Electrum Wallet is one of the most popular Bitcoin wallets and has been around for several years. However, Electrum wallet users often rely on electrum servers, which presents some security and privacy trade-offs. If you use an Electrum personal server, Electrum wallet users can connect locally to their own private servers, enjoying the convenience of Electrum without any trade-offs.
Users of Bitcoin wallet Electrum are facing phishing attacks, according to Johnwick.io. Hackers broadcast messages to the Electrum client through a malicious server, prompting the user to update to v4.0.0, and if the user follows the prompt to install this "backdoor-carrying client", the private key is stolen and all digital assets are stolen. At the time of writing, at least 1,450 BTCs worth about $11.6 million had been stolen from phishing attacks that faked Electrum upgrade tips. DeViable Security Labs hereby suggests that versions of Electrum below 3.3.4 are vulnerable to such phishing attacks, and users using Electrum Wallet are requested to update to the latest version of Electrum 3.3.8 via the official website (electrum.org), which has not yet been officially released, and do not use the link in the prompt to avoid asset losses.
It is reported that malicious websites (electrumsecure) fake Electrum website phishing attacks, to guide users to download and use the wallet, in order to steal the user's private key and other sensitive data. Users are reminded not to install electrum wallets from unknown sources at will to avoid asset losses.
Although BIP 49 proposes a way to encode P2WPKH-nested-in-P2SH addresses, it fails to change the HD seed version byte (retaining the xpub prefix), resulting in unsustainable confusion between users. The user must know that xpub is derived using BIP 49, or that the user of xpub must scan two address spaces (P2PKH and P2WPKH-in-P2SH). In the long run, the problem is likely to continue to worsen, requiring increasingly complex scanning logic to find wallets that support the import of seed phrases.
However, this does not necessarily create problems, and the testing process set up in software development is designed to detect such problems early, but they say that non-P2WPKH scripts are not covered in test cases. Although the P2SH address (beginning at 3) was finally tested in the test network, the team mistakenly believed that the test passed due to a front-end vulnerability in the redemption DApp process.
In Bitcoin, whenever a multisig payment is called, the miner verifies the P2SH multisig redemption script. They also validate the public key used in the transaction.
The P2WPKH signature contains the same information as the P2PKH cost. However, the signature information is placed in the witness field, not in the signature script field. The public key script has also been modified.
Bitcoin wallet Electrum official Twitter announced that the next version of Electrum will support Lightning online payments. Its lightning node implementation has been consolidated into the main branch of Electrum. Electrum also confirmed that the wallet will adopt a new implementation of in-house development written using Python.
Pin P2SH.
The P2WPKH (Pay-to-Witness-Script-Hash) construction of the wallet.
Like legacy addresses, Segwit addresses exist. For legacy addresses, P2PKH and P2SH represent "pay to public key hash" and "pay to script hash value" respectively. For Segwit addresses, P2WPKH and P2WSK represent "Paid Witness Pubkey Hash" and "Paid WitnessScript Hash" respectively. The method of making each address will be discussed in another article.
Popular wallet developer Electrum has released an emergency patch for a key vulnerability in Bitcoin wallets.
For transactions that contain P2SH output scripts, neither propagation nor packaging is used to prevent accidental use of P2SH.
The P2WPKH witness program consists of a witness version and Bob's 20-byte public key hash.
Newer P2SH type starting with number 3
The structure of the P2SH address is similar to that of P2PKH, but begins with 3 instead of 1, such as 3J98t1WpEZ73CNmQviecrnyi WrnqRhWNLy. P2SH represents the payment of script hashing, which enables more complex functionality than traditional addresses. P2SH script functions are most commonly used for multisig addresses, for example, to specify that multiple digital signatures are required to authorize transactions. This address format is also used to enable non-local segwit transactions using a procedure called P2WPKH-in-P2SH. Ordinary people who send and receive coins don't need to worry about the more complex features that the P2SH format can provide: it's important that this type of address is widely supported and can be used to send funds to P2PKH and bech32 addresses.
In this demo, Electrum developer Chris Belcher shows how to set up and use an Electrum personal server.
P2SH is a powerful, new type of transaction that greatly simplifies the types of transactions in complex trading scripts. By using P2SH, complex scripts (redemption scripts) that detail the conditions that cost output will not appear in the lock script. Instead, only the redemption script hash is included in the lock script.
BIP16 (P2SH)
Isolated witness transaction types can only be expanded using P2WPKH and P2WSH trading formats.
Motoko has type-safe form properties, also known as type stability. Type-friendly Motoko programs do not go wrong, which means that they are not used incorrectly because the program structure is treated as the wrong type.
P2SH is a form of transfer paid to script hash and is a powerful new type of transaction that greatly simplifies complex transaction scripts and is now commonly used as a multi-signature.
However, this does not necessarily create problems, and the testing process set up in software development is designed to detect such problems early, but they say that non-P2WPKH scripts are not covered in test cases. Although the P2SH address (starting at 3) was later tested in the test network, the team mistakenly believed that the test passed due to a front-end vulnerability in the redemption DApp process.
Warning P2WPKH should be created by the payer (recipient) by converting the compressed public key into a P2WPKH hash. You should never convert a P2PKH script, Bitcoin address, or uncompressed public key into a P2WPKH witness script.
Bitcoin Wallet Electrum now supports Lightning Online Payments According to Coindesk July 11th, Bitcoin Wallet Electrum now supports Lightning Web Payments. It has previously been reported that Bitcoin Wallet Electrum has released a beta version of Electrum 4.0, adding support for the Bitcoin Lightning Network.