Opt Out Podcast, by Seth For Privacy | Privacy on Bitcoin with Samourai Wallet
Link to the YouTube: https://youtu.be/mD_mLbpYV0U
Seth For Privacy: Welcome on Opt Out, Samourai.
Samourai Wallet: Thank you for having me Seth, really happy to be here.
Seth For Privacy: Yeah man, I’ve been a huge fan of Samourai Wallet for what feels like years now. It may actually not be that long, but it seems like it’s been a while that I’ve been using and following Samourai. And I just really, really feel that y’all are one of the last few bastions of a pro-privacy focus in the Bitcoin space, and y’all really do push the memo hard on the need for privacy in a space that tends to move away from that over time. So I’m super glad to have you on to learn a little bit more about Samourai myself and introduce listeners who may not know what Samourai is yet. But for those who haven’t heard of you, do you mind just introducing yourself a little bit? And telling us a little bit about what Samourai Wallet is?
Samourai Wallet: Sure, yeah. Well I just go by Samourai Wallet or The Intern or Wallet Guy depending on which community I’m acting in. I started Samourai Wallet in 2015 with my co-founder who is known as TDevT, or SamouraiDev, and it was just the two of us. We had both gotten into Bitcoin around the same time in late-2012, and we had both around the same time quit our fiat jobs to go work on Bitcoin full-time in early 2013. So we were in the space and we were both interested in the whole idea and user experience and just the brave new world of Bitcoin wallets. So we both shared that interest, and in your intro you mentioned — and it means a lot coming from you that you regard us as one of the last bastions of Bitcoin privacy — well in 2015, when TDevD and myself decided to start Samourai, we started it because we felt like the privacy angle and the privacy emphasis was starting to wane in Bitcoin that early, and we felt like there were no bastions of privacy left. So if no one was going to do it — instead of complaining — we should do it ourselves. That was really the impetus to starting Samourai Wallet, and I hope that we’ve succeeded to some degree, though the landscape and the situation and the state of the community and whatnot is completely different now in 2022 than it was in 2015. We saw the early signs, and Samourai was very much a response to what we perceived as a lack of emphasis on privacy and the importance of privacy.
Seth For Privacy [3:43]: Yeah that was very early on in the space, and especially early on to be quitting normal jobs to work in cryptocurrency. A pretty bold move!
Samourai Wallet: Yeah, tell me about it!
Seth For Privacy: I’m sure there were definitely some worries there when you made the jump, but it’s awesome to see that you’ve been able to just persist in that and not have to revert back to a normal job, and have been able to make that really work for you.
Samourai Wallet: Yeah, it was definitely a risky move, but I wouldn’t do it any differently — let me just put it that way.
Seth For Privacy: Yeah, it’s definitely — when the opportunity is there, it seems like something that is absolutely worth it, from the people I’ve talked to who have gotten into the space.
Samourai Wallet: Yeah.
Seth For Privacy [4:23]: And you touched on the focus on Bitcoin privacy that you’ve had for, now, 7 years — which is crazy — but what was it that woke you up to the need for personal privacy around that as well?
Samourai Wallet: Oh gosh, well I think I was just made that way: from very, very early on, I’ve always been a relatively private person even from my family and what I like to keep to myself and keep my own information and my own business to myself — I always have. I was always one of those people who believed that the state, the government was able to monitor our communications through the Internet way before the Snowden revelations. When the Snowden revelations came out, it was like just confirmation to what I had suspected, and that I guess radicalized me. And that’s roughly around the time I got into Bitcoin as well. So it all just collided together. And what I saw with Bitcoin was a way to opt out of that surveillance system. And I know Monero guys will laugh at that, but (1) it was the first game in town, at least an electronic currency that wasn’t centralized that couldn’t be taken down by the state like all the other ones that had come before it. And (2) I understood the implications of that. And I think I just wanted to explore what that meant further, and more importantly, be involved and be a part of that movement, that shadow economy, that promise that I saw in Bitcoin.
Seth For Privacy [6:36]: Yeah I think that’s one of the coolest things that I’ve seen, as I’ve followed you and the Samourai Wallet community, is the serious focus and really sticking to the ethos of building out parallel economies and building out a shadow economy and it not being just another, We just want to get rich quick and dump Bitcoin on other people, but you really see the power that Bitcoin brought and the reasons that Bitcoin was created originally — I mean, back when you got into Bitcoin.
Samourai Wallet [7:01]: Well, I wasn’t unique then — I would say 90% if not more of the entire Bitcoin community was like that. There was no real emphasis or thought placed on the market price — there had been some swings here and there in the early days from like a penny to a quarter and stuff like that in terms of market price, but the first real swing that we all experienced was when Silk Road got busted and Ross got arrested and there a huge dive. I think it went down to like 50 bucks or something, and then next day there was a massive rally — and that was like the first time we saw real price movement in this asset. And the thinking kind of got perverted to the trading mentality of, Oh, I can make returns on this. And of course, you’re denominating your returns in fiat returns on this. So you saw a small minority at the time of that type of thinking, but the main emphasis was on the fact that this is, as you said, a parallel economy, and that was what was so exciting and important. And all of the innovation at the time was around that.
Seth For Privacy [8:25]: Yeah and I mean that’s really where the power of cryptocurrencies lies: it doesn’t really matter if you’re talking about Bitcoin, Monero, whatever, the real power is in being able to build a system that can exist despite or in the middle of or around the state, and not have to worry about censorship, or hopefully not have to worry about surveillance, and to provide that alternative tool that we never really had before something like Bitcoin came around.
Samourai Wallet [8:52]: Absolutely. That’s the exact same reason why I’m not like so sour and down on the DeFi guys, because I think the decentralization of DeFi is overstated, perhaps, but looking past that, these guys are doing things without permission, like the whole ethos is not about getting permission to do what they’re doing, they want to try to build something on a whole different realm than what anyone else is doing. So I applaud that kind of thinking and I applaud the motivation there and the fact that they’re doing it. Putting aside all the technicals of it, the heart is in the right place there, and and there’s a lot to be said for that. The heart needs to be in the right place, so I see that with them and it’s like any of the cryptocurrencies, Monero included: as long as the emphasis is there on not tying into the existing system, but creating a new system, then I’m with you in spirit.
Seth For Privacy [10:05]: Yeah I definitely think that’s where the most value is and the most opportunity for people to really gain quality of life out of what cryptocurrencies can offer, especially things like Bitcoin and Monero. I definitely did not expect you to mention DeFi today, so that was a shocking mention, but I think there’s definitely a lot of fascinating stuff that has been done. I mean, just like the rest of the cryptocurrency space, there’s obviously a ton of scams and get rich quick schemes as well, but there are some really fascinating things being built out. And like you mentioned, it’s not an asking for permission, regulator-first situation.
