Categories
Bitcoin

Paranoid questions about creating addresses

I want to create hundreds of addresses, but because I’m a little paranoid I don’t know how I will do it safely.

The following content was written by BlackHatCoiner on July 20, 2020, 02:35:46 PM in the thread Paranoid questions about creating addresses. All content is owned by the author of the bitcointalk.org post. (original)


I’m using electrum. I want to create hundreds of addresses, but because I’m a little paranoid I don’t know how I will do it safely. I have already generated addresses but I’m thinking for buying bitcoins on the long-term.

1) Why does verification of electrum proves electrum won’t generate private keys that may be already known? Like a hacker put them so he can steal the coins later. It doesn’t require internet connection. The private keys are simply not random. I know that it is open source, but I don’t get how with verification, I have to be 101% sure that I’m safe.

2) If they write the SHA256 of the exe on electrum.org and I test it that it has the same SHA256 result, I have the clear program right? No hackers could face that step?

3) Can I deside my randomness’ fate? Can I put the ones and zeros by myself somehow? Do you have any scripts on github so I can check the code?

4) Can I somehow generate thousands of different addresses on electrum? (And export them in csv). I see that it only generates 10-15 by default.

The following content was written by ranochigo on July 20, 2020, 02:58:15 PM in the thread Paranoid questions about creating addresses. All content is owned by the author of the bitcointalk.org post. (original)


1) Why does verification of electrum proves electrum won’t generate private keys that may be already known? Like a hacker put them so he can steal the coins later. It doesn’t require internet connection. The private keys are simply not random. I know that it is open source, but I don’t get how with verification, I have to be 101% sure that I’m safe.

It doesn’t. Verification of Electrum only ensures that the binaries are compiled and verified by ThomasV. You’re still trusting ThomasV and someone else unless you review the codes yourself. Vulnerabilities can be put intentionally or unintentionally.
2) If they write the SHA256 of the exe on electrum.org and I test it that it has the same SHA256 result, I have the clear program right? No hackers could face that step?

You’re still obtaining the SHA256 hash from the site and that is the point for MITM attacks to happen. PGP is better since you’re validating against an identity so you just have to make sure that the chain of trust is not compromised.
3) Can I deside my randomness’ fate? Can I put the ones and zeros by myself somehow? Do you have any scripts on github so I can check the code?

Not as far as I know of. Humans aren’t the best at generating entropy anyways.
4) Can I somehow generate thousands of different addresses on electrum? (And export them in csv). I see that it only generates 10-15 by default.
You can generate a large amount of addresses at once.

wallet.create_new_address(False) for i in range(X)

Or increase the gap limit.

The following content was written by BlackHatCoiner on July 20, 2020, 03:06:17 PM in the thread Paranoid questions about creating addresses. All content is owned by the author of the bitcointalk.org post. (original)


I don’t think that I should be that suspicious. We can trust ThomasV right? Have you ever heard any electrum incidents of stolen funds in cold storage?

The following content was written by PrimeNumber7 on July 20, 2020, 03:07:35 PM in the thread Paranoid questions about creating addresses. All content is owned by the author of the bitcointalk.org post. (original)


When you generate a seed in electrum, you are technically generating every address that will ever be used in your wallet. The private keys are calculated from your seed. So if you have two computers that are not connected to the internet, and create wallets with the same seed on both computers, both will “generate” the exact same addresses in the exact same order.

When generating a seed, you need to be sure that the seed is in fact random. As long as you are certain your computer can generate random numbers that are truly random, an authentic version of electrum should generate a random seed.

You can compile electrum yourself so you personally know what it is doing when generating a seed. Or you can generate a seed yourself.

You can set the gap limit in electrum to higher than the default for your electrum client to display more addresses.

The following content was written by HeRetiK on July 20, 2020, 03:19:19 PM in the thread Paranoid questions about creating addresses. All content is owned by the author of the bitcointalk.org post. (original)


3) Can I deside my randomness’ fate? Can I put the ones and zeros by myself somehow? Do you have any scripts on github so I can check the code?

You can add a custom extension word when creating a new wallet:
https://en.bitcoin.it/wiki/Seed_phrase

To do so, click “Options” on the screen where your wallet generation seed is displayed. Check “Extend this seed with custom words” in the prompt, and enter the extension word(s) of your choice. This way your private keys will be derived from the seed phrase as generated by Electrum plus the word(s) of your choice.

