Electrum 4.3.4 Relased

[PX-Z]

New version of Electrum just released, this update includes several bug fixes, payserver and trampoline improvement, check the release notes for more information.

Release Notes

Code:

# Release 4.3.4 - Copyright is Dubious (January 26, 2023)
 * Lightning:
   - make sending trampoline payments more reliable (5251e7f8)
   - use different trampoline feature bits than eclair (#8141)
 * invoice-handling: fix get_request_by_addr incorrectly mapping
   addresses to request ids when an address was reused (#8113)
 * fix a deadlock in wallet.py (52e2da3a)
 * CLI: detect if daemon is already running (c7e2125f)
 * add an AppStream metainfo.xml file for Linux packagers (#8149)
 * payserver plugin:
   -replaced vendored qrcode lib
   -added tabs for on-chain and lightning invoices
   -revamped html and javascript

electrum/RELEASE-NOTES

Reminder:
Only download electrum from the main website^[1] and don't forget to verify^[2] before installing it.

[1] https://electrum.org/#download
[2] https://bitcointalk.org/index.php?topic=5240594.0

[pooya87]

It seems like all the time Electrum developers have is being dedicated to improving the Lightning Network part of the software and no time is left for implementing Taproot. There is an open issue without any ETA[1] that has been open for over a year.
We need more contributors... Sadly I don't know anything from Python myself. My contributions are limited to review and bug reports.

[1] https://github.com/spesmilo/electrum/issues/7544

[Brook Buddy]

 Hey!
 Is the function "Cancel Double Spend" unavailable no more in Mac Version of Electrum 4.3.4??

[BitMaxz]

Hey!
 Is the function "Cancel Double Spend" unavailable no more in Mac Version of Electrum 4.3.4??

I don't see or find it on Electrum release notes that they will remove the cancel double spend.
So if you upgrade it to the latest version that function should be still there and even without that function you can manually cancel the double spend transaction except on non-RBF transactions.

[nc50lc]

Hey!
 Is the function "Cancel Double Spend" unavailable no more in Mac Version of Electrum 4.3.4??

Why? Is it gone in your right-click menu?

Check your setting if you've disabled "Use Replace-By-Fee". It's in "Tools->Preferences->Transactions tab".
Note: changing the setting now will not enable the cancel option in existing unconfirmed transactions in your history, only the newly created txns.

Also, if you're using the advanced transaction window, make sure that "Replace by fee" checkbox isn't unchecked.
Another is, it won't appear for "same-wallet" transactions, means sending to any of your own wallet's address.

[NotATether]

This is mostly just minor enhancements, I see no reason why to upgrade from 4.3.3 currently.

It seems like all the time Electrum developers have is being dedicated to improving the Lightning Network part of the software and no time is left for implementing Taproot. There is an open issue without any ETA[1] that has been open for over a year.
We need more contributors... Sadly I don't know anything from Python myself. My contributions are limited to review and bug reports.

[1] https://github.com/spesmilo/electrum/issues/7544

If somebody implements a working implementation of taproot addresses and then makes a PR, there will be a higher chance of it getting merged summarily without any debates or back-and-forwards.

[Brook Buddy]

This function "cancel double spend" was unavailable during last 2 days, but today its available again, when I do right click on unconfirmed outcoiming transaction.... Preferences did not change, RBF function is on.... I have no idea about that. But Okay. I see there is still a lot of unexplored...

[nc50lc]

This function "cancel double spend" was unavailable during last 2 days, but today its available again, when I do right click on unconfirmed outcoiming transaction.... Preferences did not change, RBF function is on.... I have no idea about that. -snip-

A feature wont suddenly disappear without any reason.
If it's not one of the reasons I've previously listed, you might had overlooked and tested it to the wrong transaction or wallet.

[Narla]

I just installed a new ubuntu on a laptop to install the electrum wallet. The problem appears when I try to verify the file that I have downloaded from the official electrum page. Apparently I have followed the steps indicated on the page but when launching the verification with gpg it does not seem to be valid. I leave a copy of what appears to me when running gpg:

Code:

gpg: asumiendo que los datos firmados están en 'Electrum-4.3.4.tar.gz'
gpg: Firmado el jue 26 ene 2023 19:45:32 CET
gpg:                usando RSA clave 637DB1E23370F84AFF88CCE03152347D07DA627C
gpg: Imposible comprobar la firma: No hay clave pública
gpg: Firmado el jue 26 ene 2023 18:14:19 CET
gpg:                usando RSA clave 0EEDCFD5CAFB459067349B23CA9EEEC43DF911DC
gpg: Imposible comprobar la firma: No hay clave pública
gpg: Firmado el jue 26 ene 2023 17:03:38 CET
gpg:                usando RSA clave 6694D8DE7BE8EE5631BED9502BD5824B7F9470E6
gpg: Imposible comprobar la firma: No hay clave pública

I have followed the steps indicated, which should be if I have not misunderstood the following:

1- Install the python dependencies (ok)
2- Download the files:

Code:

wget https://download.electrum.org/4.3.4/Electrum-4.3.4.tar.gz
wget https://download.electrum.org/4.3.4/Electrum-4.3.4.tar.gz.asc

3- Download Thomas's public key:

Code:

 https://raw.githubusercontent.com/spesmilo/electrum/master/pubkeys/ThomasV.asc

4- Import this key:

Code:

sudo gpg --import ThomasV.asc

5- Verify:

Code:

gpg --verify Electrum-4.3.4.tar.gz.asc

The problem is that it appears signed but can't verify the signature. From my point of view, the file is compromised, but since I don't control a lot of verification issues, I have doubts.

Can someone who knows check it out on their own and comment here?

Thanks in advance.

Excuse my English, it is not my native language

[Abdussamad]

You are importing thomas' key as root by using sudo. That means it's added to root's keyring not the keyring of the unpriviliged user you use to verify the signature. So import it without sudo and do the verification step again.

[o_e_l_e_o]

If you want to verify the other two signatures as well, then you can download Emzy.asc and sombernight_releasekey.asc from here: https://github.com/spesmilo/electrum/tree/master/pubkeys
Import them as per Abdussamad's instructions above, and then verify the file again.

I can also confirm that the three public keys in your verification match the three public keys I have.

[Narla]

Thanks so much for the help.

Once the keys have been imported correctly, the following appears

Code:

gpg: asumiendo que los datos firmados están en 'Electrum-4.3.4.tar.gz'
gpg: Firmado el jue 26 ene 2023 19:45:32 CET
gpg:                usando RSA clave 637DB1E23370F84AFF88CCE03152347D07DA627C
gpg: Firma correcta de "Stephan Oeste (it) <it@oeste.de>" [desconocido]
gpg:                 alias "Stephan Oeste (Master-key) <stephan@oeste.de>" [desconocido]
gpg:                 alias "Emzy E. (emzy) <emzy@emzy.de>" [desconocido]
gpg: ATENCIÓN: ¡Esta clave no está certificada por una firma de confianza!
gpg:          No hay indicios de que la firma pertenezca al propietario.
Huellas dactilares de la clave primaria: 9EDA FF80 E080 6596 04F4  A76B 2EBB 056F D847 F8A7
     Huella de subclave: 637D B1E2 3370 F84A FF88  CCE0 3152 347D 07DA 627C
gpg: Firmado el jue 26 ene 2023 18:14:19 CET
gpg:                usando RSA clave 0EEDCFD5CAFB459067349B23CA9EEEC43DF911DC
gpg: Firma correcta de "SomberNight/ghost43 (Electrum RELEASE signing key) <somber.night@protonmail.com>" [desconocido]
gpg: ATENCIÓN: ¡Esta clave no está certificada por una firma de confianza!
gpg:          No hay indicios de que la firma pertenezca al propietario.
Huellas dactilares de la clave primaria: 0EED CFD5 CAFB 4590 6734  9B23 CA9E EEC4 3DF9 11DC
gpg: Firmado el jue 26 ene 2023 17:03:38 CET
gpg:                usando RSA clave 6694D8DE7BE8EE5631BED9502BD5824B7F9470E6
gpg: Firma correcta de "Thomas Voegtlin (https://electrum.org) <thomasv@electrum.org>" [desconocido]
gpg:                 alias "ThomasV <thomasv1@gmx.de>" [desconocido]
gpg:                 alias "Thomas Voegtlin <thomasv1@gmx.de>" [desconocido]
gpg: ATENCIÓN: ¡Esta clave no está certificada por una firma de confianza!
gpg:          No hay indicios de que la firma pertenezca al propietario.
Huellas dactilares de la clave primaria: 6694 D8DE 7BE8 EE56 31BE  D950 2BD5 824B 7F94 70E6

Are the rest of the warnings normal?

[o_e_l_e_o]

Are the rest of the warnings normal?

Yes. Those warnings are telling you that although the signatures for the file are valid for the keys you have imported, you haven't signed the keys using your own key to tell your computer that you trust these keys are accurate and actually belong to the relevant users (ThomasV, Emzy, SomberNight).

This step is not necessary and you can safely ignore these warnings and install Electrum from the file you have. Alternatively, if you wish to sign the keys, you can do so using the following command:

Code:

gpg --sign-key 6694D8DE7BE8EE5631BED9502BD5824B7F9470E6

Once you have signed them, repeat the verification process and those additional warnings will have disappeared.

[Narla]

Thank you very much to all. Fixed.