The paranoid user's security guide for using Electrum safely.

[Saint-loup]

- Antivirus software should be used if your wallet is running on Windows.

I would add: And put the User Account Control (UAC) to the highest level you can.

- If you have a strong password, you don't need 2FA protection, especially not the one that's bundled with Electrum.

I'm sorry but you can't say that, Electrum password and Electrum 2FA protection are not the same thing at all. The 2FA feature will protect your funds even if your password, your computer or your wallet are compromised, since the one-time passcode from your smartphone will always be needed to move your funds.
https://api.trustedcoin.com/#/faq

- Do not use advanced features like custom wordlist, BIP39 password, custom derivation path, Shamir's secret sharing, etc for your seed phrase. All of these are easy to screw up and will destroy your seed phrase copy as they can't possibly be remembered.

I disagree with that, if you store your seed in one single place you are more likely to lose it, if you store it in several places you are more likely to expose it.
Using a BIP39 password or a Shamir's secret sharing scheme(SLIP39) is a must if you want to safely store your seed in several places. Seeds without passphrases or SSS should be handled as little as possible actually.

- Same goes with exporting private keys - do not do it at all.

It's way safer to export one single private key, than to play with the seed of dozens addresses.

- Don't keep large sums of money on a software wallet. Use a reliable hardware wallet for cold storage.

No if you have large sums of money it's safer to use a real air gapped software wallet than a plugged and close-source hardware one.


It's an interesting "How to" thread. But unfortunately you haven't talked about the Electrum servers. Which ones are the most reputed and safest to use?
Same thing for SOCKS 4/5 proxies, which reputed ones can be used with Electrum?

[1714527226]

1714527226

[1714527226]

1714527226

[NotATether]

- If you have a strong password, you don't need 2FA protection, especially not the one that's bundled with Electrum.

I'm sorry but you can't say that, Electrum password and Electrum 2FA protection are not the same thing at all. The 2FA feature will protect your funds even if your password, your computer or your wallet are compromised, since the one-time passcode from your smartphone will always be needed to move your funds.
https://api.trustedcoin.com/#/faq

I disagree because Electrum 2FA makes a 2-of-3 multisig. This will prevent you from getting robbed if just one device is stolen, but if all of them are taken? Then your funds are screwed.

If you are OK with placing Electrum on many devices, I guess there's no problem with that as long as you move your funds quickly, but this guide is more oriented to using Electrum on a single device, without additional peripherals (hence why LiveUSB is not included cc. @LoyceV)

- Do not use advanced features like custom wordlist, BIP39 password, custom derivation path, Shamir's secret sharing, etc for your seed phrase. All of these are easy to screw up and will destroy your seed phrase copy as they can't possibly be remembered.

I disagree with that, if you store your seed in one single place you are more likely to lose it, if you store it in several places you are more likely to expose it.
Using a BIP39 password or a Shamir's secret sharing scheme(SLIP39) is a must if you want to safely store your seed in several places. Seeds without passphrases or SSS should be handled as little as possible actually.

You're right about bare seed phrases being handled as little as possible, and frankly that's how it should be treated. As seed phrases with bitcoin on them are more like physical assets, such as gold or a stack of cash, you should be moving it around as little as possible.

- Same goes with exporting private keys - do not do it at all.

It's way safer to export one single private key, than to play with the seed of dozens addresses.

Not only is that bad for privacy, it's easy to mess up writing it and if you do it electronically, you could get robbed by specialists inspecting the peripheral's NVRAM.

- Don't keep large sums of money on a software wallet. Use a reliable hardware wallet for cold storage.

No if you have large sums of money it's safer to use a real air gapped software wallet than a plugged and close-source hardware one.

Not all hardware wallets are closed-source.

It's an interesting "How to" thread. But unfortunately you haven't talked about the Electrum servers. Which ones are the most reputed and safest to use?
Same thing for SOCKS 4/5 proxies, which reputed ones can be used with Electrum?

I don't think there's a way to determine the safest server, with the exception of the one hosted on electrum.org. You're basically trusting the node operator to not leak your privacy.

A private electrum server is much better than a public one for this reason, maybe I'll add that. It does require a connection to a bitcoin full node though - usually you have to run those yourself. Or maybe Getblock will do provided that wallet RPCs are not used (they are disabled over there).

[Volgastallion]

Hi to all, and thanks to Notatether for this usefull thread.

