Author

Topic: Security guide for web wallet protection (Read 108 times)

hero member
Activity: 938
Merit: 605
Leading Crypto Sports Betting & Casino Platform
January 04, 2023, 03:27:28 AM
#3
Am ain't sure if there's any conventional best way on how to protect a web wallet, it all depends on how your owner specifically choose amidst many ways on doing so.
Anyways, here's a recomended tip on how you can connect your electrum wallet to your own full node securely.
https://github.com/chris-belcher/electrum-personal-server


I hope it meets your expectation.
hero member
Activity: 882
Merit: 5834
not your keys, not your coins!
December 30, 2022, 06:27:51 PM
#2
You can run your Electrum server without any funds on it; therefore not making it a 'web wallet', and dramatically reducing its risk profile.
That's what I'd recommend: run your Bitcoin node with Electrum server software on it somewhere and connect your SPV wallet to it through Tor.

Keep your keys on the machine running the SPV wallet, which by the mere fact of not being a server, not being online all the time and having fewer open ports and a more restrictive firewall, will be more secure.
Since this is not a server, it will also be easy to actually keep keys off that device, too and using a hardware wallet with the keys on it instead.

In that setup, the secure computer will construct a PSBT, get it signed fully offline by the hardware wallet, then send the PSBT to the semi-secure Electrum server which finally broadcasts it to the Bitcoin network.
newbie
Activity: 17
Merit: 0
December 30, 2022, 04:40:16 PM
#1
Are there any security guides, papers, etc. on how to protect a web wallet (Electrum server)? Search on the forum returns info on general setup, but not specifically on more or less detailed protection tips against bad actors.

Jump to: