Closed MilanVujic closed 6 years ago
Can you actually sign a txn and send funds out of electrum without your ledger plugged in?
You shouldn’t be able to actually sign a transaction - you can only view the balances because those are cached on the GUI.
Our next version will have an option to encrypt the hardware wallet’s cached addresses / balances so people won’t be able to view your addresses or balances without a password.
I was NOT able to sign the transaction without my Ledger.
But I agree that the wallet reveals too much info without being signed in.
You can close the ticket. Sorry if I caused panic!
Today I set up the Bitcoin Private Electrum Wallet v1.1.1 with my Ledger Nano S.
When opening up the wallet without my Ledger Nano S device connected, I get the following dialog box:
Please insert your Ledger. Verify the cable is connected and that no other application is using it. Try to connect again? Yes / No
When I click "No", I am able to go into my wallet without my Ledger device! So anyone can get into my wallet without the device and send my BTCP away without my authorization!
Another (less critical) issue is that you can see my available balance without the Ledger being connected. This should be only visible when the Ledger is connected. See the attached picture.