Samourai Wallet: And like I said, I think the decentralized aspect of it is overstated and that may show to be the downfall of it. Any of these centralized systems that have come before way before cryptocurrencies — way before — were captured and shut down because they could be, and that was really the whole innovation of Bitcoin, that you can’t shut this down. This is like Liberty Reserve but you can’t send a guy to jail. This is gonna be something cool there. I don’t know the tech well enough on Ethereum at all, but hopefully the builders are protecting themselves from that kind of vector of attack, because if they’re successful, then they will be targeted — if they can be. So hopefully they’re taking precautions on that and prioritizing building tech in a way which is truly decentralized. And if they are, then I think they’re doing good work.
Seth For Privacy: Yeah, those people who decide to build things out in a centralized way or decide to not do things as at least a pseudonym or something like that definitely do risk either being forced to fold into the existing system or just being shut down entirely. But those people who are doing it right, it’s definitely exciting there. And I’d love to jump into Samourai Wallet and start chatting a little bit about it and about what users can expect from it, and first question is just really: What would you hope that users of Samourai Wallet get from using it? What’s the core thing that you’re hoping that they get by picking up and downloading Samourai Wallet and starting to use it for Bitcoin?
Samourai Wallet [12:24]: Well if they install Samourai Wallet and they use it to interact with their Bitcoin, whether that be to store it or spend it, what they will be getting, just based on the defaults that we have, is a experience in Bitcoin where their privacy, as it relates to their on-chain activity, is at least considered by us. And every decision we make in the app, how it functions, what you can and cannot do, all come down to the impact of what you’re trying to do on the public blockchain. So what we hope is that our users will be able to have the peace of mind, if they use the tools properly, that they’re gonna have a level of privacy on the Bitcoin network that they won’t get with other wallets.
Seth For Privacy: Yeah and I think any tool that’s built with a focus on privacy or at least with privacy as a core piece of it, building out those same defaults and guiding users into the right usage is such an important thing. And I think that’s a key feature in Samourai is that y’all know what some of the serious ways are that users can harm their own privacy or cause issues, and you’ve built in tools to automatically shift users away from those things and try to prevent that as much as possible. Obviously a user can still, if they really want to, they can screw things up, but you’ll have made it as hard as possible, which is super, super important, that is something that’s vital to any good privacy tool, to build out those same defaults, not assume that every person who comes into using the tool knows the ins and outs of every aspect of it, but make sure that those people who aren’t familiar with everything still get really good privacy defaults. So I’d love to see that throughout my use of Samourai, and seeing other people onboarded into that.
Samourai Wallet: Yeah, exactly — precisely. And you shouldn’t be paranoid when you’re interacting with your money, right? You shouldn’t be sitting there worrying about who’s going to be able to peer into your broader finances. And it’s an unfortunate reality that it’s easy to trip up in Bitcoin, and if you’re not educated on the matter, if you don’t know what you’re doing, it’s possible that you will screw things up along the way. So whatever we can do to try to lessen that from occurring, we do. We think about things that just won’t cross a user’s mind. For example, if they have a certain type of UTXO on like a Bech32 address and they’re going to pay a P2SH address, if the change of that transaction goes back to Bech32, that’s almost certainly the change output. So an observer looking at the blockchain at that particular transaction could note, Okay, I know that’s the change output because that’s the same type of address that it was paid from. In Samourai Wallet since 2016 or something, we came up with like-type change outputs, so the wallet will automatically return your change to an address that is the same type as the address that you paid to, so the change output — when looking at the blockchain — is less obvious. So these are things that just don’t cross most people’s minds. They cross our minds, and we made a feature out of it and enabled it by default, so if the user wants to not have that happen, they have to go in and turn it off. It’s little things like that. So we hope that the little details, the same defaults, like you said, give them a basic, more private experience when using Bitcoin. And as their understanding and as their confidence grows, the wallet grows with them — there’s a bunch of tools and functionalities within the wallet that you don’t have to use, but if you use the wallet enough in your natural evolution and in your curiosity, you will start to use them, and these all enhance your privacy. Every single feature that we’ve put into this application is all about maximizing your privacy when you use Bitcoin — every single feature. We have such a small team that every single thing has to be planned out in a broader vision of what the wallet does, and there’s no room for anything that doesn’t match that vision.
Seth For Privacy [17:38]: Yeah. And for listeners who aren’t as familiar with Bitcoin, he mentioned UTXO which is just an unspent transaction output. And essentially, you can think of it like a $20 bill or something like that, it would be an amount of Bitcoin that’s a single output that you spend. And then obviously you mentioned two different script types or address types in Bitcoin, which most users are not going to be aware of — the different types of addresses there. And that’s why building out a default like y’all did — which I actually didn’t even know that was a default feature within Samourai — but building out a default that protects against that specific way to surveil Bitcoin transactions is very important, because almost no user who steps in and picks up Samourai Wallet and uses it is going to understand the difference between address types and know that if they’re sending, then the change is coming back to it.
Samourai Wallet: Yeah, and they shouldn’t have to.
Seth For Privacy: Yeah, absolutely. It shouldn’t be something that people have to know to be able to use Bitcoin privately, which is huge. You mentioned how you’ve built out features throughout and how you slowly iterate it with a small team, and I’d love to just hear if there are any specific settings or features that you’d recommend that listeners jump into initially once they start becoming familiar with the wallet?
Samourai Wallet [18:54]: Sure, yeah. I think the first big feature that they should get acquainted with is Whirlpool, which is our CoinJoin implementation. The reason I suggest Whirlpool is because I think it has the easiest onboarding. It’s pretty straightforward in terms of what the user has to do, which is not much: they just have to select which of those outputs, or those bills, that they want to add into Whirlpool, and once they add it in it does everything by itself at that point. And it’s the single most powerful feature in the wallet when it comes to giving your coins a fresh start, so basically completely disconnecting any past events that might have been associated with those coins to their future activity. And I think for the majority of users, they’re coming in from probably a centralized KYC exchange — that’s how most people are getting Bitcoin these days.
Seth For Privacy: Unfortunately.
Samourai Wallet: It’s a massive, massive issue. I’m sure we’ll get into it, but it seriously undermines the whole pseudonymous aspect of Bitcoin, which in 2012 you could look at this and say Okay, this could be a privacy nightmare, but it’s pseudonymous so there’s no identity associated — well that’s completely eradicated by now. But we’ll get to that, I’m sure. So you’re coming in from a KYC exchange — that KYC exchange knows where you send the Bitcoin to, obviously, and they can make a very good assumption that that is your address. And in fact, that might not be an assumption because they’ve made you verify that it’s your address, depending on the exchange. So your centralized exchange that has your identity information — most of the time more than you would need to record to provide to a traditional bank — know that you left the exchange and you went to this address. They know that for a fact. And if they’re using a blockchain surveillance tool like Chainalysis, they share that data with Chainalysis who shares it within their broader network. So your information is subject to being shared by companies that you don’t have any business with. It’s essential that you break the link at that point — so you don’t want them to keep being able to track what you’re doing with that Bitcoin, with varying levels of confidence as it gets further away from that hop that they know it was you — but they can make some very damn good guesses. A feature like Whirlpool breaks that history right then and there as soon as you enter into Whirlpool, and you have a fresh start. So I think that’s the single most important feature that a user can get acquainted with after they install the wallet and get comfortable with things.
Seth For Privacy [22:30]: Yeah it’s improved greatly over the time I’ve been using Samourai as well, I think especially the recent UI rework that y’all did on the Whirlpool features in Samourai Wallet are a drastic improvement — it made it much, much simpler and clearer what’s happening.
Samourai Wallet: Yeah that was the goal, for sure. We had maybe a little more than a year of data from users in terms of them communicating to us, whether it be complaining in the Telegram rooms or by a support channel or just the confusion that you see on Twitter, and I take note of it and I say, Okay, I need to make this process a little clearer for them, I need to do this. And so the latest update that just came a week ago put all of those learnings and understandings into action, and Whirlpool has a brand new UI which is a lot better, like you said. It’s a lot clearer as to what’s going on with your coins once they enter into Whirlpool, and hopefully reinforcing to the user that they’re in complete control of their coins still — like, they haven’t sent their coins away to some service. Their coins are still right there in their wallet, everything is non-custodial, they retain complete control. And reinforcing that I think was a major aspect and a major confusion with the first release.
Seth For Privacy [24:04]: Yeah, I think that could be a big misunderstanding when people are first approaching a feature like CoinJoin — so for some clarity for listeners who aren’t familiar with CoinJoin, essentially what you do when you perform a CoinJoin, at least in the Samourai approach, is you commit your specific input, your specific bill or amount of Bitcoin, to a transaction, you sign, and then you join with other people. It’s up to four other people — five total — and then you all sign together on a single transaction, but you never give up custody of funds. No one in the transaction ever gives up custody of funds — you retain that throughout the whole process. But you essentially just work together, like Samourai mentioned, to break that history that’s happened before that CoinJoin transaction. You’re able to really disassociate that from any future use of your Bitcoin, but you never have to give up control of your Bitcoin, so it’s a huge step forward over centralized mixers that we’ve had in the past in Bitcoin, where you could send in your Bitcoin to someone else, they would mix it up with a bunch of other people’s Bitcoin, and then they’d hopefully send it back to you. But obviously there’s tons of those that just walked away with funds because it was an easy way to prey on people and steal Bitcoin. But in an approach like Samourai Wallet and most CoinJoin approaches, you’re not having to give up custody at all. So you retain that, but you still get the strong privacy benefits of really breaking that deterministic link between the old history of your coins, whether those are from a Know Your Customer, KYC exchange or not, it’s still such a huge advantage to be able to break that history and start fresh, which is a huge thing in Bitcoin and really essential. Like, whenever I recommend someone who wants to use Bitcoin, I will never recommend that someone uses Bitcoin without CoinJoining at some point. And obviously I specifically recommend Samourai Wallet — it’s what I use and what I recommend that people pick up when they approach Bitcoin — but I definitely think it should be the modus operandi of anybody who’s approaching Bitcoin.
Samourai Wallet: Yeah, you should CoinJoin as early as possible. As soon as you get the coins, you should really make a habit of CoinJoin as part of your routine. So let’s say you have an automatic buy set up or something every month — after you do that, after you take delivery of the Bitcoin, they should go right into Whirlpool. The effects of KYC especially on the main chain are devastating for Bitcoin privacy — absolutely devastating — and it provides an insight into your financial activity that is completely unprecedented. In the United States, anyway, we have banking secrecy laws — there is no banking secrecy laws through the blockchain. Anyone can peer in and see what’s going on. And if your adversary has any information on your identity tied to a specific UTXO or coin or bill, and you don’t take proactive measures to break that link, they can track for a very long time what you’ve been up to and link together various other bills that may be in your wallet and build a profile on you. It’s scary, and we all should be actively opposed to this type of thing. And one way that you can make a difference is by using the technology — there’s no reason not to. Like, as you explained: it’s not custodial, there’s no risk of you losing funds, there’s really nothing can go wrong. It’s just a good idea.
Seth For Privacy [28:00]: Yeah, absolutely. It should be the way everybody approaches using Bitcoin. And like you mentioned, the defaults in Bitcoin outside of something like Samourai could really lead to a worse situation than we’ve ever seen in the financial world that a lot of people don’t really grasp, and I love that you mentioned that and brought that up, because it’s very important that people realize that the base way that Bitcoin works can be very dangerous to privacy, but thankfully there are tools like Samourai that can help you choose to opt out of that transparency that’s the default in Bitcoin and really start to gain some privacy for your own transactions within Bitcoin. And the more people who step up and start doing that, not only does everyone else who’s mixing coins via Samourai Wallet gain a greater anonymity set and a greater greater crowd of people to hide in, but obviously it also means that there’s better funding for projects like Samourai Wallet, it means that there’s a harder time for regulators and governments to put pressure on any kind of CoinJoin tool, because the more people that use it, the harder it gets for them to try to put their foot down and cause problems. So there’s a huge advantage to really coming in numbers. If you’re using Bitcoin, I really do hope that you are using Samourai Wallet and really learning and actively seeking the best ways to use Bitcoin. And I’d love to shift here and talk about some of the limitations that maybe exist in Samourai Wallet and just some things that users should be aware of maybe that Samourai Wallet can’t do for them, or maybe some gotchas in usage — just anything that jumps out at you that you’d like users to be aware of there?
Samourai Wallet [29:40]: Well I think the first thing — and it’s true for any Bitcoin wallet, not just Samourai Wallet, but — any Bitcoin wallet that is not connected to your own Bitcoin node is connected to someone else’s node. So in the case of Samourai Wallet, it’s connected to nodes that we operate and host in Iceland, because they traditionally have the best data protection laws, and have a reputation for denying much more powerful governments the ability to snoop in on their servers without at least proper court orders, which is not true for most. So our nodes and our servers are all hosted in Iceland, but if you’re connecting to Samourai Wallet and not connecting your Samourai Wallet to your own Bitcoin node, you’re trusting our Bitcoin node to do two things: (1) to not log your IP addresses and your information and whatnot, and (2) to provide your wallet with true and accurate information from the blockchain. So both of those can’t be mitigated, and we try our best — at least on the first issue, of having to trust that our servers aren’t logging your IP address — we were the first Bitcoin wallet to build in TOR to the wallet, not rely on a third-party installed app like Orbot or something, actually building TOR into the wallet so all the user only has to do is just flick a button to turn on TOR and everything gets routed through TOR. So that’s a mitigation against logging, if we were logging — which we do not. And then the second is truthful, accurate information from the blockchain, and that’s relatively simple to check against — there’s plenty of block explorers out there and plenty of other competing wallets, and you can check against, so that’s less of a concern. But those two things, the user should keep in mind. I guess a major limitation is that Samourai Wallet’s only available on Android, so if you’re an iPhone user, you’re shit out of luck there. I see a lot of users get confused, especially around when they first join to Whirlpool — one of the most common, vague questions we get is: If I add my coins to Whirlpool, they’re private now? And it’s like, How do you actually answer that question? What do you mean by privacy? Did you get those coins from a KYC source? If so, CoinJoining won’t erase that — that exchange will always know that you bought those coins and they will share that with your government’s tax office. So there’s all of those types of situations. Like, just using Samourai won’t magically make your Bitcoins private — you have to do a little bit of work yourself, too. But like I said already: we do try to implement the same defaults which give them the best shot. I think that’s pretty much the big things. Let me know — I mean you’re a user: is there any shortcomings?
