[ANNOUNCE] Electrum - Lightweight Bitcoin Client

[Lumpy]

I'm having trouble running Electrum on Windows -- anyone care to give some tips?

What I did:

-Installed Python 2.7
-Installed PyQt-Py2.7-x64-gpl-4.9.1-1
-Ran setup.py build. Seemed successful.
-Ran setup.py install. Got:

Code:

C:\Python27\lib\distutils\dist.py:267: UserWarning: Unknown distribution option:
 'install_requires'
  warnings.warn(msg)
running install
running build
running build_py
running build_scripts
running install_lib
running install_scripts
running install_data
Traceback (most recent call last):
  File "C:\Users\Lumpy\Desktop\Electrum-0.52\Electrum-0.52\setup.py", line 42,
 in <module>
    long_description = """Lightweight Bitcoin Wallet"""
  File "C:\Python27\lib\distutils\core.py", line 152, in setup
    dist.run_commands()
  File "C:\Python27\lib\distutils\dist.py", line 953, in run_commands
    self.run_command(cmd)
  File "C:\Python27\lib\distutils\dist.py", line 972, in run_command
    cmd_obj.run()
  File "C:\Python27\lib\distutils\command\install.py", line 575, in run
    self.run_command(cmd_name)
  File "C:\Python27\lib\distutils\cmd.py", line 326, in run_command
    self.distribution.run_command(command)
  File "C:\Python27\lib\distutils\dist.py", line 972, in run_command
    cmd_obj.run()
  File "C:\Python27\lib\distutils\command\install_data.py", line 58, in run
    dir = convert_path(f[0])
  File "C:\Python27\lib\distutils\util.py", line 204, in convert_path
    raise ValueError, "path '%s' cannot be absolute" % pathname
ValueError: path '/usr/share/applications/' cannot be absolute

I've tried the flatfly executables but they don't seem to work with command line options...
Figured out the SHIFT trick with the flatfly executables but I would still love to know what I'm doing wrong.

[1714202513]

1714202513

[1714202513]

1714202513

[1714202513]

1714202513

[1714202513]

1714202513

[1714202513]

1714202513

[ThomasV]

I'm having trouble running Electrum on Windows -- anyone care to give some tips?

What I did:

-Installed Python 2.7
-Installed PyQt-Py2.7-x64-gpl-4.9.1-1
-Ran setup.py build. Seemed successful.
-Ran setup.py install. Got:

oh, the setup.py script has been designed for Linux;
there is probably a way to adapt it for Windows, but I do not know how to do that

[flatfly]

Indeed better forget about setup.py on windows, at least for now. What happens when you run electrum manually, by typing "Python electrum" at the cmd prompt?

[duncant]

Just curious, what's keeping this from working on a Mac?

I think you just need to have the right libraries installed. I run a Mac and after I installed the requisite libraries with macports, everything runs just fine. (I just installed the libraries listed as required for linux)

[flatfly]

Just curious, what's keeping this from working on a Mac?

I think you just need to have the right libraries installed. I run a Mac and after I installed the requisite libraries with macports, everything runs just fine. (I just installed the libraries listed as required for linux)

Nice, perhaps the homepage could mention Mac support then?

[ThomasV]

Just curious, what's keeping this from working on a Mac?

I think you just need to have the right libraries installed. I run a Mac and after I installed the requisite libraries with macports, everything runs just fine. (I just installed the libraries listed as required for linux)

Nice, perhaps the homepage could mention Mac support then?

not as long as there is no easy to install solution for mac users

[Tuxavant]

Trying to import some keys from an old wallet and all I get is "error". It is very likely it's just a duplicate key, but is there anyway to increase the debugging information?

[ThomasV]

Trying to import some keys from an old wallet and all I get is "error". It is very likely it's just a duplicate key, but is there anyway to increase the debugging information?

yes, I just changed that

[ThomasV]

I just released version 0.53

Changes:

- internationalisation.
Messages have been translated in 4 languages:
si :46/70
de :37/70
fr :45/70
vn :62/70
note: if you use the version from the git repo, run mki18n.py to generate the .mo files.

- The import of modules has changed a bit. It is now possible to run 'electrum' without having run the install script; this should make it easier for users trying to use Electrum on other platforms than Linux

- improved error messages

[interlagos]

Not sure if it was discussed here or not,
but I think the easiest way to memorize your seed is to:

1) Pick up your favorite book
2) Remember the page number
3) Remember the number of the sentence from the top of the page
4) Compute md5 of that sentence and you got your seed!!!

