Question about Sparrow ( Server )

[BitcoinNeedHelp]

Hello everyone,
I have two small questions.

What are the risks if I connect Sparrow to a public server instead of my own full node?

What are the disadvantages if I connect Sparrow to my own full node instead of my own private Electrum server?

[Charles-Tim]

What are the risks if I connect Sparrow to a public server instead of my own full node?

You will not have privacy is the risk. For privacy, run your own node or server with Tor.

What are the disadvantages if I connect Sparrow to my own full node instead of my own private Electrum server?

If you run your own Electrum server, it is like you run your own node because you will still connect to your own node before using your server. It means you do not depend on central server but your own node. So I do not see any disadvantage about this.

[BitcoinNeedHelp]

You will not have privacy is the risk. For privacy, run your own node or server with Tor.

I once read that the node operator could manipulate data and I could lose my money or that my payment would no longer be accepted by other node operators.
Is that correct ?

If you run your own Electrum server, it is like you run your own node because you will still connect to your own node before using your server. It means you do not depend on central server but your own node. So I do not see any disadvantage about this.

Yes, but if you don't run your own server, then you use Bitcoin Core and the public keys and credits are not encrypted on your computer.
Is that bad ?
Can a hacker do anything with the public keys?

[Charles-Tim]

I once read that the node operator could manipulate data and I could lose my money or that my payment would no longer be accepted by other node operators.
Is that correct ?

It is possible that central server operator can manipulate with fake data but no coin has been stolen or compromised this way before. If using central server, that is why it is better not to depend on one central server but to set it to automatically.

Yes, but if you don't run your own server, then you use Bitcoin Core and the public keys and credits are not encrypted on your computer.
Is that bad ?
Can a hacker do anything with the public keys?

I do not know about this, but what is most important to protect are the private keys.

[Zaguru12]

I once read that the node operator could manipulate data and I could lose my money or that my payment would no longer be accepted by other node operators.
Is that correct ?

Yes a particular node can actually feed you wrong information due to its settings or configuration and that’s why you see almost all SPV wallets like electrum do not rely on just a single server or node. Example of This bad information can be a transaction which has been dropped by the node you are connected to but still kept by other nodes you are not connected, without knowing of this, the transaction could still propagate without you noticing at that moment. If that particular node should temporarily go offline you will certainly miss some data that took place then and that’s why we see two different nodes with deficit sometimes

Yes, but if you don't run your own server, then you use Bitcoin Core and the public keys and credits are not encrypted on your computer.
Is that bad ?
Can a hacker do anything with the public keys?

An hacker cannot do anything much with your public key other than watching the address. The public key is actually visible in transaction since you need it to validate the signature of a transaction. Public key cannot be decrypt back to a private key if that is your question, it is a one way function which is a private key to public key and not the other way back

[ABCbits]

I once read that the node operator could manipulate data and I could lose my money or that my payment would no longer be accepted by other node operators.
Is that correct ?

1. It's true node/server operator can send manipulated data, but Sparrow (or any decent wallet) should check whether the received data is valid or not.
2. What malicious node/server can do usually limited to not returning data you expect (e.g. new transaction) or not relaying your transaction to other node.
3. You probably read about old security vulnerability which let malicious Electrum server send and show any data (which include phishing link).

Yes, but if you don't run your own server, then you use Bitcoin Core and the public keys and credits are not encrypted on your computer.
Is that bad ?
Can a hacker do anything with the public keys?

Aside from tracking you, there's nothing practical they can do with it.

[dkbit98]

What are the risks if I connect Sparrow to a public server instead of my own full node?

Risks are similar like when you are using Electrum and other wallets with nodes from someone else.
They would be able to know all your address and transactions, and there is a small chance of connecting to malicious node.

What are the disadvantages if I connect Sparrow to my own full node instead of my own private Electrum server?

I don't see any disadvantages if you already run your own bitcoin node.

[BitcoinNeedHelp]

Yes a particular node can actually feed you wrong information due to its settings or configuration and that’s why you see almost all SPV wallets like electrum do not rely on just a single server or node. Example of This bad information can be a transaction which has been dropped by the node you are connected to but still kept by other nodes you are not connected, without knowing of this, the transaction could still propagate without you noticing at that moment. If that particular node should temporarily go offline you will certainly miss some data that took place then and that’s why we see two different nodes with deficit sometimes

1. It's true node/server operator can send manipulated data, but Sparrow (or any decent wallet) should check whether the received data is valid or not.
2. What malicious node/server can do usually limited to not returning data you expect (e.g. new transaction) or not relaying your transaction to other node.
3. You probably read about old security vulnerability which let malicious Electrum server send and show any data (which include phishing link).

Risks are similar like when you are using Electrum and other wallets with nodes from someone else.
They would be able to know all your address and transactions, and there is a small chance of connecting to malicious node.

What is the worst that can happen?
What can these people with a malicious node do to my wallet?

[satscraper]

What are the disadvantages if I connect Sparrow to my own full node instead of my own private Electrum server?

Read Best Practices section in Sparrow docs.

It states:

"Bitcoin Core stores your public keys and balance unencrypted on the computer it is running on" , thus  if your computer is hacked, addresses along with their contents will become known to the attacker, which could  motivate him to take further actions in relation to these wallets.

On the other hand, Electrum server (like Fulkrum or Electrs, acting as mediator between Bitcoin Core and Sparrow) " does not keep any record of your balance, but indexes all Bitcoin transactions equally" , thus, the above-mentioned threat disappears even if a hacker gets into the computer.

[ABCbits]

--snip--
What is the worst that can happen?
What can these people with a malicious node do to my wallet?

Someone might found security vulnerability on library used by Sparrow wallet used to read JSON data, which could exploited to perform RCE attack. But take note that,
1. It's merely a theory. There's no need to worry or think about it, unless you're developer of Sparrow wallet.
2. Those malicious server don't even know which wallet software used by you. If they actively send data to everyone which contain invalid or malicious data, IMO it's just matter of time before someone detect it and warn others.

[satscraper]

Someone found security vulnerability on library used by Sparrow wallet used to read JSON data, which could exploited to perform RCE attack.

That would interest me as I'm active user of Sparrow which is employed as software coordinator for my cosigners in multisig wallet.

I have spent some time to sieve WEB in an attempt to find the relevant info but with no real success.

Could you head me to the source ?

[ABCbits]

Someone found security vulnerability on library used by Sparrow wallet used to read JSON data, which could exploited to perform RCE attack.

That would interest me as I'm active user of Sparrow which is employed as software coordinator for my cosigners in multisig wallet.

I have spent some time to sieve WEB in an attempt to find the relevant info but with no real success.

Could you head me to the source ?

Sorry, i forget to add word "might". What i said earlier is my theory based on history someone add malicious code on arbitrary JSON data. Altough if you just want to do casual research, use keyword "json injection" or "json xss rcss" on Google search.

[BitcoinNeedHelp]

--snip--
What is the worst that can happen?
What can these people with a malicious node do to my wallet?

Someone might found security vulnerability on library used by Sparrow wallet used to read JSON data, which could exploited to perform RCE attack. But take note that,
1. It's merely a theory. There's no need to worry or think about it, unless you're developer of Sparrow wallet.
2. Those malicious server don't even know which wallet software used by you. If they actively send data to everyone which contain invalid or malicious data, IMO it's just matter of time before someone detect it and warn others.

So theory aside, a malicious node can only:
-Don't forward my transaction (I would notice if the money didn't arrive)
-Forward my transaction, but still leave the amount displayed on my wallet (I would also notice if the money arrives)
If that's the only thing he could do, what benefit would he get from it?

Could he manipulate my transaction data and change the recipient's wallet address in the background?
(I would also notice this because I always compare the address on the hardware wallet)

[NotATether]

Could he manipulate my transaction data and change the recipient's wallet address in the background?
(I would also notice this because I always compare the address on the hardware wallet)

No, that is impossible because of the way Bitcoin transactions are signed. If you change the recipient address and amount, it makes the signature totally invalid when it is picked up by full nodes.

Basically, a malicious node can scrape information about you such as your IP address, bitcoin addresses, and so on, and it might also be able to exploit any vulnerability in the sparrow client to do miscellaneous stuff, depending on what the vulnerability is and how severe is it. But that is the case with pretty much any SPV implementation.

[BlackHatCoiner]

What are the risks if I connect Sparrow to a public server instead of my own full node?

Asides from the privacy downgrade, given some hashrate, the attacker can double-spend without you noticing. Let me give you an example.

• The attacker is a customer in an Internet store, and the merchant is connected to his SPV server.
• The attacker needs to convince the merchant that he paid him, so he mines a block (on his, inferior difficulty-wise blockchain) with his transaction included.
• The merchant sees the money, so he releases the product.

That might sound a ridiculous way to rip off a merchant, but imagine a scenario where the merchant is a cryptocurrency swap service, that can create noticeable damage. If you're not a merchant, I can't think of any other security holes, excluding the already aforementioned.

[ABCbits]

--snip--

So theory aside, a malicious node can only:
-Don't forward my transaction (I would notice if the money didn't arrive)
-Forward my transaction, but still leave the amount displayed on my wallet (I would also notice if the money arrives)
If that's the only thing he could do, what benefit would he get from it?

I don't know. Although i'd speculate whoever do that doesn't get any benefit.

Could he manipulate my transaction data and change the recipient's wallet address in the background?
(I would also notice this because I always compare the address on the hardware wallet)

They could try that. But both full node and Sparrow wallet (along with any decent wallet) would verify the transaction and detect it as invalid transaction.

What are the risks if I connect Sparrow to a public server instead of my own full node?

Asides from the privacy downgrade, given some hashrate, the attacker can double-spend without you noticing. Let me give you an example.

• The attacker is a customer in an Internet store, and the merchant is connected to his SPV server.
• The attacker needs to convince the merchant that he paid him, so he mines a block (on his, inferior difficulty-wise blockchain) with his transaction included.
• The merchant sees the money, so he releases the product.

That might sound a ridiculous way to rip off a merchant, but imagine a scenario where the merchant is a cryptocurrency swap service, that can create noticeable damage. If you're not a merchant, I can't think of any other security holes, excluding the already aforementioned.

Even in this scenario, it's not very practical attack since you need a fortune to perform double-spend attack. And even if you managed to obtain the product, it's just matter of time before the merchant sue you.