Bitcoin Forum
April 23, 2014, 02:24:57 PM *
News: Due to the OpenSSL heartbleed bug, changing your forum password is recommended.
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 ... 83
  Print  
Author Topic: [ANNOUNCE] Electrum - Lightweight Bitcoin Client  (Read 105265 times)
ThomasV
Hero Member
*****
Offline Offline

Activity: 1106



View Profile WWW

Ignore
November 05, 2011, 08:44:57 AM
 #1

[updated october 2012]

Electrum is an easy to use Bitcoin client. It protects you from losing coins in a backup mistake or computer failure, because your wallet can be recovered from a secret phrase that you can write on paper or learn by heart. There is no waiting time when you start the client, because it does not download the Bitcoin blockchain.

Link: http://electrum.org

Features:
*  Safe: Your private keys are encrypted and stored locally.
*  Forgiving: Your wallet can be recovered from a secret seed.
*  Instant on: Your client does not download the blockchain, it uses a remote server.
*  No downtimes: Several public servers are available, you can use any of them.
*  Ubiquitous: You can the same wallet on different computers, all instances remain synchronized.
*  Tested and audited: Electrum is open source and was first released in November 2011.


Electrum: the convenience of a web wallet, without the risks
Unbeatable Service & Product Support
Grab Your Miners at GAWMiners.com
Order Before April 25th to receive
Double your Hashing Power for 1 week!

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1398263097
Hero Member
*
Offline Offline

Posts: 1398263097

View Profile Personal Message (Offline)

Ignore
1398263097
Reply with quote  #2

1398263097
Report to moderator
1398263097
Hero Member
*
Offline Offline

Posts: 1398263097

View Profile Personal Message (Offline)

Ignore
1398263097
Reply with quote  #2

1398263097
Report to moderator
jim618
Hero Member
*****
Offline Offline

Activity: 1008



View Profile WWW

Ignore
November 05, 2011, 12:10:40 PM
 #2

Hi ThomasV,

Congratulations on your new client !

Do you have any screenshots of the other tabs ?
Just interested in how you have laid out your Send and Receive pages.

Is the 'Board' tab intended to be an overall summary page ?

Does the server act as a full bitcoin client i.e. distributing the transactions and blocks around the network or is it dedicated to serving Electrum clients only.  Presumably it has a full copy of the 'Satoshi' blockchain i.e. everything with all the transactions.

:-)

MultiBit   Lightweight desktop client.                    Bitcoin Solutions Ltd   Bespoke software. Consultancy.
ThomasV
Hero Member
*****
Offline Offline

Activity: 1106



View Profile WWW

Ignore
November 05, 2011, 12:42:33 PM
 #3

Do you have any screenshots of the other tabs ?
Is the 'Board' tab intended to be an overall summary page ?
Does the server act as a full bitcoin client [...] ?
I will make more screenshots and post them on the website. :-)

The "Board" tab displays a welcome message that is sent by the server.
It can be used to call for support donations, to display some third-party advertising, or any kind of evil propaganda, depending on the server operator's business model.

The server if a full bitcoin node, that has been patched to distribute transactions signed by the clients.
To operate a server, you need to run bitcoind + bitcoin-abe + Electrum's server script. In the future, it might be simplified with libbitcoin

Electrum: the convenience of a web wallet, without the risks
freemoney458
Member
**
Offline Offline

Activity: 62


View Profile

Ignore
November 05, 2011, 02:50:26 PM
 #4

Congratulations to your client, IMHO the features of your client are really useful.

Especially I like that there is no blockchain to download and the deterministic key generation.

The server is a full bitcoin node, that has been patched to distribute transactions signed by the clients.
To operate a server, you need to run bitcoind + bitcoin-abe + Electrum's server script. In the future, it might be simplified with libbitcoin

This seems to limit the usability of the client a bit, because there will only be few servers around.
If the average joe does not want to run his own server, the client will not work for him.
Or are there plans to implement this server functionality in the standard satoshi client or in alternative clients, e.g. MultiBit?