So it comes down to remembering just two numbers and your favorite book instead of twelve random words.

I've just discovered Electrum for myself and I think it's awesome!!!
I'm gonna test offline transactions tomorrow.

Also this wiki page: https://en.bitcoin.it/wiki/Electrum
seems to suggest that "restore" command requires network connection while "create" doesn't.
They both seem identical to me with respect to network connection as one command generates random seed and another one takes it from the user. Both commands shouldn't require network connection IMHO.

[Tuxavant]

1) Pick up your favorite book
2) Remember the page number
3) Remember the number of the sentence from the top of the page
4) Compute md5 of that sentence and you got your seed!!!

So it comes down to remembering just two numbers and your favorite book instead of twelve random words.

seems to suggest that "restore" command requires network connection while "create" doesn't.

Say WAAAAAAAAT? That is some hotness right there... Will play with this tonight!

Also, use the -o option if you are offline with pretty much any command option or you'll get a (process) hang of death. In my experience anyway.

[molecular]

For "balance", in this context you can say "Umsätze", thats the common term.
For "freeze" you could say "lock" = "sperren".
"Unlock" = "freischalten" (1) or "entsperren" (2).

 "Quellschlüssel" (source key) could be used for "seed".

"balance" is more like "Saldo" than Umsätze, right?

"Quellenschlüssel"... hmm, hmmm. "seed" ist auf jeden fall ne harte Nuss. Könnte man wohl auch unübersetzt lassen. Wie wärs mit "Grundschlüssel" oder "Basisschlüssel", vielleicht auch ganz salopp: "Basiszahl"?

[ThomasV]

Not sure if it was discussed here or not,
but I think the easiest way to memorize your seed is to:

1) Pick up your favorite book
2) Remember the page number
3) Remember the number of the sentence from the top of the page
4) Compute md5 of that sentence and you got your seed!!!

So it comes down to remembering just two numbers and your favorite book instead of twelve random words.

this is not safe. An attacker can (and will) try all the sentences of the known litterature.

[Xenland]

Not sure if it was discussed here or not,
but I think the easiest way to memorize your seed is to:

1) Pick up your favorite book
2) Remember the page number
3) Remember the number of the sentence from the top of the page
4) Compute md5 of that sentence and you got your seed!!!

So it comes down to remembering just two numbers and your favorite book instead of twelve random words.

this is not safe. An attacker can (and will) try all the sentences of the known litterature.

That could be why is mentioned picking up your favorite book making the literature unknown(unless the attacker was there when you picked up the book to type in your sentence)

[ThomasV]

Not sure if it was discussed here or not,
but I think the easiest way to memorize your seed is to:

1) Pick up your favorite book
2) Remember the page number
3) Remember the number of the sentence from the top of the page
4) Compute md5 of that sentence and you got your seed!!!

So it comes down to remembering just two numbers and your favorite book instead of twelve random words.

this is not safe. An attacker can (and will) try all the sentences of the known litterature.

That could be why is mentioned picking up your favorite book making the literature unknown(unless the attacker was there when you picked up the book to type in your sentence)

http://www.geek.com/articles/news/google-books-calculates-the-total-number-of-books-ever-written-at-almost-130-million-2010086/

[Xenland]

Not sure if it was discussed here or not,
but I think the easiest way to memorize your seed is to:

1) Pick up your favorite book
2) Remember the page number
3) Remember the number of the sentence from the top of the page
4) Compute md5 of that sentence and you got your seed!!!

So it comes down to remembering just two numbers and your favorite book instead of twelve random words.

this is not safe. An attacker can (and will) try all the sentences of the known litterature.

That could be why is mentioned picking up your favorite book making the literature unknown(unless the attacker was there when you picked up the book to type in your sentence)

http://www.geek.com/articles/news/google-books-calculates-the-total-number-of-books-ever-written-at-almost-130-million-2010086/

So you just saying google predicted how many estimated titles their are? I can throw out a big number too (sarcasum)

So then the average user probubly have nothing to worry about as not many people to my knowledge have access to search against the google book database with bitcoin seeds and i doubt those who have the entire google book database will only attack those wallets with high amounts of value in it(which if this is the case i doubt someone/entity would use a sentence from a book and would instead use a randomly generated password that is like a million characters in length)

[ThomasV]

So you just saying google predicted how many estimated titles their are? I can throw out a big number too (sarcasum)

So then the average user probubly have nothing to worry about as not many people to my knowledge have access to search against the google book database with bitcoin seeds and i doubt those who have the entire google book database will only attack those wallets with high amounts of value in it(which if this is the case i doubt someone/entity would use a sentence from a book and would instead use a randomly generated password that is like a million characters in length)

I am saying it is not safe to use a sentence from a book as your seed. Do not do that. Never.

Anyone can access a digitized library, loop over all sentences, derive Bitcoin addresses from them, and check them against the Bitcoin database. It does not take a vast amount of resources, and time is on the side of the attacker. There is already an instance of Bitcoins that have been stolen because someone created an address derived from a short phrase (it was something like 'fuckyou' iirc). It only a matter of time until someone uses a large book database to feed their search algorithm.

And, no, I was not throwing a big number. 130 million books is ridiculously small in terms of search. If we assume that each book contains on average 10000 sentences (a very generous estimate), we get around 10^15 sentences to test. In contrast, a random seed with 128 bits of entropy yield 3.4x10^38 combinations. Do you understand the difference between those numbers?

Do not trust people who tell you that you can safely derive the seed yourself. Train your memory and learn a purely random seed.

[Xenland]

So you just saying google predicted how many estimated titles their are? I can throw out a big number too (sarcasum)

So then the average user probubly have nothing to worry about as not many people to my knowledge have access to search against the google book database with bitcoin seeds and i doubt those who have the entire google book database will only attack those wallets with high amounts of value in it(which if this is the case i doubt someone/entity would use a sentence from a book and would instead use a randomly generated password that is like a million characters in length)

I am saying it is not safe to use a sentence from a book as your seed. Do not do that. Never.

Anyone can access a digitized library, loop over all sentences, derive Bitcoin addresses from them, and check them against the Bitcoin database. It does not take a vast amount of resources, and time is on the side of the attacker. There is already an instance of Bitcoins that have been stolen because someone created an address derived from a short phrase (it was something like 'fuckyou' iirc). It only a matter of time until someone uses a large book database to feed their search algorithm.

And, no, I was not throwing a big number. 130 million books is ridiculously small in terms of search. If we assume that each book contains on average 10000 sentences (a very generous estimate), we get around 10^15 sentences to test. In contrast, a random seed with 128 bits of entropy yield 3.4x10^38 combinations. Do you understand the difference between those numbers?

Do not trust people who tell you that you can safely derive the seed yourself. Train your memory and learn a purely random seed.

Ah i see high rate of probability of figuring out the seed now with the formula you presented.
I guess it really isn't a good idea, but to be fair 'fuckyou' is more like a dictionary attack or a commonly used password then a complete sentence out of a book.

Regardless of my perspective/opinions,
Thank you again for your insight.

[Tuxavant]

I am saying it is not safe to use a sentence from a book as your seed. Do not do that. Never.

Except in Hollywood movies. This is what future blockbuster Bitcoin movies will be about. I still see it as somewhat useful because there are things you can do to the phrases to break the attack model (nuff said).

[zebedee]

Thomas, thanks a lot for electrum, I think the idea is great.

My confidence is however being damaged by a couple of things:

- ecdsa.org is missing several transactions; all the other servers give a higher  balance for my wallet, and it is ecdsa that is wrong.  Is this your server?

- my original wallet and a restored wallet differ in balance; I believe the original is correct.  The restored wallet is missing change, even though the address containing the difference is in the list of addresses that print during restoration.  It should not be possible to "miss" coins like this.

Now for another piece of information: I run electrum from the console.  I made a mistake during my initial use a couple of days ago: I cut and paste an address from the console and sent money to it, but it was one that Electrum had just a moment earlier decided to use for the "next change address" when I made a payment that moment earlier.  This meant the receipt didn't show up properly in the Received tab as change addresses don't appear there.  So I "was clever", and edited the wallet file, moving that address from the change address list to the address list, making it appear in the tab.

So in summary, I think my use case has shown up at least one bug, more likely two or three, in the client.  Also it illustrates that, for me at least, hiding change addresses leads to more confusion, and is not "helpful" in the way intended.  There should at least be an option to show the change addresses in the tabs.

I can send both wallets that show differing balances to you by email if it helps.  You'll also be able to see that ecdsa.org is out-of-sync with the other servers; which will reveal what is likely another bug in the server side.

Thanks.