Nice concept. I don't like storing the wallet on the server tho. Also in some ways wouldn't this reduce anonymity? Transactions correlate wallets with a certain IP address every time...
It's called "server" only because it implements the Electrum server protocol. In practice you'd run it on your own hardware, generally in the same place where your full node runs so the anonymity would not be harmed in this respect.
Also from the README:
Electrum wallet must be configured to connect to the server. SSL must be disabled
Electrum wallet must be configured to connect to the server. SSL must be disabled
Pull requests welcome ¯\_(ツ)_/¯
All you have to do is read this page and figure out how to make the server socket be SSL. Since you're generally only connecting to localhost when using Electrum Personal Server, there's no privacy or security difference between SSL and non-SSL.
This is regarding the concerns raised in the first post:
- Electrum downloads block headers from multiple servers to prevent any one server from tricking you.
- Electrum downloads block headers from multiple servers to prevent any one server from tricking you.
This doesn't remove the need for trust, it only spreads it out. As the saying goes: don't trust, verify.
- What you're calling a gateway is actually a proxy. There is one built into tails called tor proxy which routes your electrum connections over the high anonymity tor network. The Electrum that comes with tails is pre-configured to use that. If you install an updated version on Tails you can configure it to use tor proxy too (i believe you have to use tor proxy on tails). Go to tools > network > connection tab, check ssl, choose socks 5 as the proxy, enter localhost as the host and 9050 as the port.
Tails with tor only stops your IP address being revealed, but the bitcoin addresses in your wallet are still linked together, and so the spying Electrum server can see still everything you do.
Using a full node solves this privacy break because it downloads the entire blockchain and scans it locally for your own addresses, so any external observer watching your connections can't tell which bitcoin addresses are yours.