Author

Topic: Verifying ElectrumG? (Read 100 times)

legendary
Activity: 1512
Merit: 7340
Farewell, Leo
February 28, 2022, 08:21:31 AM
#8
Well if you want to claim your bitcoin gold and just be done with it, you have to use either this wallet or coinomi it seems.
There are definitely alternatives to Coinomi.

When you say you wouldn't use it unless you converted all your forkcoins to bitcoin.  What exactly do you mean by this?  You mean once converted, you immediately convert that BCH, BSV, BTG etc to btc immediately?
Yes. The moment I recover my fork coins, that very moment I'll express my disagreement of the fork's existence by converting them to Bitcoin.

But what would be the negative of claiming it and not converting it?
You may don't feel safe with it for one reason or another.

I mean there is no harm in claiming bitcoin gold and just sending it to nano ledger and holding it there right?
Security-wise? No.
full member
Activity: 1750
Merit: 186
February 27, 2022, 07:17:24 PM
#7
Well if you want to claim your bitcoin gold and just be done with it, you have to use either this wallet or coinomi it seems. 


When you say you wouldn't use it unless you converted all your forkcoins to bitcoin.  What exactly do you mean by this?  You mean once converted, you immediately convert that BCH, BSV, BTG etc to btc immediately?  For me I only claimed BCH and sent it to my hardware wallet.  But I still need to claim BSV and BTG.  I don't mind claiming it and then keeping it in a wallet.  But I also don't mind selling it after claiming it.  But what would be the negative of claiming it and not converting it?  I mean there is no harm in claiming bitcoin gold and just sending it to nano ledger and holding it there right?  Is it bad that I don't really mind what are the intentions of those people who created those forks for their own benefit?  I only want to claim it so i could either keep it in a wallet to store... or sell it for btc or usdt etc.


I use to see lot of people say use coinomi for bitcoin gold claim a while back but now recent posts seem to say avoid it etc. 


legendary
Activity: 1512
Merit: 7340
Farewell, Leo
February 27, 2022, 01:45:17 AM
#6
But you are still saying doing this is not for sure right because you don't know about the developer even though all those checksum and public keys check out?
These software wallets are resulted from work of people who want to make you use a fork of Bitcoin. They exist solely for their own benefit. I wouldn't use it unless I converted all of my fork coins to Bitcoin.

And some of them mention sweeping being a requirement with majority of people using coinomi.
The majority of the people also use Windows as their main OS, Google as their main search engine and Facebook as their main messenger. That doesn't mean they're safer. Don't use Coinomi as it's closed-source and has an unusually bad fame.
full member
Activity: 1750
Merit: 186
February 26, 2022, 05:27:39 PM
#5
Okay thanks for all that information.


Well electrumSV does seem legit to me. I don't see anything about it like its a fake wallet as long as you go on the real site.


I do see that signed checksum and the public key.  


But you are still saying doing this is not for sure right because you don't know about the developer even though all those checksum and public keys check out?


Well electrumSV on the website, it seems like that is the main btg wallet out there... which is why I ask this.  The only other one i heard about is coinomi but that requires you to sweep which I don't have a clue how to do this.  The thing that confuses me is how come I couldn't find many old post of people said... yea I claimed my bitcoin gold by just downloading electrumSV and typing in my electrum seed and that is it.  I only read few comments on this from looking at old posts which is a concern.  And some of them mention sweeping being a requirement with majority of people using coinomi.


The other thing is I don't know why people don't claim these forks assuming you moved your btc from the main address when the fork occurred.  I know many people say thats a shit coin etc... but if you are using another computer and not your main pc... is there any harm at all trying to claim that coin?  Thus like BSV and Bitcoin gold?  If you don't care about the coin, I don't see any harm in claiming the coin and immediately looking for an exchange to sell it... or if there is a wallet that stores it... send it there.  



legendary
Activity: 1512
Merit: 7340
Farewell, Leo
February 26, 2022, 09:28:08 AM
#4
How in the world do you verify electrumG?
1. Download the signed checksums: https://github.com/BTCGPU/electrum/releases/download/3.2.1/SHA256SUMS.asc
2. Search for a public key with fingerprint=0x38EE12EB597B4FC0: https://keyserver.ubuntu.com/pks/lookup?search=0x38EE12EB597B4FC0&fingerprint=on&op=index
3. Save the public key and import it on a PGP software (such as Kleopatra).
4. Rename the signature file to your executable as I've previously told you:
For instance, if it's electrum-4.1.5-setup.exe, make sure it's electrum-4.1.5-setup.exe.asc.
5. Open the signature file with the PGP software. In Kleopatra it'll verify it automatically.



This is very important:
You are essentially trusting the developer you don't know and has no history to be honest.
I would never trust a person who promotes a fork of Bitcoin and has spent time to make it work. They're welcomed to my blacklist.
legendary
Activity: 2730
Merit: 7065
February 26, 2022, 03:55:41 AM
#3
@jerry0
To expand on what pooya87 said. If the verification fails, it means that the exe (installation file - the software) wasn't signed by the person who claims to have signed it. If the verification succeeds, all it means is that it was signed with the correct person's key. But that positive verification doesn't make the software trustworthy. You have to decide whether you want to trust that person and install the software he developed.

A malware-infected and fake software can be checked and verified if the signatures match. But that doesn't change the fact that the software is fake and malware-infected.   
legendary
Activity: 3472
Merit: 10611
February 26, 2022, 02:03:59 AM
#2
The verification process of Electrum or any of its copies or any other software for that matter like Linux ISO files is exactly the same:
1. Download the file (.exe, tar.gz, ISO,...)
2. Download the corresponding signature file of the file you downloaded in #1
3. Download the public key that was used to sign the file and make sure the public key is real and does belong to the developer.
4. Verify the signature.

The problem is that some software developers don't provide any signature, either due to laziness or lack of knowledge.
The other more serious problem is that even if you verify the signature, that still doesn't mean the software you downloaded (like ElectrumG) is safe and doesn't contain malware. You are essentially trusting the developer you don't know and has no history to be honest.

The only solution in cases like this is to download the source code yourself, and go through it all to see if it is doing anything shady. Or at the very least compare the code with the original one (Electrum fork <> Electrum) to only focus on the changes if you trust the original code. Then build it yourself.
full member
Activity: 1750
Merit: 186
February 26, 2022, 12:53:11 AM
#1
How in the world do you verify electrumG?  I am planning to download this in my other computer so I could claim my bitcoin gold.  I see mentioning of electrum verification.  There is even one on bitcoin Sv verification though I don't see any comments on this.


But there is none on electrumG?
Jump to: