Warning about imported private keys !

[ciapheap]

If you import a private key into an Electrum wallet, and also assign a password for that wallet to be encrypted, because of a bug, that private key probably will not be safe yet.

You could either import a private key through the setting panel, or do that from the console.
The problem is that if you have used the console, the history of console which is saved in your 'electrum.dat' file, will reveal entered commands in PLAIN TEXT !!!

So anybody with access to your electrum.dat file could get those imported private keys in PLAIN TEXT, although there is an encrypted version of that key saved in the file as well.


Note: By 'import from console' I mean something like this:
     >>importprivkey('5KJvsngHeMpm884wtkJNzQGaCErckhHJBGFsvd3VyK5qMZXj3hS')
     this command would be saved in 'electrum.dat'

[ciapheap]

1.Close Electrum, then backup electrum.dat

2.open the file in a hex-editor

3.Find 'console-history' in the file. It should look something like this :
...   0ed8', 'console-history': [u"importprivkey('5KJvsngHeMpm884wtkJNzQGaCErckhHJBGFsvd3VyK5qMZXj3hS')", u"dumpprivkey('1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T')"], 'num_zer  ...


4.Carefully remove all fields involving 'importprivkey', e.g. the above history after correction should look like:

...   0ed8', 'console-history': [u"dumpprivkey('1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T')"], 'num_zer  ...

- Alternatively you may clear entire history like this:

...   0ed8', 'console-history': [], 'num_zer  ...

5.Save electrum.dat.

Note: If you want to import any private keys, I suggest that you use import button in settings panel.

[Stephen Gornick]

Is this by design, or would this be a security issue that should be fixed (by not logging or obfuscating the importprivkey command)?

[ThomasV]

Is this by design, or would this be a security issue that should be fixed (by not logging or obfuscating the importprivkey command)?

This point has been discussed in the past. There's no easy way to 'fix' this...

First, note that the same issue arises when you use Electrum (or bitcoind) from the command line;
if you are not careful, private keys will end up in your bash_history (or wherever your OS stores shell histories).
Thus, the Electrum python console does not create a new risk, with respect to that issue; it only displaces the risk.

It would indeed be possible to obfuscate commands like importprivkey in the history. However, the user can do something like this:

Code:

mykey="foo"
...
importprivkey(mykey)

... and this can be varied ad infinitum; there's no way to predict all the possible ways to use the console.
Therefore, obfuscating some commands will never be 100% safe, because the very point of this console is to be programmable.

The console is useful for debugging and programming Electrum; thus, I am assuming that users who use the python console instead of the gui are geek types, so they are able to understand that issue. But if you have a better solution, please let me know.

[ThomasV]

Note:

1. to clean your console history, you just need to do this:

Code:

gui.console.history = []

2. use the console if you feel like programming/testing things, but do not put sensitive information in it.

[tnkflx]

Note:

1. to clean your console history, you just need to do this:

Code:

gui.console.history = []

2. use the console if you feel like programming/testing things, but do not put sensitive information in it.

Possible solution:
- Display the server MOTD somewhere in a tab titled "MOTD".
- Make the console optional with a setting?

On the other hand, like you said, the bash_history contains some private stuff as well sometimes...