Bitcoin Forum
July 20, 2019, 08:24:07 AM *
News: Latest Bitcoin Core release: 0.18.0 [Torrent] (New!)
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: private Electrum Server [bitcointalk members only]  (Read 197 times)
mocacinno
Legendary
*
Offline Offline

Activity: 1652
Merit: 1638


https://unblur.ninja =>lightning network testsite


View Profile WWW
April 11, 2019, 12:39:44 PM
Merited by LoyceV (8), bones261 (4), NeuroticFish (2), BitMaxz (2), bob123 (2), BitCryptex (2), o_e_l_e_o (2), DireWolfM14 (2), OgNasty (1), ETFbitcoin (1), bL4nkcode (1)
 #1

Hi guys,

It seems the public electrum nodes are being DDos'ed pretty badly lately, so i tried to setup a private electrum node using electrs (https://github.com/romanz/electrs/) using nginx as an ssl endpoint and nginx's ngx_http_access_module module to automatically deny incoming connections EXECPT the ones i manually added to my whitelist.
I have no idear wether my setup will hold if it's being attacked to.

There are a couple of things you should realise before using my service:
  • I need to whitelist your public ip, so if you use my service you'll have to send your ip to me (encryption available)
  • My server keeps logs... I have no intention to start digging, but if i really wanted to, i could... And since i have your public ip, forum name, timestamps, potentially electr logs (see next point) i *could* do some heavy digging...
  • I didn't edit the elecrs software, but there is no way for me to prove this... So you should progress under the assumption that i *could* be running a modified node
  • By only connecting to one single node, i could distort the way you look at the network... I could easily block your access to the mempool for an unconfirmed transaction making it look like you didn't get payed. I could also delay your view on new blocks, or (in extreme cases) i could deliberately go with a forked chain so it looks like you got payed but in reality you didn't... I'm not planning on any of these things, but you should operate under
     the assumption you need to verify important transactions using a thirth party block explorer
  • It's a free service, i don't accept any liability... If you lose funds, your wife, your house or even your health because of me, sorry, but i won't reimburse you!
  • Even if you made a donation, i reserve the right to close this service at any time for any reason, or kick anybody from my server at any time for any reason without owing anybody an explanation

If you still want to connect to my private node, send your public ip to me using a PM. You can pgp encrypt  the address using my public key, available here => https://keybase.io/mocacinno/key.asc
or even use keybase's encryption utility directly => https://keybase.io/encrypt#mocacinno

You can find your public ip by using a service like this one: https://whatismyipaddress.com/

last remarks: i realise ip's can be spoofed... This is just a quick and easy sollution... Also, electr doesn't support setting a donation address (yet)... If you want to send a tip, you can find my tipping address in my bitcointalk profile (but a tip is not necessary at all!)

After you sent me a PM, i'll reply as soon as your ip is whitelisted... I'll also send you the address to connect to. Afterwards, you can connect to my node by using the cli:
./electrum-3.3.4.exe --oneserver --server=[address i'll send you in PM]:50002:s

You can also just open electrum, click on the icon in the right bottom corner, go to the "server" tab and enter my server's address and port 50002

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1563611047
Hero Member
*
Offline Offline

Posts: 1563611047

View Profile Personal Message (Offline)

Ignore
1563611047
Reply with quote  #2

1563611047
Report to moderator
1563611047
Hero Member
*
Offline Offline

Posts: 1563611047

View Profile Personal Message (Offline)

Ignore
1563611047
Reply with quote  #2

1563611047
Report to moderator
1563611047
Hero Member
*
Offline Offline

Posts: 1563611047

View Profile Personal Message (Offline)

Ignore
1563611047
Reply with quote  #2

1563611047
Report to moderator
bob123
Legendary
*
Offline Offline

Activity: 966
Merit: 1259



View Profile WWW
April 11, 2019, 01:18:35 PM
 #2

  • My server keeps logs... I have no intention to start digging, but if i really wanted to, i could... And since i have your public ip, forum name, timestamps, potentially electr logs (see next point) i *could* do some heavy digging...
  • I didn't edit the elecrs software, but there is no way for me to prove this... So you should progress under the assumption that i *could* be running a modified node
  • By only connecting to one single node, i could distort the way you look at the network... I could easily block your access to the mempool for an unconfirmed transaction making it look like you didn't get payed. I could also delay your view on new blocks, or (in extreme cases) i could deliberately go with a forked chain so it looks like you got payed but in reality you didn't... I'm not planning on any of these things, but you should operate under
     the assumption you need to verify important transactions using a thirth party block explorer


So... you could do all the things which all current electrum server already can do too. I am so shocked  Tongue

No, honestly.. thumbs up for this service. I really like your disclaimer. Most people probably don't know whats possible when controlling an electrum server.