Important Warning:
Keep a backup of your extension word(s) as well. Unlike the encryption password, you won’t be able to recover your wallet from the generation seed without it (which also is kind of the point).

(be aware though that a compromised version of Electrum that would “fake” your seed could just as easily send your extension word(s) to its control server)

The following content was written by o_e_l_e_o on July 20, 2020, 08:04:56 PM in the thread Paranoid questions about creating addresses. All content is owned by the author of the bitcointalk.org post. (original)


We can trust ThomasV right?
Some people would say yes. Others would say that you shouldn’t trust anyone.

Have you ever heard any electrum incidents of stolen funds in cold storage?
Such incidents have always been due to user error – generated on an internet enabled machine, seed phrase stored insecurely, etc. – and not due to an Electrum error.

As ranochigo points out, unless you review the code yourself, you are going to have to trust someone, whether that is the developer or the community who are telling you it is safe. If you do not have the required knowledge to review the code yourself, then this is what I would do –

Download and verify Ian Coleman’s site
Download and verify Electrum
Run both on a permanently airgapped machine running a clean OS
Flip a coin 256 times and enter the entropy in to Ian Coleman. It will generate a seed phrase for you
Double check your coin flips against the BIP39 wordlist in groups of 11 to make sure the seed phrase generate matches your entropy
Enter the same seed phrase in Electrum
Check that the addresses provided by both Ian Coleman and Electrum match

This allows you to ensure the entropy is random, the seed phrase matches the entropy, and the addresses match the seed phrase, all without requiring any review of the code.

The following content was written by pooya87 on July 21, 2020, 04:10:58 AM in the thread Paranoid questions about creating addresses. All content is owned by the author of the bitcointalk.org post. (original)


We can trust ThomasV right?

no!
instead you go here (https://github.com/spesmilo/electrum) and make a local copy, look at the code line-by-line and finally compile it yourself on your own computer using your own compiler and use that instead.
that is the cost of being “paranoid”.
you can also compute the hash of what you’ve built and compare it with the hash of the binaries that were released by the developer since the Electrum builds are deterministic to make sure there is no monkey business…

The following content was written by BlackHatCoiner on July 21, 2020, 07:00:46 AM in the thread Paranoid questions about creating addresses. All content is owned by the author of the bitcointalk.org post. (original)


We can trust ThomasV right?

no!
instead you go here (https://github.com/spesmilo/electrum) and make a local copy, look at the code line-by-line and finally compile it yourself on your own computer using your own compiler and use that instead.
that is the cost of being “paranoid”.
you can also compute the hash of what you’ve built and compare it with the hash of the binaries that were released by the developer since the Electrum builds are deterministic to make sure there is no monkey business…

The cost of being paranoid is much bigger. So now I must trust visual studio for compiling me the source code?

The following content was written by pooya87 on July 21, 2020, 07:21:05 AM in the thread Paranoid questions about creating addresses. All content is owned by the author of the bitcointalk.org post. (original)


We can trust ThomasV right?

no!
instead you go here (https://github.com/spesmilo/electrum) and make a local copy, look at the code line-by-line and finally compile it yourself on your own computer using your own compiler and use that instead.
that is the cost of being “paranoid”.
you can also compute the hash of what you’ve built and compare it with the hash of the binaries that were released by the developer since the Electrum builds are deterministic to make sure there is no monkey business…

The cost of being paranoid is much bigger. So now I must trust visual studio for compiling me the source code?

you can also use open source compilers such as Visual Studio Code (https://github.com/microsoft/vscode) but at some point you have to trust something, for example your OS or your hardware. i wouldn’t call that paranoid anymore. at some point it starts being just crazy.

The following content was written by BlackHatCoiner on July 21, 2020, 07:31:41 AM in the thread Paranoid questions about creating addresses. All content is owned by the author of the bitcointalk.org post. (original)


Okay I think that will just verify electrum with kleopatra. No one had ever an incident with that. Then I’ll simply turn off internet connection forever and I will generate some thousands of addresses.

Thank you.

By Ali Sherief

Editor-in-chief and serial coder & blogger.