Seth For Privacy [33:20]: No, I think those are definitely the key ones that people need to be aware of. I think the only other one I might mention is just that: if a user withdraws from a centralized KYC exchange, Whirlpools, and then sends the funds right back to the same centralized KYC exchange, they’re not going to gain privacy — it’s going to be clear that those are the same coins. There’s some other things like that, just that you should continue to opt out of KYC exchanges as much as possible, because the key issue — not the only issue, but the key issue — with Bitcoin usage is when you’re connecting your identity to on-chain transactions. It’s extremely dangerous even if you are taking other steps. So then that’s not something, obviously, that Samourai can prevent, so that’s not really a specific thing with Samourai. It’s just something that people need to be aware of, and obviously something that you harp on as well. I definitely think that the most divisive and most brought up one is the server hosting — obviously, you’ll host the backend servers for Whirlpool and for the wallets to use by default as well — but you also provide a way for users to actually self-host that as well. Do you mind talking a little bit about Dojo and ways that people can actually remove that limitation and not have to worry about you providing good information or you logging activity? And how to do it themselves?
Samourai Wallet [34:38]: Absolutely. So we created a back-end server that sits on top of Bitcoin Core. We started development on this in 2015 when we started Samourai Wallet, and the existing solutions that were available — which at that time was primarily bloom filters for mobile wallets — were inadequate for what we needed, so we started building the server, and eventually it became known as Dojo. We released this software I think three years ago now. It’s free and open source — it’s exactly what we run on our servers in Iceland — it gives the user the ability to run that exact same stack on their own, whether it be a spare desktop PC they have lying around, or a single board computer, they can run this software, connect their wallet to it, and completely bypass our servers for everything.
Seth For Privacy: Yeah, and all communication runs over TOR even when you’re using your own Dojo, which is very important as well.
Samourai Wallet [36:06]: Yeah, so it only runs over TOR. So if you’re not connecting to your own node and you’re connecting to our nodes and our servers, you can do that over TOR or you can do that over Clearnet. When you’re running your own Dojo, you have to do it over TOR — everything goes over TOR. And that’s for privacy reasons but also because you don’t have to worry about opening ports or networking or fiddling around with IP addresses, which most users won’t be able to do. But they can run an installer on a Raspberry Pi or something or a pre-purchased plug-and-play node and scan a QR code and connect their wallet to it with everything happening under the hood — a TOR hidden service being sprung up and connected to. So, no fiddling around with ports — just a QR code scan and your wallet is connected. And if you already have a Bitcoin node, it could accommodate that, but it’s designed for going from nothing to a full sovereign stack. So it will automatically install Bitcoin Core, it will automatically give you a block explorer that you could query, it will automatically do a bunch of stuff that gives you the ability to connect your wallet to it and keep track of your wallet, or your family’s wallets as well. You can give your Dojo information to a friend and they could use your hosted Dojo as a way to query their wallets as well.
Seth For Privacy [37:53]: Yeah, it’s definitely a lesser-talked about feature of TOR, and a really important one, is that it does simplify the process of hosting things because you don’t need forward ports, you don’t need to figure out a dynamic DNS, you don’t have to figure out your home IP, and all this information — you just spin it up, have the hidden service, and you have that address that you can always use no matter what network is in front of it. So it’s a huge part of TOR that most people don’t realize or don’t talk about, but they really just help with simplicity, even if you’re not caring about privacy — it can be a super useful tool to help simplify the process of hosting a service like that. And also, you allow people to run a desktop app for Whirlpool as well which, that, you can connect to your Dojo, and that basically allows you to offload the mixing process, the Whirlpool process, from your phone to that desktop app, and then that way people can mix without having to keep their phone open and keep the Samourai app open and all that.
Samourai Wallet [38:51]: Exactly. So for the casual user who’s maybe mixing once every couple months or even less than that, the mobile app is completely fine — you open it up, you’ll get your first mix within a matter of minutes, for the most part, and then you leave it open for a little while and you’ll get some remixes. For the more power-user, we definitely recommend running the desktop app of Whirlpool because you’ll be connected all the time versus just when your phone is active. And if you’re connected all the time, you have better chances of getting selected for free remixes. So we didn’t really touch on how Whirlpool works too much and we don’t want to get too technical, but one of the important aspects of Whirlpool and the architectural decision of Whirlpool, is that remixing — so you’ve mixed one time and now you have a new bill of your coins — remixing should always be free to incentivize people to, one, do it and to keep their coins in the pool for as long as they can. The more remixes you’re involved, in the greater your anonymity set, but a quirky and unintuitive feature of the way it’s architected is that even if you’re not included in that particular remix transaction, you still benefit from that remix transaction that you weren’t a part of because your bill is indistinguishable from the bills in that remix, so there’s a possibility that you were the person in that remix when you’re looking at the entire anonymity set. So even just keeping your coins in the pool there you’re benefiting, but by getting these remixes you’re benefiting even more. So the desktop app allows you to get more remixes just because you’re connected more reliably and for a longer period of time.
Seth For Privacy [41:20]: Yeah, I think it’s a really nice feature and something I’ve used heavily. And like you mentioned, you get good privacy from the initial mix, but it’s a great way to get additional privacy and just slowly build that privacy over time keep the privacy fresh by remixing for free. It doesn’t cost you anything, and again it’s non-custodial just like all the other mixing, so it’s just a really a nice way to help other people — because you’re contributing to other people’s anonymity set and helping to provide them privacy — and you’re also getting a benefit as well all for free. So it’s definitely something that, if you can do that, it’s a huge advantage to yourself and to the Samourai Wallet ecosystem as well. So it’s important that people do jump into that — if they can, obviously. You don’t have to do that — you can just mix once and call it a day, but remixing is a great feature and I love the approach that’s been taken there. I think it’s a great, great way to build out incentives around mixing and really incentivizing people to increase the liquidity of those people who are wanting to mix in pools. You don’t have to go super in-depth, but I did want to quickly give you a chance to touch on what other tools are out there — competitors or alternatives — and then maybe what makes Samourai Wallet better or unique in some way?
