Bitcoin Forum
April 16, 2021, 03:10:37 PM *
News: Latest Bitcoin Core release: 0.21.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: [SECURITY/PRIVACY WARNING] Electrum console content is being stored on disk  (Read 187 times)
Coding Enthusiast
Legendary
*
Offline Offline

Activity: 944
Merit: 1831


Bitcoin and C♯ Enthusiast


View Profile WWW
August 15, 2019, 04:58:36 AM
Merited by HCP (10), ETFbitcoin (8), bones261 (2), hugeblack (2), OmegaStarScream (1), Lucius (1), Pmalek (1), o_e_l_e_o (1)
 #1

If you have ever used Electrum's console tab and written anything there (not just successful commands), it is stored on your disk and you may want to clear it for either privacy reasons (eg. used ismine() and don't want to have that public information ie address here be stored on disk unencrypted) or for security reasons (eg. in case you used any of the functions like convert_xkey that involve something sensitive like your private key,...)

I've already opened an issue: https://github.com/spesmilo/electrum/issues/5563

To see this history you have to find your "config" file. It is located in the same place where your wallet folder is. On windows it will be
Code:
%APPDATA%\Electrum
On Linux or Mac:
Code:
~/.electrum

The file is simply called config (without an extension) and can be opened with any text editor. The content would look like this:
Code:
{
    "alias": "",
    "auto_connect": true,
    "check_updates": true,
    "config_version": 3,
    "console-history": [
        "random stuff",
        "ismine(\"Some address that you may not want to remain on disk for privacy reasons\")",
        "convert_xkey(\"master private key that holds your funds\", \"\")"
    ],
    "decimal_point": 8,
.....
}

The problem is the contents of console-history key. As you can see I wrote some examples already to show how it works.
In order to clean it manually you should first close your Electrum if it is open then delete everything after "console-history": [ starting after the opening bracket up to before the closing bracket without removing the brackets themselves. The result should be like this:
Code:
{
    "alias": "",
    "auto_connect": true,
    "check_updates": true,
    "config_version": 3,
    "console-history": [],
    "decimal_point": 8,
.....
}

Projects List+Suggestion box
Donate: 1Q9s or bc1q
|
|
|
FinderOuter(0.9.0)Ann-git
Denovo(0.1.0)Ann-git
Bitcoin.Net(0.11.0)Ann-git
|
|
|
BitcoinTransactionTool(0.11.0)Ann-git
WatchOnlyBitcoinWallet(3.2.1)Ann-git
SharpPusher(0.11.0)Ann-git
1618585837
Hero Member
*
Offline Offline

Posts: 1618585837

View Profile Personal Message (Offline)

Ignore
1618585837
Reply with quote  #2

1618585837
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
ETFbitcoin
Legendary
*
Offline Offline

Activity: 1834
Merit: 2741


NotYourKeys.org - Not Your Keys, Not Your Bitcoin


View Profile
August 15, 2019, 09:01:15 AM
 #2

Nice finding, can't believe they didn't trim sensitive information such as xprv and private key automatically. For comparison, Bitcoin Core automatically trim such information and replace it with "..."

I've confirmed it and i just remember i entered some private information there, thanks for the warning Smiley

jackg
Copper Member
Legendary
*
Offline Offline

Activity: 2072
Merit: 2003


https://bit.ly/387FXHi ← lightning theory


View Profile
August 15, 2019, 11:59:08 AM
 #3

Yeah I'm not sure this is a problem but it definitely has been there since I found the console table (probably at least a year ago). Deleting those lines just deallocates them, if someone is really after your data they might still be able to get it unless you defrag or fill the drive completely every time. If you'll notice you should be able to hit the up button to get your last command which is sometimes helpful but I don't think it should be encouraged either. They've probably done this because Linux does similar, you can normally access your previous commands on your next login.

ETFbitcoin
Legendary
*
Offline Offline

Activity: 1834
Merit: 2741


NotYourKeys.org - Not Your Keys, Not Your Bitcoin


View Profile
August 15, 2019, 06:11:26 PM
Last edit: August 15, 2019, 06:26:45 PM by ETFbitcoin
Merited by Coding Enthusiast (2)
 #4

Yeah I'm not sure this is a problem but it definitely has been there since I found the console table (probably at least a year ago). Deleting those lines just deallocates them, if someone is really after your data they might still be able to get it unless you defrag or fill the drive completely every time. If you'll notice you should be able to hit the up button to get your last command which is sometimes helpful but I don't think it should be encouraged either. They've probably done this because Linux does similar, you can normally access your previous commands on your next login.

I understand what you mean, but the real problem is they didn't trim secret information (xprv, seed and private key) and all attacker have to do is access config file which is far easier than recover deleted file or analyze raw hex format.

On Electrum, there are only commands, so they could trim any information inside parenthesis for command such as importprivkey()

jackg
Copper Member
Legendary
*
Offline Offline

Activity: 2072
Merit: 2003


https://bit.ly/387FXHi ← lightning theory


View Profile
August 15, 2019, 06:14:17 PM
 #5

On Electrum, there are only commands, so they could trim any information inside parenthesis for command such as importprivkey()

It might be easier just to encrypt the last commands used and then decrypt them like it does the wallet file and store them in memory, it probably does that when you open the wallet anyway so it would make sense to do it here too...

ETFbitcoin
Legendary
*
Offline Offline

Activity: 1834
Merit: 2741


NotYourKeys.org - Not Your Keys, Not Your Bitcoin


View Profile
August 15, 2019, 06:27:18 PM
 #6

On Electrum, there are only commands, so they could trim any information inside parenthesis for command such as importprivkey()

It might be easier just to encrypt the last commands used and then decrypt them like it does the wallet file and store them in memory, it probably does that when you open the wallet anyway so it would make sense to do it here too...

Easier it's quite relative in this case, IMO simply trim information inside parenthesis before dump it to config file is easier.

Coding Enthusiast
Legendary
*
Offline Offline

Activity: 944
Merit: 1831


Bitcoin and C♯ Enthusiast


View Profile WWW
August 15, 2019, 06:48:24 PM
 #7

Note that the file stores "everything" you type in your console including wrong commands or any random string you type there. The first line in my file content example is exactly what it says it is, "random stuff". Trimming won't work in this case when the interpreter can not parse the data to know what its type is.
IMO there simply is no need for persistence of console history after the wallet is closed.

Projects List+Suggestion box
Donate: 1Q9s or bc1q
|
|
|
FinderOuter(0.9.0)Ann-git
Denovo(0.1.0)Ann-git
Bitcoin.Net(0.11.0)Ann-git
|
|
|
BitcoinTransactionTool(0.11.0)Ann-git
WatchOnlyBitcoinWallet(3.2.1)Ann-git
SharpPusher(0.11.0)Ann-git
Abdussamad
Legendary
*
Offline Offline

Activity: 2786
Merit: 1308



View Profile
August 18, 2019, 01:36:34 PM
Merited by bones261 (2), HCP (2), Coding Enthusiast (2), ETFbitcoin (1)
 #8

You can clear the console history with this command:

Code:
window.console.history = []

Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!