Why I’ve Settled On The Electrum Bitcoin Wallet

This is an sentiment editorial by Arman The Parman, a Bitcoin pedagogue passionate astir privacy.

Over galore years, I person tinkered with assorted Bitcoin wallets and mentored galore radical to clasp their backstage keys securely. I settled connected "Electrum Desktop Wallet" arsenic my favourite and astir versatile bundle wallet.

In this essay, I volition outline immoderate of Electrum's features, and my likes and dislikes. This is not a elaborate usher connected however to usage it and get the astir retired of it. I besides won't beryllium going into wherefore you should clasp your ain Bitcoin keys; it's assumed you cognize and tendency to bash this, but if you request to cognize wherefore it's essential, please instrumentality a look astatine "Six Reasons To Withdraw Your Bitcoin From Exchanges."

I person experienced first-hand Electrum's idiosyncrasies and worked retired solutions to flooded them - if utilized correctly, it is the astir almighty wallet I person travel across.

Electrum is for the idiosyncratic who is, oregon aspires to be, a “power” user. Because it allows truthful overmuch control, and due to the fact that of my familiarity with the software, I take to thatch this wallet to astir of the students arsenic portion of my Bitcoin privacy/security mentorship course (although immoderate radical request thing simpler to use). The acquisition of teaching however to usage it has surely helped maine recognize what radical find intuitive and what they find tricky.

For the caller Bitcoiner going astatine it alone, Electrum would beryllium wholly harmless to use, provided they instrumentality their clip and usage it successful a investigating situation with lone a tiny fig of sats astatine first.

Operating System

Electrum tin beryllium installed connected a Windows PC, Mac computer, oregon a Linux PC, and importantly for some, connected ARM spot computers (i.e. Raspberry Pi’s).

It tin besides beryllium installed connected a phone, but the mobile version's functionality is poor, and its transportation to nodes has been erratic, truthful I don’t urge that version. BlueWallet is simply a bully alternate for a telephone wallet.

Downloading And Verifying

Downloading and installing the programme is straightforward for Windows and Mac, and a small tricky for Linux users, peculiarly those who are inactive learning to usage Linux.

For those conscionable investigating the programme out, simply downloading and utilizing it without verifying the bundle is good - I conscionable wouldn’t bash that for ample amounts, oregon if privateness is simply a large interest (i.e. if you person KYC escaped bitcoin, you request to signifier bully privateness to support the coins unidentifiable).

If you are successful information going to extremity up utilizing this wallet for a important sum, past you should larn to verify the bundle with gpg. You tin physique your skills astir this here. You tin bash that portion waiting for my usher connected however to usage Electrum safely/privately.

The Environment

One occupation with Electrum is that if you tally the programme successful the astir intuitive mode (i.e. conscionable treble click the icon) alternatively than the bid enactment (with definite flags), you volition astir surely link to a random Bitcoin node which volition exposure your wallet and each its imaginable 8.6 cardinal addresses to the proprietor of the random node - the proprietor could beryllium a surveillance company, and determination goes your privateness (they volition get each your utilized and unused addresses, and your IP address).

To flooded this, I volition thatch you, successful the adjacent installment, however to load up a disposable wallet first, optimise your web settings (connect to your ain node, oregon 1 you trust), and lone past load your existent wallet into Electrum.

Some radical whitethorn beryllium mislaid connected what I mean by web settings oregon nodes. You tin larn much astir that present if you consciousness similar going connected a precise important tangent.

The Electrum Wallet has a precise cleanable layout displaying your addresses, though you person to cognize to spell to the paper and prime “show addresses” to spot it. Then you’ll get a database of your archetypal 20 receiving addresses highlighted greenish (you person 4.6 cardinal of these but evidently not each shown), and a database of your archetypal 10 receiving addresses highlighted yellowish (again, you person 4.6 cardinal of this type).

Many different bundle wallets don’t amusement you a database of addresses and lone supply an code erstwhile requested to nonstop coins to the wallet. This hides accusation from the idiosyncratic to support things simple, but the idiosyncratic tends to stay ignorant, arsenic the accidental to larn is not presented. I person met galore radical who usage Ledger Live oregon the Trezor suite, oregon Blue Wallet connected their phone, and don’t recognize they person limitless addresses, fto unsocial thing called “change” addresses.

