[SECURITY/PRIVACY WARNING] Electrum console content is being stored on disk

[Coding Enthusiast]

If you have ever used Electrum's console tab and written anything there (not just successful commands), it is stored on your disk and you may want to clear it for either privacy reasons (eg. used ismine() and don't want to have that public information ie address here be stored on disk unencrypted) or for security reasons (eg. in case you used any of the functions like convert_xkey that involve something sensitive like your private key,...)

I've already opened an issue: https://github.com/spesmilo/electrum/issues/5563

To see this history you have to find your "config" file. It is located in the same place where your wallet folder is. On windows it will be

Code:

%APPDATA%\Electrum

On Linux or Mac:

Code:

~/.electrum

The file is simply called config (without an extension) and can be opened with any text editor. The content would look like this:

Code:

{
    "alias": "",
    "auto_connect": true,
    "check_updates": true,
    "config_version": 3,
    "console-history": [
        "random stuff",
        "ismine(\"Some address that you may not want to remain on disk for privacy reasons\")",
        "convert_xkey(\"master private key that holds your funds\", \"\")"
    ],
    "decimal_point": 8,
.....
}

The problem is the contents of console-history key. As you can see I wrote some examples already to show how it works.
In order to clean it manually you should first close your Electrum if it is open then delete everything after "console-history": [ starting after the opening bracket up to before the closing bracket without removing the brackets themselves. The result should be like this:

Code:

{
    "alias": "",
    "auto_connect": true,
    "check_updates": true,
    "config_version": 3,
    "console-history": [],
    "decimal_point": 8,
.....
}

[jackg]

Yeah I'm not sure this is a problem but it definitely has been there since I found the console table (probably at least a year ago). Deleting those lines just deallocates them, if someone is really after your data they might still be able to get it unless you defrag or fill the drive completely every time. If you'll notice you should be able to hit the up button to get your last command which is sometimes helpful but I don't think it should be encouraged either. They've probably done this because Linux does similar, you can normally access your previous commands on your next login.

[ABCbits]

Yeah I'm not sure this is a problem but it definitely has been there since I found the console table (probably at least a year ago). Deleting those lines just deallocates them, if someone is really after your data they might still be able to get it unless you defrag or fill the drive completely every time. If you'll notice you should be able to hit the up button to get your last command which is sometimes helpful but I don't think it should be encouraged either. They've probably done this because Linux does similar, you can normally access your previous commands on your next login.

I understand what you mean, but the real problem is they didn't trim secret information (xprv, seed and private key) and all attacker have to do is access config file which is far easier than recover deleted file or analyze raw hex format.

On Electrum, there are only commands, so they could trim any information inside parenthesis for command such as importprivkey()

[jackg]

On Electrum, there are only commands, so they could trim any information inside parenthesis for command such as importprivkey()

It might be easier just to encrypt the last commands used and then decrypt them like it does the wallet file and store them in memory, it probably does that when you open the wallet anyway so it would make sense to do it here too...

[Coding Enthusiast]

Note that the file stores "everything" you type in your console including wrong commands or any random string you type there. The first line in my file content example is exactly what it says it is, "random stuff". Trimming won't work in this case when the interpreter can not parse the data to know what its type is.
IMO there simply is no need for persistence of console history after the wallet is closed.

[Abdussamad]

You can clear the console history with this command:

Code:

window.console.history = []