Extended Public Key or Used addresses (+ 20 unused) only

[ragnar dannesk gold]

When checking your wallet balance via other servers, does Electrum send your entire XPub/YPub externally, or does it just check used addresses until there are X number of unused addresses located?

The former would be bad for privacy, the latter much better.

[pooya87]

no, your client will only send a list of your addresses to Electrum servers to receive their transaction history back. your master public key is never revealed to anyone outside.
it doesn't change anything about your "privacy" though. you are still sending ALL your addresses (which is about 20 used and used at least) so the server already knows all of the addresses in your wallet.

[ragnar dannesk gold]

Thank you for your response.

If I am not mistaken, I do believe there is a significant difference in the privacy of the two methods.

With one, that master public key is a record of all transactions, past and future. If I were to use a single master public key for the next 100 years, someone who stored that master public key today would be aware that a transaction that occurs in (hypothetically) 2046 (my 86,000th transaction) belonged to that same wallet as the wallet that did the transaction on 30/01/2019.

Alternatively (and how you describe Electrum to work), they will be aware of all past transactions, and the forthcoming 20 transactions, but if I were to stop using Electrum today, they will have no knowledge that my 21st transaction from now (and beyond) are from the same wallet.



For clarity - The difference is between:

A) All past transactions and all future transactions
B) All past transactions and 20 future transactions

[nc50lc]

Either A or B, an investigation to the UTXO and spent outputs could tell if a set of addresses belong to a single wallet, specially if the user has done multiple "consolidations" and/or reusing addresses.
If you really want to be private, use one input at a time (as much as possible), use change address and do not send all of the change (consolidate) to a single address within the wallet.

-snip- but if I were to stop using Electrum today, they will have no knowledge that my 21st transaction from now (and beyond) are from the same wallet.

If you stop using Electrum today, there will be no more addresses for you
JK~ish, AFAIK you will not be able to use Electrum's (non-standard) SEED to Bitcoin Core or other Clients so, there is no other choice if you want to use it again but to restore it. Other choices?, Restoration by Importing the keys (to any client) will worsen the privacy issue.

Unless you're using coin control, your privacy is still at stake.
Anyways, you can manually select the server of your choice but I can't tell which is the most "trusted" among them.

[Abdussamad]

There is another risk with sharing the xpub. If any of your private keys are made public and your xpub is made public you whole wallet can be compromised. So that's one more reason why electrum doesn't share the xpub. Actually it only sends hashes of addresses to servers. It used to send addresses as is but now uses hashes. I'm not sure why it sends hashes though. The server operator only has to take a few extra steps to get your addresses if he wants them.

[pooya87]

With one, that master public key is a record of all transactions, past and future.

it is master key used to generate your keys not your transactions.

Alternatively (and how you describe Electrum to work), they will be aware of all past transactions, and the forthcoming 20 transactions, but if I were to stop using Electrum today, they will have no knowledge that my 21st transaction from now (and beyond) are from the same wallet.

you are correct about what you are saying though. if someone has your master public key, they can know all your future addresses too. but the thing is, if you stop using Electrum and switch to another wallet you should always create a new wallet and "transfer the coins" instead of importing the old keys. that is why different wallets usually make importing keys a little harder than it has to be to encourage sweeping instead.
that is why i said it doesn't change anything about privacy. so long as you are using Electrum you will continue to send your new addresses to the servers and they can link them all together.

AFAIK you will not be able to use Electrum's (non-standard) SEED to Bitcoin Core or other Clients so, there is no other choice if you want to use it again but to restore it.

you can import your "master keys" anywhere, they are standard BIP32 keys. the seed is not BIP39 so it can't be imported in BIP39 compatible wallets.