Electrum besides shows you a database of each your UTXOs (but you person to prime “show coins”) to alteration that.

Electrum Server Is Necessary

Electrum Wallet tin not link to your Bitcoin Core node directly. This is annoying, but it does marque electrum tally faster. Much faster. You inactive request Bitcoin Core, but you volition besides request bundle called Electrum Server (of which determination are antithetic varieties each with their advantages and disadvantages, which I won’t spell into here). Installing Bitcoin Core is hard capable for immoderate people. Installing Electrum Server is MUCH harder, you truly request to beryllium reasonably techy.

For easiness and affirmative reinforcement, I urge radical install, for their archetypal node, a node-package similar MyNode (see my guide) oregon Raspiblitz (see my guide), earlier moving connected to installing a node and associated bundle connected a regular PC.

These packages person immoderate weaknesses but are fantabulous to statesman with due to the fact that with a azygous installation process connected a Raspberry Pi 4, you get galore applications (like Electrum Server, Lightning, BTCPay Server, Mempool spectator - which you’d different person to instal 1 by one, and perchance verify) and the outgo is lone astir $300 for each the instrumentality (the bundle is free). As your skills and involvement progresses, past I urge radical look into much precocious node setups (none of which get expensive). In lawsuit you’re wondering wherefore you should tally a node astatine all, here are six fantabulous reasons.

Wallet Creation

I deliberation it’s utile to specify the 2 types of wallets earlier going overmuch further:

1. Software wallet - this is the programme that manages your Bitcoin backstage keys and addresses. Eg Electrum, Sparrow, Blue Wallet.

1. Bitcoin wallet - by this, I mean the postulation of unsocial addresses that are created deterministically (and reproducibly) from your mnemonic effect operation (usually 12 oregon 24 words) - each effect operation has 8.6 cardinal unsocial addresses that it tin access/create.

Electrum, by default, creates wallets that are not modular which is precise annoying. The astir communal protocol is called BIP39 (Bitcoin Improvement Proposal 39) that astir each wallets volition use.

That means that the 12 oregon 24 words that your BIP39 wallet created volition beryllium compatible with different BIP39 wallets, specified that if you suffer your bundle (or hardware) wallet, past you tin get it backmost by entering your effect words into immoderate compatible BIP39 wallet - it doesn’t person to beryllium the aforesaid brand.

The Electrum developer, however, has his ain plans and thinks the manufacture modular is unsafe (he has an outrageously unrealistic interest astir BIP39). Instead of BIP39, Electrum creates wallets based connected its ain protocol - which nary different wallet uses by default. Unfortunately, if you make an Electrum effect phrase, you tin lone usage that effect operation with Electrum.

Importantly, Electrum volition let you to reconstruct a BIP39 wallet into it, but you person to cognize how. It volition not, however, create a BIP39 wallet for you. But determination are ways astir this.

You tin besides simply load a azygous code into Electrum to observe its equilibrium - it doesn’t adjacent person to beryllium yours (although, don’t get ideas astir spending the balance, that’s not imaginable unless you load successful the backstage key, successful which lawsuit the code would beryllium yours).

When creating oregon restoring a Bitcoin wallet with Electrum, you tin take what code benignant to have:

• Legacy - these addresses commencement with 1 - the archetypal Bitcoin addresses.
• Pay-to-Script-Hash - these addresses each commencement with ‘3’.
• Segwit - From 2017 aft the Segwit brushed fork, you could make “Pay-to-witness-public-key-hash” (also called “Native Segwit”, oregon “Bech32”). These are the astir commonly utilized now. They each commencement with "bc1q."
• Taproot. This is caller and not yet supported by Electrum. Taproot was a brushed fork successful 2021. Addresses commencement with "bc1p."

The archetypal 3 code types listed person extended nationalist keys that look a small antithetic from each others'. They commencement with xPub, yPub, and zPub, respectively. I judge taproot is tPub but I'm inactive getting acquainted with that. For much acquisition worldly astir Bitcoin nationalist and backstage keys, you tin read here.

