Why?
Whirlpool is intended to be decentralised. If no one single party is "running" all the mixes around the world, that can't possibly be seen as all of those nodes acting with malicious intent. The more Whirlpool coordinators, the better. I have the right to break connections between inputs and outputs for privacy reasons and not exposing my balances to my friends.
There are other coordinators, use them, make more of them, make Sparrow a Whirlpool server instead.
So the only option currently is to run a Dojo to access Whirlpool?
Is a Nostr nsec more or less vulnerable to brute forcing attacks than Bitcoin private keys, and by how much?
#AskNostr
Or Wasabi devs were tired of getting dragged on Twitter
Don't forget the Monero swaps they were messing with
Everything actionable you need to know about what this indictment means for you as a Samourai Wallet (SW) or Whirlpool user π
As a Samourai Wallet user (no Dojo)
Unfortunately, the architecture of SW meant that your xpub (a master public key, allowing anyone holding it to derive all your past/present/future Bitcoin addresses) was at some point in time held by Samourai, and could now possible in the hands of the DOJ.
Though it's a worst-case scenario, you should assume that your xpub was compromised, and thus all previous mixes you have done have been unwound and are now traceable. You should also assume that the gov can now derive all past/present/future addresses of yours and track movement of funds if so desired.
In addition, Samourai's coordinator and backend sync server was seized, and so SW will no longer sync, show received funds, or allow sending funds out. As such, you have to migrate funds to another wallet like @SparrowWallet following the docs here:
https://docs.samourai.io/wallet/restore-recovery#export-to-external-wallet
In addition, I would recommend migrating funds to a new seed phrase to prevent anyone holding the xpub from seeing all future received/spent funds.
You should also disable automatic updates in the Play Store (if used) to ensure no malicious updates are pushed.
As a Samourai Wallet user (using your own Dojo)
Thankfully, you avoided having your xpub potentially compromised. The worst case scenario for you is that your previous mixes may not have the full anon set you expected if non-Dojo users xpubs were compromised.
You will still be able to sync/send/receive from your Samourai Wallet app, but should also migrate funds eventually as no further updates will come out for Samourai Wallet. If you want to migrate, use the docs below:
https://docs.samourai.io/wallet/restore-recovery#export-to-external-wallet
You should, however, disable automatic updates in the Play Store (if used) to ensure no malicious updates are pushed.
As a Sparrow Wallet user
Thankfully, you avoided having your xpub potentially compromised as well. The worst case scenario for you is that your previous mixes may not have the full anon set you expected if non-Dojo/Sparrow users xpubs were compromised.
There is no real need to rotate to a new wallet etc, and Sparrow is still an excellent option. Unfortunately you will no longer be able to mix in Sparrow as the Samourai coordinator was seized.
Next steps for privacy
If you (like me) relied on Samourai Wallet for privacy on Bitcoin, it's time to look elsewhere sadly. As of today I have two recommendations:
Use Monero for spending, keep using Bitcoin for savings
Yes, this isn't Bitcoin, but its by far the most used and most practical privacy coin out there with strong (and growing) ways to swap in/out of it without a centralized, KYC exchange. My recommendation is buying enough to cover your normal spending of Bitcoin for a month at least, and spend out of that lump sum as needed.
Learn more:
getmonero.org
Where to get Monero:
bisq.network
Trocador.app
In Cake Wallet's exchange feature
Wallets:
Feather Wallet
Cake Wallet
Monerujo Wallet
Merchants that accept Monero:
monerica.com
cryptwerk.com/pay-with/xmr/
Use JoinMarket
JoinMarket is a decentralized Coinjoin protocol that brings together peers to mix funds together, gaining strong privacy without relying on a central coordinator, without giving fees to a central entity, etc.
The best way to get started today is using the new UI built around JoinMarket, @jamapporg:
jamapp.org
Have any more questions? Drop them below and I'll do my best to answer them.
Wasn't the Whirlpool coordinator being decentralised? Sparrow 1.8.5 mentioned Whirlpool over Soroban
Maybe Samourai messing with Monero swaps was a step too far. And weren't they decentralising the Whirlpool coordinator?
#memes #meme
#memes #meme #memestr
#memes #meme #memestr
#memes #meme #memestr
Think we should just skip to Bitaxes!
34,680 nerd miners on Public Pool. 3.125 reward, ~R113 each, and would be rare π
People have 7/8 Bitcoin to sink into Runes?
I appreciate that my drafts and bad takes are not being stored and analysed by billion-dollar companies. Let's keep it that way.
SwiftKey, however...
I did not have UFC fighter giving a shoutout to Ludwig von Mises on my bingo card this year
Spotify on Android is now poo
#memes #meme #memestr