Red Emerald
|
|
March 31, 2012, 05:30:27 PM |
|
Did you mean to post this in the Bitcoin 100 topic?
|
|
|
|
BTCurious
|
|
March 31, 2012, 05:59:14 PM |
|
Yup I did. Don't know how I messed that up
|
|
|
|
ovidiusoft
|
|
April 01, 2012, 08:44:11 AM Last edit: April 01, 2012, 11:33:56 AM by ovidiusoft |
|
Hello, I just released Electrum 0.43. You can get it from http://ecdsa.org/electrumChangelog: * this version fixes the wallet recovery issues encountered with 0.42 * support for the stratum protocol (over tcp and http). * The default interface is now stratum/tcp; it is faster than the native interface. This client still supports the native protocol, because the stratum interface is still in beta stage and might be modified. I just released BitSafe-Electrum with 0.43, so you can always have with you the Bitcoin client you love and use https://bitcointalk.org/index.php?topic=54376.0Edit: and a small update to 0.43a. Please use this version.
|
|
|
|
bravetheheat
|
|
April 01, 2012, 03:42:26 PM |
|
There's an error that I encountered when upgrading from 0.42 to 0.43a: david@david-xubuntu:~/electrum/client$ ./electrum Traceback (most recent call last): File "./electrum", line 71, in <module> WalletSynchronizer(wallet,True).start() File "/home/david/electrum/client/interface.py", line 344, in __init__ self.start_interface() File "/home/david/electrum/client/interface.py", line 415, in start_interface self.wallet.pick_random_server() AttributeError: Wallet instance has no attribute 'pick_random_server'
Had to destroy the existing wallet and recover from seed.
|
|
|
|
ThomasV (OP)
Moderator
Legendary
Offline
Activity: 1896
Merit: 1353
|
|
April 01, 2012, 03:46:45 PM |
|
There's an error that I encountered when upgrading from 0.42 to 0.43a: david@david-xubuntu:~/electrum/client$ ./electrum Traceback (most recent call last): File "./electrum", line 71, in <module> WalletSynchronizer(wallet,True).start() File "/home/david/electrum/client/interface.py", line 344, in __init__ self.start_interface() File "/home/david/electrum/client/interface.py", line 415, in start_interface self.wallet.pick_random_server() AttributeError: Wallet instance has no attribute 'pick_random_server'
Had to destroy the existing wallet and recover from seed. hi, sorry about that; that's another bug. I realize that I should have taken more time for testing before that release.. Edit: that bug is fixed in version 0.43b. (use it if you want to recover the labels in your old wallet)
|
Electrum: the convenience of a web wallet, without the risks
|
|
|
flatfly
Legendary
Offline
Activity: 1092
Merit: 1016
760930
|
|
April 04, 2012, 10:56:49 AM |
|
Hi Thomas,
Just a quick question:
Is it bad to have 2 instances of Electrum running at the same time (on the same machine, reading and writing the same wallet dat file)? For instance, can it cause wallet corruption or other bad things?
The reason I'm asking is, when clicking a bitcoin URI on a website, it will correctly launch Electrum and populate the Send tab with the requested parameters, but if Electrum is open already, a second instance will open.
Everything appears to work fine, but I was just curious if you could confirm that this is not a problem regarding the wallet file consistency.
Thanks!
|
|
|
|
ThomasV (OP)
Moderator
Legendary
Offline
Activity: 1896
Merit: 1353
|
|
April 04, 2012, 11:39:09 AM |
|
Hi Thomas,
Just a quick question:
Is it bad to have 2 instances of Electrum running at the same time (on the same machine, reading and writing the same wallet dat file)? For instance, can it cause wallet corruption or other bad things?
The reason I'm asking is, when clicking a bitcoin URI on a website, it will correctly launch Electrum and populate the Send tab with the requested parameters, but if Electrum is open already, a second instance will open.
Everything appears to work fine, but I was just curious if you could confirm that this is not a problem regarding the wallet file consistency.
Thanks!
I believe it depends on how the OS handles it. With Linux I never had a problem.
|
Electrum: the convenience of a web wallet, without the risks
|
|
|
flatfly
Legendary
Offline
Activity: 1092
Merit: 1016
760930
|
|
April 04, 2012, 02:15:22 PM |
|
OK, thanks for the fast response! I haven't had any problems either.
|
|
|
|
molecular
Donator
Legendary
Offline
Activity: 2772
Merit: 1019
|
|
April 06, 2012, 11:32:31 AM |
|
updated 0.38 -> 0.43c can't connect: not connected connecting to ecdsa.org:50001:t connecting to electrum.novit.ro:50001:t connecting to electrum.bitcoins.sk:50001:t not connected not connected Traceback (most recent call last): File "/home/nick/bitcoin/electrum/client/gui_qt.py", line 928, in <lambda> radio2.clicked.connect(lambda x: set_protocol('h') ) File "/home/nick/bitcoin/electrum/client/gui_qt.py", line 920, in set_protocol pp = plist[host] KeyError: u'electrum.bitcoins.sk' Traceback (most recent call last): File "/home/nick/bitcoin/electrum/client/gui_qt.py", line 927, in <lambda> radio1.clicked.connect(lambda x: set_protocol('t') ) File "/home/nick/bitcoin/electrum/client/gui_qt.py", line 920, in set_protocol pp = plist[host] KeyError: u'electrum.bitcoins.sk' not connected not connected not connected not connected not connected not connected not connected not connected not connected
|
PGP key molecular F9B70769 fingerprint 9CDD C0D3 20F8 279F 6BE0 3F39 FC49 2362 F9B7 0769
|
|
|
ThomasV (OP)
Moderator
Legendary
Offline
Activity: 1896
Merit: 1353
|
|
April 06, 2012, 12:19:31 PM |
|
updated 0.38 -> 0.43c
can't connect: ..
issue solved on irc
|
Electrum: the convenience of a web wallet, without the risks
|
|
|
flatfly
Legendary
Offline
Activity: 1092
Merit: 1016
760930
|
|
April 07, 2012, 06:27:58 PM Last edit: April 07, 2012, 07:33:58 PM by flatfly |
|
Hi Thomas, I just read this on the bitcoin wiki FAQ: you can try an alternative "lite" client such as Multibit or a super-light client like electrum though these clients have somewhat weaker security, are less mature, and don't contribute to the health of the P2P network.
Why would they say such a thing? To the contrary, I have the feeling that Electrum has extremely good security. Would like to hear your thoughts on that. Keep up the great job!
|
|
|
|
ThomasV (OP)
Moderator
Legendary
Offline
Activity: 1896
Merit: 1353
|
|
April 09, 2012, 10:33:51 AM Last edit: April 10, 2012, 11:27:44 AM by ThomasV |
|
Hi Thomas, I just read this on the bitcoin wiki FAQ: you can try an alternative "lite" client such as Multibit or a super-light client like electrum though these clients have somewhat weaker security, are less mature, and don't contribute to the health of the P2P network.
Why would they say such a thing? To the contrary, I have the feeling that Electrum has extremely good security. Would like to hear your thoughts on that. Keep up the great job! This is FUD. Concerning the "health of the P2P network": Electrum servers are full Bitcoin nodes, and it is their interest to broadcast transactions as effectively as possible for their clients. There has been a "red balloons" paper by some microsoft researchers, who pretend that there is a weakness in Bitcoin, because miners have an incentive not to broadcast transactions. This paper lives in a completely theoretical world where the Bitcoin network is made of miners only. In reality, the Bitcoin network is very heterogeneous, made of nodes that have different incentives, and Electrum servers contribute to its diversity. Electrum servers have an incentive to broadcast transactions. They contribute to the health of the network. Concerning weaker security: it is true that Electrum clients are vulnerable to the servers they connect to. Although the server cannot steal your money, it can send you fake information, for example make you believe that you received a payment that didnt occur. I have two objections to that argument. - users can use information from various servers, or from other sources, such as blockexplorer websites, to check if they received a payment. we can also imagine enhanced clients that automatically confront the information sent by several servers. - Electrum servers are currently providing blockchain services free of charge. I believe that in the future they might want to charge a very small fee, such as miners do, in order to cover their operation costs. If I get paid from my clients, then I have little incentive to screw them up. In the world of possible threats, I do not think that the 'somewhat weaker security' of the Electrum client-server model is a real concern. There are other threats that are much more real. For example: - the forum is full of messages by users who lost bitcoins because they did not backup their wallet correctly. Some developers tend to consider that it is not their problem if users lose coins because they did not do regular backups. I disagree with that. I believe that this is a major problem for Bitcoin. To work as a currency, Bitcoin must be safe, not only for computer experts. It must be perceived as a safe store of value by everyone. For a non expert, 'I guess you do not know how to do backups' sounds very much like 'your coins might disappear randomly and it will be your fault'. The deterministic wallet of Electrum is meant to address that. - Web wallets (such as strongcoin, blockchain.info, etc) can get hacked. An attacker gaining access to their servers can modify the javascript executed by the clients, and get access to their private keys. This is a very real threat. - another very real threat is people distributing binaries, such as you I am not saying that what you are doing is wrong, and I do appreciate your efforts; it is very nice to have binaries. However, people should understand that there is a difference between source code and binaries. if they run your Electrum binary, they should know that they trust you for not inserting malicious lines in my code. Perhaps you should explain that, who you are, etc.
|
Electrum: the convenience of a web wallet, without the risks
|
|
|
flatfly
Legendary
Offline
Activity: 1092
Merit: 1016
760930
|
|
April 10, 2012, 10:52:52 AM |
|
Thanks for the detailed response! I actually fully agree with everything you said.
