Topic: Electrum freaked me out for the first time ever.... (Read 283 times)

Your post reminds me of another incident where some public transport is charging extra fees for the help of Ukraine. Right now I do not have the images with me but I saw that somewhere on social media. Could be legit or fake but the point is a service or product could do these types of promotional activities in favor of one side when there could be users from both sides. Why force someone to pay money or use it as marketing materials for someone's struggle!

This is going to sound weird or maybe insensitive, but as of this moment I have almost no opinion about what's going on between Russia and Ukraine, and the two reasons for that are that 1) I don't watch much news on the matter, and 2) What news I have watched seems to have censored anyone representing Russia's side of the story, so I'm left wondering why the media is controlling what we're allowed to know about the conflict.  Fox News was live broadcasting some big Russian politician speaking, and as he started being inflammatory they just cut to a commercial break.

All of that aside, even if I had a militant position in supporting Ukraine I still wouldn't put any political message inside a wallet (or a crypto mining program).  Crypto is for everyone in the world--and should be--so any crypto devs that want to alienate a group of people are going against what crypto is all about.  Why not have a  "We hate fucking child molesters" pop-up in the bitcoin core wallet?  It's the same principle.

You mean like malware?  Electrum is open source if I'm not mistaken, though I sure as hell wouldn't be able to verify that something funky hadn't been inserted into the code.

I completely agree that such surprises shouldn't happen.
Despite the fact that I support helping Ukraine in this difficult time, private and political matters should be kept separate from software, especially as it is about decentralization.
I understand what led these people, but this type of campaign should definitely be organized in a different way.

On the other hand, I wonder what other surprises they could have left in this wallet ..

Tell me about it.  The explanation is here, and man...it just goes to show you that personal feelings/politics sometimes can't be kept separate from aspects of life where they shouldn't be a factor.  Believe me, I have a lot of sympathy for the person(s) who decided to put that message into the Electrum Dash wallet (and the one that's currently still in the Verthash OCM miner), and I'm not judging the people who do stuff like that, just the actions themselves.

I don't need to download the wallet right now.  I have a seed, but there aren't any coins in the wallet--but I definitely wanted to know how to handle a situation like this.  I always kinda/sorta understood that if there's no software to input the private key into, that key is useless until new software comes along, but I wasn't sure if there was some conversion method, i.e., seed phrase-->some other form of private key, or another way to access funds if all you had was the seed words.

Yeah, something like that.  Also, I agree with pretty much everything else you wrote in your post.

I'm not discrediting your concern, but wait until you know there is an application dependency that were deleting all files if the user using Russia/Belarus IP and creating an anti-war protest text file on the user's desktop.

Broadly, this is related:


An explanation that is worth reading about the above image: https://www.explainxkcd.com/wiki/index.php/2347:_Dependency. As of now, I see that the site is unreachable, here is the Google cached page.

---

I would be wary even if there is any forked Dash Electrum app.

I don't know much about Dash ecosystem, but some idea for you is to manually import the address private key to Dash Core. Use a tool like https://iancoleman.io/bip39/ to derive the seed phrase. And beforehand, make sure you do it offline and in a secure manner.

Especially regarding the OP issue, I believe that there is no sensible reason for the act. Nevertheless, the man behind the desk can't be separated, to maintain some wallet or any software while witnessing the horrifying things that directly happened to them or affected their loved one, will likely make them hopeless.

The issue I raised in the first place is another example, the creator of a software dependency that is being used by a lot of projects decided to make that software do wild things. He injects a malicious code that will delete all the files if the user came from Russia or Belarus IP[1]. That code has been removed now. But as of now, anyone/any project who still uses that software dependency will have the protest message on their desktop![2] I also posted the concern on here since I see that Umbrel applications were containing that depedency.

Completely out of mind, IMO. But that's that.

[1] https://security.snyk.io/vuln/SNYK-JS-NODEIPC-2426370
[2] https://security.snyk.io/vuln/SNYK-JS-PEACENOTWAR-2426724

---

You may want to check it out yourself. The referred application itself is non-existent.

Putting such a message on the crypto wallet is ...at least strange, whatever the situation is. Leaving the community without a downloadable wallet core is something else.

Anyway, how understandable it may be, taking sides utilizing the wallet app splashing politically sided messages against users' faces is somewhat against all principles of why I've been playing with cryptos, trustless, neutrality, permissionless, privacy, etc. The only such message that fits is the message asking for donations for the dev team for maintaining the app or just to thank them for the effort in creating the app.

you are right this topic deserve some attention, because we talk so much about neutrality, permissionless etc etc of payments in the crypto sector and certain messages do not make sense in certain contexts.
In my opinion at least should not been added in a software.

even more strange and quite sad if not really "disturbing" that they have removed the possibility of downloading their software without additional explanations ...
from the seed you can get the individual private keys but ... you must have the software to perform this operation ... bad move on their part.

Are you still looking for a Dash Electrum wallet? Or have you installed one already? Let me know what OS you are using; I will try to find out if there are any Dash Electrum wallets available. Google search results redirect me to Dash's Official website: https://support.dash.org/en/support/solutions/articles/26000030038-installing-dash-electrum. You may check this out.


Well, I do not support war at all. In my opinion, Crypto services should be neutral on this matter, especially when you are doing international business in the crypto world. Crypto people have already shown their generosity by donating Millions of dollars. But, Do you really expect such messages from a Crypto wallet service? If you really want to help your country, Why not spend money on ads or create a separate campaign?

Suppose you are a police officer,
Two people fought, and both asked for help. One of them is your enemy, and one is your friend. What would you do in this case? Do you believe you should help your friend? You cannot because you are a police officer, and you should be neutral. You have to judge them according to the law.

When it comes to international services (especially crypto services), You shouldn't take a side even if they are your enemy.

BTW, Do you know Google Suspends Play store billing, Youtube Payments in Russia?

Bumping this thread because I just learned that there's no more Dash Electrum wallet, and it was even a pain in the ass figuring out why it just disappeared.  I searched Duckduckgo, and there was nothing, so I switched to Google (with tentative fingers) and saw some Reddit members chatting about the situation.  It seems like members here are silent, because I did a search and came up with zippo.

So what if you've got a Dash Electrum seed phrase but don't have the wallet anymore or the installer for it?  Right now it looks like there are no sites that let you download the software (and I'm not sure I'd be comfortable doing that anyway).  As far as I know, you can't import a seed phrase into Dash Core.

Oh, by the way--I knew I wouldn't be the only one who found the insertion of political messages into crypto wallets to be concerning.  I'm surprised nobody here even gave enough of a shit to even comment on it.  With all the absolute shit threads in this section, when no one wants to discuss a pretty novel topic when it's brought up, that says a lot.

In case nobody cared enough to click on that pic I tried to upload earlier, here it is again.  It's from the Verthash OCM program:

To me, this is just another example where politics should be kept separate.

Yes I understand what you mean. Russia invasion of Ukraine has won alot of people to Ukraine and sentiments are just thrown at the world without caution to the point that even the world football governing body FIFA has openly taken side in this war against Russia. The wallet app open support for Ukraine will of course make it lose patronage from Putin's supporters or those who do not see anything strange with what Putin and Russia are doing in Ukraine.

Because the size of the image in the link you shared is 2.9 MB. The maximum limit is 2.5 MB anything more than that and the "invalid image" error. So you are going to have to compress the image. (Here is the compressed version - (https://i.imgur.com/mGK7urO.png)

Oh, while we're on the subject:



LOL.

Hey....why isn't a typical imgur image loading?  I just did the same thing I always did when linking to images.  Anyway, the pic is this: https://imgur.com/FlOhist

This is a very difficult one... Those guys are the maintainers of the repository (i assume), so they can edit the code any way they want to... If you don't agree, you have the option of forking their code, removing the message and providing the community with a "message free" electrum version.