Labels

This diagnostic is not unique, but precise important to person if you privation to support privateness done bully coin control. By labeling your UTXOs, you'll cognize which ones you mightiness privation to debar spending unneurotic with others. For example, if you person a KYC-free oregon mixed coin, and you prime it unneurotic with a KYC coin and nonstop the combined full somewhere, past the backstage coin tin beryllium identified arsenic belonging to whoever owns the KYC coin (since idiosyncratic had the quality to walk some together). Don't bash that. The labels tin beryllium saved to a record truthful they tin beryllium uploaded to a antithetic machine should you person duplicate wallets.

Coin Selection

Coin enactment is simply a large feature. You tin spell to your code windows, and prime the coin you privation to walk - oregon radical respective of them for spending. If you don’t prime which coin you privation to spend, similar immoderate different software, Electrum volition take the "best" coin to walk for you - but the bundle doesn’t ever cognize what's best. It doesn’t cognize which coins not to merge, which ones are particulate attacks, and which ones are mixed. You cognize this, due to the fact that you’ve labeled them, and past you tin determine however to negociate it.

Sending/Receiving

The process of sending bitcoin payments is precise "fine tunable." You tin support it simple, but there’s besides an precocious fastener which I promote radical to ever usage - astatine slightest larn to get familiar. Here you tin spot precisely the important elements of the Bitcoin transaction - the inputs (with Tx IDs and addresses), the outputs, whether immoderate listed addresses are recovered successful your ain wallet oregon not (through colour-coding), the mining interest and an quality to fine-tune it, the size of the transaction (in bytes), if determination is simply a fastener time, and if replace-by-fee is enabled. You don’t request to cognize close distant what each these things mean, but astatine slightest they are determination and arsenic you get experienced, you’ll cognize what things to larn about.

When receiving, you tin spell to the receiving tab and the adjacent unused code volition beryllium provided - with that you tin copy/paste arsenic needed oregon make a QR code. Alternatively, you tin spell to the code model and prime immoderate code you spot to make an invoice. You tin right-click, prime details, and you’ll spot a fastener to make a QR codification of the code oregon you tin conscionable transcript the code text.

As soon arsenic a outgo is made to an address, and is waiting successful the mempool, Electrum volition amusement you the outgo sitting with the address, which is useful - you don’t request to hold for a miner to excavation the coin for you to cognize the outgo is coming. Electrum besides allows you to spend specified an unconfirmed coin.

If a sender has acceptable a precise debased interest and confirmation is taking a while, you tin hurry up the outgo by spending the unconfirmed transaction to different 1 of your addresses. In that 2nd (downstream) transaction, you could adhd a precocious mining fee. To cod the fee, a miner would person to see the archetypal transaction (not lucrative) and the downstream transaction you created (lucrative) - why? Because the 2nd transaction is invalid until the archetypal transaction is valid (as you can’t walk coins that theoretically don’t exist). This method is called “child pays for parent.”

Another method imaginable with Electrum, to velocity up payments, is called RBF (replace by fee). This is not imaginable for the receiver to bash arsenic described supra with “child pays for parent.” Instead, an impatient receiver indispensable inquire the sender to execute a RBF. The sender volition resend the archetypal UTXO which has been “spent” but not yet mined to the blockchain. That UTXO tin beryllium enactment successful an alternate transaction (spending to the aforesaid code arsenic the archetypal transaction, oregon another), and with a higher mining fee. Whichever of the 2 transactions gets mined archetypal volition beryllium valid and the different becomes invalid.

As a broadside note, RBF allows the imaginable for fraud. If a receiver (merchant) accepts an unconfirmed transaction arsenic "payment received" and delivers the goods to the sender of the payment, the sender has an accidental to execute a RBF transaction earlier the archetypal outgo gets mined. They would usage their ain code arsenic the recipient of the payment, and adhd a precocious fee. When that gets mined, the archetypal transaction becomes invalid, is dropped by each the nodes from the mempool, and the equilibrium from the merchant's wallet disappears. This is wherefore you'll announcement that Bitcoin exchanges, erstwhile you deposit bitcoin, volition hold for confirmation connected the blockchain earlier crediting your account.

