How to Install an Electrum Server using Full Bitcoin Node and ElectrumX


In the event of a contentious hard fork and a possible coin split, user's wealth may be in danger without a proper "replay protection" being implemented. This holds true even more so when a user runs a lightweight wallet such as Electrum.

Electrum's developer Thomas Voegtlin has published a document on how to safely split coins should such event occur.

However, this method relies on 3rd party servers that the wallet connects to. In the Bitcoin world, 3rd parties should not be trusted under any circumstances.

I'll show you how to overcome this limitation by setting up your own Electrum server.

This tutorial is aimed at Mac OS X and Debian-based Linux distributions. It should work with other Linux distros too. Sorry, I don't have a Windows machine.

Before you start, make sure to install a full Bitcoin node first and set at least the following minimum options in bitcoin.conf:

server=1
listen=1
daemon=1
txindex=1
rpcuser=<random username>
rpcpassword=<strong password>

Use random string generator for rpcuser and rpcpassword. The longer, the better.

If you already have bitcoin node installed, you need to reindex the blockchain:

bitcoin-cli stop
bitcoind -reindex

When running Bitcoin-Qt it should be enough to just close and reopen the wallet. It will reindex the chain automatically.

Install Python 3.6

ElectrumX developer decided to use newer Python 3 which isn't installed on many operating systems by default.

Let's install it manually.

on Mac OS X

Installing the latest version of Python on Apple's OS X is very easy using homebrew:

brew install python3

on Linux distributions

There are many different options to install Python 3.6 based on your Linux distribution.

Ubuntu (option 1)

The latest Ubuntu (16.10 as of now) only comes with Python 3.5. You will have to install the newer version from a 3rd party repository:

sudo add-apt-repository ppa:jonathonf/python-3.6
sudo apt-get update && sudo apt-get install python3.6 python3.6-dev

Other Debian-based distro (option 2)

Some Debian-based distributions may already be shipped with the latest Python.

Let's see:

sudo apt-get update python3.6 python3.6-dev

In a case of an error try using the following option instead.

From a source (option 3)

If you can't install it from a repository, just compile it from the source code. It should work for most distros.

cd /tmp
wget https://www.python.org/ftp/python/3.6.1/Python-3.6.1.tgz
tar xvf Python-3.6.1.tgz
cd Python-3.6.1
./configure --enable-optimizations
make -j4
sudo make altinstall
python3.6 --version

Please note that the compilation will take "forever".

However, if your CPU has more than 4 cores, you can speed it up a bit by using make -j8 instead.

Install required Python packages

You will also need to install some Python 3.6 dependencies for ElectrumX.

pip3 install aiohttp pylru plyvel

If the above command gives you an error, try installing running it with sudo.

Install and set up ElectrumX

Get the ElectrumX code from a GitHub repository:

mkdir ~/source
cd ~/source
git clone https://github.com/kyuupichan/electrumx.git
cd electrumx

Run the installation script:

python3 setup.py install

Next, create a data folder where the blockchain data will be stored:

mkdir ~/.electrumx

Create a self-signed certificate

To allow Electrum wallets to connect to your server over SSL you need to create a self-signed certificate.

Go to the data folder:

cd ~/.electrumx

and generate your key:

openssl genrsa -des3 -passout pass:x -out server.pass.key 2048
openssl rsa -passin pass:x -in server.pass.key -out server.key
rm server.pass.key
openssl req -new -key server.key -out server.csr

Follow the on-screen information. It will ask for certificate details such as your country and password. You can leave those fields empty.

When done, create a certificate:

openssl x509 -req -days 1825 -in server.csr -signkey server.key -out server.crt

These commands will create 2 files: server.key and server.crt.

When configuring the ElectrumX instance, make sure to add server.key to SSL_KEYFILE and server.crt to SSL_CERTFILE. More on this in the next step.

Launch ElectrumX as service

First, make sure a fully validating Bitcoin node is running:

bitcoin-cli getinfo

If you've installed Bitcoin-Qt the chances are bitcoin-cli is not present.

Use ElectrumX's script instead:

python3 ~/source/electrumx/electrumx_rpc.py getinfo

It should output information about your node such as block height, open connections etc.

If it doesn't, run the node first.

on OS X

OS X lacks Systemd to manage system services, so we will use UNIX's default svscan instead.

Create a service folder that will hold symlinks to ElectrumX scripts.

mkdir ~/service

Copy daemontools scripts from the GitHub repo to your home directory:

mkdir -p ~/scripts/electrumx
cp -R ~/source/electrumx/contrib/daemontools/ ~/scripts/electrumx

Set up ENV variables within ~/scripts/electrumx/env folder. Each variable is located in a separate file.

Please refer to ElectrumX's documentation or have a look at my settings and change it accordingly.

Initialize svscan process to monitor electrumx services:

svscan ~/service & disown

Add services to the folder:

cd ~/service
ln -s ~/scripts/electrumx electrumx

They should be immediately recognized by svscan.

