Blockstream / green_qt

Blockstream Green App
GNU General Public License v3.0
218 stars 34 forks source link

Feature Request: Ability to use Green with own node to address security concern #117

Open nakoshi-satamoto opened 8 months ago

nakoshi-satamoto commented 8 months ago

It has been asked before on how to use Green with one's own liquid node. The answer has always been to just use your own electrum server. This is not an option because Blockstream Electrs that is required for Liquid use, does not actually work https://github.com/Blockstream/esplora/issues/489

Using other peoples electrum servers is bad for security as it destroys confidentiality aka privacy. The SPV toggle switch does not let one use their own node only.

Maybe this may be a feature request if not possible at the moment. It would be good to let users use their own liquid node for use with Green.

nakoshi-satamoto commented 8 months ago

I think that SPV is for bitcoin only. What I was originally asking was how to use green with my own node for liquid. This has never been addressed before because the repeated solution to use a self hosted electrs service is not actually a working (probably not even tested either) solution at the moment as far as I can tell. Has anyone successfully got electrs to work?

Addressing the importance of using one's own node. Confidentiality is a core pillar of the security triangle. Lack of confidentiality is a lack of security. Privacy is synonymous with confidentiality.

Green is a great wallet, however to achieve full security one must run their own electrs server. But this is not possible because electrs does not work. And so Green relies on Blockstream's server. Although Blockstream is not evil; the problem is that that Blockstream probably uses "the cloud", for hosting. I think they are using google cloud (going off of whois info for the ip behind blockstream.info). This means that US intelligence agencies could see all addresses that are correlated with each other. As google (which is a spying partner with the US federal gov) is able to see all data stored and within memory (virtual RAM) of any server hosted on "the cloud". This is not just the case with google but with other mega tech companies also that offer cloud services.

Changing this to a feature request to support of connecting to one's own full node for liquid and/or bitcoin. Even if it means selecting ones own node as an entry for the SPV toggle and SPV working also for liquid. If Esplora and Elects ever support the ability to self host, then that could satisfy this feature request.