How difficult would it be for an Electrum server operator to go rogue?

linuxnewbie

member

Activity: 92

Merit: 10

Thanks!

So Electrum is as secure as a paper wallet?

btcven

hero member

Activity: 715

Merit: 500

Bitcoin Venezuela

Electrum also use SPV to check the information received from the server. You can always use random servers and switch them to check if you are receiveing your actual balance.

Stephen Gornick

legendary

Activity: 2506

Merit: 1010

Quote from: linuxnewbie on March 01, 2013, 02:00:13 PM

How difficult would it be for an Electrum server operator to go rogue and steal my BTC balance?

Your Electrum client holds the private keys, not the Electrum server. The transactions are signed by the local client, so they are never sent to any server.

What is a potential problem is that the server does inform the client of payment transactions received. So this would be a risk in the case where you are receiving bitcoins in exchange for cash. Your Electrum client says you received bitcoins, you hand over the cash, and only then when you try to spend those funds do you discover there was no actual payment.

A remedy could be to perform independent verification on all payments received (e.g., using Blockchain.info or other) before trusting those payment notifications. [Edit: If Electrum does SPV (thanks btcven for point that out) then this risk does not exist as I've described it. Perhaps someone can answer specifically as to how the client specifically is protected against a server that lies about payments received.]

Here's the Electrum Wiki page:
- http://en.bitcoin.it/wiki/Electrum

linuxnewbie

member

Activity: 92

Merit: 10

Hello.

How difficult would it be for an Electrum server operator to go rogue and steal my BTC balance?

Topic: How difficult would it be for an Electrum server operator to go rogue? (Read 651 times)