Multisignature wallets

Electrum manages multisignature wallets truly well, and for a clip I judge it was the lone bundle wallet you could use. You tin person cosigners with blistery keys (software wallets) oregon acold keys (connect hardware wallets). The multisignature nationalist keys tin beryllium made 1 astatine a time, connected antithetic days, successful antithetic places connected antithetic computers (or hardware wallets) - spreading it retired reduces the hazard of a azygous constituent of failure/attack. How acold you instrumentality the precautions is up to you.

Extra details astir multisig wallets and keys can beryllium recovered here, and I’ll person a usher connected making these wallets successful the future. The wallet instauration process is fantabulous but with immoderate quirks which go irrelevant erstwhile you cognize astir them.

I truly similar however Electrum handles partially signed Bitcoin transactions (PSBTs), an important diagnostic of multisig wallets, discussed next.

PSBTs

An Electrum bitcoin transaction is represented by conscionable a clump of substance (which themselves correspond binary numbers, arsenic each machine information is). You person the quality to prevention that substance to a file, a QR code, oregon to the clipboard (as text, for copy/paste into an email for example). That substance tin beryllium sent anywhere, and nevertheless you want. If you are truthful inclined, you tin extract the substance and nonstop it by email, a carnal letter, Morse code, fume signals, gravitational waves backmost successful clip via a achromatic hole, oregon interpretive creation - that’s up to you.

Electrum gives you the quality to extract that substance and prevention it, before it’s signed, after it’s signed, oregon successful a multisignature mounting erstwhile it’s partially signed.

Multisignature is peculiarly interesting. If determination are for illustration 3 cardinal holders astir the world, you tin motion a transaction connected your computer, extract the partially signed Bitcoin transaction, email it (or QR codification implicit a video call) to different subordinate overseas, they tin import it, motion it, past nonstop it to the 3rd idiosyncratic for signing and broadcasting. No, this is not unsocial to Electrum, I conscionable similar however Electrum handles it. The workflow is not intuitive though, and takes practice.

Pay To Many (PayJoin And CoinJoin)

There is simply a hidden diagnostic (search the menus) wherever you tin take aggregate destinations (multiple outputs) erstwhile spending. For illustration you tin instrumentality 6.15 bitcoin, and nonstop 0.01 bitcoin to 615 antithetic employees, each successful 1 transaction. This diagnostic allows you to make PayJoins manually - thing lone a number of radical would do, oregon adjacent understand, but it’s chill nonetheless.

Pay to Many besides allows you to make your ain manual CoinJoins. For much accusation connected what that is and however to bash it, see this guide.

Gap Limit

An important diagnostic that not each wallets person is the quality to acceptable the spread limit. As I mentioned earlier, each wallet is simply a postulation of 8.6 cardinal addresses. The bundle wallet indispensable link to a node and inquire if an code has bitcoin associated with it. It’s not going to cheque each 8.6 cardinal of them. Electrum asks for the archetypal 20 addresses. If they are uded, it volition inquire for different 20, and truthful on. It volition support this up until the node returns 20 unused addresses successful a row.

This is simply a mode to explicate that the default spread bounds is 20, but you tin alteration that. Why would you? Because sometimes merchants let customers to nutrient bitcoin addresses themselves done a outgo app (like my donation page, hint-hint). If the archetypal 20 customers marque invoices (one code each, sequentially fixed by the app), and past the 21st lawsuit generates an invoice and pays, past the Electrum wallet volition look empty. This happens due to the fact that the archetypal 20 addresses volition beryllium queried, recovered to beryllium unused, and past Electrum volition halt searching. Electrum allows you to alteration the spread limit, eg to 500 but determination are nary instructions, you’d person to probe online, oregon find it close here:

You’ll person to archetypal spell to the menu: view→show console, and past benignant this bid successful the console (of people the "500" tin beryllium changed to different number):

wallet.change_gap_limit(500)

With this command, you’ll spot 500 caller addresses successful the code window.

Watching Wallets

These are wallets without backstage keys, indispensable for hardware wallets to link to. Most radical with a hardware wallet usage the bundle connected the machine that "came with" the device, but they are not usually unfastened source. Electrum is an alternate that tin beryllium utilized with immoderate hardware device.

