Why Electrum?

WHY I’VE SETTLED ON THE ELECTRUM BITCOIN WALLET

Published in Bitcoin Magazine

Over many years, I have tinkered with various Bitcoin wallets and mentored many people to hold their private keys securely. I settled on “Electrum Desktop Wallet” as my favourite and most versatile software wallet.

In this essay, I will outline some of Electrum’s features, and my likes and dislikes. This is not a detailed guide on how to use it and get the most out of it. I also won’t be going into why you should hold your own Bitcoin keys; it’s assumed you know and desire to do this, but if you need to know why it’s essential, please take a look at “Six Reasons To Withdraw Your Bitcoin From Exchanges.”

I have experienced first-hand Electrum’s idiosyncrasies and worked out solutions to overcome them – if used correctly, it is the most powerful wallet I have come across.

Electrum is for the person who is, or aspires to be, a “power” user. Because it allows so much control, and because of my familiarity with the software, I choose to teach this wallet to most of the students as part of my Bitcoin privacy/security mentorship course (although some people need something simpler to use). The experience of teaching how to use it has certainly helped me understand what people find intuitive and what they find tricky.

For the new Bitcoiner going at it alone, Electrum would be totally safe to use, provided they take their time and use it in a testing environment with only a small number of sats at first.

OPERATING SYSTEM

Electrum can be installed on a Windows PC, Mac computer, or a Linux PC, and importantly for some, on ARM chip computers (i.e. Raspberry Pi’s).

It can also be installed on a phone, but the mobile version’s functionality is poor, and its connection to nodes has been erratic, so I don’t recommend that version. BlueWallet is a good alternative for a phone wallet.

DOWNLOADING AND VERIFYING

Downloading and installing the program is straightforward for Windows and Mac, and a little tricky for Linux users, particularly those who are still learning to use Linux.

For those just testing the program out, simply downloading and using it without verifying the software is fine – I just wouldn’t do that for large amounts, or if privacy is a big concern (i.e. if you have KYC free bitcoin, you need to practice good privacy to keep the coins unidentifiable).

If you are in fact going to end up using this wallet for a significant sum, then you should learn to verify the software with gpg. You can build your skills around this here. You can do that while waiting for my guide on how to use Electrum safely/privately.

THE ENVIRONMENT

One problem with Electrum is that if you run the program in the most intuitive way (i.e. just double-click the icon) rather than the command line (with certain flags), you will almost certainly connect to a random Bitcoin node which will expose your wallet and all its potential 8.6 billion addresses to the owner of the random node – the owner could be a surveillance company, and there goes your privacy (they will get all your used and unused addresses, and your IP address).

To overcome this, I will teach you, in the next instalment, how to load up a disposable wallet first, optimise your network settings (connect to your own node, or one you trust), and only then load your real wallet into Electrum.

Some people may be lost on what I mean by network settings or nodes. You can learn more about that here if you feel like going on a very important tangent.

The Electrum Wallet has a very clean layout displaying your addresses, although you have to know to go to the menu and select “show addresses” to see it. Then you’ll get a list of your first 20 receiving addresses highlighted green (you have 4.6 billion of these but obviously not all shown), and a list of your first 10 receiving addresses highlighted yellow (again, you have 4.6 billion of this type).

Many other software wallets don’t show you a list of addresses and only provide an address when requested to send coins to the wallet. This hides information from the user to keep things simple, but the user tends to remain ignorant, as the opportunity to learn is not presented. I have met many people who use Ledger Live or the Trezor suite, or Blue Wallet on their phone, and don’t realize they have limitless addresses, let alone something called “change” addresses.

Electrum also shows you a list of all your UTXOs (but you have to select “show coins”) to enable that.

ELECTRUM SERVER IS NECESSARY

Electrum Wallet can not connect to your Bitcoin Core node directly. This is annoying, but it does make electrum run faster. Much faster. You still need Bitcoin Core, but you will also need software called Electrum Server (of which there are different varieties each with their advantages and disadvantages, which I won’t go into here). Installing Bitcoin Core is hard enough for some people. Installing Electrum Server is MUCH harder, you really need to be fairly techy.

For ease and positive reinforcement, I recommend people install, for their first node, a node-package like MyNode (see my guide) or Raspiblitz (see my guide), before moving on to installing a node and associated software on a regular PC.

