All About Lightning Electrum
The main reason for the Trezor vulnerability is that it does not have built-in multi-signature functionality, so its multi-signature implementation is to support Electrum extensions. This leads to an attack on Electrum, and Trezor is affected.
For debian/Ubuntu systems, install mutt using the APT-GET command ( ) or the APT command ( ) .
qtum-electrum adds support for offline staking.
and Android system. Installing Electrum requires you to write down a 12-word seed to help you recover your wallet on multiple devices. If you forget your private key, this seed can also make Electrum look more human. In addition, Electrum has a "cold storage" mode where you don't have to pay Bitcoin to view your balance.
Attackers reportedly implemented a compromised version of their Own Electrum server hosting to enable hacking. When users synchronize their vulnerable Electrum wallet with a malicious server, they are instructed to "update" their clients with a hacker version, which can eventually result in the immediate loss of funds contained in older versions.
A clone site masquerading as an Electrum SV wallet has emerged. The cloning site has nothing to do with electrum SV and is designed to steal tokens and create chaos in the BSV community. Most interestingly, although the clone site claims to be a BSV wallet, it is full of links to BCH resources, including the Electron Cash (BCH Wallet) library on GitHub.
Like Bitcoin's core wallet, Electrum Wallet allows users to control their own funds and private keys. Electrum wallets' private keys can also be exported and used on other supported wallets to access funds. Electrum apps are available for Windows, Linux, OSX and Android, but do not support iOS and browser clients.
First of all, I would like to say that the purpose of open source is not for security, this is often confused by the coin circle of a concept. The purpose of open source is to prove self-innocence. So you'll find that we have different open source strategies on different products, such as Bita is completely open source, and then bits don't open. Why not open source? Because we are a centralized server, we have our own set of back-end logic, and then client logic and this security mechanism, so we are in this kind of partial service of the centralized wallet, we choose a closed-source scenario. But the hardware wallet that followed us was completely open source, just like Trezor. Why fully open source? Why should hardware wallets be fully open source? Or why was the previous Bito completely open source? That is very simple truth, when the user wants to store large assets, it seems to me that the user needs to ask a question, can I trust you? Someone might say that you can trust me when you're closed, so actually if you can, say you're going to save 1,000 bitcoins, you're all up there. Then you decide that you have to believe that the security of these 1000 coins is provided to you by someone else. Whether it's a manufacturer or a platform, which security do you keep in this situation, you zoom in on the exchange, right? Anyway, you have to trust a third party, not you. If the big exchange is stolen, at least people make more money or lose you, right? So this is a matter of trust and distrust. That is, if you choose to hold the coin yourself, you should choose not to trust anyone. That's why large cold wallets. Hardware wallets must be open source for reasons. Steel uncle they, now seem to be doing is also open source, and open source is not as we often say, put a part of the source code or how, this open source atmosphere is not open source, open source also has to be really full open source, because your purpose is not only to let others can see it? Our aim is also to let others know that ok, that is, our hardware wallet open source, any one person, such as Tianqi you are the same, you are suddenly interested in saying that I also want to do an open source wallet, no problem. You can follow our open source out of the hardware circuit design, hardware framework design, hardware what selection? Chips, screens, you do exactly the same thing. Of course the appearance may be different, you changed it yourself, and then this above running program is no problem. You'll find that you're doing the development, and then downloading our source code, compiling the packaging brush to run, this is completely true open source. Even if that wasn't enough, we did an extra one called determinivity compilation some time ago, what is determinic compilation? Let's say we released a new firmware version 1.5.1. What features does this version bring? Ok, WELL, we will have this tag on the source code, you next version of the source code, you have to follow our steps, according to our environment to you, can compile exactly the same thing. That is to say, you compile your own firmware and our official firmware, you can compare the two files, you will find only a small piece of difference, what is this small segment? We signed it? As far as our official signature can't be forged, only a few bytes different, the other you are exactly the same as us, can be verified. So that's what really open source means. That is to say, open source has to let others can verify you this thing, like the source code, so that you have no evil on the source code. So open source is not for security. Security Is what you have to think about how you want to provide security services? For example, how do you keep your server secure, client security, and then hardware firmware security, code level security, there is no logic in this? Vulnerabilities, so this is a difference in understanding of security and open source. Of course, the security issues faced by on chain wallets and off chain wallets are not the same.
Planet Daily News Electrum is a world-renowned Bitcoin light wallet with a long history of supporting multi-signatures and a very broad user base, many of which like to use Electrum as a cold wallet or multi-sign wallet for Bitcoin or even USDT (Omni). Based on this usage scenario, Electrum is used less frequently on the user's computer. The current version of Electrum is 3.3.8, and previous versions of 3.3.4 are known to have a "message flaw" that allows an attacker to send an "update prompt" through a malicious ElectrumX server. This "update tip" is very confusing for the user, and if you follow the prompt to download the so-called new version of Electrum, you may get a trick. According to user feedback, because of this attack, stolen bitcoins are in the four digits or more.