Bitcoin Cash is the 4th most used cryptocurrency, and that means that a lot of money is at stake there, almost 30 billion $, so you must ensure the safety of your funds. You should definitely get a hardware wallet and keep the bulk of your money there securely, but you might still need an online wallet for day-to-day use like trading on exchanges and so on.

In my opinion Electron Cash is the best Bitcoin Cash wallet out there, it’s very easy to use and very secure in my opinion, as much as any online wallet can be.

There is nothing much to say about it, since it’s largely based on Electrum, so if you are familiar with that wallet, then it’s just like that, very easy to use. There are only slight differences like EC has 1 more tab where they show an address converter so that you can use the new BCH address format to not confuse it with BTC, and I think EC doesn’t support RBF and other Segwit nonsense implementations.

I will mostly analyze the security of Electron Cash, in case you might have doubts about it.

Main Developer

The main developer and repository maintainer, I think he owns the main website too, is Jonald Fyookball, which is a pseudonym, it looks like we have an anonymous developer.

He is active on Medium and Reddit and Bitcointalk, where he has a pretty old account, so he is a known character.

Interestingly he has a negative reputation on the forum, but this is due to an organized psyop against Bitcoin Cash, where the Bitcoin establishment smears, censors or discredits anyone who even mentions Bitcoin Cash on their platforms.

Make no mistake about it, the Bitcoin community is tightly controlled and censored, so this doesn’t say anything about Jonald’s trustworthyness, but it say a lot about the ethics of the Bitcoin community.

Other Developers

We have in total 205 contributors but the main ones aside from Fyookball are (on the Electron Cash branch):

• SomberNight
• kyuupichan
• Marcel O'Neil
• [bauerj(https://github.com/bauerj)
• and many others

It looks like the development is in trustworthy hands in my opinion.

Website

The website is kind of amateur looking, but that is fine. It has a HTTPS certificate which for some time it was incorrectly configured, but by now it looks like they fixed it.

So at least we know that the connection is secure and we can download the Electron Cash files relatively safely.

They could fix the website though, add a TOS and Privacy Policy there, just to make the website look more professional, from an aesthetics standpoint people won’t trust software coming from an ugly website, which is illogical, but most people are like that so this should be fixed.

Name

Interestingly it was named Electrum Cash originally, but that would have been a trademark violation of the original Electrum software. So it looks like the competition strikes again, so they had to rename it to Electron Cash, which is funny because there is already an Electron named software out there, but I don’t think it’s the same niche so it might not be a further trademark violation, although I am not a lawyer so I don’t know for sure.

Anyway the name of it sounds a bit stretched, unfortunately the cool names have been taken already “Bitcoin” , “Electrum” , … all the cool names are taken, so we are left with second-hand names, which means a marketing disadvantage.

Not to mention horrible censorship everywhere, it looks like we are at a massive disadvantage, but still, Bitcoin Cash is better.

Competition

Also not to mention the Electrum developer has been constantly criticizing Electron Cash, and he might have been right, but still it’s just ironic that it has been attacked from all directions:

• https://twitter.com/ElectrumWallet/status/890148411948900353
• https://twitter.com/electrumwallet/status/891935330235973633
• https://twitter.com/ElectrumWallet/status/891954053110001665
• https://twitter.com/ElectrumWallet/status/892731209259864064

I am not saying Electrum’s dev is at fault here, he has the right to say any criticisms, but it’s just ironic to watch everyone writing bad things about Electron Cash.

Combine that with the unwarranted negative reputation on the forum of Jonald and it looks like, everyone is against him.

There were however serious attacks against Electron Cash by anonymous trolls setting up fake repos and DDOS-ing the main website:

• https://www.reddit.com/r/btc/comments/6yksod/trolls_create_fake_electron_cash_github_repo

Security Review

Security is all that matters. And despite the smear campaign, and the unprofessional nature of the project, the software is still secure in my opinion.

It’s funny that everyone criticizes it, but the latest RPC bug happened from the original Electrum’s source code, so it’s not EC’s fault. It’s been fixed since 3.1.2, so upgrade to that wallet, and sweep your coins to the new wallet, and then everything is fine.

The code is directly forked from the Electrum Github repository, and all the patches in Electrum are quickly merged into EC too, though the repositories are now separately maintained so the codebase will eventually distance itself from Electrum.

For example Bitcoin Cash doesn’t have RBF and other risky features, so in that case it’s a much simpler codebase, although bugs could still arise.

Actually the only thing that matters is the mnemonic.py file and the bitcoin.py file, which are the core generators of the seed and the private keys.

If you are to use Electron Cash as a Cold Storage, you only need these files to be secure, and of course the ECDSA script, which actually can be run alone if you have python knowledge.

Mnemonic.py

The mnemonic.py files are identical in both master branches:

• https://github.com/fyookball/electrum/blob/master/lib/mnemonic.py
• https://github.com/spesmilo/electrum/blob/master/lib/mnemonic.py

SHA256SUM: e0dc9cffa6dec8dffcb08086180f61e0c854242db6d2064df498d2eaf2291957

Therefore assuming that the packaged files have also identical mnemonic files as well, but you can check it for yourself. The 3.1.2 EC package certainly is identical with both the EC master and the Electrum master.

The mnemonic file generates the seed, so it’s very important for this file to be genuine.

The last modification for it was on Jan 6, which was a security patch originating from Electrum on Dec 27, so it looks like the patches are fairly quickly synchronized.

It fixed a low probability event to ensure the seed has enough entropy, it’s not a huge bug, but it’s good that it got fixed.

But this happened before the 3.1.2 release which was released on the 9th, thus you should anyway upgrade to 3.1.2 anyway, to have the RPC bug fixed, and sweep all your money into the new wallet, then the new seed will have more entropy due to the patch.

The 3.1.3 and the current master branch have no difference.

Bitcoin.py

The bitcoin.py file does differ. It looks like some header differences there, the Electrum master has some intitial variables there, probably a code cleanup, to make it more aesthetic:

• https://github.com/fyookball/electrum/blob/master/lib/bitcoin.py
• https://github.com/spesmilo/electrum/blob/master/lib/bitcoin.py

The max fee is 20,000 satoshi for BCH and 300,000 satoshi for BTC (lol).

Electrum has a Segwit seed and a 2FA seed, while EC has 2FA disabled as it looks now.

More Segwit addons down below…. some wittness script, also it looks like pay to script is not enabled in BCH.

So from a quick overview it mostly looks like the only difference there is the Segwit code added to Electrum, while EC doesn’t have that plus EC doesn’t have pay to script functions there.

Nothing suspicious or outstanding in my opinion.

ECDSA package

The ECDSA package is the core cryptographic library for private/public key generation, all other functions summon this package eventually, so it’s crucial that this package is error-free and genuine.

It looks like Electrum uses the python installed package of ECDSA, which comes with python by default, while EC has included the ECDSA package by itself in the repository. I don’t know why, probably for cross-platform compatibility.

There is only a “.” difference between the 2 files, which in python is a shortcut reference I believe, to the six.py file.

I don’t know why they do this, since it’s not elegant, but there is no security vulnerability here

Conclusion

Bitcoin Cash looks secure, for offline seed generation at least. I haven’t checked the other files, but files have been directly forked from Electrum, so I don’t think there is anything out of the ordinary there.

The code is on Github, every commit is signed, the code is open source, I don’t think there is any backdoor or malware in it, so it my opinion it should be as safe as Electrum for offline use.

For online use, it should be relatively safe too, although bugs could arise in the future, in my opinion it’s OK currently.

Besides other developers are working on it too, and many others can verify it, one of the early Electrum developers has switched sides and he contributes a lot to the package, so it looks like it’s in good hands.

My opinion is that Electrum Cash is safe to use, as much as online wallet are, certainly not for big amounts, but I think it’s safe to use the online version for amounts < 10,000$ and you might want to get a hardware wallet for amounts bigger than that anyway.

So don’t let the smear campaign and the disinformation campaign deceive you, check the code yourself, and evaluate the risk based on evidence, not based on rumors.

My conclusion is that Electrum Cash is a good wallet software, and it will only become better in the future, as more features get added to it and more potential bugs get removed from it.

---

Sources:
Electron Cash logo by Electron Cash developers, via MIT license

---

Upvote, ReSteem &