These packages have some weaknesses but are excellent to begin with because with a single installation process on a Raspberry Pi 4, you get many applications (like Electrum Server, Lightning, BTCPay Server, Mempool viewer – which you’d otherwise have to install one by one, and potentially verify) and the cost is only about $300 for all the equipment (the software is free). As your skills and interest progresses, then I recommend people look into more advanced node setups (none of which get expensive). In case you’re wondering why you should run a node at all, here are six excellent reasons.

WALLET CREATION

I think it’s useful to define the two types of wallets before going much further:

  1. Software wallet – this is the program that manages your Bitcoin private keys and addresses. Eg Electrum, Sparrow, Blue Wallet.
  2. Bitcoin wallet – by this, I mean the collection of unique addresses that are created deterministically (and reproducibly) from your mnemonic seed phrase (usually 12 or 24 words) – each seed phrase has 8.6 billion unique addresses that it can access/create.

Electrum, by default, creates wallets that are not standard which is very annoying. The most common protocol is called BIP39 (Bitcoin Improvement Proposal 39) that nearly all wallets will use.

That means that the 12 or 24 words that your BIP39 wallet created will be compatible with other BIP39 wallets, such that if you lose your software (or hardware) wallet, then you can get it back by entering your seed words into any compatible BIP39 wallet – it doesn’t have to be the same brand.

The Electrum developer, however, has his own plans and thinks the industry standard is unsafe (he has an outrageously unrealistic concern about BIP39). Instead of BIP39, Electrum creates wallets based on its own protocol – which no other wallet uses by default. Unfortunately, if you create an Electrum seed phrase, you can only use that seed phrase with Electrum.

Importantly, Electrum will allow you to restore a BIP39 wallet into it, but you have to know how. It will not, however, create a BIP39 wallet for you. But there are ways around this.

You can also simply load a single address into Electrum to observe its balance – it doesn’t even have to be yours (although, don’t get ideas about spending the balance, that’s not possible unless you load in the private key, in which case the address would be yours).

When creating or restoring a Bitcoin wallet with Electrum, you can choose what address type to have:

  • Legacy – these addresses start with 1 – the original Bitcoin addresses.
  • Pay-to-Script-Hash – these addresses all start with ‘3’.
  • Segwit – From 2017 after the Segwit soft fork, you could create “Pay-to-witness-public-key-hash” (also called “Native Segwit”, or “Bech32”). These are the most commonly used now. They all start with “bc1q.”
  • Taproot. This is new and not yet supported by Electrum. Taproot was a soft fork in 2021. Addresses start with “bc1p.”

The first three address types listed have extended public keys that look a little different from each others’. They start with xPub, yPub, and zPub, respectively. I believe taproot is tPub but I’m still getting familiar with that. For more education material about Bitcoin public and private keys, you can read here.

LABELS

This feature is not unique, but very important to have if you want to maintain privacy through good coin control. By labelling your UTXOs, you’ll know which ones you might want to avoid spending together with others. For example, if you have a KYC-free or mixed coin, and you select it together with a KYC coin and send the combined total somewhere, then the private coin can be identified as belonging to whoever owns the KYC coin (since someone had the ability to spend both together). Don’t do that. The labels can be saved to a file so they can be uploaded to a different computer should you have duplicate wallets.

COIN SELECTION

Coin selection is a great feature. You can go to your address windows, and pick the coin you want to spend – or group several of them for spending. If you don’t select which coin you want to spend, like any other software, Electrum will choose the “best” coin to spend for you – but the software doesn’t always know what’s best. It doesn’t know which coins not to merge, which ones are dust attacks, and which ones are mixed. You know this, because you’ve labelled them, and then you can decide how to manage it.

SENDING/RECEIVING

The process of sending bitcoin payments is very “fine-tunable.” You can keep it simple, but there’s also an advanced button that I encourage people to always use – at least learn to get familiar. Here you can see exactly the important elements of the Bitcoin transaction – the inputs (with Tx IDs and addresses), the outputs, whether any listed addresses are found in your own wallet or not (through colour-coding), the mining fee and ability to fine-tune it, the size of the transaction (in bytes), if there is a lock time, and if replace-by-fee is enabled. You don’t need to know right away what all these things mean, but at least they are there and as you get experienced, you’ll know what things to learn about.