Check the last few lines of the log to see whether the service outputs any errors:

tail -F ~/.electrumx/logs/current | tai64nlocal

If it does, check your configuration again. Errors are pretty self-explanatory but if you're stuck, let me know in the comments section.

ElectrumX is very resource intensive when it comes to open files so it needs a higher limit:

ulimit -n 10000

Check that it worked:

ulimit -a | grep 'open files'

Make sure the limit is set after every restart:

echo "ulimit -a 10000" >> ~/.bash_profile

Restart the service for new changes to take effect.

Stop the service:

svc -d ~/service/electrumx

Always wait for the service to be terminated properly by checking with logs.

Start the service again:

svc -u ~/service/electrumx

Above commands will only execute when svscan is already initialized. You can check the service's status with:

svstat ~/service/electrumx

on Linux

Most if not all Debian-based distribution use Systemd by default. Make sure that is the case for your system:

sudo stat /proc/1/exe | grep systemd

If it outputs something like File: '/proc/1/exe' -> '/lib/systemd/systemd' you're good to go.

Open a sudo session and copy a service file from the ElectrumX repo to your Systemd directory:

sudo -s
cp ~/source/electrumx/contrib/systemd/electrumx.service /lib/systemd/system/

Edit the file to match your setup:

vim /lib/systemd/system/electrumx.service

Press i and start editing.

You need to edit at least ExecStart and User variables.

ExecStart=/home/bitcoin/source/electrumx/electrumx_server.py
User=bitcoin

When you're happy with the changes, hit ESC and type :wqa followed by ENTER.

Create a configuration file for the server:

touch /etc/electrumx.conf
vim /etc/electrumx.conf

and configure it according to your environment.

Please refer to ElectrumX's documentation or have a look at my settings.

Start the service:

systemctl start electrumx

and check the output:

journalctl -u bitcoin -f

If it gives you no errors, enable the service:

systemctl enable electrumx

You can exit the sudo session now:

exit

Set up a Banner file

Say hi to connecting Electrum wallets (via Electrum console) using a banner file.

It may contain any information such as your server version, donation address, contacts and even info on other services you offer. It's purely up to you.

The content of my banner.txt file looks like this:

Welcome to satoshi.onthewifi.com, a Taiwanese Bitcoin Electrum node sponsored by freedomnode.com!
Donation address: $DONATION_ADDRESS
Bitcoin Core $DAEMON_VERSION
$VERSION
If you would like to support this server you can donate by clicking
Help -> Donate to server
in your Electrum Client or use $DONATION_ADDRESS directly.
Thank you!
Contact: support@freedomnode.com

and is located in the data folder ~/electrumx.

You can save it to any location and let ElectrumX know via BANNER_FILE variable in either env/ folder or /etc/electrumx.conf depending on your operating system.

Don't forget to restart the server after changing any server's settings.

Accept incoming connections

If you want to help the network and let others connect to your server, you have to open specific TCP ports.

For a default Electrum set up, those ports are 50001 and 50002.

On Linux, this can be easily done via iptables:

sudo iptables -A INPUT -p tcp --dport 50001 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 50002 -j ACCEPT

However, Mac OS X users will need to install some kind of firewall. The built-in one only manages outgoing connections.

There are a few options such as Little Snitch but none of them are free to my knowledge. If you know about one, please let me know.

Also, don't forget to open ports on your router if applicable. There are too many routers to cover them in this tutorial. Sorry.

To test the connection, open your Electrum wallet. Start it with an argument --oneserver for extra privacy.

On Mac OS X the command is:

open -a /Applications/Electrum.app --args --oneserver

On Linux:

electrum --oneserver

Click a green/red dot in the bottom right corner. A server configuration will pop up.

Unclick "Select server automatically" and type in your server's local/remote IP address or a hostname. Click "Use SSL" and confirm.

If you did everything right, your wallet should start synchronizing the chain data immediately. It shouldn't take more than 10 seconds to finish.

Congratulations! You no longer rely on "trusted" 3rd parties. You also made yourself protected from contentious hard forks and coin splits.

Please let me know in the comments section below if you have any questions or suggestions.

If you like this post, please support the author by donating some bitcoins. Thank you!

What do you think?
WE THOUGHT YOU'D LOVE THESE POSTS TOO

Are you tired of political parasites getting in your way of life?

If yes, let us help you out with our EXCLUSIVE newsletter.

SIGN UP NOW... IT'S FREE

Hide your financial assets with Bitcoin and other cryptocurrencies.

Make your communication private using open-source cryptographic tools.

Mitigate the risk of single point of failure in anything you do with decentralized technologies.

Are you intersted? Then become our subscriber, receive exclusive content straight to your inbox + claim your FREE e-book!

* required
Subscribe to get access to our exclusive content + claim your FREE e-book!