I have one question , we allways read its a bad behavior to use the same adress  everytime, but here we use the same adresse everytime in signatures campaigns and its ok for practicall purpouse also in some statics adreses needs to be in that way.

So what its the solution? or what its the risk on use the same? Or its only for tracking matters? I think its for that everyone recomends to change the adress so no one can follow/track you so easily. But im forgotten something and its any more risk that im making?

[LoyceV]

this guide is more oriented to using Electrum on a single device, without additional peripherals (hence why LiveUSB is not included cc. @LoyceV)

In that case, it should be called "the slightly careful user's guide for using Electrum"
Now you make me want to write a "truely paranoid user's guide for using Electrum" But I won't, as I think it's futile. Whoever wants to do that can do it already, and people who aren't into it, should probably not even try to work with offline wallets and offline signing. The same for multisig: I wouldn't recommend it to inexperienced users.

Or its only for tracking matters?

Address reuse is bad for privacy, but doesn't add a security risks (unless you also leak part of your private key). For signature campaigns, where you post your address publicly, your privacy is gone already.

[NotATether]

Hi to all, and thanks to Notatether for this usefull thread.

I have one question , we allways read its a bad behavior to use the same adress  everytime, but here we use the same adresse everytime in signatures campaigns and its ok for practicall purpouse also in some statics adreses needs to be in that way.

So what its the solution? or what its the risk on use the same? Or its only for tracking matters? I think its for that everyone recomends to change the adress so no one can follow/track you so easily. But im forgotten something and its any more risk that im making?

For signature campaigns, where you post your address publicly, your privacy is gone already.

Hence why it's recommended you mix your campaign funds using a mixer, or use a wallet that does it for you (exactly which wallet(s) I recommend for that I will not say, as people are having some tug-of-war on another thread about these kind of wallets).

In that case, it should be called "the slightly careful user's guide for using Electrum"
Now you make me want to write a "truely paranoid user's guide for using Electrum" But I won't, as I think it's futile. Whoever wants to do that can do it already, and people who aren't into it, should probably not even try to work with offline wallets and offline signing. The same for multisig: I wouldn't recommend it to inexperienced users.

Actually, please do I'd love to see it from a perspective of having multiple devices at your disposal which can all be used for securing a wallet.

[o_e_l_e_o]

I disagree because Electrum 2FA makes a 2-of-3 multisig.

In generally, users would be far better setting up their own 2-of-3 multi-sig rather than relying on a third party, sacrificing all their privacy, and paying the excessive fees charged by TrustedCoin.

I don't think there's a way to determine the safest server, with the exception of the one hosted on electrum.org. You're basically trusting the node operator to not leak your privacy.

The only safe Electrum server is your own one.

So what its the solution?

Don't reuse addresses when you can. If you must, such as in recurring payments from a third party, use it for that one purpose and one purpose only - never reuse the same address for different purposes. And then as mentioned above, mix the coins you have received to prevent other tracking where they are going and what you are doing with them.

[Volgastallion]

Thanks Loyce, oeleo, and notatether for the answers, it was what i tinked, but its more safety to re ask to the wise of the forum instead of make a huge mistake in terms of security.

Yeah but thinking of future it can be a good think to have a "white" adress and a few more in the shadows, so when any ask, you only show a part of your funds and you dont have to say a lie like, "i dont have any". But yes you need to be very carefull.

[LoyceV]

Now you make me want to write a "truely paranoid user's guide for using Electrum"

Actually, please do

I won't do it any time soon, especially since o_e_l_e_o just made me realize I'm not nearly paranoid enough yet:

The only safe Electrum server is your own one.

I'd love to see it from a perspective of having multiple devices at your disposal which can all be used for securing a wallet.

You don't even need multiple devices for offline signing, but it would require rebooting into a Live OS at least once. Or multiple times, if you're like me and realize too late that your offline Electrum is an incompatible version, followed by the next reboot once you realize offline signing with minimum fees creates a signed transaction with less than 1 sat/vbyte and can't be broadcasted. In short, it is a lot easier with a dedicated offline device. Luckily, old laptops are very cheap nowadays.

There's another reason I can't really write a detailed guide: if someone's doing offline signing, they should understand all the steps, and they should be able to fill in the blanks to match their own situation. If you're only following a tutorial to the letter, chances are you're making a mistake. That's why I prefer to stick to just this summary:

Online:
Install Electrum on your PC.
Import your address to create a watch-only wallet.
Preview the transaction, Copy the unsigned transaction. Put it on a USB stick.