When receiving, you can go to the receiving tab and the next unused address will be provided – with that you can copy/paste as needed or generate a QR code. Alternatively, you can go to the address window and select any address you see to create an invoice. You can right-click, select details, and you’ll see a button to create a QR code of the address or you can just copy the address text.

As soon as a payment is made to an address, and is waiting in the mempool, Electrum will show you the payment sitting with the address, which is handy – you don’t need to wait for a miner to mine the coin for you to know the payment is coming. Electrum also allows you to spend such an unconfirmed coin.

If a sender has set a very low fee and confirmation is taking a while, you can hurry up the payment by spending the unconfirmed transaction to another one of your addresses. In that second (downstream) transaction, you could add a high mining fee. To collect the fee, a miner would have to include the first transaction (not lucrative) and the downstream transaction you created (lucrative) – why? Because the second transaction is invalid until the first transaction is valid (as you can’t spend coins that theoretically don’t exist). This technique is called “child pays for parent.”

Another technique possible with Electrum, to speed up payments, is called RBF (replace by fee). This is not possible for the receiver to do as described above with “child pays for parent.” Instead, an impatient receiver must ask the sender to perform an RBF. The sender will resend the original UTXO which has been “spent” but not yet mined to the blockchain. That UTXO can be put in an alternative transaction (spending to the same address as the first transaction, or another), and with a higher mining fee. Whichever of the two transactions gets mined first will be valid and the other becomes invalid.

As a side note, RBF allows the potential for fraud. If a receiver (merchant) accepts an unconfirmed transaction as “payment received” and delivers the goods to the sender of the payment, the sender has an opportunity to perform an RBF transaction before the original payment gets mined. They would use their own address as the recipient of the payment, and add a high fee. When that gets mined, the original transaction becomes invalid, is dropped by all the nodes from the mempool, and the balance from the merchant’s wallet disappears. This is why you’ll notice that Bitcoin exchanges, when you deposit bitcoin, will wait for confirmation on the blockchain before crediting your account.

MULTISIGNATURE WALLETS

Electrum manages multisignature wallets really well, and for a time I believe it was the only software wallet you could use. You can have cosigners with hot keys (software wallets) or cold keys (connect hardware wallets). The multisignature public keys can be made one at a time, on different days, in different places on different computers (or hardware wallets) – spreading it out reduces the risk of a single point of failure/attack. How far you take the precautions is up to you.

Extra details about multisig wallets and keys can be found here, and I’ll have a guide on making these wallets in the future. The wallet creation process is excellent but with some quirks which become irrelevant once you know about them.

I really like how Electrum handles partially signed Bitcoin transactions (PSBTs), an important feature of multisig wallets, discussed next.

PSBTS

An Electrum bitcoin transaction is represented by just a bunch of text (which themselves represent binary numbers, as all computer data is). You have the ability to save that text to a file, a QR code, or to the clipboard (as text, for copy/paste into an email for example). That text can be sent anywhere, and however you want. If you are so inclined, you can extract the text and send it by email, a physical letter, Morse code, smoke signals, gravitational waves back in time via a black hole, or interpretive dance – that’s up to you.

Electrum gives you the ability to extract that text and save it, before it’s signed, after it’s signed, or in a multisignature setting when it’s partially signed.

Multisignature is particularly interesting. If there are for example 3 key holders around the world, you can sign a transaction on your computer, extract the partially signed Bitcoin transaction, email it (or QR code over a video call) to another participant overseas, they can import it, sign it, then send it to the 3rd person for signing and broadcasting. No, this is not unique to Electrum, I just like how Electrum handles it. The workflow is not intuitive though, and takes practice.

PAY TO MANY (PAYJOIN AND COINJOIN)

There is a hidden feature (search the menus) where you can choose multiple destinations (multiple outputs) when spending. For example, you can take 6.15 bitcoin, and send 0.01 bitcoin to 615 different employees, all in one transaction. This feature allows you to create PayJoins manually – something only a minority of people would do or even understand, but it’s cool nonetheless.

Pay to Many also allows you to create your own manual CoinJoins. For more information on what that is and how to do it, see this guide.

GAP LIMIT

An important feature that not all wallets have is the ability to set the gap limit. As I mentioned earlier, every wallet is a collection of 8.6 billion addresses. The software wallet must connect to a node and ask if an address has bitcoin associated with it. It’s not going to check all 8.6 billion of them. Electrum asks for the first 20 addresses. If they are used, it will ask for another 20, and so on. It will keep this up until the node returns 20 unused addresses in a row.

