Allow (local network / tor) electrum server without certificate

ACINQ / phoenix

Phoenix is a self-custodial Bitcoin wallet using Lightning to send/receive payments.

https://phoenix.acinq.co

Apache License 2.0

653 stars 97 forks source link

Allow (local network / tor) electrum server without certificate #534

Closed Sjors closed 2 months ago

Sjors commented 6 months ago

I run an electrs instance on a private network. Having to make a maintain a certificate for it is a bit of a pain. It would be nice if there was a way to opt out of needing a certificate.

At the same time I understand that you don't want to introduce a footgun. Perhaps the app could allow it for private address ranges like 192.168 (https://datatracker.ietf.org/doc/html/rfc1918)

You can probably also drop the requirement for onion addresses (maybe it already does, I haven't tried).

dpad85 commented 6 months ago

You can probably also drop the requirement for onion addresses

Yes that's what we do already. We'll think about whitelisting local addresses, with a warning I think it should be fine, and it's easy to do.

Sjors commented 2 months ago

This has been working like a charm for a while now, now sure which version it was added.