Actions

How-to: Use Electrum Bitcoin Wallet in Whonix ™

From Whonix

Electrum is a popular Bitcoin wallet. The non-official thin client Electrum appears to be well-designed. It does not need to download/verify the blockchain and users store their private keys locally, which eliminates the need to trust third-party severs. [1]

Install Electrum[edit]

Functional Version[edit]

Info Note: To mitigate the risk of a known exploit, Electrum versions older than v3.3 are prevented from connecting to public servers. [2] [3] This step was necessary to prevent user exposure to phishing messages. [4] If you have an Electrum version older than v3.3 installed, then it is necessary to upgrade.

While it is strongly recommended to install software from the Debian repositories, the latest available package is too old and will not connect to public servers. This means Debian's official package manager (APT) cannot be used to install a functional Electrum version.

The best option at present is to install Electrum from the official website. The following instructions provide steps to verify the AppImage, but keep in mind the risks involved with manual software installation. Always make every effort to follow Best Practices when installing software. [5]

Installation Steps[edit]

Note: The following instructions should be applied in Whonix-Workstation ™ (Qubes-Whonix ™: anon-whonix).

1. Open a terminal.

If you are using Qubes-Whonix ™, complete the following steps.

Qubes App Launcher (blue/grey "Q")Whonix-Workstation ™ AppVM (commonly named anon-whonix)Konsole

If you are using a graphical Whonix with KDE, run.

Start MenuApplicationsSystemKonsole

If you are using a graphical Whonix with XFCE, run.

Start MenuXfce Terminal

2. Import the gpg public key of Electrum developer Thomas Voegtlin.

gpg --recv-keys 6694D8DE7BE8EE5631BED9502BD5824B7F9470E6

When finished, the output should be similar to the following image.

Figure: gpg Key Importation

Electrum import gpg key.png

3. Verify the public key fingerprint.

gpg --fingerprint 6694D8DE7BE8EE5631BED9502BD5824B7F9470E6

In early-2019, the output is identical to the following image.

Figure: Fingerprint Verification

Electrum verify gpg fingerprint.png

4. Download the Electrum AppImage.

Note: At the time of writing, elecrtum-3.3.6 was the latest stable release. Before starting the Electrum download, browse to electrum.org/#download to verify the correct file path. Then download the file with scurl. [6]

scurl-download https://download.electrum.org/3.3.6/electrum-3.3.6-x86_64.AppImage

5. Download the corresponding gpg signature.

It is necessary to verify the integrity of the AppImage with the correct signature.

Note: If users downloaded a later Electrum version at step 4, then modify the following command to match the corresponding signature file. [7]

scurl-download https://download.electrum.org/3.3.6/electrum-3.3.6-x86_64.AppImage.asc

6. Verify the integrity of the AppImage image.

Note: This command must be run in the same directory as the downloaded AppImage and signature.

gpg --verify electrum-3.3.6-x86_64.AppImage.asc

If the image is verified successfully, the output will show a "Good signature" similar to the screenshot below.

Figure: Good Signature [8]

Electrum gpg good signature.png

The above "gpg: WARNING" can be ignored since it does not alter the validity of the signature related to the downloaded key. Rather, this warning refers to the level of trust placed in the developers signing key and the web of trust. To remove this warning, the developers signing key must be personally signed with your own key.

If the following "gpg: BAD signature" message appears, the Appimage has been corrupted or altered during the download process.

Figure: Bad Signature

Electrum bad gpg signature.png

In this event, delete both the AppImage and signature and either wait 10-15 minutes for the Tor circuits to change, or open up the Arm Tor Controller in Whonix-Gateway ™ (Qubes-Whonix ™: sys-whonix) and type "n" to create new Tor circuits. Wait for a random period of time before repeating the steps to download the AppImage and signature.

7. Change file permissions.

Make the electrum AppImage executable.

chmod +x electrum-3.3.6-x86_64.AppImage

Start Electrum[edit]

Info Users should create a wallet with a strong password!