Security considerations:
How much does the client need to trust the server?
Can the deterministic key generation be a security loophole?
I am thinking of brute force attacks here, where the attacker just tries to guess the passphrase and then generate private keys.
How long should the passphrase be at minimum?
Is it possible that the server falsifies the client transactions by e.g. inserting a wrong receiver address, a wrong amount, etc.?
ThomasV
Hero Member
*****
Offline Offline

Activity: 1106



View Profile WWW

Ignore
November 05, 2011, 03:26:46 PM
 #5

This seems to limit the usability of the client a bit, because there will only be few servers around.
If the average joe does not want to run his own server, the client will not work for him.
why? a single server can be shared by thousands of clients.
if this service becomes so popular that servers cannot handle the traffic, then they could also charge for the service; it would probably cost less than transaction fees.

Quote
Security considerations:
How much does the client need to trust the server?
the server cannot steal your bitcoins, because it does not have access to your private keys. all it can do is misinform you on your balance or transactions. However, it would be easy to compare the information returned by several servers, in order to detect a discrepancy.

Quote
Can the deterministic key generation be a security loophole?
I am thinking of brute force attacks here, where the attacker just tries to guess the passphrase and then generate private keys.
How long should the passphrase be at minimum?
The seed (passphrase) should be long and random enough that it is completely impossible to guess.
The client refuses a seed shorter than 20 characters. Fortunately, you need to type that seed only once, when you create your wallet.
Once you have created your wallet, you encrypt it with a password, and that password can be shorter. If you forget your password, you can still recover the wallet from the seed. If you forget the seed, you can recover it from the wallet file and the password.

edit: the seed is now generated automatically; it is believed that users-provided passphrases are not strong enough

Quote
Is it possible that the server falsifies the client transactions by e.g. inserting a wrong receiver address, a wrong amount, etc.?
No. This is completely impossible, because the server does not have your private keys.

Electrum: the convenience of a web wallet, without the risks
finway
Hero Member
*****
Offline Offline

Activity: 714


View Profile

Ignore
November 05, 2011, 04:19:58 PM
 #6

If somebody can't read the codes, they can't have faith on this clients.

ThomasV
Hero Member
*****
Offline Offline

Activity: 1106



View Profile WWW

Ignore
November 05, 2011, 05:12:18 PM
 #7

If somebody can't read the codes, they can't have faith on this clients.

What is your point exactly?

Of course there might be security flaws in my code, but this completely open source software, hosted on gitorious.
The code is not only public, it is also very short: about 700 lines for the text mode client, and an extra 800 lines for the gui.
This is important, because the shorter a program code is, the easier it is for other people to review, and this increases safety.

I decided to write and release the server code too, because I wanted to give as much power as possible to the client users, so that they are not tied to a particular server operator. For this reason:
1. the server is open source
2. clients do not need to open an account at a server in order to use it.
These two points make Electrum different from other thin wallets projets that I know of.


Electrum: the convenience of a web wallet, without the risks
ThomasV
Hero Member
*****
Offline Offline

Activity: 1106



View Profile WWW

Ignore
November 05, 2011, 07:38:12 PM
 #8

update: I created a binary for Linux. see http://ecdsa.org/electrum

Electrum: the convenience of a web wallet, without the risks
jago25_98
Hero Member
*****
Offline Offline

Activity: 850


http://moneybutnofixedabode.blogspot.com


View Profile WWW

Ignore
November 07, 2011, 12:32:39 AM
 #9

Well done & thank you :-)

Android folk, you might want to check this out!

Explaination of Gox mess up here. They are running custom wallets and a bug allowed double payments: http://www.reddit.com/r/Bitcoin/comments/1x93tf/some_irc_chatter_about_what_is_going_on_at_mtgox/cf99yac
Atheros
Sr. Member
****
Offline Offline

Activity: 246



View Profile WWW

Ignore
November 07, 2011, 04:44:33 AM
 #10

Message for Windows users: This seems to be Linux-only right now.

BM-GteJMPqvHRUdUHHa1u7dtYnfDaH5ogeY
Bitmessage.org - Decentralized, trustless, encrypted, authenticated messaging protocol and client.
ThomasV
Hero Member
*****
Offline Offline

Activity: 1106



View Profile WWW

Ignore
November 07, 2011, 04:57:12 PM
 #11

Message for Windows users: This seems to be Linux-only right now.

I suppose it should be possible to run the python code under windows, but I did not try it.
you 'd need to install pygtk.


Electrum: the convenience of a web wallet, without the risks
ThomasV
Hero Member
*****
Offline Offline

Activity: 1106



View Profile WWW

Ignore
November 08, 2011, 05:25:55 PM
 #12

Do you have any screenshots of the other tabs ?

ok, here they are. sorry for the delay.











the items in the status bar are buttons to set/unset wallet encryption, to open the settings panel, to display the wallet seed, and a green connection indicator, that turns red when you are disconnected.


it is possible to give labels not only to addresses, but also to transactions.

Electrum: the convenience of a web wallet, without the risks
Deafboy
Sr. Member
****
Offline Offline

Activity: 478



View Profile WWW

Ignore
November 08, 2011, 05:57:14 PM
 #13

I would love to see official client to act like server for light clients like this one.
ThomasV
Hero Member
*****
Offline Offline

Activity: 1106



View Profile WWW

Ignore
November 08, 2011, 06:10:18 PM
 #14

I would love to see official client to act like server for light clients like this one.

I think this will be possible with libbitcoin, earlier than with the "official" client.

Electrum: the convenience of a web wallet, without the risks
BTCurious
Hero Member
*****
Offline Offline

Activity: 686


^SEM img of Si wafer edge, scanned 2012-3-12.


View Profile

Ignore
November 10, 2011, 02:24:57 AM
 #15

I really love this client. It's up and running really fast (provided you have the dependencies), and I love coding in python. As a windows user, maybe I can help with some issues.

Message for Windows users: This seems to be Linux-only right now.
I suppose it should be possible to run the python code under windows, but I did not try it.
you 'd need to install pygtk.
I have indeed installed pygtk and its dependencies. I had to make one change to the code to get it running:
Code:
wallet_dir = os.environ["HOME"] + '/.bitcoin/'
There is no "HOME" environment variable on windows, of course, so I changed that to:
Code:
if "HOME" in os.environ:
    wallet_dir = os.environ["HOME"] + '/.bitcoin/'
elif "LOCALAPPDATA" in os.environ:
    wallet_dir = os.environ["LOCALAPPDATA"] + '/.bitcoin/'
elif "APPDATA" in os.environ:
    wallet_dir = os.environ["APPDATA"] + '/.bitcoin/'
else:
    print "No home directory found in environment variables."
    raise
Perhaps you can incorporate something like that. I don't feel like making a gitorious account for changing something as small as that (for now).
EDIT: jepajee (new user, can't post here yet) told me that on XP, there is no LOCALAPPDATA either, so I added APPDATA as an option as well.

I then used Pyinstaller 1.5.1 to incorporate the entire thing along with all dependencies into a single exe file. Any windows user should be able to run this without downloading anything else (not even python or dlls or whatever)
Electrum-0.2.exe download page
(Feel free not to trust me or whatever Smiley I suggest ThomasV generate these binaries at some point, although I can do it if people want me to.)

EDIT: ThomasV can probably not legitimately generate these binaries, since he'd have to check all the licenses, and maybe some don't allow free spreading (Standard windows dlls, etc). So yeah, only "unofficial people" will be able to generate these all-in-one binaries.


Bug(s): (Note, I don't know if these are global bugs, or just don't work because I'm running windows. Please verify.)

When changing settings (gap, fee, etc) they are not saved after clicking OK.

