There are many types of bitcoin wallets – mobile, desktop, hardware. Each has its own advantages and users can choose according to their preferred features. In 2015, two developers, under the pseudonyms SamouraiWallet and SamouraiDev, decided to create a mobile wallet that would protect the privacy of users as much as possible. And they didn't just stay with a mobile wallet – they created a whole set of tools and made them available to users. We will discuss these tools and why it is important to take care of your privacy in today's article.
Right from the start, Samourai Wallet is one of the most advanced mobile wallets even without privacy features, as Veriphi's analysis of bitcoin wallets confirms.
Creators develop wallet in the spirit of the cypherpunk movement as free open-source software. There is no company behind them that would pay for development and could influence direction or supported functions. This independence is of course desirable even if any state or private entity wants to stop the development of the wallet. All the developers accept are anonymous donations in BTC.
As far as the basic functions are concerned, Samourai is a standard HD (hierarchically deterministic) wallet with today's common features such as SegWit support, arbitrary transaction fee settings, sending BTCs from unconfirmed transactions and, last but not least, sweeping BTCs from wallet private key.
Setup is simple for the average user: The user chooses whether to import a seed or create a new wallet. When created, the wallet randomly generates a 12-word seed that needs to be copied and stored for security reasons. A BIP38 password is also required for added security.
A BIP or Bitcoin Improvement Proposal is a document that proposes functions, changes, or limitations that should be introduced into a Bitcoin protocol or code. You can read more about them in our article BIP – Bitcoin Technological Enhancements.
The user then sets a 5-8 digit PIN to unlock the wallet. That's it, we can send and receive bitcoins.
After setup, the wallet behaves more or less like other "advanced" wallets and it is therefore possible to scan QR codes, set any payment fee and send it to any type of bitcoin address. Samourai Wallet supports both classic and segwit addresses (segwit compatible and segwit native bech32), both for sending and receiving. This gives users the advantage of cheaper fees. In addition, Samourai has one of the best algorithms for calculating the appropriate fee, so you should never be overpaying, as can happen with other wallets.
Samourai also supports relatively new standards, such as Replace-by-fee, which allows an existing unconfirmed transaction to have fee increased, or a partially signed bitcoin transaction (PSBT) that allows you to deposit a transaction from an offline wallet (such as a Coldcard HW) and send it.
A convenient feature is the possibility of periodically storing an encrypted wallet backup to the device. When you delete an application and reinstall it, the application will automatically offer a restore from the backup, which requires only a password.
More experienced users will appreciate advanced features such as batch spend – the ability to send BTCs to multiple addresses in a single transaction. Wallet also allows you to switch to offline mode, where the created transactions are not sent to the bitcoin network, but stored in the clipboard. The user can then send the transaction from another device or send it to someone else who sends it to the bitcoin network for him.
The apparent drawback of Samourai Wallet is that the wallet does not support displaying values in any fiat currency – only in BTC or satoshis. Creators expressed their reasons in this blog post – from their point of view, putting BTC values in USD is confusing for users.
The developers of Samourai Wallet have long been one of the greatest advocates of freedom and privacy. They openly fight instruments used by private companies and governments with intentions to persecute citizens who use cryptocurrencies. It should be added that they are doing very well in this field.
Since Samourai Wallet was created to protect the privacy of users, it is not surprising that in this area it excels over other wallets. So, of course, Samourai does not collect any data about the user, both digital and biometric – so it cannot be expected that the wallet will ever have a function to be unlocked by fingerprint or will have multi-factor authentication.
For communication with Samourai servers it uses an anonymized TOR network connection – data and user identity including IP address are thus protected.
Why should I care about my privacy? I have nothing to hide.
In the world of the Internet, where we all leave a lasting digital footprint, privacy is a very underestimated commodity. Very few people realize that their data is collected and stored for decades on backups of various systems.
Just as we could not imagine the Internet in its present form twenty years ago, we do not know what will happen in the next 20 years. But we know that international corporations collect data about us and often sell it to other companies or make it available to governments.
China and its transformation into a digital dictatorship of the 21st century, taken from George Orwell's novel, show us a good picture of what might theoretically happen.
In this respect, Bitcoin is currently somewhat double-edged – giving individuals the opportunity to regain financial independence and exchange freely, on the other hand, its open transparent blockchain acts as an open book in which everyone can browse through the transactional history of all involved.
For this reason, we must actively defend ourselves now and not allow anyone to analyze how people have exchanged at any time in the future and thus be able to persecute them in any way.
As one of the few wallets, Samourai Wallet supports the BIP47 standard, ie reusable payment codes. This standard was developed in April 2015 to protect privacy, such as accepting anonymous donations using BTC. Address reuse is, as is well known, a big problem.
BIP47 works by opening a payment channel with one transaction first. This channel then generates a new address for each payment, known only to the recipient and sender. This is all due to cryptography, so no wallet connection is required. The payment channel address BIP47 can be distinguished from the standard BTC address by starting with the letter "P".
Because this standard fits perfectly with the Samourai Wallet concept, the creators decided to make a superstructure called PayNym over it. PayNym is a unique representation of a BIP47 address – an image and name that is derived from this address in a readable and clearly recognizable form. With the advent of the Lightning Network, while BIP47 may seem somewhat unnecessary, BIP47 has the advantage of not having a Bitcoin full node and a Lightning node for channel creation and payment.
A full node indicates a node that has a history (the entire bitcoin blockchain) and validates all the blocks and transactions sent to it by other nodes. As a result, there is no need to trust third parties.
As a minor cherry, Samourai also supports the BIP69 standard for deterministic ordering of transaction inputs and outputs. This means that all wallets that use this standard leave the same imprint on the blockchain, and it is impossible to trace back what wallet the user used to create the transaction.
With these standardized privacy enhancements, however, Samourai Wallet does not stop, but begins to deploy heavier calibers.
Stonewall is a tool that can disguise common transactions to look like CoinJoin transactions. For a common transaction, it is very easy to recognize which of the transaction outputs is the part being sent and which is the change or surplus.
Blockchain analysis firms can easily trace bitcoins and deanonymize their owners. Stonewall breaks down this process by not being able to say for sure whether the transaction is real CoinJoin or not and which of the outputs is a real surplus.
CoinJoin technology combines a number of unmistakable bitcoins of varying value into a single transaction from which users reclaim their but already interchangeable bitcoins of the same value as everyone else.
To use Stonewall, you need to have a set of unspent outputs in your wallet to create transactions with sufficient entropy – an algorithm called Boltzmann that calculates the entropy of the transaction and the linkability of individual inputs and outputs. However, if a user does not want to use Stonewall for any reason, they can deactivate it and the transaction will be created in the normal way.
A common transaction has the only possible interpretation and is therefore clearly traceable from where and where the bitcoins go. The Stonewall transaction has three interpretations. It is not absolutely perfect because it contains deterministic lines, but for some analysis tools it may look like CoinJoin. What is important is that whoever is watching cannot be sure.
As the name suggests, Stonewallx2 is a version of Stonewall enhanced by two people working together. In this case, as the authors themselves mention, it is a mini-CoinJoin. This is the same as Stonewall except that the inputs and outputs of two users are in the transaction instead of inputs from one user. Stonewallx2 is virtually indistinguishable from ordinary Stonewall transactions and vice versa, which in turn reduces linkability and makes it difficult for analytical companies to work.
In Stonewallx2, creating a transaction is not an automated process. A user who wants to create such a transaction must ask another Samourai Wallet user to cooperate, either in person or through a communication tool. This means that these transactions are not nearly as common as Stonewall transactions and creating a Stonewallx2 transaction takes a little more time. But if someone cares about their privacy, they usually like to wait.
Another specialty for Samourai Wallet users is Stowaway. It is a transaction between two users that can hide the forwarded amount. Let's say user A wants to send 0.1 BTC to user B and user B already has 0.1 BTC in his wallet. Together, they are able to scan a few QR codes to create a transaction that looks like User A was sending 0.2 BTC to User B. Again, this spoils any blockchain analysis because it is not possible to see how much the amount was actually forwarded in the transaction.
One of Samourai Wallet's other anonymization features is Ricochet. This feature allows you to create several "jumps" between the requested transaction – in fact, it creates a series of transactions that follow each other so that the original sending address is not the one from which the seemingly bitcoins are leaving.
Ricochet is especially useful for people who send their bitcoins to an exchange. Some services track several transactions back, whether the transaction originates from a "tainted source" or from a source they consider to be illegal, such as CoinJoin transactions or online casino transactions.
Ricochet creates several successive transactions and sends them to the bitcoin network. Of course, the user must pay an appropriate fee for each transaction, which is why Ricochet is more expensive than a regular transaction. In addition, Ricochet allows you to send each follow-up transaction only after the previous one has been confirmed in the blockchain, making it difficult to analyze further. This process may take a long time, but again: those who care about their privacy can take the time.