This is a way to explain that the default gap limit is 20, but you can change that. Why would you? Because sometimes merchants allow customers to produce bitcoin addresses themselves through a payment app (like my donation page, hint-hint). If the first 20 customers make invoices (one address each, sequentially given by the app), and then the 21st customer generates an invoice and pays, then the Electrum wallet will appear empty. This happens because the first 20 addresses will be queried, found to be unused, and then Electrum will stop searching. Electrum allows you to change the gap limit, eg to 500 but there are no instructions, you’d have to research online, or find it right here:

You’ll have to first go to the menu: view→show console, and then type this command in the console (of course the “500” can be changed to another number):

wallet.change_gap_limit(500)

With this command, you’ll see 500 new addresses in the address window.

WATCHING WALLETS

These are wallets without private keys, necessary for hardware wallets to connect to. Most people with a hardware wallet use the software on the computer that “came with” the device, but they are not usually open source. Electrum is an alternative that can be used with any hardware device.

AIR-GAPPED COMPUTERS

It’s possible to install Electrum on a computer that can’t ever connect to the internet (Air-gapped computer). That computer can be used to check that the seed phrase a hardware wallet gives, created the correct addresses from the seed.

For example, you might buy a BitBox02 hardware wallet, and it creates a 24-word seed for you, and from that, create addresses (with associated private keys hidden from view). Depending on the level of paranoia you have (and the amount of bitcoin you are storing), you might choose not to trust the embedded software, and assume at first that the addresses it creates belong to the CEO to start with.

To check the addresses are genuine, you need to put the seed words into (restore) a different wallet – eg Electrum; and make sure Electrum generates identical addresses. That’s easy enough, but you can’t just type seeds into any old computer with Electrum on it. Well, you can but you really really shouldn’t – malware can potentially extract your keystrokes and steal your bitcoin.

One solution is to enter the seeds into Electrum on a clean and secure air-gapped computer (or a different brand hardware wallet).

The cheapest way is with a Raspberry Pi Zero – They used to cost about $10 before pandemic-induced shortages. The ARM chip on these devices means not all software wallets are compatible. Electrum is and works magnificently.

Here’s how to build your own. It’s like a seed signer but has the full functionality of Electrum.

SIGN/VERIFY A MESSAGE

A Bitcoin transaction is a payment that contains a coin that was previously “locked” by an address. To unlock the coin (with respect to the rules of Bitcoin) and be allowed to spend it, using public/private key cryptography, one must prove they own the private key to the address contained within. That is done with a signature (using the private key, but not revealing it).

The signed transaction is itself a message; a bit of computer data, although following a strict protocol.

Using public/private key cryptography, outside of Bitcoin, you can actually sign ANY message. For example, here is a message I signed after I selected an address (and therefore its private key). Below is the message, the address and the signature (nonsense-looking text), which was produced after I clicked “sign.”

image3

Now you or anyone can take the address, the message, and the signature, put it in Electrum (or other software), and verify that it really was the correct private key (matching the address) that produced that message (this is actually the same type of verification that Bitcoin nodes do for any Bitcoin transaction). I’ll open another wallet that hasn’t got the relevant private key, to demonstrate verification. I went into the “verify message” window, then entered all the details as you see above, and then clicked Verify:

image1

ENCRYPT/DECRYPT A MESSAGE

Instead of signing a message with public/private key cryptography, the output can be an encrypted version of the message (i.e. jumbled up and unreadable) using someone else’s public key/address. The encrypted version can then be sent to anyone who has the corresponding private key, because the text can only be read when the private key is used to reverse the process.

image2

For example, you could have been given my bitcoin public key, encrypted this message as above, emailed me the cyphertext (the random-looking text in the bottom field), and because I have the private key to the public key, I can reverse the encrypted message to the original form and read your wrong-think message. In this way, you can send text to me across an insecure communication channel, and only I can read it.

This is the magic of public/private key cryptography, and one of the main components that made Bitcoin possible. We should all be thankful that the cypherpunks fought hard, and won, against the US government which tried to ban it in the 1990s.

SUMMARY

This was a long review of the Electrum Desktop Wallet. Hopefully, that has piqued your interest to learn how to use it – I will release a guide on this very soon. In the meantime, it may be worth practicing very basic Bitcoin transactions by following this exercise.

%d bloggers like this: