Electrum is one of Bitcoin’s oldest and best-known wallets. Users running this software are trusting their private keys to it. To reduce the risk of running malware, users can verify the authenticity of Electrum downloads before using them. This tutorial describes how to do so on OSX. A procedure for verifying Electrum on Windows is also available.

The Threat of Malware

Any piece of software that handles your private keys can steal them or sign transactions you never authorized. This makes Bitcoin wallets especially profitable targets for malware authors. They begin by tweaking some of the open source code. Then they distribute the result, which looks identical to the authentic version. When the unwitting user enters the private key or seed, the wallet steals the funds. The loss is irreversible and can be life-changing.

This is far from a theoretical attack. For example, in 2017 a Reddit user reported that a phishing site was deploying malware through a forged copy of Electrum, resulting in the loss of five bitcoin. The phishing site was followed as the first advertising link from a Google search.

Public Key Cryptography to the Rescue

Many Bitcoin users are familiar with the idea of digital signatures. The same idea can be applied to software downloads. The developer signs a download with a private key. Users verify the download using the developer’s public key. A forged file that changes a single bit can be detected with this system, as can a developer who attempts to apply an invalid signature. The standard method for signing binaries is known as Pretty Good Privacy (PGP). Implementations are available for all operating systems.

Download and Install GPG Suite

A popular PGP implementation on OSX is GPG Suite. Begin by downloading the installer from the main page.

We are immediately faced with a dilemma: how do we know that our copy of GPG Suite is authentic? We can’t verify a signature because if we could do that we wouldn’t need GPG Suite.

Fortunately, we can verify the installer’s hash value. Think of a hash value as an immutable, unique identifier that can be assigned to any file. OSX allows hash values to be checked with the shasum utility. shasum is run from the Terminal application. To access Terminal, press command-spacebar and type “Terminal”. You’ll see a mostly empty window with a prompt after a dollar sign (“$”). Commands are entered, in text form, after this prompt.

From Terminal, enter the following two commands:

$ cd Downloads $ echo "{hash} {filename}" | shasum -a 256 -c -

where:

{hash} is the string of characters that appears at the bottom of the GPG Tools page after clicking on the “SHA256” link;

is the string of characters that appears at the bottom of the GPG Tools page after clicking on the “SHA256” link; {filename} is the name of the GPG Suite installer you downloaded; and

is the name of the GPG Suite installer you downloaded; and two spaces appear between {hash} and {filename} .

For example, On November 1, 2017, I downloaded a file named GPG_Suite-2017.1.dmg and its SHA256 hash value was:

01705da33b9dadaf5282d28f9ef58f2eb7cd8ff6f19b4ade78861bf87668a061

I would then enter the following two commands into Terminal (leaving out the dollar signs):

$ cd Downloads $ echo "01705da33b9dadaf5282d28f9ef58f2eb7cd8ff6f19b4ade78861bf87668a061 GPG_Suite-2017.1.dmg" | shasum -a 256 -c -

The first command moves my frame of file reference to the Downloads directory. The second command verifies the checksum of the file I downloaded. You should see a response that looks something like:

GPG_Suite-2017.1.dmg: OK

Notice that an attacker who was able to change the GPG Suite website might be able to give you the correct hash value for a fake copy of the installer. This is one of the limitations of using hash values to authenticate downloads.

After downloading and verifying the hash value of GPG Suite installer, double click on it. An installer window will be presented. Double click on the one named Install.pkg . Enter your system password when prompted and follow the remaining instructions.

You will be asked to generate a new key pair. For the purposes of verifying Electrum, this step can be skipped. Click the Cancel button.

Import the Developer Public Key

GPG Tools should present a window containing a single key entry — the one for the GPG Suite team. Before validating the Electrum download signature, we’ll need to add the public key of its developer to our list.

Thomas Voegtlin is the Electrum lead developer. The Electrum site reports his key ID as 0x2bd5824b7f9470e6 . Use this value to look up Voegtlin’s public key. Click the GPG Keychain “Lookup Key” button and enter the developer key ID. The click Search.

GPG Keychain should respond with an entry for Thomas Voegtlin’s public key. Click Retrieve Key.

GPG Keychain should report that Thomas Voegtlin’s public key was added. You’ll now see two key entries: the original for the GPGTools Team and a new one for Electrum’s lead developer. We can now verify the signature of any Electrum installer.

Download Electrum

Browse to the Electrum download page. Next to the OSX entry are two links. Click the first one titled “Executable” to download the Electrum installer. Save it to your Downloads folder.

Click the second link titled “signature.” This link takes you to a plain text page representing the installer’s signature. Save it by pressing command-s. Be sure to save it to the the Downloads folder. Remove the last four characters of the file name reading .txt , but leave it otherwise unmodified.

You should see two files in your Downloads folder: electrum-{version}.dmg and electrum-{version}.dmg.asc , where {version} is the version of Electrum you downloaded. The former file is the installer itself and the latter is the signature file.

To verify the signature of the installer, right click on it. A context menu will appear whose last item is called Services. Hovering over it presents a submenu. One of its entries will be “OpenPGP: Verify Signature of File.” Click it.

You should be presented with a window titled “Verification Results.” A single line should appear. The first entry gives the installer’s filename. The second gives the result of the verification. You should see text beginning with “Signed by: Thomas Voegtlin”. The line will be appended with the bolded text “undefined trust.”

Optional: Sign the Developer Key

At this stage, you’ve verified the signature of an Electrum installer. You could, however, take this process one step further by signing Thomas Voegtlin’s public key. Doing so will remind you in the future that you trust that this key really does belong to Electrum’s lead developer. Only take this step if you have independently verified that the key really does belong to Thomas Voegtlin.

Begin by creating a key pair for yourself, which is the step we skipped when setting up GPG Keychain. Click on the New button on the main GPG Keychain interface. Doing so brings up a form. Fill it out. Click Generate Key. There is no reason to publish this key, so decline that offer.

When you’re done, you should see a new public key in the keys list. It’s your own.

Next, sign Thomas Voegtlin’s public key. Begin by right-clicking on it. Choose the Sign option from the popup menu. Accept the defaults and click Generate Signature.

Verifying the signature of any Electrum installer in the future will present a somewhat different message than before. Instead of “undefined trust,” GPG Keychain will report “full trust” in green.

Conclusions

Signature validation should be used for any wallet destined to hold large sums of money. Given that wallets holding spare change today can grow to become wallets holding substantial sums tomorrow, signature verification should be the first step of any Electrum wallet installation. This guide offers a step-by-step procedure for doing so. Once set up, it can be used to verify the signature of any future Electrum release, and other Bitcoin software as well.

To recap, the steps are: