Should he bring his computer to a forensics expert at this point? Any help would be appreciated.
This ^^. He shouldn't risk using that drive any more. Certainly don't attempt data recovery yourself. |
|
|
|
if you setup a virtual maschine where you just have electrum, it should be as safe as a cold storage then right?
no it wouldn't because the host machine has access to everything in the VM. |
|
|
|
the seed is shown first before you get to enter the password so what you are saying doesn't make sense. did you download electrum from electrum.org?
Hm, yes creating of the seed was shown before then password... I can not remember all dialog in details but it is. An I did not seen the face of a program because of that password issue... And yes, I have downloaded it from from electrum.org What if I will uninstall and try again will it create new seed? wallet? Thanks a lot Uninstalling it won't change anything. The wallets are stored in your home directory and uninstalling electrum only removes the binaries. It doesn't remove the wallet(s). The wallet directory is given below: http://docs.electrum.org/en/latest/faq.html#where-is-my-wallet-file-locatedIf you like you can delete the old wallets. Some users make the mistake of receiving bitcoins to wallets they can't spend from so it may be better to delete any unused wallet files so that you don't make that mistake. Otherwise if you just want to create a new wallet use file > new/restore. If it doesn't show the menus at all then you will have to delete or rename the default_wallet file found in the wallets directory above first. |
|
|
|
|
the seed is shown first before you get to enter the password so what you are saying doesn't make sense. did you download electrum from electrum.org?
|
|
|
|
|
electrum doesn't offer this facility. if you know how to code you could create a script to do it via the json rpc interface that electrum offers.
but maybe you can explain what it is that you are trying to achieve? perhaps there is a better way.
|
|
|
|
2 - The allegation is the blockstream core devs were behind the malicious attacks against the BU nodes this afternoon. There is also no question that Peter Todd (a blockstream core dev) did not responsibly disclose the bug that he was made aware of in the BU code.
This is not true. The bug was discovered and patched by BU devs first. Todd simply tweeted about it. It still violates responsible disclosure principals and was very unethical. No it doesn't because nothing was disclosed that wasn't already public. The BU devs committed a fix for that bug an hour before Todd decided to tweet about it. It was public info! if it was public info, it wasn't fixed because...? They posted a fix on their git repo and that's how Todd got wind of it. So it was fixed but people hadn't downloaded the fix yet. You can't really blame Todd for this. Once a vulnerability is made public people have to scramble to get it fixed. People looking to exploit will also scramble to exploit it. It is the nature of the beast. In other opensource projects the fix is pushed out first and later the vulnerability is spelled out to the public. In this case the vulnerability was so obvious that they couldn't hide it. I was wrong that the BU devs found the vulnerability. It was an independent security researcher who found it and disclosed it to them privately. This is what the researcher who found the vulnerability had to say: The problem is, the bugs are so glaringly obvious that when fixing it, it will be easy to notice for anyone watching their development process,” she said. https://bitcoinmagazine.com/articles/security-researcher-found-bug-knocked-out-bitcoin-unlimited/?utm_content=buffer6e884&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer |
|
|
|
Too bad! I have been following along, let me make a quote from earlier in this thread to illustrate my point. so the wallet cannot be viewed until a password is provided. this is an interesting change indeed. it'll certainly protect people from sending money to wallets they can't spend from. Thomas affirmed that as partly the coding reason a post or two below the member that originally made the comment. Unfortunately there have been several folks that have sent money to an address in their watching only wallets only to find out they lost their private keys due to computer failure and they didn't have their SEED backed up. The encryption feature on a watching only wallet would be useless for recovery (no private keys), but it would have been nice for privacy on an open and running computer. Yep I made that comment originally  Yes it would be a good feature to have for watch-only wallets too from a privacy standpoint. But not from a loss avoidance standpoint: - With watch-only wallets you get a warning during start up that the wallet is watch-only and you better make sure that you have the seed. With seeded wallets there is no such warning. - The sort of people who make watch-only wallets are technically more proficient than your average electrum user. They are expected to be more responsible with their actions. - There is no guarantee that, just because you know the password to your watch-only wallet, you also have the seed. The seed is not in the watch-only wallet file so it has nothing to do with the password you put on the wallet file. With seeded wallets you have this promise, if you will, that if you entered the right password you can go ahead and safely receive money to your wallet but you can't say the same for watch-only wallets. If you still want this then maybe you can make an issue about it on github but i for one don't think it makes sense if the aim is to save people from losing their money by sending their coins to an inaccessible address. |
|
|
|
2 - The allegation is the blockstream core devs were behind the malicious attacks against the BU nodes this afternoon. There is also no question that Peter Todd (a blockstream core dev) did not responsibly disclose the bug that he was made aware of in the BU code.
This is not true. The bug was discovered and patched by BU devs first. Todd simply tweeted about it. It still violates responsible disclosure principals and was very unethical. No it doesn't because nothing was disclosed that wasn't already public. The BU devs committed a fix for that bug an hour before Todd decided to tweet about it. It was public info! |
|
|
|
2 - The allegation is the blockstream core devs were behind the malicious attacks against the BU nodes this afternoon. There is also no question that Peter Todd (a blockstream core dev) did not responsibly disclose the bug that he was made aware of in the BU code.
This is not true. The bug was discovered and patched by BU devs first. Todd simply tweeted about it. |
|
|
|
Two questions. I am going to upgrade this weekend and I don't see these discussed.
1. Does Electrum 2.8 allow for a wallet to be encrypted on my online computer if that wallet is "watching only"? Most of my wallets are paired to hardware wallets, but not all of them. It would be nice to conceal the contents of the wallet from being observed without a password, but I won't put the full keys on the online computer. Just curious if anyone has tried this yet where only MPK is available?
I just checked and it doesn't allow you to encrypt a watching only wallet. |
|
|
|
Hello. I understand how a deterministic wallet works but I've got quite a similar question.
Here's my situation:
I need some dedicated receiving addresses that will be given to different persons. I expect funds to be received to these addresses not immediately but after a while. So I need to be sure not to use this addresses by accident again. I know that Electrum generates a new address every time the old address is used but as I mentioned above funds will be received to these addresses later, so they won't be considered as "used" until it happens. In this case I need either to remove (somehow) these addresses from address list in Electrum or mark them as "used" or have an ability to generate some kind of dedicateded addresses that aren't listed in address list at all.
Can I solve this problem anyhow?
Electrum maintains 20 unused addresses by default not just one. Do you need more than that? If yes then first increase the gap limit: The gap limit is the number of unused addresses Electrum keeps track of. To increase the gap limit open your wallet and go to the console tab. Type in wallet.change_gap_limit(50). Close Electrum and reopen your wallet to see new addresses listed on the receive tab.
Now regarding addresses for future use what you can do is simply label them as such. That way you won't use them for anything else. So the easiest way to do this is via the "receive" tab. Just enter a suitable description and click 'save'. Then you can click on 'new' to get another address. Repeat this process until you have sufficient reserved addresses. You can view your list of reserved addresses in the list at the bottom of the receive tab. Clicking on an item in that list will load the details of that "request" in the tab's other fields so you can copy the address. And in case you are wondering addresses don't expire and can always receive funds. |
|
|
|
If a user has a pre-version 2.8 wallet that they wish to remain encrypted, that currently contains BTC and/or transactions are anticipated to be received by addresses within the wallet, how upgrading to 2.8 affect their wallet? Will they need to keep this wallet unencrypted in order to spend BTC in that old wallet?
In <2.8 electrum the wallet seed and imported private keys were the only things encrypted by the password. Upgrading to 2.8 doesn't change that. The only thing that changes is that in 2.8 you have the option to encrypt the whole wallet file if you want. Doing so will mean that no one can view it until they enter the password. You can do this from the password change dialog box wallet menu > password. You don't have to change the password though but you do have to enter it there and check the "encrypt wallet" option. |
|
|
|
|
they will be there in both chains.
|
|
|
|
The transaction has been confirmed. The only thing you can do is contact that shop's customer service and point out to them that the bitcoins were sent. Send them that link to blockchain.info above. |
|
|
|
Last week I tried to transfer money using Electrum.
Since the status didn't change to confirmed in a day I checked the info and as it turned out I used one of my old addresses that isn't in use anymore.
However now the status has changed to confirmed.
How's that possible? How can I get my money back?
If the transaction is confirmed then there is nothing you can do. Bitcoin transactions are irreversible. It is like digital cash. Also if you still have access to the wallet with the old address then you can get access to your bitcoins. Some users have the misconception that addresses expire over time but that is not the case. |
|
|
|
- Then there were those users who received money to their wallets but when they went to spend it they found that they didn't know the password and neither did they have the seed. A few of them have complained here that they shouldn't be allowed to receive money into a wallet when they can't spend it. If the whole wallet is encrypted then they can't see their receiving addresses and so can't lose their money!
Yeah, that would certainly help as I've seen quite a number of users receive coins to a wallet that they can't send from. Encrypting the entire wallet would certainly help in this regard. looks like it is as i suspected. 2.8.0 has been released and if you set a password for your wallet then the wallet cannot be viewed until the password is provided. Oh that is good news. I haven't had a chance to try out the new version yet. Does it only apply to new wallets with a password or to existing wallets with a password as well? If you have an existing wallet with a password set then only the seed is encrypted and the wallet contents can be viewed. In order to encrypt the whole file you have to go to wallet menu > password. This is actually the password change window but it can be used to encrypt the wallet file too. Enter your old password 3 times (old, new, confirm new) and make sure that "encrypt wallet" file is checked. Click on OK and it'll encrypt the whole wallet. |
|
|
|
|
don't go setting fees manually. use the dynamic fees option in preferences. also upgrade to the latest electrum version if you can because it gives you more options should your transaction get stuck again (it shouldn't though if you use dynamic fees)
|
|
|
|
somebody tell me how I get my "missing" money....and why are there no phone numbers to call? Is the the place to get answers? I need someone to walk me through where my money is. where is the support? is the goal to not have me use electrum again? why is this so hard. i'm showing a 0 balance, and it says low fee...what the hell does that mean? am I supposed to just know all of that?
don't freak out if your transaction is stuck. it's happening to a lot of people nowadays but it eventually sorts itself out in a few days time. so don't worry. |
|
|
|
- Then there were those users who received money to their wallets but when they went to spend it they found that they didn't know the password and neither did they have the seed. A few of them have complained here that they shouldn't be allowed to receive money into a wallet when they can't spend it. If the whole wallet is encrypted then they can't see their receiving addresses and so can't lose their money!
Yeah, that would certainly help as I've seen quite a number of users receive coins to a wallet that they can't send from. Encrypting the entire wallet would certainly help in this regard. looks like it is as i suspected. 2.8.0 has been released and if you set a password for your wallet then the wallet cannot be viewed until the password is provided. |
|
|
|
|
Show Posts
