Hostile Electrum servers are a reality, address this

[ln2max]

Another way Chainalysis captures Bitcoin user data is by running nodes that verify transactions, the documents confirm. This allows the company to capture data leaks on the publicly accessible internet, or clearnet, from users’ simplified payment verification (SPV) wallets. Those services were designed to prioritize easy storage over foolproof security (although to be fair they are arguably more secure than wallets that rely on APIs to verify transactions).

“The downside to this design is that when the user wallet connects to the network, a variety of information is revealed - the user’s IP address, the full set of addresses in the wallet (used and unused) and the version of the wallet software,” according to the slide deck. “Chainalysis runs a series of nodes on the Bitcoin network ... and if a user connects to one of our nodes, we receive the above information.” https://www.coindesk.com/business/2021/09/21/leaked-slides-show-how-chainalysis-flags-crypto-suspects-for-cops/

Currently proposed solutions: https://github.com/spesmilo/electrum/issues/4439 https://github.com/spesmilo/electrum/issues/496

[Transisto]

https://github.com/spesmilo/electrum/issues/6402 Low hanging fruit solution.

Simply selecting 3-4 trusted servers is reliable enough and most likely privacy preserving.

Sparrow Wallet at least is trying to limit people destroying their privacy.