When exiting the client, in the compiled exe a "NameError: name 'exit' is not defined" is thrown. Running the uncompiled version doesn't do this. Nevertheless, I could fix it by putting "from sys import exit" at the top of electrum.py. An alternative solution is to replace all "exit(<status>)" with "sys.exit(<status>)".


BTCurious
Hero Member
*****
Offline Offline

Activity: 686


^SEM img of Si wafer edge, scanned 2012-3-12.


View Profile

Ignore
November 10, 2011, 03:56:43 AM
 #16

ThomasV: To make a note about our earlier discussion on IRC:
I didn't save my seed string, and I didn't see this mnemonic message, because the notification is just one of these first-time pop-ups. It's like registering for a site, and then the site sends you a mail that says "Don't delete this mail, you may need it later." I would just let that mail drown in my archives somewhere.

Instead, when I install a new program, I just fast-forward through the dialogs, then look at the actual UI, to see what it can do. Then, when I get stuck, I go look for some documentation. This works really well with the question marks next to the settings. "Gap? What's that? --question mark-- Oh, that makes sense."

In any case, I wouldn't worry about ignoring the popup. I believe you might feel the deterministic wallet is an integral part of the benefits of your client, but I think that mainly the simplicity is much more important. Simplicity in the interface, as well as in the code.

ThomasV
Hero Member
*****
Offline Offline

Activity: 1106



View Profile WWW

Ignore
November 10, 2011, 09:03:29 AM
 #17

Thank you very much for the Windows binary. It  is indeed something I am not able to do  Smiley

I just made the fixes you suggested (sys.exit, APPDATA, saving).
I also decided to use a separate Electrum directory, instead of the Bitcoin directory.
This is in order to avoid the scenario where someone deletes their Bitcoin directory, or "all the files in it except wallet.dat".

so don't be afraid if after the upgrade you don't see your wallet anymore. you just need to put it in the Electrum directory.


Electrum: the convenience of a web wallet, without the risks
dvide
Jr. Member
*
Offline Offline

Activity: 59



View Profile

Ignore
November 11, 2011, 08:10:42 PM
 #18

Been waiting for something like this to come along! Looks really clean, nice job.
jim618
Hero Member
*****
Offline Offline

Activity: 1008



View Profile WWW

Ignore
November 12, 2011, 09:52:48 AM
 #19

ThomasV <- When you come to internationalising Electrum you might want to consider reusing the MultiBit language property files.

Almost all the texts you display are already in the MultiBit language property files.
The format is key-value properties in UTF8 files which I am sure you will be able to read.

I would be happy to add any Electrum specific terms into the source translation file.

So far MultiBit is translated into:

100%
English,
Spanish,
German,
Swedish

90%+
Russian

30% ish
Italian
French
Norwegian

The translation is done at http://translate.multibit.org (which is crowdin.net CNAMEd into multibit.org).   crowdin.net is an excellent translation environment and is free for Open Source.

Internationalisation seems like a good prospect for working together on.

Regards,

Jim

edit: In addition to 'pure' UTF8 there are also escaped unicode characters e.g.:
multiBitFrame.numberOfBlocks=Anzahl der Bl\u00f6cke\: {0}

Variable substitution is with {0}, {1}, {2} etc

MultiBit   Lightweight desktop client.                    Bitcoin Solutions Ltd   Bespoke software. Consultancy.
ThomasV
Hero Member
*****
Offline Offline

Activity: 1106



View Profile WWW

Ignore
November 12, 2011, 09:49:17 PM
 #20

thanks for the tip; I do not want to work on localization for the moment, but I'll keep it in mind.

Unrelated note: I wrote a http proxy server, so that electrum servers can be reached
through http using port 80. (for example, you can use ecdsa.org:80 in your settings)

http is is slower than the direct socket connection, but it can be useful if you are in
an environment that blocks high port numbers (for example a public wifi).

Electrum: the convenience of a web wallet, without the risks
Pages: [1] 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 ... 83
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!