Offline and running without hard drive storage:
Get a Linux LIVE DVD. Use Knoppix or Tails for instance, or any other distribution that comes with Electrum pre-installed.
Unplug your internet cable. Close the curtains. Reboot your computer and start up from that DVD. Don't enter any wireless connection password. Keep it offline.
Start Electrum. Import your private key.
Copy your unsigned transaction from the USB stick, load it into Electrum.
CHECK the transaction in Electrum. Check the fees, check the amount, check all destination addresses (character by character).
If all is okay, sign the transaction. Copy it back to your USB stick.
Turn off the computer. That wipes the Live LINUX from memory and all traces are gone.

Online:
Use your normal online Electrum to (check again and) broadcast the transaction.

[o_e_l_e_o]

I won't do it any time soon, especially since o_e_l_e_o just made me realize I'm not nearly paranoid enough yet:

Two devices. Both formatted, clean install of good Linux distro of choice, full disk encryption. All software verified prior to installation. Both devices used for nothing else and kept physically and digitally secured.

Device 1, internet connected:
Your own node running over Tor.
Your own Electrum server of choice.
Your watch only Electrum wallet connecting exclusively to your own server.

Device 2, permanently airgapped at a hardware level:
Your Electrum wallet containing seed phrase/private keys.

That's the basics of it for maximum security/privacy while still being fairly easily usable. I could write a guide spelling out each step in detail, but what if I use Debian and someone else chooses to use Mint? What I choose Electrs and someone else wants to use EPS? How can I possibly write a guide for how to remove the WiFi card from every model of laptop in existence? What if someone's threat model is different to mine? Maybe they place more emphasis on $5 wrench attacks, so want to use passphrases for decoy wallets. Or perhaps they want to delete their watch only wallet when not in use. Maybe they want to run mempool.space or JoinMarket on Device 1 as well. And so on.

As Loyce says, people need to understand why they are doing things and what those things achieve, not just blindly follow a list of instructions.

[Saint-loup]

I disagree because Electrum 2FA makes a 2-of-3 multisig. This will prevent you from getting robbed if just one device is stolen, but if all of them are taken? Then your funds are screwed.

If you are OK with placing Electrum on many devices, I guess there's no problem with that as long as you move your funds quickly, but this guide is more oriented to using Electrum on a single device, without additional peripherals (hence why LiveUSB is not included cc. @LoyceV)

If your 2 devices are stolen, the robber will still need to know the PIN code of your smartphone, the password of your computer, and the one of your Electrum wallet, because using the 2FA feature don't prevent people to also using a "strong password" for their wallet. So it wouldn't be so simple.

You're right about bare seed phrases being handled as little as possible, and frankly that's how it should be treated. As seed phrases with bitcoin on them are more like physical assets, such as gold or a stack of cash, you should be moving it around as little as possible.

Yes I agree with you but personally, I'm not confortable with having one single backup of my seed, even if I would carve it in stone.

Not only is that bad for privacy, it's easy to mess up writing it and if you do it electronically, you could get robbed by specialists inspecting the peripheral's NVRAM.

So, this is not risky unless you are holding a large amount into this address.

I don't think there's a way to determine the safest server, with the exception of the one hosted on electrum.org. You're basically trusting the node operator to not leak your privacy.

A private electrum server is much better than a public one for this reason, maybe I'll add that. It does require a connection to a bitcoin full node though - usually you have to run those yourself. Or maybe Getblock will do provided that wallet RPCs are not used (they are disabled over there).

Running a full node is not an acceptable solution for a random user, and Bitcoin is supposed to be safely usable by everyone.
There is neither any reputed SOCKS 4/5 proxies?

[o_e_l_e_o]

Yes I agree with you but personally, I'm not confortable with having one single backup of my seed, even if I would carve it in stone.

Completely agree. One back up is no back up at all, especially when most people store their only back up in the same location as their computer or hardware wallet (i.e. at home). Two back ups in two separate geographical locations should be the minimum.

Running a full node is not an acceptable solution for a random user, and Bitcoin is supposed to be safely usable by everyone.

Sure, but here we are talking about privacy focused users, not random users. If you are privacy focused, then there is no escaping that you must run your own node or you will be leaking data to a third party.

