What are the privacy implications of syncing a watching-only wallet using a master public key?
I've always heard that Electrum had weak privacy due to the way it verifies transactions, but I never looked into the details. Does the wallet leak metadata that makes it easy to link addresses within the wallet? Is there any difference in this regard between using the desktop wallet normally and using a watching-only wallet?
Electrum desktop (or mobile) wallet connects to Electrum servers (at random) to relay information about the active addresses that you have in your wallet. They do the hard work of indexing all the addresses with funds, on the blockchain. The servers also know your IP (unless you are using a TOR Electrum Server explicitly - and there are some). So, the normal servers do know which addresses (and amount of bitcoins in it) goes with which IP. The servers also knows all the addresses that are part of the same IP.
That is the extent of the information they know. Nothing else to my knowledge.
Thanks. So essentially, any Electrum server that we randomly connect to can probably trivially link our wallet addresses together. They also know our IP address, but this can be mitigated with VPN, so I'm less concerned about that.
So in theory, blockchain analysis companies, the US government, etc. could be populating Electrum servers the same way they work to deanonymize the TOR network by populating exit nodes. It probably makes sense to separate holdings into different wallets if you want to avoid having all of your funds linked together.
I guess the solution would be to avoid randomly connecting to Electrum servers, and set up one of your own using a Core node. That destroys the bandwidth savings of running a lightweight node, though.