Wether or not this message is in bad taste is debatable... I, for one, don't agree with the russian invasion, and i wouldn't mind such a message. It's a slipperly slope to say the least: it's a discussion of what an open source dev is allowed to show on a piece of software he/she maintains for free: would a button to donate to the WWF be acceptable? Or maybe a change in the colour scheme (in this case, maybe yellow and blue?). But yeah, i personally don't think i'd add such a message on a piece of software i was maintaining... Eventough i hope i'm not going to be in a situation where this choice is a matter of life or death for me.

In the end, it might boil down to wether or not the licence in which this electrum fork was distributed allows such messages... If it does allow such a message, you can always fork the project yourself if it really bothers you.

Now, don't get me wrong... I agree with you that showing such a message can freak you out... It makes it rather obvious that dev's are always able to put whatever (political) message they want into the tool they're maintaining. That being said, electrum nodes have always had the option of showing a message in the console and adding a donation address. Electrum used to have an option to send messages, and devs have always had the opportunity to add whatever they felt like to the code... I guess what freaks you out is the fact that this time it was a political message... I doubt anybody would care if the message was "save the rainforest" or "donate to greenpiece"?

Thanks for finding the correct Git.
Interestingly Google sent me to electrum[dot]dash[dot]org which shows different Git page, probably old/obsolete.
I've removed my incorrect post.


Not linking (and avoiding) those who are shouting to your face asking for money, no matter it the cause is good or not, no matter if they're for real from the war or faking that is not related to one's (political) views.
I can guess that people are desperate, but this is pretty much extreme and I agree with your conclusion.

I understand what you mean and I'm also not saying I agree nor disagree with this attitude. I'm just providing some context for what they may have in their mind in favor of putting that message. Being in the middle of a war and having literal missiles potentially hitting your home and killing the ones you love may be enough to justify throwing the whole 'crypto is neutral' idea out of the window.

My rebuttal to that would be that including a political pop-up message into wallet software goes against everything cryptocurrency stands for.  And by that I mean that crypto is meant to be a form of money that transcends governments and banks and political bullshit.  Injecting an extremely one-sided message into a software wallet's code is basically telling you what you should think, i.e., what side you should be on--just like the media does and has always done.

By the way, what I just wrote does not mean I support Putin.  But if I did, I might really hate that message and might not want to use what's otherwise an excellent wallet, a wallet that should be for people of all sorts of political persuasions.  Know what I mean?

Edit: Just an FYI to TryNinja that I was replying to stadus's post above, and I probably should have quoted part of his post to indicate that.  Oops.

The message says the team lives on Ukraine, so they are literally in the middle of a war and being directly affected by it. That probably matters more to then than being neutral for the sake of launching 'neutral software'.

And the message is hard coded, so it doesn't come from a third party server and can't really be exploited to show a phishing/fake message, etc...

https://github.com/akhavr/electrum-dash/commit/92b31b7958e75bc2791218c42073981e960ab240
https://github.com/akhavr/electrum-dash/commit/bf21390918550beac3b9c20f0de53b432a593be2
https://github.com/akhavr/electrum-dash/blob/bf21390918550beac3b9c20f0de53b432a593be2/electrum_dash/gui/qt/main_window.py#L720

Maybe because they badly need help that donation is a big thing for them to survive. As the message prompt " they live in Ukraine", so if that is true, then they are in danger and they don't know if they can still open their eyes tomorrow.

Let's just investigate first, it doesn't look good but like I said when you are in a country that is currently being attacked by another country, survival is your main priority and sometimes you don't think straight.

I had to download the Dash Electrum wallet today to retrieve some dust Duffs from an old wallet, and upon installing it I was greeted with a pop-up that said:


I don't know about anybody else, but having politically-charged messages jump out at me when I load a software wallet gives me the creeps--big time.  Maybe it's because I'm completely ignorant about coding and how things like wallet creation happens behind the scenes, but it very much reminds me of web wallets and makes me wonder about who's got control over whether some message appears when I open a desktop wallet.

And why in the world would a wallet creator think it was a good idea to do something like this?