[NotATether]

There is neither any reputed SOCKS 4/5 proxies?

No, except for the Tor SOCKS5 proxy.

[Synchronice]

- Always keep the OS with your wallet on it up-to-date with the latest security patches.

I think it's not always the best to immediately update your wallet software. Personally, what I do is that I read release notes and news. There have been cases when update had some bugs and was dangerous. For that reason, I always wait a little and if I don't hear complains, then I update the software. Of course that highly depends on release notes because sometimes you need to immediately update your software because of critical bugs in current version.

- Antivirus software should be used if your wallet is running on Windows.

I'm afraid antiviruses spy on you, especially free ones. Instead, I would use Virustotal to check whether websites I visit are safe or not and I would also check some files there too.

Really nice thread, everything is done well and said shortly but I would change the title. A true paranoid user is the one who thinks about hardware backdoors too

[o_e_l_e_o]

I'm afraid antiviruses spy on you, especially free ones.

Windows spies on you more than any antivirus software. Windows is a privacy nightmare. Check out the links I shared in this post. Even if you try to sanitize Windows, turn off all the extra features, block or disable as much of the privacy invasion as you can, it still transmits data back to Microsoft and a variety of third parties about your device and what you are doing on it hundreds or even thousands of times an hour.

If you are using Windows, then whether your antivirus is spying on you is the least of your concerns.

[Volgastallion]

I'm afraid antiviruses spy on you, especially free ones.

Windows spies on you more than any antivirus software. Windows is a privacy nightmare. Check out the links I shared in this post. Even if you try to sanitize Windows, turn off all the extra features, block or disable as much of the privacy invasion as you can, it still transmits data back to Microsoft and a variety of third parties about your device and what you are doing on it hundreds or even thousands of times an hour.

If you are using Windows, then whether your antivirus is spying on you is the least of your concerns.

Yes but sadly for the people they only choose between the "less bad", so instead of share their info with X they want to share they info with a big tech, because you know..... "its a wellknow and reputable company..." 

But its understable thinking about they are not gonna scam you but if you have one problem with goverment.... GG for you. Anyways i think the  mos flawed privacy we have its in the smartphones and with google, we spend more time and we generate much more info in smartphones than in PC.

[Synchronice]

I'm afraid antiviruses spy on you, especially free ones.

Windows spies on you more than any antivirus software. Windows is a privacy nightmare. Check out the links I shared in this post. Even if you try to sanitize Windows, turn off all the extra features, block or disable as much of the privacy invasion as you can, it still transmits data back to Microsoft and a variety of third parties about your device and what you are doing on it hundreds or even thousands of times an hour.

If you are using Windows, then whether your antivirus is spying on you is the least of your concerns.

Actually, you are 100% right but if you are using Windows, why should you double the number of spies? It will also slow-down your computer too. If I had to use Windows and Electrum, I simply would not visit malicious websites, unknown URLs, wouldn't open unknown emails or would use only separate email.
I really don't think one needs to use Antivirus if the person only visits certain reputable websites from specific device.

Btw in ideal case, one should dedicate one pc/laptop to privacy and another one for public activities, gaming and everyday life.

[BlackHatCoiner]

- Use a diceware password for guarding Electrum wallet access.

If you use Tails with LUKS encrypted volumes, I don't think using a password to guard Electrum wallet access is needed. I'm saying this, because your audience is newbies as you said, and I think an airgapped Tails is the best choice for a newbie. Installation instructions are very detailing.

- Don't open a Lightning channel unless you have a watchtower running 24/7, or you might lose channel funds to inactivity.

I suspect this isn't for cold storage wallets. Paranoid users would never load their private keys on a non-airgapped device, unless there's some functionality to manage a lightning channel without internet connection I'm not aware of.

Global Mods / admins - please sticky this thread.

Haha, good one! 

[LoyceV]

If you use Tails with LUKS encrypted volumes, I don't think using a password to guard Electrum wallet access is needed.

While using the computer, the encrypted volume will be unlocked and anyone with physical access could send funds if there's no password. So I'd recommend to use a password.

I'm saying this, because your audience is newbies

Especially for Newbies, it can't be repeated often enough to be secure, and use different passwords.

That being said: I use some wallets (inside a VM, of course) for low-value altcoin dust, and it's very convenient to send cents without the hassle of typing a password. I just wouldn't recommend it to anyone, by the time they understand what's at stake, they can decide this on their own.