How-to: Use Electrum Bitcoin Wallet in Kicksecure ™ - Manual Installation

From Kicksecure

Electrum.png


Introduction[edit]

See Electrum wiki page for introduction and warnings!

Primarily refer to the Electrum wiki page! Use this page only in case newer versions of Electrum are desired!

Info Prerequisite knowledge: refer to the Frozen Packages and Application Specific Update Indicators entries in the Operating System Software and Updates chapter.

Community Support Only!:
Info

Community Support Only means Kicksecure ™ developers are unlikely to provide free support for wiki chapters or pages with this tag. See Community Support for further information, including implications and possible alternatives.

Install Electrum[edit]

Installation Steps[edit]

Note: The following instructions should be applied in Kicksecure ™ (Kicksecure ™ for Qubes: kicksecure).

1. Open a terminal.

If you are using Kicksecure ™ inside Qubes, complete the following steps.

Qubes App Launcher (blue/grey "Q")Kicksecure ™ App Qube (commonly named kicksecure)Xfce Terminal

If you are using a graphical Kicksecure ™ with XFCE, run.

Start MenuXfce Terminal

2. Import the gpg public key of Electrum developer Thomas Voegtlin. [1]

notice Digital signatures can increase security but this requires knowledge. Learn more about digital software signature verification.

Securely download the signing key.

scurl-download https://raw.githubusercontent.com/spesmilo/electrum/master/pubkeys/ThomasV.asc

Display the key's fingerprint.

gpg --keyid-format long --import --import-options show-only --with-fingerprint ThomasV.asc

Verify the fingerprint. It should show.

In early-2019, the output is identical to the following image.

Figure: Fingerprint Verification

Electrum verify gpg fingerprint.png

Key fingerprint = 6694 D8DE 7BE8 EE56 31BE D950 2BD5 824B 7F94 70E6

The most important check is confirming the key fingerprint exactly matches the output above. [2]

warning Warning:

Do not continue if the fingerprint does not match! This risks using infected or erroneous files! The whole point of verification is to confirm file integrity.

Add the signing key.

gpg --import ThomasV.asc

3. Download the Electrum AppImage.

Note: At the time of writing, electrum-4.2.1 was the latest stable release. Before starting the Electrum download, browse to electrum.org/#download to verify the correct file path. Then download the file with scurl. [3]

scurl-download https://download.electrum.org/4.2.1/electrum-4.2.1-x86_64.AppImage

5. Check the Electrum AppImage is not corrupted after download. [4]

To check the Electrum AppImage, run.

file electrum*.AppImage

The following output indicates a corrupted and/or non-existent AppImage file.

electrum-4.2.1-x86_64.AppImage: HTML document, ASCII text, with very long lines

In that case, delete the file and try downloading the AppImage again.

6. Download the corresponding gpg signature.

It is necessary to verify the integrity of the AppImage with the correct signature.

Note: If users downloaded a later Electrum version at step 4, then modify the following command to match the corresponding signature file. [5]

scurl-download https://download.electrum.org/4.2.1/electrum-4.2.1-x86_64.AppImage.ThomasV.asc

7. Verify the integrity of the AppImage image.

Note: This command must be run in the same directory as the downloaded AppImage and signature.

gpg --verify electrum-4.2.1-x86_64.AppImage.ThomasV.asc electrum-4.2.1-x86_64.AppImage

If the file is verified successfully, the output will include Good signature, which is the most important thing to check.

Figure: Good Signature [6]

Electrum gpg good signature.png

gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.

This message does not alter the validity of the signature related to the downloaded key. Rather, this warning refers to the level of trust placed in the Kicksecure ™ signing key and the web of trust. To remove this warning, the Kicksecure ™ signing key must be personally signed with your own key.

If the following "gpg: BAD signature" message appears, the AppImage has been corrupted or altered during the download process.

Figure: Bad Signature

Electrum bad gpg signature.png

In this event, delete both the AppImage and signature and either wait 10-15 minutes for the Tor circuits to change, or open up the Nyx Tor Controller in Kicksecure ™ (Kicksecure ™ for Qubes: kicksecure) and type "n" to create new Tor circuits. Wait for a random period of time before repeating the steps to download the AppImage and signature.

8. Change file permissions.

Make the electrum AppImage executable.

chmod +x electrum-4.2.1-x86_64.AppImage

Start Electrum[edit]

Info Users should create a wallet with a strong password!

Please refer to the official Electrum Documentation for comprehensive instructions, as well as more advanced topics like Cold Storage of private keys.

To start Electrum on all platforms, run.

./electrum-4.2.1-x86_64.AppImage

Kicksecure ™ for Qubes users are recommended to configure a Split Bitcoin Wallet to better protect their private keys. To protect against identity correlation through Tor circuit sharing, follow the instructions below (see Stream Isolation for more information).

Electrum: First Run[edit]

Info These steps enable Stream Isolation for the Electrum application.

1. Configure a manual server connection.

When Electrum is started for the first time, users are met with the prompt: "How do you want to connect to a server?".

Choose Select server manually and press Next.

Figure: Server Setting

Electrum select server manually.png

2. Change the proxy settings.

The necessary settings are:

  • Proxy: SOCKS5
  • Host: 10.152.152.10
  • Port: 9111

Press Next and the application should be fully functional.

Figure: SOCKS5 Proxy Configuration

Electrum use proxy socks5 .png

Note: If Electrum is already set up but stream isolation was not enabled, then navigate to ToolsNetwork in Electrum to bring up the server and proxy settings.

Add Application Launcher to Start Menu[edit]

Info This step is optional.

1. Create folder ~/.local/share/applications.

mkdir -p ~/.local/share/applications

2. Create a new file ~/.local/share/applications/electrum.desktop using an editor.

mousepad ~/.local/share/applications/electrum.desktop

3. Paste the following contents.

[Desktop Entry] Type=Application Exec=/home/user/electrum-4.2.1-x86_64.AppImage Name=electrum Categories=Other

4. Save the file.

The procedure is now complete.

The launcher can be found here:

Start MenuOtherelectrum

Donations[edit]

After installing Electrum, please consider making a donation to Kicksecure ™ to keep it running for years to come.

Bitcoin accepted here Donate Bitcoin (BTC) to Kicksecure ™.

3DaJWfHyLv4RVnvMD7K2Mz2AX2r3fwiQwV

Kicksecure donate bitcoin.png

Footnotes[edit]

  1. https://github.com/spesmilo/electrum/issues/4789
  2. Minor changes in the output such as new uids (email addresses) or newer expiration dates are inconsequential.
  3. To find the correct image download: "Right-click" AppImage"Select" Copy Link LocationAppend to scurl command.
  4. Due to recent DDoS attacks.
  5. To find the correct signature file download: "Right-click" signature"Select" Copy Link Location"Append" to scurl command
  6. gpg: Signature made Mon 19 Jul 2021 02:22:33 PM EDT
    gpg:                using RSA key 6694D8DE7BE8EE5631BED9502BD5824B7F9470E6
    gpg: Good signature from "Thomas Voegtlin (https://electrum.org) <thomasv@electrum.org>" [unknown]
    gpg:                 aka "ThomasV <thomasv1@gmx.de>" [unknown]
    gpg:                 aka "Thomas Voegtlin <thomasv1@gmx.de>" [unknown]
    gpg: WARNING: This key is not certified with a trusted signature!
    gpg:          There is no indication that the signature belongs to the owner.
    Primary key fingerprint: 6694 D8DE 7BE8 EE56 31BE  D950 2BD5 824B 7F94 70E6
    


Unfinished: This wiki is a work in progress. Please do not report broken links until this notice is removed, use Search Engines First and contribute improving this wiki.