Topic: Chainalysis runs Electrum nodes. (Read 590 times)

I'd be very wary of trusting Electrum servers which are being run by internet or bitcoin "celebrities", not because I think they are inherently untrustworthy by any means, but because I would not be surprised in the least if blockchain analysis companies had offered them reasonable sums of money to share their data. Trusting servers from individuals you know is a different matter. Like DaveF for example - I've traded with Dave in the past and would happily trade with him again without escrow without the slightest worry about anything going wrong. I would definitely trust his server more than a random server Electrum selects for me or a server belonging to famous individual (but I'm still not going to stop using Tor).

If you take a look at their Transparency Report I linked above, they contested and did not comply with 750 court orders just in 2020, so their legal team has certainly been busy. The more concerning thing from that Transparency Report is the exponential increase in court orders they have been receiving over the past 3-4 years.

For all intents and purposes it seems that their service operates exactly in the way they say it operates, and only logs and discloses exactly what they say they will log and disclose in only the circumstances they say. But any big company will have to comply with some court orders or they will simply cease to exist sooner or later.

I wouldn't be surprised if normal operators are unknowingly assisting them with the spying.

Problem with any service that you're going to use is that there is absolutely no way to ensure that they're not collecting logs. Any VPNs or service that promises "no logging" shouldn't mean that your privacy is guaranteed. The fact that it isn't that difficult to start logging, either with the knowledge of the provider or not is a dealbreaker. Always assume that you are getting logged, unless you can verify that your contents are being encrypted in a way that makes it difficult to do so.

Protonmail specifically stated that they are legally obliged to comply with certain requests, which are nothing out of the ordinary. If anything, I'm supportive of them doing so given that the requests are made on that basis that doesn't infringe on human rights. They've mounted several legal challenges against a few requests, IIRC.

I'd say it depends on the individual we are talking about.
If it is a random dude on the internet then sure, there is no point in doing what they can already do. But if it is a known person then it is worth a lot. For example if you look through the Electrum server names you can already see some familiar names that people trust

You and @NeuroticFish [ https://bitcointalksearch.org/topic/electrum-server-on-windows-or-virtualbox-or-even-better-wsl-5362554 ] trying to do things the hard way :-)

My view, so take it as you will. If you have enough spare hardware to do a node in a box on a RPi or similar or if you have enough spare drive space to do a virtualbox version of one of them start with that.

You then can see what works, although in a VERY customized environment.

Then you can try to do your own, and if you get stuck can ask for help AND you can take an actual look at something that works and track backwards from there.
Sometimes you just need to look at a working setup configuration to get see what has to be done.
And since you know what works, you can see what you can do to break it, and and then revert to the old running config that worked.

-Dave

I don't know why but the easy way never appeals to me.  I like learning new stuff, and the DIY spirit is strong within me, lol.  In the late 90's, early 2000's I was working for an old-school tech company that was still using Unix on all their engineering work stations.  They finally switched to Windows around 2001/2002, and I hadn't played with CLI operating systems until I started hanging out here with you nerds.  Pounding out commands on the keyboard took some adjustment, but like I said, I find it fun and enlightening.  There's really no better way to learn about the technology of bitcoin than to dive into it.  And it's quite rewarding when you get things working well.  

I spent most of the day yesterday trying to install mempool.space on an Ubuntu server, and kept running to obstacles.  I'll figure it out eventually, but it can be frustrating.

I think it's worth expanding on this a little. ProtonMail received a legally binding request from Swiss federal authorities which they were unable to challenge. They had no IP logs to provide, but were forced to start collecting IP logs after receiving the request or shutdown completely and face criminal charges themselves for acting illegally. It has always been spelled out quite clearly in their Transparency Report that they would have to comply with legally binding requests from Swiss law enforcement, which is exactly what happened here. Here is an archived copy of their Transparency Report from way before this incident that says all that: https://archive.is/pCZ03


If the user in question had used Tor, they would not be in this situation. Interestingly, also a VPN would have been sufficient in this scenario since Swiss law does not permit VPN providers to log IP addresses in the same way it allows email providers to log IP addresses.

So yeah, it's shit for the individual in question, but ProtonMail were only behaving in the way they said they would. But having said all that, I still wouldn't trust a third party provider not to decrypt your information (or at least try to) if they were forced to. Tor and PGP should be a must.

Zero, since they can do it themselves.
But, what are the odds that many things we connect to are run by some of the 3 letter government departments. Probably good.

---

Might be a bit of a tangent here, but keep in mind with all the hacks recently of 'secure' 'private' hosting and seeing how badly things were run (epikfail) the fact that proton mail more or less gave up the ID of a user.
Keep in mind ust because some place claims to be secure and will keep your private stuff private, it does not mean they will or can.

If you trust enough people with private info Chainalysis is the lease of your problems. Because someone else probably already leaked it.

And that is just a depressing Monday thought.

-Dave

Say.... If someone is running several Electrum servers.... what are the odds of (a) government(s) putting them on the payroll for this?

We have known for years that 3Letter Agencies have been running Exit nodes on Tor to help them to identify wannabe "private" individuals... so why do you think a company like Chainalysis that are being paid millions to "identify" people behind transactions.... will not run their own Electrum nodes/Servers?

Chainalysis helps government agencies, cryptocurrency businesses, and financial institutions to track Blockchain traffic ....so this should not come as a surprise. 

Since this indeed went off topic (sorry!) and it may get longer, I've moved the things to a new topic: https://bitcointalksearch.org/topic/electrum-server-on-windows-or-virtualbox-or-even-better-wsl-5362554

Getting a bit OT, but you moved the file to your USB dive and then told virtual box where it was and it still gave you problems?



Remember that vdi has more then just the blockchain on it. So, it will get much larger then just the blockchain.
If you really want to keep the data external, you might want to just get another external drive and put all of the mynode files on there. This way you can pick it up and move it to another PC with no real effort.

-Dave

I've tried that too yesterday, and didn't work out because the disk for the blockchain is connected though USB and VBox/myNode didn't like that.

In VBox my last attempt was with a proper Debian. I managed to get Bitcoin Core run and use that USB drive for the data, but I completely failed in making it start with the system. I suck at Linux and I know it  

And on Windows, bitcoind is fine, but the Electrum Personal Server just doesn't do anything. Whatever I do it just tells "press any key to continue" and Electrum doesn't see it.

The easiest way is to use virtualbox: https://www.virtualbox.org/
And then deploy the virtalbox version of mynode: https://www.mynodebtc.com/download

The upsides: it's easy, you don't have to install or learn anything, and there is a lot of support out there.
The downsides: You have to trust the people involved.
But, you do get a BTC node, a lightning node, an electrum server and a basic block explorer.

Keep in mind you are going to need enough free RAM & disk space on your PC to run it. And you are going to have to keep your machine running 24/7 to get access to it.

-Dave

Nice list!

And since o_e_l_e_o came with very valid points for having own server and block explorer, I tried my luck and... it's not easy. I didn't manage yet to make any of those work on Windows (heh) and I am a bit undecided about trying out fulcrum, since I didn't find much of discussion about it here on bitcointalk.

I've also looked about using Bitcoin core with HW and.. hmm.. it looks unfinished and far from straightforward, so I pass that.

Any ideas?

About Electrum Servers.

These are the ones I am aware of:

1. Original Electrum X Server (this is a fork from the original ElectrumX). The current version is ElectrumX 1.16.0.
https://github.com/spesmilo/electrumx

2. Electrum Personal Server
https://github.com/chris-belcher/electrum-personal-server

3. Electrum Server in Rust
https://github.com/romanz/electrs

4. Fulcrum Electrum Server
https://github.com/cculianu/Fulcrum/releases

An electrum server, is a bitcoin node with a separate database server that allows any lite wallet that follows the protocol to query and send BTC transactions.

There are several implementations of it in a few different programming languages that fulfill different roles.

There are ones that run on a lot less resources but are only really suitable for one person running a small wallet and others that can handle 1000s of queries from dozens of people at the same time.

Not saying one is better then the other, as always use the right tool for the job.

-Dave

Too many assumptions indeed: I don't have a RPi, but more importantly, I wouldn't want to host anything at home. A "simple" VPS wouldn't allow the load caused by syncing Bitcoin Core, and a more dedicated server isn't worth it to me.

I find myself looking at addresses or transactions on block explorers for various reasons, and now that you mention it: I should probably change that.

Why do you need to look up your own transactions on a block explorer, though? Since we are mostly talking about Electrum here, then just view your transactions in your own wallet which is hopefully connected to your own Electrum server, or at least connected to someone else's Electrum server over Tor. No need to involve yet another third party. I honestly couldn't tell you the last time I looked up one of my own transactions.

Just as you need to use a new Tor circuit with every different Electrum wallet you open, so the same server doesn't see the same IP address querying a bunch of different addresses within a few minutes, you need to use a new Tor circuit with every address or transaction you look up on a block explorer. Even better if you don't look up more than one address or transaction you are interested in at the same time, and if you must, then look them up on different explorers.

Any Electrum node or server is simply a bitcoin full verifying node that has a searchable database.

Keep in mind that TOR or VPN don't magically give you 100% privacy, there are still many ways you can decrease your privacay.
For example imagine you have 2 addresses: addr1 and addr2
If a block explorer or a SPV server sees IP address 1.2.3.4 is asking the balance for addr2 and addr2 then some time later IP address 5.6.7.8 is asking the balance for same addresses then IP 9.10.11.12 is doing the same, ... it is safe to assume addr1 and addr2 are linked even though the IP changed.
Now imagine you send coins from addr1 to a KYC exchange, now they can also know the identity of the one who owns addr1+addr2.

Node in a box and run it at home. Yes I am making assumptions about your home internet, and that you have an RPi and drive handy but still.

Seriously, for the most part it's just storage. The explorers do not take that much CPU / RAM to run till you get dozens of hits a minute.

-Dave