There's no built in notification plugin that sends Email but I reckon it wouldn't be difficult to make one since they have a nice RPC interface to use. You can probably monitor specific addresses for new transactions and get transaction info after that, like a combination of get_tx_status and notify. I wouldn't recommend you to do so though. It would mean that Electrum has to be running the whole time and I would just advice you to query the blockexplorer directly instead of going an extra hop through Electrum. I don't think you'd be able to do it with electrum itself since they closed rpc connections and you'd also have to leave your system running with any alternative.
Did they close it? I don't recall them doing so in the recent release but I might be wrong. |
|
|
|
VPN or TOR only make sense if you are broadcasting your transaction. Create a new address can be done online or offline and you can create many address online with Electrum and no one knows the addreses if you don't use it for any transaction.
Electrum will send all the addresses within the gap limit to the server so that it can get any transactions that is relevant to the addresses in the wallet. It doesn't use bloom filters, not that it'll make a difference. But the server will know all your addresses, used or unused. If you care about privacy, you wouldn't be using Electrum anyways. Behavior for Bitcoin Core is like what you describe. Though unless they can saturate all your connections with their nodes, they cannot determine with absolute certainty that you sent that transaction. On the other hand, when using Bitcoin Core/Electrum with VPN, the VPN operator will see which addresses belongs to you. Tor is better in that aspect. ** I think BIP151 was withdrawn so there's that. |
|
|
|
I do agree with you and somewhere along the line you have to trust someone or something. But if those who are probably honest (I like that you aren't claiming that they are since people can turn) go rogue, together with the developers, would there be many people left to discover their wrongdoings?
Depends on who you trust, I guess. Scenarios like that can happen but the probability of it happening to major projects like Bitcoin Core is significantly lesser than one which is less active. Which means you probably have to dedicate some time to inspect and/or learn the appropriate programming language for everything that you run. That's the only way out of that scenario and I can promise you trying to learn another programming language AND be proficient enough to discover malicious code won't be quick, much less potential vulnerabilities. So no, I don't believe that open source projects are guaranteed okay. On Bitcoin Core, I trust the 770 contributors that are experts on their job.
You're trusting Github and the lead maintainers to be honest. The lead maintainer is the person that merges all the changes into the stable version. Each Bitcoin Core version, including it's RCs are signed by a few of the contributors and they can be found here[1] [1] https://github.com/bitcoin-core/gitian.sigs |
|
|
|
I do think about this a lot of time whether bitcoin will be able to handle heavy loads of transactions if there should be so many people around sending and receiving money with it every seconds. Even at its earlier stage we had to face the slow rate of transactions with Bitcoin, and a lot of people had to complain about it, and they have all been complaining about it from then till now and still nothing has been done about it.
When you talk about it some people will say that the devs are waiting for the right time to fix the issues, like when exactly are they going to fix it since we have waited for long?
Scalability is a complex issues. Any one solution will no doubt bring about a plethora of repercussions which makes it difficult to garner enough support or make it viable to implement. There are plenty of solutions being proposed, with Segwit being the notable on-chain optimization with Taproot and Schnorr due to be live soon. Off-chain wise, we have Lightning network which helps to alleviate the problem to some extent. Most of the other solutions will bring about drawbacks and it's not easy to balance the benefit/cost. If you're able to come up with a solution that doesn't pose any drawbacks, you should try drafting a BIP and we can have some meaningful discussion on that. |
|
|
|
(By the way, wouldn't it be more efficient if Core downloaded blocks during the sync using multiple threads, since that can be parallelized safely?)
It does. The Bitcoin Core does simultaneous download from different peers since 0.10.0 since they introduced headers-first synchronization. Synchronization before that was notoriously slow.
The bulk of the earlier blocks should synchronize relatively quickly (due to smaller blocks + assumevalid) and will slow down significantly in blocks from the recent years. If OP runs Bitcoin Core and only synchronizes 9%, it would be a fairly painful process. The assumevalid block is fairly recent already. Switching to SPV will be better. |
|
|
|
Don't you think people put too much trust in these password managers and were should we draw the line? They are excellent apps and make our lives easier, but we are kind of centralizing the password creation and storage process to a few apps. If there was a leak, similar to the one Ledger suffered, a lot of people would be affected.
LastPass had a leak a few years back. Password managers are by no means immune to anything and should not be used to store information that are too sensitive. There are better alternatives though, some don't even require the trust of the operator. If you can trust them to generate and store your passwords safely, why not trust them with your private keys and seeds as well? I'd rather not trust them with either of those.
