Page MenuHomePhabricator

install electrum bitcoin thin client by default?
Open, NormalPublic

Description

package, only available from stretch-backports, however that version may be outdated, dysfunctional:

Not as simple as just installing the package.

Tails design documentation:
https://tails.boum.org/contribute/design/#index55h3

Tails config:
https://git-tails.immerda.ch/tails/tree/config/chroot_local-includes/etc/skel/.electrum

Tails user documentation:
https://tails.boum.org/doc/anonymous_internet/electrum/index.en.html

Existing Whonix documentation about electrum:
https://www.whonix.org/wiki/Electrum

Electrum Bitcoin Wallet in Whonix ™ Development Notes:
https://www.whonix.org/wiki/Dev/electrum

Criteria for installing applications by default in Whonix:
https://www.whonix.org/wiki/Dev/Default_Application_Policy

Policy for Inclusion of Compiled Software:
https://forums.whonix.org/t/policy-for-inclusion-of-compiled-software/6635

Details

Impact
Normal

Event Timeline

Patrick created this task.Mar 5 2015, 4:41 PM
Patrick raised the priority of this task from to Normal.
Patrick updated the task description. (Show Details)
Patrick added a subscriber: Patrick.
Patrick claimed this task.Mar 5 2015, 8:40 PM

To counteract the Bitcoin ddos problem discussed in "Bitcoin over Tor
is not a good idea" until its fixed at the blockchain level, its proposed to configure Electrum to use a pool of trusted hidden services:
https://mailman.boum.org/pipermail/tails-dev/2015-March/008302.html

From the thread I saw they collected about 5:

electrumupzx5w5f.onion kngqe2mrt4wnpxtt.onion k33y7ns2ma65xgtr.onion

https://mailman.boum.org/pipermail/tails-dev/2015-March/008381.html
(s7r Thomas White)

sbow7bnje2f4gcvt.onion:50001

56ckl5obj37gypcu.onion

Patrick edited projects, added research; removed Whonix 10.Mar 13 2015, 4:39 PM
Patrick removed Patrick as the assignee of this task.Mar 19 2015, 1:09 PM

http://www.deepdotweb.com/jolly-rogers-security-guide-for-beginners/bitcoin-clients-tails-blockchain-electrum/

This article goes thru the commands to connect electrum via onion services.

A script can possibly accomplish the same thing.

As a general point... I think Whonix + Bitcoin (cryptocurrency) is a good position to acquire in more people's minds for attracting more Whonix success.

Patrick updated the task description. (Show Details)Mar 20 2015, 11:30 AM
Patrick updated the task description. (Show Details)
Patrick updated the task description. (Show Details)Mar 20 2015, 11:48 AM

Generally, it's nice to have. Sure. But... Not as simple as just installing the package. Many related issues:

  • Bitcoin is not anonymous.
  • Do not blindly trust the bitcoin balance that Electrum displays.

Unfortunately. Seems like this would require a package just for configuring electrum so it's save by default. A startup wrapper script would be relatively simple. Tails uses a more extensive config with more settings than just a different server. We'd have to research if we would need the same settings or if we can wretch these settings into a startup wrapper script. Since electrum apparently has no .d Style Configuration Folder, writing into the user's homedir ~/.electrum comes with the usual issues, such as "what if that file needs to be updated later" (then there can be conflicts with what we set in past, various settings changes by user/program and then trying to change settings there again with a script is fragile). So I think the startup wrapper script - if it is possible - would be a much more robust solution.

Even when using trusted server[s], users are at mercy of a server. Servers occasionally go down [forever] and are hacked. Having it installed by default, and having users skip reading the user documentation could lead to cases, where they thought, they have received money, where in reality the server had put them on a fake network. This is in my opinion a pretty severe security issue where one could loose a lot money.

Installing applications by default encourages using them? Somewhat implies, that it's a recommended application, no? If that happens and someone were to ask "Why did you encourage use of electrum by installing it by default?", I would not have a good answer.

What seems responsible to me would be a dismissable ("[ ] understood, do not show again" popup) that will be shown before starting electrum that explains the major issues and links to documentation.

Tails has more reasons to install applications by default than Whonix. (Recently discussed here.)

Having all that said, I am wondering if it wouldn't be better to not install it by default and to just polish Whonix's documentation about money.

What do you think?

What is Whonix if not a platform to nake it easy and safe to anonymize internet activity?

We should aim to include defaults when they make sense. For example if they software is easy to use and carries out a useful function.

The way Electrum works doesn't allow a malicious server to abscond with the money. That was never possible. What we are protecting against is a communication chokepoint with the rest of the bitcoin network ie. a malicious exit that can block financial data syncing which can give a fake view of transactions. By relying on a trusted pool of onions (and not a single server) we make this possibility much less likely. And soon its going to be fixed anyway.

How you want to approach this is up to you. I prefer sticking with TAILS' work because it covers more configuration if it takes less work also because there are more people keeping track of Electrum there. How it gets around the absence of .d is something to consider. If the Tails script can be made into a startup wrapper then its best?

In T215#3221, @HulaHoop wrote:

The way Electrum works doesn't allow a malicious server to abscond with the money. That was never possible. What we are protecting against is a communication chokepoint with the rest of the bitcoin network ie. a malicious exit that can block financial data syncing which can give a fake view of transactions.

And this fake view could lead to do stuff, such as shipping goods, which you would not have done if you had the real view. A pretty severe issue.

By relying on a trusted pool of onions (and not a single server) we make this possibility much less likely.

Does electrum auto cylce servers?

And soon its going to be fixed anyway.

Until that fix lands in Debian, it could take until Debian stretch.

How you want to approach this is up to you. I prefer sticking with TAILS' work because it covers more configuration if it takes less work also because there are more people keeping track of Electrum there.

Sure, if Tails' solution is secure, robust and applicable to Whonix, it's best to copy it rather than reinvent.

How it gets around the absence of .d is something to consider.

TODO: research. Tails' solution's are not always as easily applicable, because it's an amnesic distribution with limited persistence. It could mixture of "no issue with upgrading, because we're amnesic [no apt-get upgrades for major versions, therefore no config file issues]" + "if you are using persistence you are on your own". Or perhaps they haven't through this through. That's why it's TODO: research.

Does electrum auto cylce servers?

Yes. The TAILS electrum.conf enables auto cycling.

I did some more research and re read the mailing list thread and here is what I learned.

The trusted onion services I listed are also running as Bitcoin only traffic exits, eliminating bad exits as a possibility.

Electrum connects to multiple servers simultaneously rather than trusting only one.


Looks to me the TAILS file us very relevant to reuse but we need to change the settings from localhost to gw and also the port number for streaming isolation.

Patrick removed a project: Whonix 11.
Patrick set Impact to Needs Triage.

At the moment the electrum version from Debian stable (currently: jessie) is too old to even work. The one from jessie-backports should still work?

Btw there is currently an unreviewed documentation edit that adds electrum to the money wiki page that needs more work:
https://www.whonix.org/w/index.php?title=Money&diff=cur&oldid=22500

Major clean up done.

Patrick changed Impact from Needs Triage to Normal.
Patrick updated the task description. (Show Details)Aug 8 2018, 10:37 AM
Patrick updated the task description. (Show Details)
Patrick updated the task description. (Show Details)Aug 8 2018, 10:58 AM
Patrick updated the task description. (Show Details)Jun 27 2019, 12:59 PM
Patrick updated the task description. (Show Details)Aug 11 2019, 2:13 PM