Samourai Wallet [43:40]: Okay, sure. So in Bitcoin non-custodial CoinJoins you have Whirlpool, which we’ve discussed, for which we now have Sparrow Wallet, which is a desktop app that works on all the major desktop platforms which has actually incorporated and implemented Whirlpool into their wallet so you actually don’t need to only have an Android anymore — you can do it on desktop via Sparrow Wallet and that will be using the same pools as our users, so it’s a co-mingling of wallet users there. It increases the anonymity set even greater. And of course, our server has never seen those UTXOs so it’s a completely foreign source — really good. So besides Whirlpool on the desktop and on mobile, you have JoinMarket, which is quite old — it’s been around for a while. JoinMarket started around the same time as Samourai Wallet, as far as I’m aware — development on it started around the same time. We’ve done an in-depth analysis on — well, I say analysis but we actually broke it — on JoinMarket. There was a user who made a Reddit post back in 2015, I believe. The short story is: he had some Bitcoin stolen and he was able to track the Bitcoin into JoinMarket and he posted a bounty on Reddit and said, If anyone can help me figure out where these coins have gone, I’ll give you this amount. It was largely ignored — no one really responded to it. We came across that post last year or the year before and launched an investigation to see if we could figure out where these coins went. We figured that if we could figure it out it would be a positive experience in terms of figuring out new techniques for tracking Bitcoin on the blockchain and it would make our offering stronger. So we ended up figuring out a new attack that could be used on JoinMarket transactions. It was named the Toxic Recall Attack, and anyone who’s interested can read a free report on research.oxt.me. So it’s a good system but it’s aged and it hasn’t really been kept up-to-date in the sense that fundamental blockchain analysis hasn’t been paid attention to in favor of a lot of real cool innovation on decentralized order books and fidelity bonds and stuff like that — they’ve done a lot of interesting stuff there, but haven’t really focused on what I consider the meat and potatoes of it. The other downside is it’s mostly command line, anyway, so it precludes a lot of people from using it. Then of course you have Wasabi, which anyone who follows me on Twitter knows that Wasabi’s completely broken. We’ve attacked Wasabi multiple times from every level in terms of the absolute travesty of CoinJoin transactions they leave on the public blockchain, to — we reviewed their code and figured out that coin selection was deterministic and not random. Major issues like that. I would highly recommend people avoid Wasabi, at least until they’ve launched their new version, because the current existing version they still have out there and released and are maintaining is just insanely broken. So that’s it in terms of the CoinJoin options for Bitcoin. There’s not many! And my criticism is not meant to be taken in any other way than — we’ve looked at this stuff on-chain, so anything I say is verifiable by looking at the blockchain, especially when I say Wasabi is tragically broken, all you have to do is look at one of their transactions. You can count the number of address reuses that happen within that transaction. Sometimes you have the same address on both the input and output side of the transaction. I mean, these are just glaring, glaring issues that shouldn’t be happening. And we at first thought it was Sybil attacks and we thought it was maybe a chain analysis company who was attacking it, but at this point we just think it’s utter incompetence, because none of it’s been fixed. And we bring it up and we get attacked for it, so we’ve stopped bringing it up. But how many times can you beat the dead horse? It’s broken.
Seth For Privacy: Yeah and it’s important that people understand when a tool that’s claiming privacy does have issues like that, so bringing those things to light is very important. And I am curious to see if the new approach that Wasabi is building out is built out well. I definitely have concerns based on history, but it’ll be interesting to see if that provides a solid CoinJoin solution.
Samourai Wallet: I have concerns based on history and based on what I’ve seen of the protocol and the comments from the company. I think that they’re making some questionable decisions, but we’ll see when it gets released. We’re going to be looking, not just because they’re a competitor, but because we need to understand the landscape. We need to adversarially look at everything, including our own stuff, and see, Are we able to get through this? Are we able to break this? Where are the weak points? And all of those datapoints get put together to create a better product and a better software for the users.
Seth For Privacy [50:25]: Yeah, I definitely agree. And just one quick comment on JoinMarket before we jump into some listener questions is just this: I think it’s a really cool project and they obviously were pretty early on in the space and have done some great work, but like you mentioned, I think that one of the key issues at least for me is that the UX, the user experience, around using JoinMarket is much more complicated at the moment. I think there have been some attempts to improve that, but I don’t think there’s been a ton of movement there, so it’s definitely something that can be used. And I actually haven’t read y’alls report on breaking JoinMarket — I’ve never heard that story before.
Samourai Wallet: Well yeah, dig into that one — it’s called The Cold Case Files or something, but the stark difference between the JoinMarket response to that report and Wasabi’s responses to their reports was incredible. As far as I understand it, the JoinMarket client or algorithm was updated to make it so that that toxic recall attack wasn’t feasible anymore. So he immediately went to work and said, Yeah, you’re right on this, or, I disagree with your analysis in this way but I do recognize that this is a problem and here’s the fix for it. So that’s all we wanted to see — we’re not trying to score points or embarrass anyone. We’re confident that there’s plenty of people looking at our stuff, and we would hope that they would let us know if we did something and screwed up.
Seth For Privacy [52:01]: Yeah, exactly. And that’s the response you would hope for from a privacy tool and really from any FOSS project, is if someone exposes a weakness or a flaw in the system, you hope they jump in and want to fix that and want to work with the person who’s found the issue. So that’s great to hear that they did correct that and do actually care about that. And it’s always good to have alternate implementations of a tool. Like, non-custodial CoinJoins are vital to Bitcoin privacy so, as much as I love Samourai Wallet, and obviously that’s what I use, it is important that we do have alternative implementations and it’s also just important that the implementations are free and open source so that they can survive, they can continue, even if the core people behind them are [gone].
Samourai Wallet [52:44]: And they can grow, like we saw with Craig and Sparrow Wallet. Like, he didn’t ask for permission — he implemented it because it’s all free and open source. He could have hosted his own competing coordinator if he wanted to, he just chose to tie in with ours because it was better for everyone’s anonset. But the fact is: that’s a competing implementation of Whirlpool, and you have no idea how psyched I am to see that.
Seth For Privacy: Yeah, it was absolutely amazing to see that that was released and that he was willing to integrate that, first of all, and then did it very successfully. And I think it was important that he chose to latch on to the existing mixing liquidity in Samourai. I’ll definitely need to get him on the show and chat about Sparrow Wallet. There’s a ton of awesome stuff happening there and it’s great to see more people jump on the bandwagon and see the need for privacy and not only see it but really take aggressive action to do it with or without permission.