Password managers should be seen as a balance between convenience and security. They can't possibly ensure impenetrable security given that you're literally giving them the information (albeit secured) but there is still a risk of inside job and stuff like that. I find them useful to help users to avoid reusing password across sites and it's arguably more convenient than generating your own password and writing them down. It's alright for stuff like passwords for your social media or exchange with 2FA. |
|
|
|
|
Should go to Scam Accusations/Investigations, it's not a technical support thread. Make sure you don't dox the wrong person, the ownership was changed before it became a phishing site.
Anyhow, it seems to be the site which generates address with weak/predictable RNGs and thus allows it to be compromised easily. Don't think you can really do much about it, unless you find the current owner.
|
|
|
|
This may sound far fetched but it is possible that this particular clipboard hijacker is using a vanity address generator under the hood to generate an address that starts with the same couple of characters in order to increase its chance of fooling the victim into thinking the pasted address is the same one as copied (if they only check the start): 1DBHG... (malicious)
1DBHJ... (real)
This could explain why it takes multiple tries to be able to paste the correct address. If that's the case it could be detected by checking the CPU activity which should spike immediately after an address is copied. It would be a big spike but for a very short time. That's what I theorized at the start. However, such implementations will inevitably need the private keys to be sent to the C&C which will result in more detection by AVs. From what I observed, most of the stealthy ones will have a list of addresses (a huge list) to choose from. I think the more plausible explanation is for the malware to have a randomized replacement, (ie. to have a malicious address every x tries). |
|
|
|
Let's say that no transactions I have done are linked with my real identity, with my real name. I think they could still be traced via IP address right?
That depends on what kind of wallet you're using. Custodial wallets will no doubt do some logging that would compromise your privacy. SPV wallets like Electrum are generally terrible for privacy, even with bloom filters, the server can still deduce the list of addresses tied by the IP. In the case of full nodes, it's unlikely that someone can deduce the addresses linked to your IP with certainty. Searching up addresses on Blockexplorer as well. It all depends on your habit. You've understood correctly. No, I'm not worried about the source. Actually the sending address of those funds start like this "bitvestxxxxx..." so it's pretty clear where those funds come from.
To obfuscate the origin, you want to look at the mixers available on the market, like ChipMixer and I've used it frequently. CoinJoin is also fairly popular but CoinJoin txes can get flagged by exchanges for stupid reasons. Yes but that's not infallible either, is it? First because the Electrum node(s) I connect to knows my IP and the addresses I own.
Also, if I have an address with 0.01 BTC that's linked to my real identity and I only want to make transactions of 0.02 BTC or higher, at some point I'll have to use that addres mixed with others to send funds so the others will be linked to me also.
Yes. If you are really serious about privacy, either run your own Electrum Personal Server (which isn't hard and I've done it on my RPi) or use a full node or Wasabi Wallet (for CoinJoin). It really depends on how you manage your privacy, taking care to not link addresses with the same TXes together, not using services which could expose them etc. |
|
|
|
First thing I'm going to do is a restore from a full hard-drive backup from a week ago and see if it happens. At least that might save me some time. Will it still happen if I disconnect from the internet so I can tell if it is still infected?
Behavior likely persists with internet or not. The clipboard malwares that I've looked at has a whole list of addresses embedded and it'll pick a similar address from the list when it detects a Bitcoin Address in the clipboard. It doesn't require internet. I think it won't be completely safe given how you can't identify the source of infection and your antivirus are not showing anything. |
|
|
|
I've run malwarebytes and norton and it always was clean. I have multiple backups. Is there any way to determine when it happened?
I don't trust antiviruses for that reason. They only flag malwares based on the corresponding signatures and/or the program's behaviors when in runtime. It is not difficult to evade the detection using ciphers or disabling the behavior when inside the sandbox or antivirus scans, etc. It'll be pretty difficult to determine when you were infected, especially if the malware was well made. Have you ran any unknown programs recently? What do you mean by "reset my accounts?"
Change your password. Some malwares have a keyloggers together with it. I'll assume the entire computer and whatever information that you've ever typed in the computer to be compromised. |
|
|
|
|
Clipboard malware. It'll replace any addresses that you copy to the clipboard with one that is visually similar in terms of the firstbits. Format your PC (re-install your OS) and reset your accounts and you'll be fine.
|
|
|
|
|
Bitcoin Core provides users with more features but they're mostly for advanced users and normal users who are looking to just receive and spend Bitcoins will likely never touch it at all.
