search

romanz / electrs

An efficient re-implementation of Electrum Server in Rust
MIT License
1.06k stars 395 forks source link

Bug: electrs leaking sensitive scripthash values into logs, while exploring self-hosted mempool #974

Closed ghost closed 9 months ago

ghost commented 9 months ago

Description

electrs leaking privacy sensitive scripthash values into logs, while exploring self-hosted mempool.space in the browser

Many thanks for looking into this issue!

Version

electrs server 10.1, and mempool 2.5

Steps to reproduce

  1. Connect to your electrs server in self-hosted mempool.space backend
  2. Explore self-hosted mempool.space in browser
  3. For example, click on transaction history of an address
  4. See error message in electrs logs

Expected behaviour

no leak of privacy sensitive scripthash values into logs

Actual behaviour

leak of privacy sensitive scripthash values into logs

INFO your wallet uses less efficient method of querying electrs, consider contacting the developer of your wallet. Reason: blockchain.scripthash.get_history called for unsubscribed scripthash: 123abc

System running electrs server

/etc/nginx/streams-enabled/electrs.conf

upstream electrs { server 127.0.0.1:50001; }

server { listen 50002 ssl; proxy_pass electrs; }

/mempool/backend/v2.5.0_mempool-config.json

Note that, the default config for mempool refers to electrs server as "electrum" backend...

{ "MEMPOOL": { "NETWORK": "mainnet", "BACKEND": "electrum", "ENABLED": true }, }, "ELECTRUM": { "HOST": "127.0.0.1", "PORT": 50002, "TLS_ENABLED": true },

romanz commented 9 months ago

I think that this issue was resolved by https://github.com/romanz/electrs/commit/bf78c131cffbe1edb7c32dcb4baf68396b0f723b, which was released in 0.9.9 version.

romanz commented 9 months ago

@4ezb2 Are you sure this still happens on 0.10.1 version?

ghost commented 9 months ago

@romanz Yes, I recently updated the version to 0.10.1 and my server has been running successfully for quiet a while.. But, honestly I am not familiar with all of the intricacies of how "wallets" interact with my electrs server in the background. Instead, I simply know how to manually configure them to connect correctly.

Anyway, I'd like to clarify that this INFO message shows up ever time I use my self-hsoted mempool in the browser to search for e.g. address balance or transaction id. However, I just double checked my electrs server to find that there is nothing else in the logs besides this INFO message. Meaning that, the message simply ends with "[...] history called for unsubscribed scripthash" and there is no semicolon, nor anything else. So perhaps, I jumped to conclusions too fast and there is no sensitive data leaked in the logs after all.

updated log

INFO your wallet uses less efficient method of querying electrs, consider contacting the developer of your wallet. Reason: blockchain.scripthash.get_history called for unsubscribed scripthash
Kixunil commented 9 months ago

@4ezb2 I noticed you mention mempool. It's quite likely you're using their fork not this version. If so please open issues at their repo next time, not here.

We should really do something about it, these issues are repeating and responding to them is inefficient.

ghost commented 9 months ago

Hi @Kixunil, I am not running their fork, as mentioned above deployment method: manual.

And, I did open an issue there too #4496, but like I said I am not familiar with all of the intricacies of how "wallets" or "mempool" interacts with my electrs server in the background. Instead, I only know how to manually configure and maintain them correctly.