P.s. You missed one point in your disclaimer:
  • If you are using an old version, i could show you a message to download my own malware to infect your computer and home network before allowing to transact BTCs anymore  Grin Grin

DireWolfM14
Sr. Member
****
Offline Offline

Activity: 462
Merit: 651



View Profile WWW
April 11, 2019, 01:28:32 PM
 #3

If you still want to connect to my private node, send your public ip to me using a PM.

This is quite generous of you, thanks for the offer.  

I have a question; will it work if send you my dedicated IP that's provided by my VPN service provider?
bob123
Legendary
*
Offline Offline

Activity: 966
Merit: 1259



View Profile WWW
April 11, 2019, 01:34:20 PM
 #4

I have a question; will it work if send you my dedicated IP that's provided by my VPN service provider?

If you connect to the electrum server via your VPN, yes.

This means.. if you route all of your traffic through your VPN, yes it works.


A little bit off-topic.. but.. Do you have a good reason to use a VPN? Like circumventing geo-blocking / ISP blocking or connecting from an insecure Wifi ?
Because privacy-wise it is horrible to route all traffic through a VPN.

mocacinno
Legendary
*
Offline Offline

Activity: 1652
Merit: 1638


https://unblur.ninja =>lightning network testsite


View Profile WWW
April 11, 2019, 01:58:54 PM
 #5

@DireWolfM14, bob123's answer is completely correct Smiley
@bob123: I did miss that point in the disclaimer, altough i did warn people i could potentially be running a modified node, so the extreme cases of abusing the flaw *could* fall under this disclaimer item Wink

DireWolfM14
Sr. Member
****
Offline Offline

Activity: 462
Merit: 651



View Profile WWW
April 11, 2019, 02:26:56 PM
 #6

~snip~

I really don't want to derail this thread, but your response brought up more questions.


@DireWolfM14, bob123's answer is completely correct Smiley

Thanks again.  I'll send you a PGP encrypted file with my IP this evening.
codehtcmail
Sr. Member
****
Offline Offline

Activity: 812
Merit: 251

Tryig to survive in this harsh world


View Profile
April 11, 2019, 03:15:10 PM
 #7

I wish I could use your node, but my IP is dynamic and gets changed a lot almost daily, good job anyway especially for the warning part.
mocacinno
Legendary
*
Offline Offline

Activity: 1652
Merit: 1638


https://unblur.ninja =>lightning network testsite


View Profile WWW
April 12, 2019, 05:56:04 AM
 #8

I wish I could use your node, but my IP is dynamic and gets changed a lot almost daily, good job anyway especially for the warning part.

I have no problem allowing a relatively small subnet instead of a single ip if that would help?

Guvn0r
Sr. Member
****
Offline Offline

Activity: 653
Merit: 274



View Profile
April 12, 2019, 06:11:38 AM
 #9

Res

I am trying to recover my keybase account. I will send you my ip soon

Thanks
bob123
Legendary
*
Offline Offline

Activity: 966
Merit: 1259



View Profile WWW
April 12, 2019, 07:03:01 AM
 #10

I am trying to recover my keybase account. I will send you my ip soon

Theoretically, you don't need to.

You just need to encrypt your IP with mocacinno's public key. You don't need your own private key etc. for that.
There are quite a few tools available online (or you can do it using the command line (tool: pgp)).

HCP
Legendary
*
Offline Offline

Activity: 1036
Merit: 1697

<insert witty quote here>


View Profile
April 12, 2019, 07:58:30 AM
Merited by DireWolfM14 (1)
 #11

Very generous of your mocacinno!

I just used the Windows Subsystem for Linux, "Ubuntu" from the Microsoft Store... and then installed the "electrs" server as per the github instructions... left it whirring away processing the blocks from Bitcoin Core... and now I have my own "personal" Electrum Server that I can spool up in a few moments if the public servers aren't working properly Wink

Slightly overkill really but always fun experimenting Tongue

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!