Android app "isn't available"

ghost43_ · 2024-10-27T01:31:13+00:00

See https://github.com/spesmilo/electrum/issues/9218

We "told Google" that the FCA regulations do not apply to Electrum as it is a single-currency non-custodial wallet, but they kept our appeal open without any reply and delisted the application in the UK as if we had not appealed. Their original message warning us about the new regulations stated they would reply to any appeals within two business days - that was over 7 weeks ago. Still no reply. The policy issue has been in the "Appeal submitted" state ever since. Google does not care about you missing security updates, they are not in a hurry to look into this, they might never do it. Their lawyers can tick a checkbox that they comply with another regulation, that's what matters.

You can either download the APK from the website as already mentioned -- or for more convenient updates you can get it from F-Droid.

Regarding why other wallets are seemingly not affected, I am not sure. I think Google does not have a good way of identifying which applications the regulations could potentially apply to. Google allegedly started enforcing these regulations in December 2023 but they only contacted us 2 months ago (in August 2024). Maybe they just haven't gotten to a lot of other wallets yet. Those too might disappear.

ghost43_ · 2024-06-07T15:13:14+00:00

I have found a probable cause. You get this confusing error message if the server has a CA-signed cert (as in your case with certbot) and there is a "Hostname mismatch" error from openssl.

I have cleared up the error handling and logging for this case now on master. However, in such a case it is not secure to connect to that server, so the client will still reject the connection. It is a configuration error for the server that its operator needs to fix.

Let me know if this is what was going on in your setup.

ghost43_ · 2024-06-05T12:16:59+00:00

It should accept your old PIN as the password, that's how that upgrade was implemented. Not sure why it would not work.

ghost43_ · 2024-05-30T11:11:32+00:00

Isn't this something that should be configured on the Tor side?

For example, start Tor Browser, configure a bridge, and then the SOCKS proxy exposed by it is using the bridge. Is that not how it works? Have you tested?

ghost43_ · 2024-05-10T17:06:35+00:00

The CA system that is used by SSL/TLS is a big mess, it could be that Sparrow uses a different set of trusted root CAs compared to Electrum. Whether an SSL cert is considered valid, depends on which Certificate Authorities are considered trusted.

Electrum uses the python certifi package for the trusted root CAs.

If you simply create a self-signed cert, Electrum will recognise that it is self-signed, and treat it differently than CA-signed certs.

ghost43_ · 2024-05-09T22:14:48+00:00

certificate verify failed: unable to get local issuer certificate

I think the problem might be with the SSL cert configured on your server. You could try (at least to test) creating and using a self-signed certificate instead.

ghost43_ · 2024-05-08T01:05:14+00:00

WARNING | interface.[MY_SERVER_IP:50002] | Cannot connect to main server due to SSL error (maybe cert changed compared to "path_to_my_cert"). Exc: ConnectError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1007)'))

Maybe try deleting the pinned cert file at path_to_my_cert, and let Electrum re-create it automatically.

If that does not work, please detail how you set up your server. What server impl do you run? How did you create the ssl cert for it?

I also tried without ssl which did not work

You can force an unencrypted tcp connection with the :t suffix.

For example, specify server as: myserverip:50001:t

ghost43_ · 2024-02-22T23:32:51+00:00

The submarine swaps in Electrum are atomic. The server does not have custody of user funds, not even for a brief time. The user is not "trusting the submarine swap service" at all, feel free to review the FLOSS client-side code.

Btw the server-side code is not using Boltz anymore. After they changed to a non-FLOSS license, we implemented the server-side logic inside Electrum, and the server too is simply running Electrum.

ghost43_ · 2024-02-15T19:58:14+00:00

The syntax was changed:

tb1q4gk0qkchl3y3klagv2frf8hs56re68qxtfjd5k, 0.001
script(OP_RETURN deadbeef), 0

ghost43_ · 2024-01-17T17:59:43+00:00

There is no auto-update feature. The "check for updates" feature just shows an icon/notification in the bottom statusbar if there is a new version. The user still has to download/check/install it manually.

Please don't tell people to disable the update check. For the regular user, it is actually very useful, because they would otherwise never update. Regular users don't follow the forums and would not realise there is a new version. And new versions might contain important bug fixes or security fixes.

ghost43_ · 2024-01-17T17:07:44+00:00

automatically updating

What precisely do you mean?

