ELECTRUM WALLET STOLEN 6 BTC

[BitcoinNewsMagazine]

@greenland glad you fixed the problem. You did not actually give another member of the forum remote access did you?

[Stroto]

Maybe he can put "solved" or something in the title now?

[Quickseller]

A blockchain explorer can not show your wallets balance as it has no clue which addresses are yours. It can only show a single address and its balance/TXs.

This is not true. There is walletexplorer.com which shows the balance of all the addresses in a "wallet" that are spend-linked together.

Many block explorers also allow users to view all the transactions associated with a specific xpub key. For example you can go to blockchain.info/xpub/[your xpub key here] or....maybe it is not "many" but at least blockchain.info allows you to view transactions with a xpub key

[shorena]

A blockchain explorer can not show your wallets balance as it has no clue which addresses are yours. It can only show a single address and its balance/TXs.

This is not true. There is walletexplorer.com which shows the balance of all the addresses in a "wallet" that are spend-linked together.

I would not consider them a blockchain explorer, but yes to certain extent you are correct. E.g. it shows 6 of my ~80 addresses (Edit: excluding change addresses) as linked.

Many block explorers also allow users to view all the transactions associated with a specific xpub key. For example you can go to blockchain.info/xpub/[your xpub key here] or....maybe it is not "many" but at least blockchain.info allows you to view transactions with a xpub key

The xpub key however is not publicly available and should not be. Not only is it a privacy breach, but also a possible security risk[1] should any private key be leaked.

[1] https://bitcointalk.org/index.php?topic=657205.0

[Quickseller]

A blockchain explorer can not show your wallets balance as it has no clue which addresses are yours. It can only show a single address and its balance/TXs.

The xpub key however is not publicly available and should not be. Not only is it a privacy breach, but also a possible security risk[1] should any private key be leaked.

[1] https://bitcointalk.org/index.php?topic=657205.0

You are correct that making your xpub key public would be a privacy breach, however if you are going to trust a block explorer to show transactions of your BTC address, then to a certain extent you can trust them to protect your privacy when given your xpub key. I really do not see how trusting a block explorer would be any more of a breach of privacy then trusting an electrum server would be.

You are correct that an xpub key + a single private key can be combined to calculate every private key associated with a seed. However it is very rare that only a single private key would get compromised. Sure whenever you sign a Bitcoin transaction with electrum, the private key will be stored in ram briefly, however your encrypted wallet would also be stored in RAM at the same time, and someone with access to your RAM would likely also have access to what your keyboard types so they just as easily use your wallet password + encrypted wallet file to get your seed.

The only vector in which only a single private key in electrum would be compromised would be if a weak R-value was used when signing a transaction, however AFAIK this is not an issue with electrum.