Bitcoin Forum
September 28, 2025, 09:54:29 AM *
News: Latest Bitcoin Core release: 29.0 [Torrent]
 
  Home Help Search Login Register More  
  Show Posts
Pages: [1]
1  Bitcoin / Wallet software / Re: Certificate Renewal or Man-in-the-middle attack? on: February 15, 2024, 02:57:43 AM
Quote from: satscraper on February 13, 2024, 10:36:57 AM
Quote from: stackyoursats on February 12, 2024, 07:39:15 PM
When I open Sparrow, I receive a popup titled "SSL Handshake Failed". The message says "The certificate provided by the server at electrum.diynodes.com appears to have changed. This may be simply due to a certificate renewal, or it may indicate a man-in-the-middle attack. Do you still want to proceed?".

Has anyone else gotten this? Is it safe to click Yes and proceed? Is it safe to connect my cold storage to my computer and/or conduct a transaction? Thank you in advance

You can check  electrum.diynodes.com  certificate on sslchecker. It flags Missing Root certificate  for given server and it would be a red flag for me.

I never connect my Sparrow to any public server as I use my own Bitcoin Core node.

Thus, I encourage you to  act  in  the same way.

" Better safe than sorry"

Thank you so much for sharing that link. I've checked every public server so far on SSL Checker, and of the ones that return results, they all show a missing root certificate. I will definitely migrate to my own Bitcoin Core node.

Is my sparrow wallet at all compromised for having connected to public servers in the past? If so, is there anything I can do to ensure my funds don't get stolen via man in the middle attack once I set up my own node? (i.e. delete and reinstall Sparrow) Currently I have the most air gapped solution where my cold storage hasn't once been connected to my laptop at any point. Thank you for the help!
2  Bitcoin / Wallet software / Re: Certificate Renewal or Man-in-the-middle attack? on: February 15, 2024, 02:49:21 AM
Quote from: ABCbits on February 13, 2024, 10:14:37 AM
I tried accessing the website from browser and got different error.

Quote
Websites prove their identity via certificates. Firefox does not trust this site because it uses a certificate that is not valid for electrum.diynodes.com. The certificate is only valid for api.testnet.diynodes.com.
 
Error code: SSL_ERROR_BAD_CERT_DOMAIN

It looks like owner of that domain doesn't configure SSL certificate properly. And after i choose to proceed, it shows 504 Gateway timeout. I don't think it's dangerous to click yes, but you better use properly configured Electrum server.

Got it, thank you for checking with Firefox. Is there a rule of thumb for which public servers are safe to go with? If I run my own bitcoin node, will my sparrow wallet still be compromised from connecting to public servers in the past?

Thank you!
3  Bitcoin / Wallet software / Re: Certificate Renewal or Man-in-the-middle attack? on: February 14, 2024, 08:38:13 PM
Quote from: Yamane_Keto on February 13, 2024, 01:48:21 AM
When you connect to a new server, the wallet creates the server certificate and keeps it, and when any change occurs, this error appears. Therefore, if you do not change the server or do not trust electrum.diynodes.com, click on No and go to file, Preferences, Server tab


That server is managed by https://twitter.com/openoms, and I don't think there will be a problem by clicking Yes.


Thank you for clarifying. I likely did receive the popup due to connecting to a new server as you mentioned.

A few questions for you:
  • How were you able to verify this server is managed by openoms?
  • How do you know it's still safe to connect to? I ask because after checking this server on sslchecker.com it appears this server's root certificate is missing which was flagged as a red flag by others who responded to my post.
Thank you for all the help!
4  Bitcoin / Wallet software / Re: Certificate Renewal or Man-in-the-middle attack? on: February 13, 2024, 08:26:14 PM
Quote from: BitMaxz on February 12, 2024, 11:18:52 PM
I don't know what caused this issue but are you using a VPN while using Sparrow? It won't be safe if you proceed better report this issue since I never heard someone had the same issue.

Do you own this electrum.diynodes.com or this is what you paste under private electrum?
It seems you need to enable SSL on the settings or provide the server certificate.

Check their GitHub page below and make a report issue.

- https://github.com/sparrowwallet/sparrow/issues



Sometimes I have VPN turned on. I do not own electrum.diynodes.com and have never heard of it until the popup that I received. I am currently not running my own instance of an Electrum server but am planning on running my own Bitcoin Core node after this incident. When you say I need to enable SSL on the settings or provide server certificate, this is relevant if I run my own private Electrum server but does not apply if I'm running my own Bitcoin Core node, right? Thank you for sharing the GitHub page. I will report the issue.
5  Bitcoin / Wallet software / Certificate Renewal or Man-in-the-middle attack? on: February 12, 2024, 07:39:15 PM
When I open Sparrow, I receive a popup titled "SSL Handshake Failed". The message says "The certificate provided by the server at electrum.diynodes.com appears to have changed. This may be simply due to a certificate renewal, or it may indicate a man-in-the-middle attack. Do you still want to proceed?".

Has anyone else gotten this? Is it safe to click Yes and proceed? Is it safe to connect my cold storage to my computer and/or conduct a transaction? Thank you in advance
Pages: [1]
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!