Please refer to the official Documentation at docs.electrum.org for comprehensive instructions, as well as more advanced topics like Cold Storage of private keys.

To start Electrum on all platforms, run.

./electrum-3.3.6-x86_64.AppImage

Qubes-Whonix ™ users are recommended to configure a Split Bitcoin Wallet to better protect their private keys. To protect against identity correlation through Tor circuit sharing, follow the instructions below (see Stream Isolation for more information).

Electrum: First Run[edit]

Info These steps enable Stream Isolation for the Electrum application.

1. Configure a manual server connection.

When Electrum is started for the first time, users are met with the prompt: "How do you want to connect to a server?".

Choose Select server manually and press Next.

Figure: Server Setting

Electrum select server manually.png

2. Change the proxy settings.

The necessary settings are:

  • Proxy: SOCKS5
  • Host: 10.152.152.10
  • Port: 9111

Press Next and the application should be fully functional.

Figure: SOCKS5 Proxy Configuration

Electrum use proxy socks5 .png

Note: If Electrum is already set up but stream isolation was not enabled, then navigate to ToolsNetwork in Electrum to bring up the server and proxy settings.

Add Application Launcher to Start Menu[edit]

Info This step is optional.

Create folder ~/.local/share/applications.

mkdir -p ~/.local/share/applications

Create a new file ~/.local/share/applications/electrum.desktop using an editor.

mousepad ~/.local/share/applications/electrum.desktop

Paste the following contents.

[Desktop Entry]
Type=Application
Exec=/home/user/electrum-3.3.6-x86_64.AppImage
Name=electrum
Categories=Other

Save.

The procedure is now complete.

You can find the launcher here:

Start MenuOtherelectrum

Donations[edit]

After having installed Electrum, please consider making a donation to Whonix ™ to keep it running for the years to come.

Donate Bitcoin (BTC) to Whonix ™.

3D7s3VY5QhV7zuZjMo1Rp6NsomKEcyzxby

Footnotes[edit]

  1. Some Bitcoin wallets other than Electrum are affected by this: if the third-party server was ever compromised, all of the users' bitcoins could be stolen. There is also the possibility that the third-party could lose a user's private keys or walk away with them.
  2. https://github.com/spesmilo/electrum/issues/5183
  3. https://github.com/spesmilo/electrum/issues/5190
  4. For further details, see: Github Electrum issues.
  5. Ambox warning pn.svg.png Installing software best practices:

  6. To find the correct image download: "Right-click" AppImage"Select" Copy Link LocationAppend to scurl command.
  7. To find the correct signature file download: "Right-click" signature"Select" Copy Link Location"Append" to scurl command
  8. gpg: assuming signed data in 'electrum-3.3.6-x86_64.AppImage'
    gpg: Signature made Thu 16 May 2019 02:14:30 PM EDT
    gpg:                using RSA key 6694D8DE7BE8EE5631BED9502BD5824B7F9470E6
    gpg: Good signature from "Thomas Voegtlin (https://electrum.org) <thomasv@electrum.org>" [unknown]
    gpg:                 aka "ThomasV <thomasv1@gmx.de>" [unknown]
    gpg:                 aka "Thomas Voegtlin <thomasv1@gmx.de>" [unknown]
    gpg: WARNING: This key is not certified with a trusted signature!
    gpg:          There is no indication that the signature belongs to the owner.
    Primary key fingerprint: 6694 D8DE 7BE8 EE56 31BE  D950 2BD5 824B 7F94 70E6
    

No comments for now due to spam. Use Whonix forums instead.


Random News:

We are looking for video production specialists to help create demonstration, promotional and conceptual videos or tutorials.


https | (forcing) onion

Share: Twitter | Facebook

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation.

Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee of the Open Invention Network. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)

Whonix ™ is a derivative of and not affiliated with Debian. Debian is a registered trademark owned by Software in the Public Interest, Inc.

Whonix ™ is produced independently from the Tor® anonymity software and carries no guarantee from The Tor Project about quality, suitability or anything else.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint.