sajolida, “Right, that's what I understood as well. The proper solution for this problem would then be to have a bunch of Electrum servers running behind hidden services and included in the default pool.”
“But I've not seen that topic raised on the Electrum bug tracker. Minoru, do you know if it is already technically possible to add .onion addresses to the pool of server? If so, then I'm sure we can find volunteers to run them.” Sorry, you have to figure that out on your own. All I know is that you can connect to Electrum servers by a hidden service with the command: electrum -s 56ckl5obj37gypcu.onion:50001:t -p socks5:localhost:9050 For my documentation, I already explained the concept of a double-spending attack to you. In the case of the Electrum DoS attack, the double-spend would be a 0 confirmation transaction. The solution is to wait for block confirmations to make sure that you actually have the money. Remember: “An SPV node cannot be persuaded that a transaction exists in a block when the transaction does not in fact exist. The SPV node establishes the existence of a transaction in a block by requesting a merkle path proof and by validating the proof of work in the chain of blocks.” In the case that the server withholds all blocks and transactions from the client, Electrum is essentially offline without the user knowing it. However, Electrum can function in an offline environment. In fact, many recommend to manage high value wallets in an offline environment for extra security. Electrum can check the balance and broadcast transactions from another client that is connected through a different channel. The other client would not have to be secure because it only contains the master public key and already signed transactions. The worst that could happen is a violation of privacy. Electrum trusts a single server to inform the client about transactions which makes the user vulnerable to DoS. Yes, our best option would be to offer a filtered list of a couple of servers that that can be accessed by a Tor hidden service and are run by people that we trust. Do you think that you know some people that could do this? This website details how to tun an Electrum server except without the details of how to setup a Tor hidden service: https://github.com/spesmilo/electrum-server/blob/master/HOWTO.md On Sat, 28 Feb 2015 21:35:16 +0000 Minoru <[email protected]> wrote: > sajolida, > > Yes, this attack is not targeted. I think that I have provided enough > information about the attack, so now we need to work towards a > solution. Currently, I do not think that there a simple solution for > all users. I wanted to write documentation so that users who were > concerned could execute some solutions. I proposed writing the > documentation for Tails because this attack is specific to Tails. > Electrum would not want it on their website because it effects so few > of their users and they do not host very much documentation anyway. > You still have not told me what you think of the three sections of > documentation that I proposed writing. I wanted your approval before I > started working on it to meet the 1.3.1 release. > > > On Mon, 23 Feb 2015 23:31:06 +0000 > Minoru <[email protected]> wrote: > > > sajolida, > > > > I agree with your changes so far. The reason for the specific > > explanation is that Electrum over Tor is extremely vulnerable to > > attack. If you read the article > > http://arxiv.org/pdf/1410.6079v2.pdf it only takes 2500 USD and > > publicly available information to have complete control over which > > Bitcoin blocks and transactions users are aware of. Would you still > > be interested in the additional documentation that I proposed? I > > wanted to add three subsections to the Electrum documentation > > focused on Tor DoS on SPV: 1. Explain block confirmations > > (temporary fix for Electrum displaying money that you actually do > > not have) 2. Explain watching-only wallets (temporary fix for > > Electrum not displaying money that you actually do have) > > 3. Explain a possible long term solution to this problem by using > > trusted Electrum servers accessed by a Tor hidden service (I might > > remove this point because I'm not sure if it is currently possible > > execute this solution since not many .onion Electrum servers exist > > and it is difficult to trust centralized services) > > I understand that you want to keep the documentation short and easy > > to understand, but Electrum over Tor using SPV has a serious > > vulnerability that needs a little more documentation to help users > > avoid the negative effects of DoS. > > > > Cheers, > > Minoru _______________________________________________ Tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to [email protected].