Samourai Wallet: Today, I mean, he’s implemented not just Whirlpool now — he’s implemented STONEWALLx2, which we didn’t really get into, but as a brief summary for your listeners: it’s a CoinJoin transaction, but instead of Samourai acting as the coordinator and making sure all the signatures are collected, it’s a peer-to-peer CoinJoin between you and one other person. So prior to Craig at Sparrow Wallet implementing this, it was only available if you had Samourai Wallet — you could do these CoinJoins with another Samourai Wallet user. Now, you can do it with another Samourai Wallet user or another Sparrow Wallet user, and seeing these tools take off and grow like this, (1) it’s very fulfilling as a developer and a provider of software, but (2) it grows the usefulness of the tool. And it wouldn’t be possible unless it was free and open source.
Seth For Privacy: Yeah, absolutely. It’s such a vital piece of everything that’s happening in the space, and anyone who’s building out tools on privacy, I hope that they push in every way possible to be free and open source, because it’s a key piece of making this able to last, making it able for people to see those features, build out things that build on top of it, or customize it to a specific need that they have or other people have — there’s just so much value in being FOSS overall, and it’s definitely something we’ve harped on a lot on the show, but I always want to reiterate that it’s a huge win, and any time you see a project focusing on FOSS and really carrying that ethos forward, that’s something that should be applauded and really appreciated there. And I want to quickly switch into some listener questions — I’ve got some great ones on Twitter and wanted to chat a little bit about those. The first one is one that is near and dear to my heart because I’ve focused on it a little bit and collected some data on it and we’ve touched on it a little bit with KYC exchange usage, but it was basically just: Do you see any issues due to blacklisting or censorship of users who are opting for more privacy on Bitcoin via a tool like Samourai? Because obviously, when you use Samourai Wallet, when you mix, it’s something that you’re choosing to do outside of the default in Bitcoin. So have you seen any issues around blacklisting coins or issues with KYC exchanges or anything like that when people do choose to gain more privacy on Bitcoin via Samourai?
Samourai Wallet [56:26]: Broadly, no. So we do our own internal testing on some of the larger centralized exchanges, where we’ll send over a freshly-mixed postmix UTXO directly from postmix account — so one hop backwards is the mixed transaction. And we’re doing that to test and see if we get a letter or an e-mail or our account gets shut down, and we’ve been doing that since the start of Whirlpool, and to date, none of the large centralized exchanges have cared. We have seen reports from some users on the smaller KYC exchanges — and we’re talking like real small — who seem to be over-complying for whatever reason that they believe it to be advantageous for them to do. Maybe they want the BitLicense in New York, and so they go above and beyond what they are required to do. We’ve seen one or two reports about that, but for the larger exchanges we don’t see any kind of prejudice against CoinJoined UTXOs or Whirlpooled UTXOs. Because currently, they’re not looking for fingerprints of odd transactions, for example. They’re looking for proximity to sanctioned activity, whether that be darknet markets, ransomware, in some cases gambling or pornography, so anything that’s against their terms of service or is sanctioned — or an OFAC-sanctioned address. So they’re looking for proximity to one of those clusters. If you have a good CoinJoin implementation, like I believe Whirlpool to be, there should be absolutely zero proximity to anything — this history is completely fresh. We’ve seen poorly-built CoinJoin implementations — that have been referenced already on this podcast — that had a serious problem with centralized exchange accounts getting shut down. We put that down to the fact that the composition of these CoinJoins is so poor that there is a connection, a proximity, to sanctioned addresses or sanctioned activity, even after you’ve done the CoinJoining with these implementations. So it’s not an issue with CoinJoin — it’s an issue with the implementation that leaves a certain amount of taint or proximity to something that the centralized exchanges would object to. So we haven’t really seen it with Whirlpool — we’ve seen it with some other CoinJoined transactions, but we don’t believe it’s because of CoinJoin. Certainly legally speaking, there’s nothing illegal about using a technology like CoinJoin — it’s completely legal, at least in the US and most of Europe, I would say. The bigger issue I think lies with the smaller companies who are trying to break into the sphere and are over-complying.
Seth For Privacy [1:00:14]: Yeah. I love that y’all are actively testing that too to see if your users would be affected by something like that, at least as much as you can.
Samourai Wallet: But of course, we also have Ricochet, which is a feature in the app. So if you use one of these smaller KYC exchanges, for example, and you know that they have an issue with mixed coins — just a blanket ban on CoinJoins — this tool is designed to add multiple hops of additional history to your coins so that at a certain point, if you’re looking, for example, eight hops back, the probability that those coins are the person who’s depositing or associated with that drops significantly — and they probably aren’t even checking that far back. Like, our researchers showing they check, at most, five hops back, so we add five hops of history. There’s little tools like that that you can actually use within the wallet if you’re worried about exchanges having an issue with your coins. But yeah, we haven’t really seen any large-scale issues with blacklists and using Whirlpool.
Seth For Privacy: Yeah, and I think two big things there: (1) is that hopefully a technology like CoinJoin and a tool like Samourai Wallet would actually give centralized exchanges and chain analysis companies and those kinds of people a way to opt out of needing to enforce KYC or needing to enforce issues around the actual chain history of your coins.
Samourai Wallet: Yeah, the compliance issues there.
Seth For Privacy: Yeah, it shouldn’t be [an issue] if you’re using privacy tools well though — in theory, obviously. That doesn’t mean that’s how it will be, but it should give them a way out because they can say, We can’t tell anything about where this is coming from, so we don’t know that it’s bad and we can’t know that it’s bad so we can just blanket assume that these are fine and let them happen. So thankfully overall it seems like that’s been the regulatory approach, but I think that should be the way. If a tool is providing solid privacy and you have no way to track it and you’re also doing the other things that unfortunately you’re required to do by shadowy banking laws, hopefully that would be a way to allow you off the hook and let you opt to help your users and not have to comply around that.
Samourai Wallet [1:02:45]: Yeah, I think people need to remember that these people are running a business, and the business only really works if people are allowed to use the service. So they want as many people to use a service as they can — they don’t want to get a compliance sting, and so they have to make a good faith effort, so they contract with Chainalysis or some other surveillance agency because they do it all and then they can tick that box. But people need to remember that these guys aren’t there to spy on you — not the exchanges. Chainalysis, but not the exchanges — the exchanges are there to extract money from you. And I think that the more check boxes that they can tick off, saying, Hey, we didn’t see anything, we looked, we gave it a good faith effort — they’re gonna do it, especially the larger ones. So I think you’re absolutely right in that, and I think that a lot of them would prefer to receive post-mixed UTXOs because there’s no flag — there’s nothing. It’s good — it’s green, right? And then it goes right through compliance, and now they’re making money on fees.
Seth For Privacy [1:04:02]: Yeah, hopefully that will continue to be the path forward, and hopefully that will be a way that exchanges and entities that need to comply with these things, unfortunately, that they’ll be able to take that out. But the other key piece is: if you don’t use these centralized KYC exchanges, that you have to comply with local laws and deal with all of these KYC AML laws, you don’t generally have to worry about blacklisting or censorship or having to explain yourself or anything like that. So building out these parallel economies that we talked about a little bit here and that we talked about quite in-depth in previous episodes of Opt Out is so important because you actually remove any kind of interaction with the normal banking world that causes these issues. So you remove that entirely, and no person, at least not right now, is gonna be doing Chainalysis on your coins to see what you’ve done with them in the past and deciding whether or not they should accept them. No merchant is generally going to have the resources to do that, so you can remove that issue entirely if we start to really create these parallel economies that don’t rely on the state, that don’t rely on the normal old legacy banking system. So that’s a hugely important piece too, is: the more you can opt out of those things, the less and less you actually have to even care about any kind of these regulations causing you issues or something.
Samourai Wallet [1:05:24]: It’s an essential piece, but I mean that is the piece that makes Bitcoins woeful privacy acceptable, right? If your UTXOs or your addresses are just random strings of characters and that’s all they are, there’s still things to worry about in terms of tying coins to an entity, but that entity isn’t known. There’s a pseudonymous system: as soon as you get rid of that very, very weak, thin veil, it becomes a massive, massive nightmare. So prioritizing that second economy — a side economy — prioritizing non-KYC Bitcoin if you can find the way to do it, prioritize earning in Bitcoin, and changing up the way you think about this from a tradable investment asset to the money that you require to live freely. Once you make that mind-shift, you start to unlock what this whole thing was about. And that is such a cool feeling, and I think it’s actually one of the reasons why we have such passionate users, because they come in, they’re into Bitcoin, they’re into this, they kind of get the idea but not really 100% yet, and as I start using the software, as I start hanging out in the community, as they start chatting and talking and learning, their mind is open to what this really is and how subversive this technology actually is — it’s not a Wall Street investment. It’s not a Number Go Up get rich quick thing. This a fundamental increase in the potential for freedom — if we seize it. Or, it’s a massive, massive nightmare to human freedom — we haven’t figured it out yet which way that it’s gonna go. But you can take steps.
Seth For Privacy [1:07:41]: Yeah, exactly. And that fragile pseudonymity that Bitcoin does provide isn’t nearly as much of an issue if we build out these parallel economies, if you’re a part of a software economy and, like you said, earning Bitcoin, spending Bitcoin, using it directly with people rather than having to rely on these state systems. So that’s a huge part and it really does alleviate a lot of the privacy concerns. It’s still not ideal, but it really can alleviate most of the issues there, along with using privacy tools like Samourai Wallet. Another interesting listener question that we got was someone was curious to see if you’ve had an increase in adoption of Samourai Wallet, and if you’ve seen just generally an increase in a privacy-focused community that’s been building up recently? It wasn’t like a timeframe, but maybe just recently — how have you seen things going with adoption of Samourai and the privacy community generally?
Samourai Wallet [1:08:35]: So with the adoption of Samourai, we’ve seen growth every year since 2015. So it grows and gets bigger every year. We have more users, more usage. So on that front, I think it’s very positive. Sometimes it’s easy to get down on the broader state of the community in terms of the privacy community, but that’s the story since forever — the privacy community is a niche community, because the mass market, they enjoy all of the benefits that the privacy community have achieved, whether it’s the privacy community of the old cypherpunks, whether it’s the encryption guys — there’s all sorts of benefits that the common folk are benefiting from without being in the privacy community themselves. They don’t know they’re a part of the privacy community, they just enjoy those fruits. So it’s a niche community. Our community grows, and I think that the passion level in our community is really great. We have a very passionate base, and these are people who care — they really do care — and they not only care, they rely on the software and on the technical innovations that come to run their lives, to pay for their stuff, to run their businesses — whatever they may be. And that’s a cool thing — it’s more than just people who have installed the app and maybe open it up every once in a while to check things out. These are real, active members of the shadow economy, and that’s what makes it a cool place to hang out. I think overall people do want privacy whether they’re in the niche or not, so it’s a market that will only grow, especially as cryptocurrencies gain more popularity.
Seth For Privacy [1:11:00]: Yeah, I love that you mentioned earlier too just that when people are joining the community around Samourai, they’re generally getting converted to a privacy mindset and starting to understand the value in circular economies and parallel economies, and there’s just so much power in the actual community that’s around a tool like Samourai Wallet, and that’s around a group of people who have a core ethos that is so vital like the Samourai team has, obviously that you have, and like the community around that’s formed around Samourai has. And that only continues to grow as more people get pulled in and they start talking to people and they get support from people, and there’s so much value there. So I’d love to see the community around Samourai Wallet grow, and a lot of the reason why I am where I’m at with privacy and why I care about these things is because of people who are actually in the Samourai Wallet community. There’s a lot of my background and history that actually comes from that, so there’s so many people who’ve had a huge influence on me from that community, so there’s so much power there, often beyond the actual tool that’s being used. But the communities that form around them are awesome and I’d love to see that the Samourai Wallet one just really continue to grow and thrive and continue to teach other people about what really is important and what Bitcoin really can be.
Samourai Wallet [1:12:19]: Well, thank you very much. Yeah, I mean it’s all been organic — that’s what’s so cool about it. I started the Telegram because I was seriously worried that Twitter was gonna ban my account because it was when I defended the rights of Neo-Nazis to transact on Twitter — it caused such a shit-storm. I don’t remember what year it was — it must have been like 2017 or 2018. It caused such a shit-storm that I was really worried that they were gonna nuke my account, so I set up the Telegram as just a place where I could post announcements, updates, and whatever I use Twitter for. And it just grew very naturally from there and some great personalities have surfaced and made themselves known. Diverter springs to mind with his mining for the streets guide that really kicked off home mining. That inspired the econoalchemist — who’s also in the community — to do his home mining guide. And then of course you have Max [Tannahill] who’s gotten into the privacy phone, Calyx OS. Like, all these things that have sprung up organically from that group, it’s just been so cool to watch. I wish I could take credit for it, but I can’t. It was just a natural thing — it was great.
Seth For Privacy: Yeah, there’s 3,000 people in that Telegram room right now — I just checked — so it’s awesome to see how big that has grown and how it really is just a grassroots thing. Like, there’s no marketing team, nothing like that that’s inorganically building that up so grassroots [all the way].
