Author

Topic: Electrum Wallet Backup (Read 143 times)

legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
April 07, 2021, 06:56:09 AM
#10
Interesting but I can't find it in the source code. I could only trace encryption back to the pw_encode() method that does what I said above and it seems to only get private keys (eg. an imported key or when it reads the key from wallet to sign a message). Can't find where the wallet file itself is being encrypted though.
This script outlines the process it takes to check for the version and the keys used for decryption;  HW wallet's xpubs or the user's password[1].

[1] https://github.com/spesmilo/electrum/blob/d86138a1a5a144b5adc32ef8bd1ff7afd860927d/electrum/storage.py#L118
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
April 07, 2021, 01:17:23 AM
#9
- does the wallet-backup of Electrum contain the seed too?

If you are asking this because you're thinking that you don't have to back up the seed phrase if you have a copy of the wallet file and the password, then please reconsider this.

When you created the wallet, you should have already devised a backup strategy for storing the seed phrase so you don't lose it.

From a data recovery point of view, inside the wallet file is not a safe place to leave the seed in by itself because there are so many ways for a wallet file to get corrupted.
legendary
Activity: 3472
Merit: 10611
April 07, 2021, 12:50:44 AM
#8
That code is for encrypting and decrypting messages using ECIES which uses a smaller size AES (128 version) and has nothing to do with wallet file encryption.

The wallet file is actually encrypted using AES-256 and the double SHA256 hash of the password that the user enters. The code is found here: https://github.com/spesmilo/electrum/blob/22e6fe09c17724cd75763306470fa46a7bb7c4e8/electrum/crypto.py#L110-L125
Electrum encrypts the private keys and seeds differently from the wallet file. The seeds and private keys are encrypted with AES-256-CBC but the wallet file uses ECIES which allows it to be written and encrypted without the need for the passphrase to be entered again.

https://github.com/spesmilo/electrum/blob/1b763b4a3c6a456c6b944c7cd7493a7ec1a54a12/RELEASE-NOTES#L841
Interesting but I can't find it in the source code. I could only trace encryption back to the pw_encode() method that does what I said above and it seems to only get private keys (eg. an imported key or when it reads the key from wallet to sign a message). Can't find where the wallet file itself is being encrypted though.
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
April 07, 2021, 12:25:12 AM
#7
That code is for encrypting and decrypting messages using ECIES which uses a smaller size AES (128 version) and has nothing to do with wallet file encryption.

The wallet file is actually encrypted using AES-256 and the double SHA256 hash of the password that the user enters. The code is found here: https://github.com/spesmilo/electrum/blob/22e6fe09c17724cd75763306470fa46a7bb7c4e8/electrum/crypto.py#L110-L125
Electrum encrypts the private keys and seeds differently from the wallet file. The seeds and private keys are encrypted with AES-256-CBC but the wallet file uses ECIES which allows it to be written and encrypted without the need for the passphrase to be entered again.

https://github.com/spesmilo/electrum/blob/1b763b4a3c6a456c6b944c7cd7493a7ec1a54a12/RELEASE-NOTES#L841
legendary
Activity: 3472
Merit: 10611
April 06, 2021, 11:15:31 PM
#6
That code is for encrypting and decrypting messages using ECIES which uses a smaller size AES (128 version) and has nothing to do with wallet file encryption.

The wallet file is actually encrypted using AES-256 and the double SHA256 hash of the password that the user enters. The code is found here: https://github.com/spesmilo/electrum/blob/22e6fe09c17724cd75763306470fa46a7bb7c4e8/electrum/crypto.py#L110-L125
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
April 06, 2021, 10:47:21 AM
#5
does Electrum use strong encryption for it's wallet backups?
Key derivation used is PBKDF2 and it is salted, IIRC so no rainbow tables. There isn't any real risks with moderately strong password. However, as with all backups, if someone gets his hands on it, then it'll definitely be less secure than it should be. Use a strong and unpredictable password and keep it safe. While backing up the seed will eliminate any electronic failure affecting the backup, it'll be better to have both if you also value your TX descriptions, labels and your LN channels.
legendary
Activity: 2268
Merit: 18771
April 06, 2021, 10:17:43 AM
#4
Electrum uses AES-128-CBC with ECIES to encrypt its wallet files, provided you have set a wallet password as TryNinja has said. Provided you have picked a long and complex password, then your wallet files should remain secure against brute force attacks. However, none of that is a reason to not write down your seed phrase on paper.

You can see the relevant code here: https://github.com/spesmilo/electrum/blob/94774c6ad22916026b7183736960abe2f33e3142/electrum/ecc.py#L316-L331
legendary
Activity: 2464
Merit: 3878
Hire Bitcointalk Camp. Manager @ r7promotions.com
April 06, 2021, 10:11:45 AM
#3
- does the wallet-backup of Electrum contain the seed too?
It's safer if you write down the seed manually to somewhere secure place. Keep the same sequence.
legendary
Activity: 2758
Merit: 6830
April 06, 2021, 10:04:35 AM
#2
- does the wallet-backup of Electrum contain the seed too?
Yes.

- does Electrum use strong encryption for it's wallet backups?
Only if you add a password to your wallet and select the "encrypt wallet file" checkbox.
member
Activity: 82
Merit: 33
April 06, 2021, 09:56:17 AM
#1
Hello Forum


- does the wallet-backup of Electrum contain the seed too?

- does Electrum use strong encryption for it's wallet backups?
 

Thanks!

Joe
Jump to: