Author

Topic: Privacy implications of watching-only wallet setup (Read 195 times)

legendary
Activity: 3710
Merit: 1586
You can use core for offline signing if you use raw transactions. It's possible but not easy or even safe for most users. Not safe because if you make a mistake it could get very costly!
legendary
Activity: 3038
Merit: 2162
If you can afford the resource usage of Core you should be running Core.

Watch-only or not watch-only the privacy leak is the same.

How hard it would be to modify Core to turn it into a watch-only wallet that can create unsigned transactions and then broadcast signed transactions? Or run a private Electrum server and configure watch-only Electrum wallet to connect only to it? I can and do run Core, but I'm scared to sign transactions through the console.
legendary
Activity: 1666
Merit: 1196
STOP SNITCHIN'
If you can afford the resource usage of Core you should be running Core.

Watch-only or not watch-only the privacy leak is the same.

Yup, after thinking about it, this much is obvious. I've recently gotten access to an unlimited fiber connection, so I plan on running a Core node and setting up an Electrum server for my watching-only wallet setup. This way, I'll only be leaking my wallet details to my own server (I hope). I'm hoping that setting up a server is self-explanatory.

There's no way to use Core as an offline signing wallet is there?
legendary
Activity: 3710
Merit: 1586
If you can afford the resource usage of Core you should be running Core.

Watch-only or not watch-only the privacy leak is the same.
legendary
Activity: 1666
Merit: 1196
STOP SNITCHIN'
What are the privacy implications of syncing a watching-only wallet using a master public key?

I've always heard that Electrum had weak privacy due to the way it verifies transactions, but I never looked into the details. Does the wallet leak metadata that makes it easy to link addresses within the wallet? Is there any difference in this regard between using the desktop wallet normally and using a watching-only wallet?
Electrum desktop (or mobile) wallet connects to Electrum servers (at random) to relay information about the active addresses that you have in your wallet. They do the hard work of indexing all the addresses with funds, on the blockchain. The servers also know your IP (unless you are using a TOR Electrum Server explicitly - and there are some).  So, the normal servers do know which addresses (and amount of bitcoins in it) goes with which IP.  The servers also knows all the addresses that are part of the same IP. 

That is the extent of the information they know.   Nothing else to my knowledge.

Thanks. So essentially, any Electrum server that we randomly connect to can probably trivially link our wallet addresses together. They also know our IP address, but this can be mitigated with VPN, so I'm less concerned about that.

So in theory, blockchain analysis companies, the US government, etc. could be populating Electrum servers the same way they work to deanonymize the TOR network by populating exit nodes. It probably makes sense to separate holdings into different wallets if you want to avoid having all of your funds linked together.

I guess the solution would be to avoid randomly connecting to Electrum servers, and set up one of your own using a Core node. That destroys the bandwidth savings of running a lightweight node, though.
legendary
Activity: 1666
Merit: 1196
STOP SNITCHIN'
What are the privacy implications of syncing a watching-only wallet using a master public key?

I've always heard that Electrum had weak privacy due to the way it verifies transactions, but I never looked into the details. Does the wallet leak metadata that makes it easy to link addresses within the wallet? Is there any difference in this regard between using the desktop wallet normally and using a watching-only wallet?
Jump to: