Thank you.

First time verifying and I think i followed the instructions correctly, double checking that this output is OK.

There is no "Bad/Invalid" and it says "good signature" and the fingerprint matches so I am guessing the difference is trivial, but i get an audit log without 2 of Thomas V's aliases:

Yes! That sounds like just what I'm looking for! I will check into the portable version.

"BadElectrum"™ only getting the one associated wallet before i discover the breach is a small price to pay for more peace of mind. (though with a name that catchy, perhaps it deserves more)


I did DL and checksum GPG4win on a 'disposable' device but didn't finish installing and GPG verifying the DL yet, but ill eventually get comfortable with it.

Ya, I have no reason to believe there is anything wrong with my current (un-GPG verified) installation of electrum but i am far less safe than i believed i was if a malicious electrum install can sweep coins from all wallets/seeds on the device.

I follow the steps here every time i generate an address to receive bitcoin:
https://bitcoinelectrum.com/creating-an-electrum-wallet/#comment-7419
(Standard, New seed, Legacy, password-left blank which now seems like some degree of mistake)

What steps should i take so in the future should i install a corrupted version of electrum client that only the contents of the active seed/wallet would be lost, not other wallets on the same device?

IE:
Electrum client (corrupted)>>
-wallet0 (old) >BTC(spent, dust, unimportant)
-Wallet1(ACTIVE) >BTC (stolen)
-Wallet2 >BTC (safe)
-Wallet3 >BTC (safe)
-Wallet4 >BTC (safe)
-Wallet5 >BTC (safe)
.......
.....

^^ is that possible? What steps do i have to take?

The installer has "2013-2018 Electrum technologies GmbH" under copyright and under Digital Signatures, name of signer (without 2013-2018) with a timestamp of Wednesday February 13, 2019 4:57:17 PM but that is a different type of verification than the GPG4win method which is the only signature verification method i have seen suggested.

Ya its definitely on me for not seeking out these answers sooner, but I'm working through the appropriate paranoia now, hopefully while incurring no losses due to lax procedures in the past.


so using wallets with strong passwords will leave just the active wallet vulnerable at any given point? (I'd be happy with that)


Windows 10 (i thought windows was the OS without a native process for it)

Thank you for the detailed reply.

The GPG process involves installing software that i haven't verified, which could itself be malware. I couldn't figure out a way past that dilemma. Its a chicken or the egg situation if i already have btc on the device.


I imagine I am not the first to mention this but just in case...

It seems like an inelegant design to have no way to protect various wallets from the client. (malware that would seek out and open wallets should get flagged by scans, unlike hard coded send addresses employed in some of these attacks), that cant be a relatively easily remedied oversight in design can it, because it seems quite valuable to add if it is possible? (fingers crossed for future versions)

Also is there a way to install several instances of electrum on a single device, one for each seed? (are there other lite clients comparable to electrum?)

The simplest most intuitive way for someone less savvy to protect themselves from catastrophic loss is "not putting all your eggs in one basket"

(or more appropriately, not putting all your eggs in 3 baskets when you could spread them over 30 or 300. Losing 1/3 of your btc is devastating losing 1/300th would make you relieved you were alerted to a security issue cheaply by comparison)

Aah, OK, that was well over my head but i think i kind of understand the general idea now.

Hopefully there is something local i could do to keep the various seed/wallets isolated from one another so the only wallet vulnerable to a potentially corrupted client would be the currently active one.

At this point my best guess would be to find and delete the wallet.dat files of all wallets and restore one by one from seed. (or restore them as a format that doesn't allow more than one to be stored in "recent" at a time but i don't know how to do that or if its possible)

I think you meant this for a different thread

they all hash identically despite different names given to copies of what i assume are the same file.


In the immediate sense what i would want to avoid is the situation where the BTC from other wallets havent been stolen yet, but somehow they will be when i attempt to broadcast a transaction or generate a new seed in a compromised client.

Otherwise they are already gone and i cant do anything about that, or they are already as safe as they were before the new installation.


It does bother me that i had thought i was being clever protecting myself by separating funds into different wallets every time i receive new btc but it occurs to me now that very much may not be the case.

I downloaded electrum-3.3.4-setup.exe from https://electrum.org/#download (address copied and pasted from the tab that is still open in my browser)

i have no reason to believe i have downloaded a compromised version at this point. I have not interacted with the wallet since install.

The sha256 hash of the download i installed the update from from matches other installers acquired from other browsers electrum-3.3.4-setup (1).exe electrum-3.3.4-setup (2).exe (can this, has this been spoofed as far as anyone knows?)


I did not feel comfortable gpg verifying the download. I thought if i was confident i was installing from a link on the actual electrum site that should be enough, but if I install the new version to a new directory and (this part did not go as planned hence me registering here and posting this) "only" restore in the newly installed client a seed from a wallet with a smaller amt of btc as a test and it didn't disappear then i could be confident the new install was legit. (the new install apparently overwrote the previous install, and populated the "recent" wallets from the previous version automatically which i did not expect. So i got paranoid and i am here trying to decide what to do next.)

If I have or will DL/install compromised updates to electrum does the attacker immediately gain access to every (seed)wallet>addresses that i can toggle between under file>recently open? (so my btc in all "recent" wallets are already gone)

If yes how can i prevent the electrum client from being a central point of failure in the future for all wallets/coins stored (hot) on that device (Passwords? moving .dat out of a directory, and zip-encrypting it...??) shy of a watch only + airgapped machine, which i will get to eventually but not now.

(If no, i am actually OK with a limited attack surface of one seed/wallet at a time, I generate a new seed for each new receive address, so if i would find out i was compromised losing the contents of one wallet and be able to protect the rest of the hot seeds/wallets it would be acceptable risk.)

If i already installed a compromised version but not all coins across all seeds/wallets listed in recent have been swept instantly (i did not broadcast any transactions), what steps can i take to protect funds in the other "recent" hot seeds/wallets?


Of course any other advice/links on general opsec could be useful, but honestly if only one wallet at a time is at risk of being compromised that is a level of risk i am fine with in perpetuity.

Thank You