gmaxwell convinced me that it is not safe to let users chose their passphrase. this is why the passphrase used by Electrum is generated by the software. it has 128 bits of entropy plus key stretching.
|
|
|
$ ~/Electrum-0.43c/mnemonic.py pain apologize tired bar change think off outside clear fear hit stir ValueError: 'pain' is not in list
Worldist has changed and there is no 'pain' anymore. Doesn't seem very reliable Better use rfc1751. the sequence of word you quoted was used by me as a demonstration screenshot on the website. the actual dictionary NEVER changed since the release of the software.
|
|
|
Hi Thomas, I just read this on the bitcoin wiki FAQ: you can try an alternative "lite" client such as Multibit or a super-light client like electrum though these clients have somewhat weaker security, are less mature, and don't contribute to the health of the P2P network.
Why would they say such a thing? To the contrary, I have the feeling that Electrum has extremely good security. Would like to hear your thoughts on that. Keep up the great job! This is FUD. Concerning the "health of the P2P network": Electrum servers are full Bitcoin nodes, and it is their interest to broadcast transactions as effectively as possible for their clients. There has been a "red balloons" paper by some microsoft researchers, who pretend that there is a weakness in Bitcoin, because miners have an incentive not to broadcast transactions. This paper lives in a completely theoretical world where the Bitcoin network is made of miners only. In reality, the Bitcoin network is very heterogeneous, made of nodes that have different incentives, and Electrum servers contribute to its diversity. Electrum servers have an incentive to broadcast transactions. They contribute to the health of the network. Concerning weaker security: it is true that Electrum clients are vulnerable to the servers they connect to. Although the server cannot steal your money, it can send you fake information, for example make you believe that you received a payment that didnt occur. I have two objections to that argument. - users can use information from various servers, or from other sources, such as blockexplorer websites, to check if they received a payment. we can also imagine enhanced clients that automatically confront the information sent by several servers. - Electrum servers are currently providing blockchain services free of charge. I believe that in the future they might want to charge a very small fee, such as miners do, in order to cover their operation costs. If I get paid from my clients, then I have little incentive to screw them up. In the world of possible threats, I do not think that the 'somewhat weaker security' of the Electrum client-server model is a real concern. There are other threats that are much more real. For example: - the forum is full of messages by users who lost bitcoins because they did not backup their wallet correctly. Some developers tend to consider that it is not their problem if users lose coins because they did not do regular backups. I disagree with that. I believe that this is a major problem for Bitcoin. To work as a currency, Bitcoin must be safe, not only for computer experts. It must be perceived as a safe store of value by everyone. For a non expert, 'I guess you do not know how to do backups' sounds very much like 'your coins might disappear randomly and it will be your fault'. The deterministic wallet of Electrum is meant to address that. - Web wallets (such as strongcoin, blockchain.info, etc) can get hacked. An attacker gaining access to their servers can modify the javascript executed by the clients, and get access to their private keys. This is a very real threat. - another very real threat is people distributing binaries, such as you I am not saying that what you are doing is wrong, and I do appreciate your efforts; it is very nice to have binaries. However, people should understand that there is a difference between source code and binaries. if they run your Electrum binary, they should know that they trust you for not inserting malicious lines in my code. Perhaps you should explain that, who you are, etc.
|
|
|
updated 0.38 -> 0.43c
can't connect: ..
issue solved on irc
|
|
|
How soon?
the code is already available on gitorious, but needs to be polished a bit. And how does Electrum compare to.... BitcoinSpinner?
1. BitcoinSpinner relies on a closed-source server run by a single individual. Electrum servers are open source. 2. The BitcoinSpinner server uses user accounts to store master public key, addresses, balance. With Electrum you can use any server, instantly; it does not matter if the server has never seen you before. 3. Electrum is also a desktop client. And here comes the magic part of deterministic wallets: you can use the same wallet on your desktop and on your telephone. They remain synchronized, automatically. To illustrate this, here is a screenshot of the same wallet on my desktop: https://s3.ecdsa.org/Capture-Electrum+0.43c.png you can see that the history and balance are the same as on the android screenshot. Your wallet is not on your device, it is in the cloud, and the cloud used by Electrum is the Bitcoin blockchain!
|
|
|
Hi Thomas,
Just a quick question:
Is it bad to have 2 instances of Electrum running at the same time (on the same machine, reading and writing the same wallet dat file)? For instance, can it cause wallet corruption or other bad things?