Electrum is a great wallet but it comes at an expense of privacy and (slightly) in terms of it's security but it's perfectly fine for most users. If you want better privacy, look into Wasabi wallet.
Depending on your computer, the initial synchronization will take up to a few days and perhaps maximum of a week. You can probably bypass the synchronization process by downloading a pre-sync'ed data directory but that negates the benefits of having Bitcoin Core so I don't really recommend it.
|
|
|
|
I don't remember verifying it.
Damn this sucks, well I guess I have to learn the hard way.
Thanks for your quick reply+help.
That sucks. Do wipe your computer, in case your OS got infected with a malware as well, they happen pretty often. As for the verification process, here's[1] a very well written guide. [1] https://bitcointalk.org/index.php?topic=5240594.0 |
|
|
|
o god... I think my bitcoin might've been hacked or something?  does it look like it?  Looks like it. Where did you download your Electrum from? Did you verify it with ThomasV's PGP? |
|
|
|
I only have 0 in my balance, but my receiving address has 0.005xxxxx amount  Did I do something wrong here?  First of all, are you seeing the transaction in your wallet? The balance should appear automatically. Go to the addresses tab (View>Show Addresses) and right click on the address and right click to select spend from. |
|
|
|
but what they are selling, just a piece of hardware with a software open-source light wallet installed on it?
what is the main difference between that solution, and same open-source software on some old laptop, that is not used for anything else, just to have access to your wallet?
why the Trezor is better (just asking, I do not think that it is not) from old laptop? and old laptop sitting somewhere is the basement could be not recognized as hardware wallet, or it would be harder than seeing Trezor as a wallet
what is a main Trezor advantage, in your opinion?
Trezor was one of the first HW wallet maker and it was their choice to not put a secure element within their devices. Their rationale being that the main attack vector is from the net, among various other stuff [1]. I saw this counterargument (by Ledger) years ago and thought that it made more sense[2]. Trezor is designed to not be vulnerable to typical malware and viruses as its primary purpose is to receive and sign transactions, so the attack vector is pretty small. I think their firmware is also signed so that isn't a threat. I think your final question is about HW wallets in general. As said, the secure element will mitigate the attacks as mentioned. It really depends largely on your usage. Are you confident with handling air gapped storage? Do you want a bit more convenience while ensuring the same level of security (relative)? Do you want to save money on HW wallets? Personally, I bought a HW wallet not because it's more secure (the threats are largely irrelevant to me) but that it provides much more convenience and portability than an airgapped wallet. Trust me, a hardware wallets makes everything smoother than starting your RPI up and realising your Electrum got corrupted again and having to find and type in the seeds again. [1] https://blog.trezor.io/is-banking-grade-security-good-enough-for-your-bitcoins-284065561e9b[2] https://www.reddit.com/r/Bitcoin/comments/52x08n/is_bankinggrade_security_good_enough_for_your/d7odee4/ |
|
|
|
Ok I get that but the full public key is 130 characters. Is it the first 65 (X value)
I think it'll be easier to represent it in a transaction with an uncompressed public key. Let's inspect this address: 1MsHWS1BnwMc3tLE8G35UXsS58fKipzB7a TXID: 3410bc9f7671d30225678a870f8d695cad1af6f64b0a319a487d3b86540794ab ScriptSig: 483045022100a9830934fffb69c597f68a1d5f5b6621a5d384ba4a4c81c316c08f652ed8036202206 cef70d41b95bfd53c6ee3cc0a69ab7c96d9a1ef18ffbf100505851ba53d266b01 - Signature 41044f355bdcb7cc0af728ef3cceb9615d90684bb5b2ca5f859ab0f0b704075871aa385b6b1b8ead8 09ca67454d9683fcf2ba03456d6fe2c4abe2b07f0fbdbb2f1c1 - Public key. Yes, you can interpret the last 130 characters (or 65 bytes) of a scriptsig as the public key. Clients generating uncompressed public keys are a rarity nowadays, given bech32 and the inefficiency of uncompressed public keys. |
|
|
|
I actually posted[1] about this a few days back I think. So the format of P2PKH sigscript is the signature followed by the public key. So basically, extract the sigscript, identify the signature and there should be a OP_Pushbytes_65 (since we're talking about uncompressed) which is 41 in hex. You should get the public key pertaining to that specific address.
You can probably write a script to separate and identify the public key pretty easily. [1] https://bitcointalk.org/index.php?topic=5302887.msg55912788#msg55912788 |
|
|
|
|
Show Posts
