-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I am Thomas Voegtlin, main developer of the Electrum Bitcoin
wallet.

On Dec. 6th, 2014, my GMX email account has been compromised and its
password was reset. Using access to my GMX account, the attacker could
obtain a password reset of my @ElectrumWallet Twitter account, and
posted racist messages on it. I have since then regained control of my
GMX email account, and I hope that the Twitter situation will get
resolved soon.

The Electrum website, SSL certificate, Github account, were not
affected by the attack, and the source code of Electrum was not
modified.

At this point it is not known how my GMX account was compromised, so I
will consider that email address as permanently compromised, even if I
have regained access to the account. I will post more information once
the situation is fully resolved.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJUiBwuAAoJECvVgkt/lHDmbDMP+gNHQUvlQPGEAlsgf4xToPQ0
+/aGRrj2DiKNT32EwcyZOqKjdrYUgSNXHAfDEFHgZDgEXTReIZS/FxVNdZXT/g+H
kJvb3mpso4hhk/OXOOtDEINkAw/VAu8Sw70+v+VwCbOE5ZfrNpQXFkjoAb706dvk
aO1OgzICRISniVHWkZ9E4RmC/L+Y14bicE+7KOh2vmFX2vHJ0WI/7QLRrvvrwkl8
3OnGUS4bnBOGX/DHCT3EmW8GS8CNJrWwfrOgkl/yHY4gpeW7VMsc3p0Uaow96ne8
ZeyH4UOdZiBOHRvGPnh2SmhThHtM4TLDJ3f+v8p3mx8tjH7EGGRKWp9M0knFySWr
iBYSjjgO0nSMctyfyNOxyuYMuMoQfsUpD0C2SO9SuW8VVaPWh/ovocJp5OFpNHuf
rR1DlfAKgMMSvxb4NHTUs4vJlhOzCakuNqjnuqU6F1glP33ALe3lkd7QmDg/Dirg
ndsscaTM+LTVR4ZWV0+Bsi+tpSigYW5+etGBfWNkfUprvHDHQIHTOu3xGMXRmCYL
R1Q84lYBCasBVFo9nrc0sa7XH/mtlZqzEJrfWk7fd8XlV2wk4JmUBuTd7C0F4eq8
0IIAOwD+662blWJ8vet+EMvCQHpsSubS0159fJ+LwebSQU7HVRHJhgKHirtA7Kdz
I0RoVkmUflBvv4Ng/2Lt
=fPjo
-----END PGP SIGNATURE-----

thanks for the help on how to build binaries.
Note: if you test the current version, please be aware that the current wallet format might not be compatible with the final 2.0 release.

obviously it's taking much more time than I initially planned; sorry about that.

This is wrong. Electrum verifies all transactions in its history using SPV.

ich werde heute dabei sein.

you can also create a watching only wallet with the gui and your master public key

you have to create a new wallet

I merged it because it works..
however, that plugin still needs to be polished and tested.

I fixed setup.py yesterday.. let me know

Looking at the wallet:
Most of the coins were sent to 1BA8FTYVxVnebhxQGzxJWy4Y4QKwsVKEko, in 7 transactions.
I guess the reason why we see 7 transactions instead of just one, is that the coins in the wallet were highly fragmented: each of these transactions has dozens of inputs.
However, these transactions paid only 0.1mBTC in fees.

I consider it likely that an 8th transaction was attempted with the rest of the coins, but failed to be propagated due to insufficient fees.

If that is the case, the final withdrawal (15d291dd8e705298499e37026b8574042eb3b0bccc0046878500af0b19c319fb, probably made by the legitimate owner) double spent the thief withdrawal.
(that withdrawal paid 0.4mBTC in fees)

Lessons learnt:
 - never email your seed to yourself. (write it on paper)
 - pay the suggested transaction fees, if you are in a hurry to have your transactions confirmed.

1. what do you mean by that?

2. move all the remaining coins away from this wallet.

3. it does not make sense to steal part of the coins and to leave 8 btc in the wallet.
if you publish the master public key, we might be able to see what really happened.

if several blocks are available, it processes them together, before it prints a log line.
I agree that it can be confusing, it should probably print a message on each block

yes, I am considering using it.
However, I think that it will not be compatible with Multibit, which will not support multiple accounts afaik.

Also, it is probably a bit incomplete:
* it does not say anything about multisig wallets.
* it does not say if the same gap limit applies to change addresses.
* it does not make any recommendation about waiting for confirmations before generating new addresses.

Thank you for your support. I usually do not request donations for myself, because I do not think it is an effective way to incentivise free software.
Developers who request bounties tend to finish projects quickly, and do not really care about long-term maintenance.

However, you you can donate to the people who run public Electrum servers.
Electrum does relies on servers, and we currently lack an effective way to reward the server operators.

Also note that I created a company that will distribute Electrum, sell paying services to Electrum users, and fund further development of the Electrum software.

My contribution to bip39 was to make it independent from the dictionnary used.
That means you can use whichever word list you want with bip39, even a chinese wordlist not supported by your bitcoin client.

However, this does not solve the compatibility issue:
The real problem is wallet structure, and there is no agreement on that between wallets developers.

Thus, it will not be possible to import Electrum seeds in other wallets, but this has absolutely nothing to do with the wordlist.

no need to do several transactions.
you can select multiple addesses and send from all of them.

congratulations! looking forward to see it live

the utxo root hash will be used by the client to check proofs of completeness sent by the server.
this is not enabled now.

if you are a programmer, use and test the git head version.
you will see which features are already developed, and you will be able to submit changes and fixes.

in a terminal it is

if you use the python console, you need to comply with the python syntax:

  (with quotes)

In the gui you can also use the menu: Tools -> Load Transaction -> From the blockchain