How to run a dockerized Electrum server to improve Bitcoin privacy
Though it's incredibly lightweight, the default configuration of Electrum is not particularly private. You must regularly send hashes of your bitcoin addresses to an Electrum server, which can naturally be spied on or misused. Electrum Personal Server (EPS) is an effort by Chris Belcher to create a more secure and private Electrum bitcoin wallet that can easily be connected to your own full node.
As a full node server, Electrum Personal Server downloads the entire blockchain and scans it for the user's own addresses. As a result, you no longer have to send Bitcoin addresses to an outside server – it's all done locally. Importantly, it's also lightweight, Bitcoin Core pruning compatible, and supports Tor to resist traffic analysis. Despite all this, users still benefit from the traditional Electrum wallet interface and functionality, making it a natural pick.
Unfortunately, the semi-complex setup of EPS can be a barrier to entry. As big believers in the right to privacy, we want to make deploying such a server as easy as possible. As a result, we have created a dockerized version of Electrum Personal Server that you can use to deploy and it with minimal input or configuration.
This guide will build on our repo instructions to make deploying an EPS even more approachable.
Pre-requisites
Electrum Personal Server is lightweight, so you require minimal CPU, RAM, and disk space requirements. You only need the space for a full node, and even then we can use pruning to reduce the size from 290 GB+ to around 2–7 GB. We'll be using Ubuntu 20.04 for this tutorial, but you should be able to follow along on any Unix-like system with some minor modifications to commands.
You'll also need both Docker and Docker Compose. You can follow our quick start Docker Compose guide here, or simply run the following command:
apt update -y && apt install docker docker-compose -y
If you plan to run your Electrum Personal Server on a different machine to Electrum, such as on a VPS, it's recommended you install Tor on both machines. This will ensure your IP address won't be linked to your BTC addresses and therefore enhance your privacy.
You can install Tor with:
apt update -y && apt install tor -y
If you're not using your root user, you must add your user to the tor
group or debain-tor
group, then relog:
sudo usermod -aG debian-tor YourUser
If your local PC runs Windows or macOS, you can download Tor here.
How to install Dockerized Electrum Personal Server
With the initial preparation out of the way, we can move on to the EPS installation and configuration. First things first, clone the dockerized EPS repo with the following command:
git clone https://github.com/BitLaunchIO/docker-electrum-personal-server.git
Configuring Tor on your docker-eps host machine
If you'll be using Tor, copy the torc
config file from the repo to /etc/tor/torrc
to enable connection to the EPS over tor on your docker-eps host machine:
cp docker-eps/torrc /etc/tor/torrc
Restart the Tor service with:
systemctl restart tor
Configuring Tor on your electrum client machine
You'll also need to create a torcc
file on your Electrum client machine if you'll be using Tor. On Linux, you can do so with:
cd docker-eps
sudo nano /etc/tor/torcc
If you're on Windows, you'll find the file in TorBrowser\Browser\TorBrowser\Data\Tor
. You can edit it with any text editor. On macOS, your torcc is in ~/Library/Application Support/TorBrowser-Data/Tor
. This folder may be hidden on newer version of macOS, in which case you can press "Go to Folder..." in Finder and type ~/Library/Application Support/
.
Add the following to your new torcc
file or replace the existing lines with:
User tor
ControlPort 9051
CookieAuthentication 1
CookieAuthFileGroupReadable 1
Save the changes with Ctrl + O if you're using nano or Ctrl + S on other OSes, and restart Tor:
sudo systemctl restart tor
Configuring your Electrum Personal Server
With that done, it's necessary to add your public Electrum wallet keys to the config.ini on your electrum server host. This will allow EPS to scan for transactions and find your addresses.
You can change the config file with:
sudo nano docker-eps/config.ini
Add the following lines, replacing xpubkey
and zpubkey
with your public wallet keys:
mywallet = xpubkey
myotherwallet = zpubkey
Save the changes with Ctrl + O and exit with Ctrl + X.
You'll also need to edit your bitcoin.conf file so that it has the necessary tor nodes to sync to the blockchain. Edit the config with:
sudo nano docker-eps/bitcoin/bitcoin.conf
Grab the addresses of some onion nodes from Google or the wiki. Paste them into your config with the following format:
addnode=btcnode1.onion
addnode=btcnode2.onion
Save the changes with Ctrl + O and exit with Ctrl + X.
Starting your containers
With configuration and initial setup complete, we can start our containers. Bear in mind that bitcoin core has to sync the blockchain the first time. Sync time can vary wildly depending on your internet speed and hardware. It may take days or even weeks to verify each block. Even if you run in pruned mode, the entire blockchain has to be downloaded, as it will simply remove the blocks that are no longer needed.
This is where a VPS comes in handy. You can leave it running 24/7 and make use of gigabit internet/scalable hardware. That said, if you're patient, it's definitely possible to do this on a home server. All you have to do to start your container is run the following command:
cd docker-eps && docker-compose up --build -d
If you see errors in the EPS logs, it's likely because it won't be able to connect to the Bitcoin core node until it has finished syncing to the blockchain. Depending on your hardware and internet connection, it could take a while for bitcoind to sync – even days or weeks. Once everything is fully synced, you must create a wallet on your docker-eps host server. This will let Electrum Personal Server import your Electrum addresses and check for incoming transactions. To do so, run the following command:
docker exec -t docker-eps_bitcoind_1 bitcoin-cli createwallet electrumpersonalserver
If your wallet has historical transactions, EPS will need to rescan for them, which requires disabling pruning. Edit your bitcoin.conf with the following command:
sudo nano docker-eps/bitcoin/bitcoin.conf
Find the line that starts prune=550
and add a #
before it to comment it out. Save your document and then edit the Dockerfile.eps
by running:
sudo nano docker-eps/Dockerfile.eps
Comment out the line starting with CMD ["electrum-personal-server"],
and add this one below it instead:
CMD [“electrum-personal-server”, “--rescan-date”, “<DD/MM/YYYY or block-height>”, “config.ini”]
Once the scan is complete, you should revert the changes to both files and use as normal.
How to connect Electrum to your Electrum Personal Server
With our Electrum Personal Server up and running, we can connect Electrum to it. However, we must first find the onion address:
cat /var/lib/tor/bitcoin-service/hostname
When you start Electrum, do so with the following command:
- For a local install:
electrum --oneserver --server 127.0.0.1:50002:s
- If you're running on a different machine:
electrum --oneserver --server myeps.onion:57283:s -p socks5:127.0.0.1:9050
Your Electrum Personal Server should now be good to go. Remember, it could take some time for bitcoind to sync to the blockchain, so some patience may still be required. If you run into trouble or would like to customize EPS further, check out the official how-to and supplementary setup guides on its wiki. If you're a BitLaunch customer, you can also get in touch with our live chat, which is open 24/7.