Mixing bitcoins using Whirlpool directly within your mobile wallet is one of the most killer features that Samourai Wallet offers, the next step to gain transactional privacy on the street.
How Whirlpool works directly and how it differs from other solutions is described below, we will just mention that Samourai is currently the only mobile wallet that supports mixing - so there is no need to sit at a computer, everything can be arranged from the comfort of your favorite bitcoin café.
Convenient mixing only takes a few steps. The user switches to the Whirlpool window (using the button in the lower right corner). Then use the button to select that he wants to mix and select the necessary inputs. In the end, all you have to do is choose the pool in which the bitcoins are to be mixed in and choose the amount of the fee for the miners. That's all, now you just have to wait for the transaction to be confirmed and the bitcoins will be mixed automatically.
It should be added that due to various optimizations to save battery on Android phones, the application could be disconnected from the coordination server, which would interrupt the mixing. There is no risk of losing bitcoins, you just need to keep the application online until the bitcoins are premixed.
Even so, it is recommended to let the Bitcoins mix further. Firstly, it is completely free, secondly, the user gains better anonymity and increases their transactional privacy, and thirdly, it also protects against hypothetical deanonymization by Samourai Wallet. Especially for the last reason, it is recommended by the creators to run your own Dojo, which minimizes this risk - see below in this article.
Subsequent spending of mixed coins works like regular spending - so it is possible to use tools such as Stonewall, StonewallX2 or Ricochet, which further help maintain the acquired transactional privacy. An intentional security measure is that it is not possible to combine mixed and unmixed bitcoins in one transaction - this measure is in the interest of the user and cannot be bypassed.
More technical details on Whirlpool mixing are described in the Samourai Whirlpool section.
Sentinel is another mobile app from the Samourai Wallet stables. However, it is not a bitcoin wallet, but only a tool for tracking balances on bitcoin wallets. It is possible to import any XPUB or address into Sentinel and then monitor the balances on these wallets. At the same time, unlike Samourai Wallet, it has the option to display the balance in fiat currency, such as USD.
This application is suitable for users who want to see the value of BTC stored for example on their cold storage (Trezor, ColdCard, etc.) or who want to receive payments directly into this cold storage – just click in Sentinel and generate a new accept address payments to that account. However, Sentinel cannot spend, which is all its point – it just keeps track of your balances.
How can I be sure in the Bitcoin world that the transactions I see are not falsified and comply with the protocol rules? There is nothing better than running your own bitcoin full node, which validates everything.
Better yet, I have a mobile wallet attached to this full node, which also protects my privacy by not sending my addresses and balances to unknown servers. The answer of the creators Samourai Wallet to this problem is called Dojo.
Dojo includes the official Bitcoin Core in the latest version and a set of tools around to make the installation and setup as simple as possible, so that privacy and financial sovereignty can be achieved with the least effort.
The Dojo can be installed on any common computer, but you must have at least 4 GB of RAM and ideally 1 TB of free space because the bitcoin client must download and validate the entire bitcoin blockchain.
Currently you need to be able to install with command line to install support software and configuration, but this process should hopefully be simplified over time. Luckily, there is a community of enthusiasts who give instructions on how to get Dojo running on a variety of hardware, including Raspberry Pi 4.
Dojo creators, however, have a solution for those who do not want to deal with any installation. They have partnered with the manufacturer of the "bitcoin box" Nodl. This box is a great solution for users who want to use Bitcoin without complicated installations and setups.
In addition to the standard bitcoin client, it also includes a client for Lightning Network, a BTCPayServer payment gateway, or an ElectrumX server to connect the Electrum wallet.
Thanks to this partnership, Nodl will include the Dojo and a special edition in red with the Samourai Wallet logo. This Nodl box also includes additional security features to protect users and their finances. Among other things, full disk encryption and a fuse that erases the entire disk, if anyone forcibly opens the box, to prevent data theft.
Dojo also contains encrypted connection via TOR, communication with other bitcoin nodes only through it and does not reveal the user's IP address. The user's Samourai Wallet communicates with Dojo via TOR, which prevents eavesdropping, man-in-the-middle attacks, and the disclosure of the user's IP address.
For better privacy, you need to create a new wallet in Samourai Wallet to connect to the Dojo, instead of importing the old one – other servers can know the addresses of an existing wallet and the privacy gained could be minimal.
