Sign in Subscribe
2 min read Historical

Aiming for better privacy in Bitcoin

In February 2015 we started Samourai with one goal: create the most anonymous and secure mobile bitcoin wallet. Our mission reads:

We are privacy activists who have dedicated our lives to creating the software that Silicon Valley will never build, the regulators will never allow, and the VC’s will never invest in. We build the software that Bitcoin deserves.

We made a few decisions early on, one was to get our product in the hands of users as quickly as possible, these users, our alpha testers would be able to simultaneously test the wallet functionality and more importantly help shape the future of the product to meet their needs and demands.

In order to get Samourai to our testers quickly we use used the popular blockchain.info API to obtain balances and push transactions to the network.

On Friday, poop_wallet_narwhal noted this reliance on the blockchain.info API as a point of failure and a privacy problem in a post on Reddit titled “Samourai is the most private and anonymous bitcoin wallet is false.”

Relying on one sole API is not only a bad idea architecturally, it also requires trust. We must trust blockchain.info not to share information passed to the API with other parties. So how are we dealing with this?

  1. We knew this was a point of failure right at the start and we’ve been working to remove reliance on all third party API’s. We decided early on to only use third party API’s during the Alpha stage.
  2. We have stated on our website and in our private alpha tester group our current reliance on API’s and our plan to phase them out.
  3. We enabled Tor and VPN support in the wallet very early on to provide mitigation against the privacy loss from using the API’s

Thanks to our group of Alpha testers, Samourai is developing into a product that is close to market ready and we’re confident we’ll make good on our mission and goals. We sincerely thank all our testers and those in the community supporting what we are trying to do. And we even thank poop_wallet_narwhal for pointing to real concerns in our privacy model.

Published by:

Wallet Guy

You might also like...

Mar
17
Key Differences Between Wasabi and Whirlpool CoinJoin

Key Differences Between Wasabi and Whirlpool CoinJoin

We're seeing a large number of coins leaving Wasabi into Whirlpool over the last few days. The market is speaking
2 min read
Jul
01
Statement regarding atomic swaps and Twitter mobs.

Statement regarding atomic swaps and Twitter mobs.

On June 30 Bitcoin Twitter influencer Giacomo Zucco published a short tweet thread to his followers with very strong implications.
5 min read
Aug
28
An update on the disclosed vulnerabilities in Wasabi Wallet

An update on the disclosed vulnerabilities in Wasabi Wallet

Since the publication of our full disclosure, some Wasabi Wallet maintainers and commentators have posted various reactions on social media.
7 min read
Aug
19
A Statement on two discovered vulnerabilities in Wasabi Wallet

A Statement on two discovered vulnerabilities in Wasabi Wallet

In late July, while working on a basic analysis of bitcoin flows related to the Twitter hack for a planned
4 min read
Aug
01
Updated PSA : Wasabi Wallet is the target of ongoing behavior that appears to be a Sybil Attack since January 2019

Updated PSA : Wasabi Wallet is the target of ongoing behavior that appears to be a Sybil Attack since January 2019

PSA There exists an entity operating as a de-anonymizing “hot wallet” present within transactions by Wasabi since June 1, 2019.
14 min read

Member discussion