for updates.
  • Free software: MIT License. Anyone can audit the code.
  • Written in Python. The code is short, and easy to review.
  • Add-ons: third-party plugins are supported.
  • Support for Bitcoin URIs, signed URIs and Bitcoin aliases.
  • Two-factor authentication (2FA): Adds an extra layer of security to protect against unauthorized access.
  • Customizable transaction fees: Allows users to adjust transaction fees based on network congestion and desired confirmation speed.
  • Support for Segwit and Lightning Network: Offers access to advanced Bitcoin features for faster and cheaper transactions.
  • Replace-by-fee (RBF): Enables users to replace a pending transaction with a higher fee to expedite confirmation.

Verifying Electrum Binaries

Electrum binaries can be downloaded from https://electrum.org/#download. Next to each download link there is also a signature file which can be downloaded. The signature files are for independently verifying the Electrum files were not tampered with. This step should not be overlooked as users have reported malicious funds-stealing builds of Electeum existing in the wild.

To verify the Electrm binaries using the signatures, you need to have GPG installed. Listed below is the process for each operating system. For all operating systems, you must have Electrum's signing key downloaded to verify the Electrum binaries. This can be downloaded from https://raw.githubusercontent.com/spesmilo/electrum/master/pubkeys/ThomasV.asc.

Windows

Windows 10 has "Ubuntu on Windows" and allows you ton follow the Linux instructions below

On Windows, you should install GPG4Win from this location: https://gpg4win.org/download.html. Once you run the installer, you will be presented with a "components choosing dialog like this:

Leave the boxes ticked at their defaults and go to the next step of the installer. When the installation is finished, go to the Windows Start Menu and look for a program named "Kleopatra", and launch it. If you see the following window then GPG4Win has been successfully installed.

Click on the Import button, and navigate to the location you saved the Electrum signing key in (you may have to change the Filter at the bottom right to "All Files" to see the key). Then Kleopatra will give you a message requesting to certify the key:

Click yes, and then tick all of the email addresses in the next window to finish the process.

After you close the window by clicking the Certify button, click on the Decrypt/Verify button on the main window, and select the signature corresponding to the Electrum binary you have downloaded. If verification is successful, you will get the following window. Otherwise, the signature doesn't match the binary, and you need to download both of them again, and check the URL of the site you are downloading from.

The Kleopatra message when signature verification succeeds.
The Kleopatra error message when signature verification fails.

MacOS

On MacOS, you should use the GPG tools suite from GPGTools: https://gpgtools.org/. Download the .dmg file, double click on it and drag its contents to the Applications folder that appears to start the installation.

Inside the installer, click on the Customize button, and uncheck the boxes for the Mail clients. They are not necessary to verify signatures, and are trialware.

After the installer is finished, GPG Keychain should open automatically. If not, then open Finder and navigate to the Applications folder to open it yourself. You will be presented with this dialog:

GPG Keychain needs to create a keypair to certify other public keys. Choose a name, email address and password that you will remember. Leave the rest of the options at their default and click on Generate Key.

In the main window that appears, click on the Import button to import the Electrum signing key you downloaded.

Once it has been imported, double-click on the key to open its properties, and set its trust level to Full.

Then, you can just double click inside Finder on the Electrum signature for the corresponding binary to start GPG Keychain verification which will inform you about the result and whether the signature and binary are good or not.

The GPG Keychain message when signature verification succeeds.
The GPG Keychain error message when signature verification fails.

Linux

On Linux, the gpg command line program is preinstalled in most distributions. If for some reason it's not, look for a package called "gnupg", "gpg" or "gpg2" in your package manager.

Once that's done with, you run the following GPG commands to import and trust the key which Electrum binaries are signed with, and the signature files are made from:

gpg --import /<path>/<to>/<file>/<location>/ThomasV.asc

gpg --sign-key 6694D8DE7BE8EE5631BED9502BD5824B7F9470E6

Then you download the Electrum program and its signature to the same folder, and check its authenticity with the following GPG command:

gpg --verify /<path>/<to>/<file>/<location>/<filename>.asc

This is the path to the signature file you downloaded. If verification succeeds, you will get output indicating that the verification was successful.

The GPG message when signature verification succeeds.
The GPG message when signature verification fails.

Documentation

Documentation is hosted on https://electrum.readthedocs.io/.

It includes tutorials for the multi-signature, cold storage and hardware wallet features.

History

Electrum was announced 5 November 2011.[1]. It has since gone through many changes in each version.

An early version of Electrum with its Qt GUI

Version 1.7 added support for third-party plugins.

Version 2.0 introduced support for the Trezor hardware wallet, TrustedCoin 2FA, multisig wallets and changed the way the wallet files are stored by using BIP32 derivation. These wallets are incompatible with older versions.

Version 2.4.3 added support for the KeepKey hardware wallet.

Version 2.6 introduced the new Kivy GUI for the Android client.

Version 2.7 added a fee slider, RBF functionality and support for Ledger Nano S. The wallet format has also been changed, making them incompatible with older versions.

Version 3.0 introduced a new server protocol and support for generating Segwit wallets.

On December 27, 2018, an advisory was published[2] about a phishing vulnerability where the server returns a fake update message after a transaction is broadcasted[3], with a link to a phishing domain with a malicious Electrum binary. Users who ran the malicious binary reported theft of all bitcoin funds. A mitigation was applied in version 3.2.1 which renders the rich-text message in plain-text, making it less convincing.

Version 4.0.0 introduced support for Lightning Network wallets.

Server software

The server code is open source, anyone can run a server. There are several implementations.

Public Electrum servers run by strangers can easily spy on Electrum users. For this reason many people run their own server. For maximum trustlessness, privacy and security; users should point Electrum to their own servers.

bwt

bwt is a lightweight and performant HD wallet indexer backed by a bitcoin full node that can also be installed as an Electrum plugin.

ElectrumX

ElectrumX is the latest iteration of general purpose Electrum servers. Written in Python, it tries to be as efficient as possible to keep synchronization times low. ElectrumX is able to serve thousands of clients at once, it is suited to be an always-on server that contributes to bitcoin. Make sure that the version of ElectrumX you download supports Bitcoin. As of May 2020 some versions of ElectrumX only support altcoins.

GitHub: https://github.com/spesmilo/electrumx

Electrum Personal Server

Electrum Personal Server has a different approach to a normal server. It is intended to be used by a single person only. Instead of creating a database of every transaction and address ever used on the bitcoin blockchain, Electrum Personal Server only tracks the user's own wallets. This allows it to be much more efficient with resources, it does not need any extra data files and is compatible with Bitcoin Core's pruning feature.

Electrum Personal Server is probably the best way to combine Electrum's feature-richness (hardware wallet integration, multi-signature, seed phrase, etc) with a full node's strong security and privacy.

GitHub: https://github.com/chris-belcher/electrum-personal-server

See also

External Links

References