Another reason is that the Dojo would have to reindex all addresses and scan the blockchain to determine their balances, which is time consuming. The requirement to create a new wallet therefore has its substantive justification, although this may mean extra work to move balances.
Whirlpool is a bitcoin mixing tool, a means to get bitcoin interchangeability – a clear competition with tools like JoinMarket or Wasabi wallet. Thanks to its architecture, however, Whirlpool leaves these competitors behind, trampled into the ground.
While the Wasabi Wallet focuses on having as many participants in a mixing transaction as possible and having a big anonset, Whirlpool is on the other side – for the perfect CoinJoin, five participants are enough.
Wasabi has no protection against address reuse, or so-called postmix tools that would prevent unwanted deanonymization – for these cases Samourai Wallet has Stonewall and Stowaway. Moreover, the Wasabi outputs are not the same, and the anonymity gained is often questionable, as some transaction outputs could be still linkable to their owners.
Whirlpool creators therefore chose a different approach – there is no need to have a large number of participants in the mix, it is necessary that all outputs of the mixing transaction have the same value.
Even for inclusion in the mixing pool, it is necessary to first create a so-called premix transaction – this transaction cuts the input BTC into the necessary smaller parts, which then perfectly fit into the mix. The result is a transaction without any deterministic links.
Whirlpool currently has three pools – 0.5 BTC, 0.05 BTC and 0.01 BTC. Of course, the smallest is the highest liquidity, and there are the most mixes per day – sometimes around twenty.
The advantage to the quality of mixing is that, unlike Wasabi, one never mixes with himself – he never has more than one input in a CoinJoin transaction. This, of course, again improves the quality of the mix, because it cannot happen that an entity wanting to deanonymize others in the mix has 4 inputs out of 5 – this type of deanonymization attack is called Sybil attack.
Another benefit of Whirlpool is its low mixing fees. Regardless of the amount of mixed bitcoins, Whirlpool has a fixed fee to enter the pool (unlike Wasabi, where the fee is proportional), so mixing more bitcoins is really worth it. For comparison, there is also an analysis that graphically depicts the approaches of both tools.
The Killer feature of Whirlpool is mainly that once you enter the pool, you can let your bitcoins mix indefinitely for free. Such users are called "freeriders" and coins that mix over and over again are, of course, much more difficult to trace. The fee for the mix is always paid only by new entrants to the pool and the others are carried with them. However, there may be a maximum of two freeriders in the mix, so mixing for several rounds can take several days. Again, the rule is that anyone who wants privacy will like to wait.
Whirlpool is currently only available as a desktop application that needs to be linked to your wallet. This step is simple and it is just a scan of the QR code.
In order for the user to be able to mix "endlessly" without having to have a constantly active computer, it is ideal to start the Whirlpool on the same equipment as the Dojo.
From the graphical interface, it then connects to this Whirlpool-cli to retrieve information from it. Whirlpool will also be available on the already mentioned Nodl box, so it should be used by its owners without major difficulties. The creators of Samourai Wallet are also working hard to integrate Whirlpool directly into the wallet, making it virtually easier for ordinary users to mix.
In order to develop wallets and anonymization tools, the creators of Samourai Wallet need tools that can explore and analyze the extensibility and history of bitcoins. For this purpose block explorer OXT.me was created. OXT is not just an ordinary block explorer, on the contrary – it is an analytical tool.
OXT is able to analyze bitcoin transactions and determine the entropy and linkability of individual outputs using the Boltzmann algorithm. Subsequently, it can assign addresses, inputs and outputs to individual anonymous entities and track bitcoin flows between these entities. In addition, it provides graphs and visualizations to better represent data and bitcoin flows.
Thanks to OXT, another great tool called KYCP – Know Your Coin Privacy was created. This simple website can use OXT data to visualize the interlinkability of individual transaction, inputs / outputs and other privacy-sensitive transaction information such as address reuse.
Thanks to these analytical tools, everyone can see how his bitcoins are, whether or not he mixes them. An open transparent blockchain has its advantages and disadvantages and, as the creators themselves say: privacy is a fight.
Although Samourai Wallet does not plan any integration with the Lightning Network now and probably not in the future, it does not necessarily hurt. Among other things, the authors acknowledge what long-term proponents of various privacy-oriented altcoins have been saying, namely that privacy and fungibility cannot only be on the second layer, but must be on the first layer as well. And since privacy, as well as scalability, is never a goal but a long-term process, we can expect Samourai to be here with us for a long time.