Electrum Personal Server
Electrum Personal Server aims to make using Electrum bitcoin wallet more secure and more private. It makes it easy to connect your Electrum wallet to your own full node.
It is an implementation of the Electrum server protocol which fulfills the specific need of using the Electrum wallet backed by a full node, but without the heavyweight server backend, for a single user. It allows the user to benefit from all of Bitcoin Core's resource-saving features like pruning, blocksonly and disabled txindex. All of Electrum's feature-richness like hardware wallet integration, multisignature wallets, offline signing, seed recovery phrases, coin control and so on can still be used, but connected only to the user's own full node.
Full node wallets are important in bitcoin because they are an big part of what makes the system be trustless. No longer do people have to trust a financial institution like a bank or paypal, they can run software on their own computers. If bitcoin is digital gold, then a full node wallet is your own personal goldsmith who checks for you that received payments are genuine.
Full node wallets are also important for privacy. Using Electrum under default configuration requires it to send (hashes of) all your bitcoin addresses to some server. That server can then easily spy on your transactions. Full node wallets like Electrum Personal Server would download the entire blockchain and scan it for the user's own addresses, and therefore don't reveal to anyone else which bitcoin addresses they are interested in.
If you dont already have them, download and install Bitcoin Core version 0.17 or higher. Make sure you verify the digital signatures of any binaries before running them, or compile from source. The Bitcoin node must have wallet enabled, and must have the RPC server switched on (
If you dont already have it, download and install Electrum bitcoin wallet, and set up your Electrum wallet (for example by linking your hardware wallet). To avoid damaging privacy by connecting to public Electrum servers, disconnect from the internet first or run Electrum with the command line argument
Download the latest release of Electrum Personal Server. If using Windows OS take the packaged binary release build
Extract and enter the directory, and copy the file
config.ini. Edit the file
config.inito configure everything about the server. Add your wallet master public keys or watch-only addresses to the
[watch-only-addresses]sections. Master public keys for an Electrum wallet (which start with xpub/ypub/zpub/etc) can be found in the Electrum client menu
Information. You can add multiple master public keys or watch-only addresses by adding separate lines for the different keys/addresses:
wallet1 = xpub661MyMwAqRbcF... wallet2 = xpub7712KLsfsg46G...
If using the windows packaged binary release, drag the file
config.inionto the file
electrum-personal-server.exeto run the server, or on the command line run
If installing from the source release, install Electrum Personal Server in your home directory with
pip3 install --user .. On Linux the script
electrum-personal-serverwill be installed in
~/.local/bin. Please note, if for some reason, you want to make a system-wide install, simply run
pip3 install .as root (e.g. if you have
sudosetup, you could use:
sudo pip3 install .). Run
electrum-personal-server /path/to/config.inito start Electrum Personal Server.
The first time the server is run it will import all configured addresses as watch-only into the Bitcoin node, and then exit. If the wallets contain historical transactions you can use the rescan script (
electrum-personal-server --rescan /path/to/config.ini) to make them appear. If using the windows packaged binary release build then drag the file
config.inionto the file
Run the server again which will start Electrum Personal Server. Wait until the message
Listening for Electrum Wallet ...appears and then tell Electrum to connect to the server in
Server. By default the server details are
localhostif running on the same machine. Make sure the port number matches what is written in
config.ini(port 50002 by default).
Pro Tip: run Electrum wallet with the command line arguments
--oneserver --server localhost:50002:s.
This stops Electrum connecting to several other servers to obtain block
headers; and locks Electrum to connect only to your server, disabling the GUI
button to stop accidental connections. This helps avoid a user accidentally
ruining their privacy by connecting to public Electrum servers. Another way
to do this is to open Electrum's config file and edit the lines to
Exposure to the Internet
Right now, Electrum Personal Server is easiest to use when it, your full node and your Electrum wallet are all on the same computer.
Other people should not be connecting to your server. They won't be
able to synchronize their wallet, and they could potentially learn all your
wallet transactions. By default the server will accept connections only from
localhost, though this can be changed in the configuration file.
The whitelisting feature can be used accept only certain IP addresses ranges connecting to the server. The Electrum protocol uses SSL for encryption. If your wallet connects over the public internet you should generate your own SSL certificate instead of using the default one, otherwise your connection can be decrypted. See the configuration file for instruction on how to do this.
Another option is to use a SSH tunnel to reach Electrum Personal Server. SSH
connections are encrypted and authenticated. This can be done on the command
ssh username@host -L 50002:localhost:50002 or with Putty
for Windows. Then connect Electrum to localhost, and SSH will forward that
connection to the server.
Number of connections
Right now Electrum Personal Server can only accept one connection at a time.
How is this different from other Electrum servers ?
They are different approaches with different tradeoffs. Electrum Personal Server is compatible with pruning, blocksonly and txindex=0, uses less CPU and RAM, is suitable for being used intermittently rather than needing to be always-on, and doesn't require an index of every bitcoin address ever used. The tradeoff is when recovering an old wallet, you must to import your wallet first and you may need to rescan, so it loses the "instant on" feature of Electrum wallet. Other Electrum server implementations will be able to sync your wallet immediately even if you have historical transactions, and they can serve multiple Electrum connections at once.
Traditional Electrum servers inherently are not very scalable and use many resources which push people towards using centralized solutions. This is what we'd like to avoid with Electrum Personal Server.
Definitely check out implementations like ElectrumX if you're interested in this sort of thing.
Further ideas for work
Allowing connections from more than one Electrum instance at a time.
An option to broadcast transactions over tor, so that transaction broadcasting doesn't leak the user's IP address.
Developing some way for Electrum servers to authenticate clients, so that Electrum Personal Server can accept connections from the entire internet but without a fear of privacy loss.
Dynamic adding of wallet master public keys. Perhaps by polling for changes in the config file.
I can be contacted on freenode IRC on the
#electrum channels, by email or on twitter.
My PGP key fingerprint is:
0A8B 038F 5E10 CC27 89BF CFFF EF73 4EA6 77F3 1129.
Media Coverage and Talks
Donate to help make Electrum Personal Server even better:
12LMDTSTWxaUg6dGtuMCVLtr2EyEN6Jimg. Signed donation addresses can be found here.
This is open source project which happily accepts coding contributions from anyone. See developer-notes.md.