Regarding the risks and benefits of using a self-contained binary vs manually installing python and required packages and running the source code (a little burdensome on Windows), I will prepare a FAQ item on my web page to address that, as well as who I am, so that ordinary users can make an informed decision.
Cheers
|
|
|
|
Xenland
Legendary
Offline
Activity: 980
Merit: 1003
I'm not just any shaman, I'm a Sha256man
|
|
April 15, 2012, 05:22:21 PM |
|
BTW it would really help you if you had your code reviewed by someone with good reputation and given a stamp of approval to raise you're trustworthiness especially since you're client is talking to your server.
If you've already done that, I apologize, but I didn't find it mentioned on your webpage.
Ive personally skimmed through the code before installing electrum i didnt see anything malicous. I can assume its safe based on the way it works that bitcoins arent accessable by any electrum servers with out the owners permission(signature). So it littterly is a bitcoin server for bitcoin lite clients with out loss of security
|
|
|
|
ThomasV (OP)
Moderator
Legendary
Offline
Activity: 1896
Merit: 1353
|
|
April 19, 2012, 01:59:11 PM |
|
WARNINGA new website popped up, that lets users generate addresses from their Electrum or Armory seed: http://brainwallet.org/Currently, it is not clear who created that website. I previously thought it was Joric, but he just said he is not the author. After a quick inspection, the javascript does not send your seed to a remote server. However, nothing guarantees that the server will always send you the same javascriptIn other words: this could very well be a phishing attempt. If you ever used that website, move your funds to a new wallet immediately!
|
Electrum: the convenience of a web wallet, without the risks
|
|
|
flatfly
Legendary
Offline
Activity: 1092
Merit: 1016
760930
|
|
April 22, 2012, 09:22:46 AM |
|
And according to GitHub, the author is still actively updating it... Seems pretty well implemented, but I can't find any non-malicious use for this (unless you download the tarball and run it locally, perhaps)... Out of curiosity, how did you find out about that site?
Just did a WHOIS on the domain, doesn't seem to reveal any obvious clues...
|
|
|
|
ThomasV (OP)
Moderator
Legendary
Offline
Activity: 1896
Merit: 1353
|
|
April 22, 2012, 07:39:45 PM |
|
And according to GitHub, the author is still actively updating it... Seems pretty well implemented, but I can't find any non-malicious use for this (unless you download the tarball and run it locally, perhaps)... Out of curiosity, how did you find out about that site?
it's been mentioned on irc a few times
|
Electrum: the convenience of a web wallet, without the risks
|
|
|
Joric
Member
Offline
Activity: 67
Merit: 130
|
|
April 22, 2012, 09:01:21 PM Last edit: April 29, 2012, 01:50:51 AM by Joric |
|
And according to GitHub, the author is still actively updating it... Seems pretty well implemented, but I can't find any non-malicious use for this (unless you download the tarball and run it locally, perhaps)... Out of curiosity, how did you find out about that site?
it's been mentioned on irc a few times It's really me, sorry for the confusion. The site is just a coding exercise, nothing more, and it's hosted right on the GitHub repository (thought it will be, like, a step forward from the bitaddress.org that apparently uses foreign hosting). If I knew that GitHub doesn't support SSL for project pages I wouldn't even bother CNAMEing it.
|
1JoricCBkW8C5m7QUZMwoRz9rBCM6ZSy96
|
|
|
ThomasV (OP)
Moderator
Legendary
Offline
Activity: 1896
Merit: 1353
|
|
April 22, 2012, 09:15:35 PM |
|
It's really me, sorry for the confusion. The site is just a coding exercize, nothing more, and it's hosted right on the GitHub repository (thought it will be, like, a step forward from the bitaddress.org that apparently uses foreign hosting). If I knew that GitHub doesn't support SSL for project pages I wouldn't even bother CNAMEing it.
thanks for the clarification. the fact that you finally acknowledge being the author does not change anything to my previous warning.
|
Electrum: the convenience of a web wallet, without the risks
|
|
|
Herbert
|
|
April 23, 2012, 02:51:28 PM |
|
@Joric: +1 for the default passphrase
|
|
|
|
|