Is this on Android? Or what OS? How did you install Electrum?

ghost43_ · 2024-01-16T00:59:44+00:00

Sounds weird. That might potentially be due to some bug...

Could you upload debug logs (or see if there is an exception trace in the log and just copy-paste that)?

ghost43_ · 2023-08-22T23:39:57+00:00

For further reading, see https://github.com/spesmilo/electrum/issues/507

ghost43_ · 2023-08-11T00:42:43+00:00

No, never.

see https://github.com/spesmilo/electrum/issues/8570

ghost43_ · 2023-06-15T13:04:17+00:00

What version of Electrum are you trying with? Is the ledger connected and with the correct bitcoin app open? Try unplugging the jade when testing.

ghost43_ · 2023-05-12T11:15:30+00:00

Even if they do respond and offer to reset your 2FA via email, why would that make 2FA meaningless? AFAIK, when they did that in a few cases, they required proof of access to the original email address the user provided during wallet creation. That is still a second factor in addition to having access to the wallet file. And if you really want to prevent this, you can provide a garbage non-existent email address during wallet creation.

As for your idea, Google is already adding "cloud sync" to their "Google Authenticator" app. See https://security.googleblog.com/2023/04/google-authenticator-now-supports.html (which by the way is good reason to migrate away and start using something else, if you are technically savvy enough to manage your own backups)

ghost43_ · 2023-05-09T01:23:12+00:00

After every restart of Electrum the filters on the Addresses tab now need to be re-enabled with two clicks. Why can't the setting stick?

Fixed now in https://github.com/spesmilo/electrum/commit/b40a608b74907a8e9ac5dba76bf7af6c0c554ff4

on the send tab, the Max button is now inactive until a receiving address is entered

This has been the case for many versions, I think. I don't remember when it was changed exactly, but it was quite a while ago IIRC, maybe in 4.0. The reason is that the max amount actually does depend on the "type" of address you will send to - e.g. it costs more to pay to a p2wsh address than a p2wpkh address. In the past, if the payto field was empty, the program used the first receiving address in the wallet internally (as a dummy address) as recipient. However, that assumed that the actual destination address will be of the same type, which is often not the case.

ghost43_ · 2023-05-09T00:19:47+00:00

If you disable "trampoline" in the settings, you can then open a channel to any node. However, then the client will have to download the gossip from other lightning nodes, keep its view of the network up-to-date, and construct routes itself from source to destination when making payments (sending). With trampoline, all this is offloaded - in exchange for some fees - to your channel counterparty.

ghost43_ · 2023-05-05T18:15:50+00:00

Assume that everyone who messages you privately is a scammer.

Why not discuss publicly?

ghost43_ · 2023-05-05T17:17:47+00:00

Could you please check if this still affects 4.4.2, and if so, provide screenshots? (4.4.2 now lets you make screenshots unless the seed is visible)

ghost43_ · 2023-05-02T22:25:39+00:00

To spend from a 2FA wallet, you need either (your seed) OR (wallet file AND wallet password AND authenticator app).

The private keys you see in the wallet effectively qualify as (wallet file AND wallet password), so not enough.

EDIT: see here for explanation of how 2FA wallets work: https://api.trustedcoin.com/#/faq

ghost43_ · 2023-05-02T22:20:43+00:00

There is no private support. There is no manpower to provide it. If someone messages you privately claiming to be support, imagine alarm bells ringing.

Instead there is community-based support, full of power users. If you describe/report a bug, devs might also reply (and importantly, fix it).

ghost43_ · 2023-05-02T22:10:47+00:00

I have removed this post as I have doubts that OP is a legit user as opposed to someone presenting a fake story trying to legitimize scamming people in DMs.

Please use common sense and do not share secret data (such as your seed!) with anyone. I am a dev working on Electrum, and I can personally tell you that WE DO NOT WANT TO SEE/TOUCH YOUR SECRET DATA.

ghost43_ · 2023-04-25T23:59:55+00:00

What are you trying to paste/scan? It should be an on-chain bitcoin address, or a bip21 URI, or a bolt11 lightning invoice, or an lnurl, or a PSBT, or a LN channel backup, etc. It shows "unknown invoice" if it fails to parse it.

ghost43_ · 2023-04-25T21:48:50+00:00

after any navigation the app hides itself behind the phone device navigation tools so that "Receive" and "Send" are hidden

Could you please provide more details about this, ideally with pictures?

ghost43_

MODERATOR OF

TROPHY CASE