Electrum 0.41 has support for remote wallets.
With this you can generate addresses on a website without leaving the private keys on the server.
This is possible because Electrum uses a "type 2" deterministic wallet;
this means that it is possible to generate new addresses without the wallet seed.
Electrum 0.41 includes two new files:
*remote_wallet.py : a script that is run on a remote server and can be queried with jsonrpc
*remote.php : An example in php. See it live here:
http://ecdsa.org/remote.phpHere is how to create and use a remote wallet:
On your local machine, create a new wallet, and create a neutralized copy (without seed):
$ ./electrum -w mywallet create
$ ./electrum -w mywallet seed | awk '{print $1}'> seedfile
$ cat mywallet | sed "s/`cat seedfile`//g" > neutralized_wallet
Copy the neutralized_wallet to your webserver.
On your webserver, edit the configuration variables in remote_wallet.py (username, password, wallet path).
Then, start the script:
$ nohup python remote_wallet.py > /var/log/remote_wallet.log &
On your local machine, start Electrum with the --remote option:
Your local wallet will be synchronized with the remote wallet.
If you visit remote.php on your server, you can create new adresses in the remote wallet.
Everytime a new address is created on the remote wallet, it will show up in the local wallet.
Note that the remote wallet does not need to be connected to an Electrum server.
All this script does is generate new addresses, and tell your local wallet how many it generated.