What are peoples thoughts on samourai knowing your xpub when you use whirlpool? The Samourai team have been proven to be not the most trustworthy people. To me considering that wasabi is compromised and joinmarket has been shown to have its own issues, that leaves only samourai, and they are kind of shady, and they know your xpub. Fwiw samourai does posture as cypherpunks who are dedicated but they also have your freaking xpub for coinjoins. Thoughts?
Discussion
Running your own dojo resolves this afik.
Haven't heard anything about joinmarkets, except that is not that easy for the not so much technical.
When creating a wallet on Samourai, you are *encouraged* to connect to your own node first. If you do that, they will *never* have your xpub.
The whirlpool coordinator does not take an xpub, that’s just the backing server to Samourai wallet that does. Which is why you should use your own.
The coordinator is blinded and only knows of the individual UTXOS that are being published as available to mix, and by default samourai wallet changes Tor identities after each UTXO that is mixed, so that even IP addresses aren’t linked.
My recommendation is to always run your own node so you don’t have to trust anyone, that includes samourai.
Was cool to learn today that Samourai are also working on decentralizing the coordinator.
Not only decentralized coordinator but also multiparty tx0 and sentinel watch only wallet with update to psbt/hex broadcast so your private keys never see online + atomic swap for doxxic change.
Been in the works for a while. Will be incredible. One liquidity pool and any number of coordinators. That plus multi party Tx0 is the dream
And ledger live, Trezor software or coldcard with public Electrum servers don’t?