Topic: Chainalysis runs Electrum nodes. - page 2. (Read 524 times)

This is nice: governments helping the Bitcoin network by running Electrum servers, governments helping the Tor network by running exit nodes.... If enough different governments try to collect data, they all become less likely to actually find what they're looking for!

Seriously though: this shouldn't be a surprise. Give them misinformation: Lookup some random addresses on block explorers and add read-only addresses to your Electrum wallets (but you can't do that with a convenient default HD-wallet).

That's not very convenient: even if I run Bitcoin Core, I can't just lookup any txid, right? Block explorers (for various coins) are just very convenient tools. Tor quickly shows a captcha, which is just annoying.

I haven't tried it: it's resource consuming, so it takes an expensive VPS, one way or another it's a lot more work than using an existing explorer, and in the end my webhost could still access everything if they want.

How cool would it be: explorer.loyce.club But it takes more resources than my current posts archive, and to me it's not worth the cost of a powerful VPS (or VDS).

Would it be better or worse for privacy to only connect to a certain node? Pro: you know it's probably not a 3-letter agency. Con: you don't get to hide parts of your transactions by using random servers.

They are referring to Electrum servers.

I would probably just run it either over clear-net or through Tor but not both because then the privacy benefits would be diminished. Running it through Tor should probably benefit you primarily through eliminating the risk of your ISP having MITM through your traffic. It wouldn't be so much as to the analysis through the nodes that you're connected to, though Tor does still provide certain degree of protection from that.
Linking addresses probably isn't ideal. Using a separate Tor identity for every single one of your addresses and transactions would be advisable.

@DireWolfM14, your ElectrumX server looks okay to me, and since you only connect to that using your own Electrum clients, then you are not leaking any info to anyone else (unless someone is watching both you and the server, which is unlikely)

I am thinking that Bitcoin Core full nodes work best when connected to clear-net, but there are a few who use it "selfishly" and just don't have as many incoming connections or run it over tor, the performance impact would be negligible for most normal purposes of using the node and wallets.

If you really want it as private as possible, run everything over tor. Any transactions you are waiting for might take an extra second or two to appear, and any transactions you broadcast might take an extra second or two to propagate.

I've been running a regular Bitcoin Core full node over clear-net for the past many years, but I don't use it as a wallet anymore. I'm on a home connection so sometimes the ISP changes my dynamic ip address and my peer-connection count drops from 100 to 10 every now and then.

I'm sorry for being a dunce, but I was born that way and have been trying to rectify it ever since.

What is an "Electrum Node" and how do I get one?

---

This is the kind of report that makes conspiracy theories flourish: Block explorers as honeypots; wallet clients as possible honeypots;  SPV servers as possible honeypots.  Bitcoin does offer some level of privacy, but I don't believe that was highly prioritized function of the concept.  Even if it was, governments and their taxing agencies will think of it as a war to be waged.  The more financial privacy we have the less secure they're grasp on power.  Any efforts we make to bolster our privacy will only lead to more of their resources being spent on thwarting those efforts.  It's a war that will likely never end.

---

This discussion has made me a bit uneasy about my privacy, would someone be so kind as to grade the privacy of my set up:

I have an Ubuntu server running a full Bitcoin Core node and ElectrumX server.  Both core and electrumx are connected through clear-net and tor, and open to the world.  I connect all my electrum clients to my own server.  How secure and private is this configuration?

---

One of the important things I've learned from this thread is that I'm still being somewhat insecure by using third party blockchain explorers, and I have not been using VPN or tor when doing so.  I'll have to fix those habits, but also, I think I'll learn about mempool.space and possibly set it up on a VPS.

Given the amount of other people's transactions I've queried on various block explorers from hanging out in the Tech support and Beginners board... ChainAnalysis probably thinks I own more BTC than Satoshi Nakamoto

Seriously tho... I'm loving my little Raspberry Pi full node setup with a block explorer and electrum server running on it.

Electrum is not designed for privacy, it is just a Bitcoin wallet. If you are aware of the privacy trade-offs for Electrum, then there is nothing wrong with using it. At no point in time did people think that their privacy is preserved simply by using Electrum alone.

If you really care about privacy, you wouldn't use Electrum in the first place. Samourai and Wasabi wallet both offers far superior privacy as compared to Electrum and are SPV wallets as well.

I have also stopped running my full node after it caused my web server to frequently run out of memory.


Why? Just because Chainalysis is running a bunch of Electrum nodes? I think that's going a bit too overboard, especially considering that there is no replacement for it.


Or they can just forsake the domain name altogether and just display an IP address.

You should be careful with this. electrum.aantonop.com and electrum.jochen-hoenicke.de both belong to the respective person since they are hosted at their personal sites, but you have no way of knowing that Jochen Hoenicke isn't sharing data with third parties. Also, anyone (such as the NSA) could spin up a similar looking server, such as electrum.a-anton.com to trick people in to thinking it is trustworthy.

Even using Tor does not necessarily give you privacy in this scenario. The Electrum servers you connect to will still be able to link all the addresses in your wallet to each other, even if they cannot see your real IP address. If you open more than one wallet without changing Tor circuit, then again, those wallets (and all the addresses within each one) can be easily linked too.

Electrum (the wallet) still needs to connect to a compatible Electrum server. There are a few now, even a "Personal Server" which can be pruned, but only your own wallet can connect to it (and only one wallet app at a time, so if you try with a desktop app AND a mobile app on a phone or tablet, one of them will not work.)