The reason I'm asking is, when clicking a bitcoin URI on a website, it will correctly launch Electrum and populate the Send tab with the requested parameters, but if Electrum is open already, a second instance will open.
Everything appears to work fine, but I was just curious if you could confirm that this is not a problem regarding the wallet file consistency.
Thanks!
I believe it depends on how the OS handles it. With Linux I never had a problem.
|
|
|
OK, they're allowed now. Plain addresses won't be auto-converted to links, and I modified Luke-Jr's regex to be less greedy about converting bitcoin: text to links.
cool, thanks! test: bitcoin:1DRtJjBzR59Vg76mJ4vU1d1Gji9zNK4PT9
|
|
|
Yes, restore works fine.
What i am asking is this: Should I also automatically get all the new send addresses inside "contacts" field when synchronizing with "less-than-up-to-date" wallet.dat file (for example... my portable electrum on usb stick)?
Thanks
yes I you should get them during 'restore'. but if your wallet was synchronized by an older version that did not restore all the contacts, I think that the missing contacts will not be restored by the current version.
|
|
|
0.43b works with existing wallet, thanks. Restore also works great now.
@ThomasV: I'd like to ask if this is normal behaviour or a bug: If i restore, i get full contact list. BUT in case i have older wallet.dat file (with several missing transactions, because i have created them with another instance of electrum on another computer), transactions are synchronized, but contacts stay unchanged.
normally the "restore from seed" procedure adds to your contacts all the addresses to which you sent coins. I think that this was not properly working with version 0.42, this is why you might be missing some.
|
|
|
sickening child porn I suppose they have another adjective for child porn that is not sickening?
|
|
|
Hey,
0.43a is still not working for me with my existing wallet.dat file.
did you try 0.43b? (see the main thread)
|
|
|
Like I said in that thread, someone needs to thoroughly test the modifications. I think I see a bug in Luke-Jr's patch, actually. This regex doesn't have a closing ~: '~\b([1-9A-HJ-NP-Za-km-z]{26,35})\b' theymos, I believe that you are the most capable of testing and fixing this patch. in addition, I think that it is not a complex patch, but a fairly simple one. the question is, do you want to do it?
|
|
|
I have put this project on hold until DIANNA is available
|
|
|
@Mods: Any chance to get this integrated? It's kinda shame that our forum doesn't support our own standards... I think it all depends on theymos
|
|
|
There's an error that I encountered when upgrading from 0.42 to 0.43a: david@david-xubuntu:~/electrum/client$ ./electrum Traceback (most recent call last): File "./electrum", line 71, in <module> WalletSynchronizer(wallet,True).start() File "/home/david/electrum/client/interface.py", line 344, in __init__ self.start_interface() File "/home/david/electrum/client/interface.py", line 415, in start_interface self.wallet.pick_random_server() AttributeError: Wallet instance has no attribute 'pick_random_server'
Had to destroy the existing wallet and recover from seed. hi, sorry about that; that's another bug. I realize that I should have taken more time for testing before that release.. Edit: that bug is fixed in version 0.43b. (use it if you want to recover the labels in your old wallet)
|
|
|
Another issue I'm having with 0.43 is that I seem to be unable to send any payments. The client freezes the moment I press Send and I have to kill the process. I am doing more testing.
oh I see the problem. sorry about that, I should have tested more. I will try to fix this right now. ok, this is a critical bug, so I released a correction immediately, see version 0.43a thanks for the report, and sorry for the bug.
|
|
|
Another issue I'm having with 0.43 is that I seem to be unable to send any payments. The client freezes the moment I press Send and I have to kill the process. I am doing more testing.
oh I see the problem. sorry about that, I should have tested more. I will try to fix this right now.
|
|
|
Nope, it's just that I encountered the same issue as minimalB a few hours earlier and could solve it that way. I didn't investigate much further.
this is strange...
|
|
|
|