Samourai Wallet: Oh, yeah — there’s definitely no marketing team. I think any marketing team would either quit or refuse to work with us! It’s a very small team. I’m the guy on Twitter, TDevT is the guy behind controlling the strings and all the development stuff, we have a couple core contributors and some other contributors that contribute when they can — it’s very small. It’s one of the issues that we’ve had is: since we started — even when it was just me and TDevD — we were putting out, like, a lot. We were basically not sleeping! We would have a couple hours of sleep at night, and we did that for two or three years, just pushing out these ideas and trying to get the wallet to a state where it was feature-complete in terms of what we had envisioned for it. Like, when we sat at the pub that day and just discussed what we wanted us to do. So we pumped out so much stuff that people thought, Oh, they must have a lot of money behind them — they must be a big team. And it’s like, No, the exact opposite! It’s a very small team and we were scraping by there for a while — it was looking pretty rough. Nowadays, we’re able to fund development with the Whirlpool fee, for the most part. So we’re still very frugal and still a small team, but at least we’re not scraping by.
Seth For Privacy [1:15:34]: Yeah, I did want touch on that a little bit. I had one more listener question I do want to get to, but you just mentioned that Samourai development is funded through their Whirlpool fees. Is there any kind of funding or sustainability that you’ve built-into Samourai Wallet? Or how do you guys manage to fund the two of you — obviously working full time in this — and keep the project going?
Samourai Wallet: So when we started Samourai Wallet, we weren’t full-time — we were still full-time in other companies, but we each put like a Bitcoin a month into a common fund to start the wallet off okay, and of course a Bitcoin at that time was a very low price — it wasn’t what it is today. By the time we were able to go full-time, we took very, very, very modest salaries so that we could keep those Bitcoins that we had saved up for paying for servers and stuff like that. We got some small investments from like-minded individuals who were into what we were doing, and those guys really are the real MVPs. Yeah, I think back on it — I was like, What crazy risk these guys took on: a wallet company, completely unproven. It was completely questionable whether a wallet could even monetize at that time, and they didn’t care about that! They just wanted to see this technology reach the market. And so we got some investment from like-minded individuals, and since then we took investment in 2019 from a publicly-traded company in Canada, so that was like our first outside the scope of the individual investor — and that was Cypherpunk Holdings. And I met with them, I chatted with them, I made sure that we were on the same ideological wavelength, and I felt comfortable doing it. And we were able to hire some people and really push development further, and that’s when we were able to finally wrap up Whirlpool, finally able to wrap up Dojo, and get it out to a wider public audience. And just at the end of 2021, we took on another infusion from Ten31 Ventures, which is a Bitcoin-only VC fund that, again — met with the guys, talked to them, made sure that we are on the same wavelength and what we’re trying to do. And that’s going to be able to hopefully allow us to expand a little bit more, maybe hire another developer, and be able to continue pushing out stuff.
Seth For Privacy: That’s awesome that you’ve been able to get that funding for a tool that’s so focused on privacy and so against the grain in the Bitcoin space.
Samourai Wallet: Yes. It was a lot of work, especially how we’re structured in a very non-traditional way — some of our investors don’t even know our names, so there’s a lot of barriers to a traditional investment environment. It just wasn’t going to happen. So the people that were attracted to us — there’s something wrong with them as well — just like there’s something wrong with us, let’s just say it like that. They’re built different, and that’s the most important thing when you take on investment, is that you guys are aligned ideologically. Both my co-founder and I saw prior to Bitcoin, in the dot-com era, and during Bitcoin, what VC money can do to a company, and we were very, very adamant on not allowing that to happen at Samourai.
Seth For Privacy: Yeah, definitely. It seems like that has been a good thing so far and not shifted the focus, and it’s clear that that ethos hasn’t changed around Samourai, so I’m glad to see that y’all found good ways to continue to grow what you’re trying to do and really to fund and sustain that — that’s so, so important and that’s a tricky thing in the FOSS space and in the privacy space as well, so it’s very important you find good ways to do that without sacrificing underlying fundamentals, without sacrificing ethos.
Samourai Wallet: Yeah, you have to have lines [that you don’t cross].
Seth For Privacy: Yeah, very, very hard lines I’m sure. Last couple questions for you: one more listener question that I know there’s a lot of interest in this at least in the Monero space and seems like it in the Samourai space. But someone wanted to know if there are any updates on atomic swaps within Samourai Wallet for people to be able to swap at least like doxic change and that kind of thing into Monero within the Samourai Wallet? Obviously, atomic swaps are still very much in progress on the Monero side — there’s not a ton finished there, tons of work being done there. But a listener is curious if there’s any updates on your view of atomic swaps within Samourai and the work being done there?
Samourai Wallet: There’s no updates other than we’re still committed to the planned functionality. We’re hoping to have the ability to perform atomic swaps within the first half of the year. Like you said, it depends on the Monero side as well, but it’s definitely planned, and when we have something planned out we do it — we make good on it. So just keep your eyes open. It will definitely be in the wallet, it’s just a matter of time.
Seth For Privacy: Awesome. Yeah, for those who don’t know, atomic swaps are essentially a way for you to trade Bitcoin from Monero or vice versa without trusting the other party, so you can perform that swap without having a chance that you could lose your funds, the other party can’t steal them. It’s a way to be able to swap that without needing any information about them, without using a centralized exchange, and without causing privacy concerns or those kinds of things. It’s a huge step forward and a decentralized and safe way to swap cryptocurrencies without having to involve an exchange, so it’ll be a big step forward. There’s two main implementations of atomic swaps between Bitcoin and Monero being worked on: there’s Farcaster and then there’s one by the commit team, but definitely a lot of exciting stuff there, so I’m glad that it’s still something that’s on your radar and in your backlog, and definitely [I look forward to] when it does come to fruition. And y’all very well may be the first to implement that, which would be huge for giving people options when trying to preserve their privacy.
Samourai Wallet: Yes, it’s such an important step — atomic swaps — that we don’t understand what the negative attitude towards them is from some Bitcoiners. This was kind of like a holy grail thing back in 2012–2013. I don’t get it, but I don’t have to get it — I’m putting it in my software.
Seth For Privacy: Yeah, I love it. Last question for you was just how can listeners jump in and help support what you’re doing with Samourai Wallet?
Samourai Wallet: You know, the best way to support us is just to use the software. You using it and gaining from it is how we function, how we support ourselves. We always will take donations, but donations are not a sustainable way to keep a software project going long-term. We’ve seen too many fail that way. So: use Whirlpool, use all the other features, and that’s enough — and it will be good for you, too.
Seth For Privacy: Awesome. Well, thank you again so much for coming on, Samourai. It was a ton of fun for me — I learned a lot here that I didn’t even know, and I’m really glad that listeners will be exposed to what Samourai Wallet is, what you’re doing with it, your ethos, and the community that’s behind it as well. So thank you for taking the time out of your busy schedule. This one went a little bit longer. I think there’s just a ton of great info in here and great discussions, so thanks again for jumping on.
Samourai Wallet: Really happy to be here, Seth. Thanks for having me.