The one I am considering is Fulcrum. I've seen that from my desktop app that I keep as watch-only for a bunch of different wallets and even empty ones.

https://github.com/cculianu/Fulcrum/releases

Sometimes I'd manually pick the electrum server, they have interesting names. I think there is an aantonop server. Looks like it belongs to Andreas. There's also Johoe's server (where we sometimes look at graphs for bitcoin mempool statistics.)


Care to share your node? Is it running from home or is it running from some VPS / hosted?



Nah, this is just a reminder to be careful. You can still use Electrum, just be aware that your privacy is not safe if you don't use tor/vpn or your own server.

It'll be difficult to make Electrum more privacy focused, mainly because Electrum send list of address to a server at once. It means you need to update Electrum protocol or implement BIP 157/158 instead.

For those who value their privacy, but with limited resource, they better use Wasabi Wallet which use BIP 157 and Tor by default.

And/or run/use your own full node. But embrassing to admit, I haven’t been running my node everyday for a few months since the pandemic started. I run it only when I make a transaction from that wallet, or when it needs syncing.

Is it time to stop, and discourage use of Electrum?

You kind of need an electrum node for mobile wallets / lightweight wallets on your phone / tablet / netbook anything that where even running a pruned node is not viable.
Even if you have a powerhouse laptop that can handle everything without stress if you go on vacation how is the Wi-Fi / Internet in general at the hotel? Do you want to have to sit for 2 hours while you get the blocks you missed while getting there because of crap bandwidth?


More or less yes. You either do it yourself or have 0 idea what is being done with the data.
I have an open electrum node for people to use. Am I more or less trustworthy then some random public node? I know I am, or would at least like to think I am.
You don't know that.

-Dave

Or even better option is to run your own block explorer, for example Mempool.space is open source, it can be self-hosted and it looks amazing.
If you don't like mempool.space there are other alternatives like BTC RPC Explorer with Bitcoin Core, and few others.
Installation instructions for mempool.space can be found on their github page:
https://github.com/mempool/mempool

How many of you actually tried to run your own explorer?
With the way how world is going right now, I think we are soon going to have to host everything on our own.

True, but the majority of people don't do this, and people who do maybe only check two or three random transactions which doesn't muddy the waters enough to be useful. The issue is also not only which transactions you check, but how you check them. Looking up some random transactions or addresses is one thing, but a lot of people use block explorers to check their own transactions until it gets its first confirmation. If you've searched for 50 transactions, and 49 of them you only loaded once, but 1 of them you refreshed the page 20 times, then that's a dead giveaway as well.

Either that, or people de-anonymizing themselves in ways which are unrelated to the Monero protocol, such as (as above) putting their hash and view key in to a blockchain explorer website or doing all their transactions via a honeypot node without using Tor.

I think that if one checks many more transactions than only his own on block explorers, this lesson/rule may no longer be that important.



I think that the Monero parts is a huge overstatement from them. I think that on the best case they can follow transactions that comply certain strict rules (for example very big transactions with small mixin).



Very good point! I was studying yesterday the options for having my own Electrum server and I just noticed that it cannot be done with pruned full node. And then, whatever I do, the full node is already all I need. And lately Bitcoin Core also accepts HW, which is something I surely have to try out.

It has always been a well known fact that when you are using SPV clients you are sacrificing privacy (and in some cases security) for convenience. We always knew that not just chain-analyzers but also government agents are running SPV nodes. I wouldn't be surprised that some of these shady closed source wallets were created by them too.

It is not a secret when it is well known. Walletexplorer is like their "free trial" for their "premium service".

I'm sorry but that's silly. If you can run your own Electrum node then why not just run a simple full node. The full node needs less resources too!

And I know some people probably want me to shut up about them by now, but you don't even need to know anything about linux / programming / tech because all of the node in a box appliances that I keep talking about have some form of a block explorer built in or with a 1 click install.
raspiblitz / mynodebtc / umbrel

Take your pick and do it yourself.

-Dave

Lesson one is to run your own node.
Lesson two is to not look up your own transactions on block explorers.
Lesson three is to do everything over Tor.

If you really need a block explorer, then you can run your own instance of mempool.space. All the code is open source, and they even give you instructions: https://github.com/mempool/mempool

I'm not sure I believe their statements regarding Monero until I see evidence to back it up. Of course Chainalysis will claim they've been able to provide some "meaningful leads" (which could mean almost anything) on Monero transactions, because that's what they want the US government to believe so that they will keep giving them expensive contracts.

I remember some conversation abut that when it popped up like 4 or 5 years ago. And some people were upset because they ran a bunch of queries for firstbits there and were freaking out that 'the man' now has their information. 

As for the Electrum nodes. The more you want privacy the more work you have to put into it, by running your own nodes & servers. The issue is that too many people do not know how, and of those that do know how to do it, many do not want to be bothered.

Not saying that we should throw our hands up and do nothing, just dealing with the reality of it all.

-Dave

What a perfect time to purpose the new 64GB RAM server I rented recently with RAID0 SSDs as an electrum node! (Of course, it's supposed to be running other things, but Electrum nodes are dead cheap to host).

I'm not sure one node is going to be enough though - maybe I'll run nodes on my reverse proxies as well.


Is it really a surprise though? The walletexplorer creator works for Chainalysys. It even says so on the main site.