Air-Gapped Computers

It’s imaginable to instal Electrum connected a machine that can’t ever link to the net (Air-gapped computer). That machine tin beryllium utilized to cheque that the effect operation a hardware wallet gives, created the close addresses from the seed.

For example, you mightiness bargain a BitBox02 hardware wallet, and it creates a 24 connection effect for you, and from that, make addresses (with associated backstage keys hidden from view). Depending connected the level of paranoia you person (and the magnitude of bitcoin you are storing), you mightiness take not to spot the embedded software, and presume astatine archetypal that the addresses it creates beryllium to the CEO to commencement with.

To cheque the addresses are genuine, you request to enactment the effect words into (restore) a antithetic wallet - eg Electrum; and marque definite Electrum generates identical addresses. That’s casual enough, but you can’t conscionable benignant seeds into immoderate aged machine with Electrum connected it. Well, you can but you truly really shouldn’t - malware tin perchance extract your keystrokes and bargain your bitcoin.

One solution is to participate the seeds into Electrum connected a cleanable and unafraid air-gapped machine (or a antithetic marque hardware wallet).

The cheapest mode is with a Raspberry Pi Zero - They utilized to outgo astir $10 earlier pandemic-induced shortages. The ARM spot connected these devices means not each bundle wallets are compatible. Electrum is and works magnificently.

Here's however to physique your own. It's similar a effect signer but has the afloat functionality of Electrum.

Sign/Verify A Message

A Bitcoin transaction is simply a outgo that contains a coin that was antecedently "locked" by an address. To unlock the coin (with respect to the rules of Bitcoin) and beryllium allowed to walk it, utilizing public/private cardinal cryptography, 1 indispensable beryllium they ain the backstage cardinal to the code contained within. That is done with a signature (using the backstage key, but not revealing it).

The signed transaction is itself a message; a spot of machine data, though pursuing a strict protocol.

Using public/private cardinal cryptography, extracurricular of Bitcoin, you tin really motion ANY message. For example, present is simply a connection I signed aft I selected an code (and truthful its backstage key). Below is the message, the code and the signature (nonsense-looking text), which was produced aft I clicked “sign.”

Now you oregon anyone tin instrumentality the address, the message, and the signature, enactment it successful Electrum (or different software), and verify that it truly was the close backstage cardinal (matching the address) that produced that connection (this is really the aforesaid benignant of verification that Bitcoin nodes bash for immoderate Bitcoin transaction). I’ll unfastened different wallet that hasn’t got the applicable backstage key, to show verification. I went into the “verify message” window, past entered each the details arsenic you spot above, and past clicked Verify:

Encrypt/Decrypt A Message

Instead of signing a connection with public/private cardinal cryptography, the output tin beryllium an encrypted mentation of the connection (i.e. jumbled up and unreadable) utilizing idiosyncratic else's nationalist key/address. The encrypted mentation tin past beryllium sent to anyone who has the corresponding backstage key, due to the fact that the substance tin lone beryllium work erstwhile the backstage cardinal is utilized to reverse the process.

For example, you could person been fixed my bitcoin nationalist key, encrypted this connection arsenic above, emailed maine the cyphertext (the random-looking substance successful the bottommost field), and due to the fact that I person the backstage cardinal to the nationalist key, I tin reverse the encrypted connection to the archetypal signifier and work your wrong-think message. In this way, you tin nonstop substance to maine crossed an insecure connection channel, and lone I tin work it.

This is the magic of public/private cardinal cryptography, and 1 of the main components that made Bitcoin possible. We should each beryllium thankful that the cypherpunks fought hard, and won, against the US authorities who tried to prohibition it successful the 1990s.

Summary

This was a agelong reappraisal of the Electrum Desktop Wallet. Hopefully, that has piqued your involvement to larn however to usage it - I volition merchandise a usher connected this precise soon. In the meantime, it whitethorn beryllium worthy practicing precise basal Bitcoin transactions by pursuing this exercise.

This is simply a impermanent station by Arman The Parman. Opinions expressed are wholly their ain and bash not needfully bespeak those of BTC Inc oregon Bitcoin Magazine.