Bitcoin Forum>Bitcoin>Bitcoin Technical Support
Pages:
Author

Topic: Electrum Server Privacy Leaks - page 2. (Read 464 times)

mocacinno
legendary
Activity: 3346
Merit: 4911
https://merel.mobi => buy facemasks with BTC/LTC
Re: Electrum Server Privacy Leaks
August 01, 2022, 08:17:41 AM
#4
Quote from: ABCbits on August 01, 2022, 08:14:54 AM
--snip--
Also consider someone could fork those implementation to add log feature or perform log on different level (e.g. on networking level)
this ^^^ is a very important aspect... It's all open source software... It's not like a node operator is going to tell you they modified the sourcecode of their node software to log everything.
So, even if you know electrumx (or electrs, or....) and you have actually read the complete sourcecode and you're satisfied a default "electrumx" node cannot log anything you don't accept, you should still realise somebody could run a modified version of "electrumx".

On top of this, electrs needs a reverse proxy if you want to add tls, this is one more level where log files can be created.

Now, the fact does remain that private key(s) or seeds are not sent to the electrum node, so a node operator can harm your privacy, but he cannot steal your actual funds (unless there's an undiscovered bug).
ABCbits
legendary
Activity: 2842
Merit: 7333
Crypto Swap Exchange
Re: Electrum Server Privacy Leaks
August 01, 2022, 08:14:54 AM
#3
Quote from: Jason Brendon on August 01, 2022, 04:12:21 AM
Or, let me put it this way:
Is there a way that I can find out the public key information from whom is connecting to my electrum server?

I don't use electrs, but there's configuration to make electrs to log more information according to https://github.com/romanz/electrs/blob/v0.9.8/doc/upgrading.md#important-changes-from-versions-older-than-093.

Quote from: Jason Brendon on August 01, 2022, 04:12:21 AM
Or, perhaps it is electrs as one of the electrum implementations that I am using doesn't keep records or logs, whereas other implementations like EPS, or ElectrumX does keep logs?

Also consider someone could fork those implementation to add log feature or perform log on different level (e.g. on networking level)
DaveF
legendary
Activity: 3444
Merit: 6182
Crypto Swap Exchange
Re: Electrum Server Privacy Leaks
August 01, 2022, 07:13:57 AM
#2
I don't know electrs or how it is setup out of the box, but electrumx does allow for a fair amount of logging.
With electrumx I can see your IP, what addresses you are checking and if you send a TX I again know your IP and have the information about the TX.

That is what people are talking about. It does not send that information anywhere but you as the server operator can still see it.

I *think* electrs does the same. But I never looked.

-Dave
Jason Brendon
member
Activity: 133
Merit: 65
Re: Electrum Server Privacy Leaks
August 01, 2022, 04:12:21 AM
#1
Yes guys, oftentimes you hear people say connecting to someone else's electrum server will leak your public key information.
As I am running electrs as an electrum server implementation, I am asking you guys how public key leaks?
I mean, nothing is stored on my server(at least I didn't manage to find it).

Or, let me put it this way:
Is there a way that I can find out the public key information from whom is connecting to my electrum server?

Or, perhaps it is electrs as one of the electrum implementations that I am using doesn't keep records or logs, whereas other implementations like EPS, or ElectrumX does keep logs?



Pages:
Bitcoin Forum>Bitcoin>Bitcoin Technical Support
Jump to: