Everything actionable you need to know about what this indictment means for you as a Samourai Wallet (SW) or Whirlpool user 👇
As a Samourai Wallet user (no Dojo)
Unfortunately, the architecture of SW meant that your xpub (a master public key, allowing anyone holding it to derive all your past/present/future Bitcoin addresses) was at some point in time held by Samourai, and could now possible in the hands of the DOJ.
Though it's a worst-case scenario, you should assume that your xpub was compromised, and thus all previous mixes you have done have been unwound and are now traceable. You should also assume that the gov can now derive all past/present/future addresses of yours and track movement of funds if so desired.
In addition, Samourai's coordinator and backend sync server was seized, and so SW will no longer sync, show received funds, or allow sending funds out. As such, you have to migrate funds to another wallet like @SparrowWallet following the docs here:
https://docs.samourai.io/wallet/restore-recovery#export-to-external-wallet
In addition, I would recommend migrating funds to a new seed phrase to prevent anyone holding the xpub from seeing all future received/spent funds.
You should also disable automatic updates in the Play Store (if used) to ensure no malicious updates are pushed.
As a Samourai Wallet user (using your own Dojo)
Thankfully, you avoided having your xpub potentially compromised. The worst case scenario for you is that your previous mixes may not have the full anon set you expected if non-Dojo users xpubs were compromised.
You will still be able to sync/send/receive from your Samourai Wallet app, but should also migrate funds eventually as no further updates will come out for Samourai Wallet. If you want to migrate, use the docs below:
https://docs.samourai.io/wallet/restore-recovery#export-to-external-wallet
You should, however, disable automatic updates in the Play Store (if used) to ensure no malicious updates are pushed.
As a Sparrow Wallet user
Thankfully, you avoided having your xpub potentially compromised as well. The worst case scenario for you is that your previous mixes may not have the full anon set you expected if non-Dojo/Sparrow users xpubs were compromised.
There is no real need to rotate to a new wallet etc, and Sparrow is still an excellent option. Unfortunately you will no longer be able to mix in Sparrow as the Samourai coordinator was seized.
Next steps for privacy
If you (like me) relied on Samourai Wallet for privacy on Bitcoin, it's time to look elsewhere sadly. As of today I have two recommendations:
Use Monero for spending, keep using Bitcoin for savings
Yes, this isn't Bitcoin, but its by far the most used and most practical privacy coin out there with strong (and growing) ways to swap in/out of it without a centralized, KYC exchange. My recommendation is buying enough to cover your normal spending of Bitcoin for a month at least, and spend out of that lump sum as needed.
Learn more:
getmonero.org
Where to get Monero:
bisq.network
Trocador.app
In Cake Wallet's exchange feature
Wallets:
Feather Wallet
Cake Wallet
Monerujo Wallet
Merchants that accept Monero:
monerica.com
cryptwerk.com/pay-with/xmr/
Use JoinMarket
JoinMarket is a decentralized Coinjoin protocol that brings together peers to mix funds together, gaining strong privacy without relying on a central coordinator, without giving fees to a central entity, etc.
The best way to get started today is using the new UI built around JoinMarket, @jamapporg:
jamapp.org
Have any more questions? Drop them below and I'll do my best to answer them.
Thanks for the PSA (except the monero bit)
Soon
TBH, and I don't really want them to be in jail, I just don't like them.
Free Ross.
Free Scamoorai? Nah.
Bearnaise sauce is basically mayonnaise. Make it in advance, and fridge it. #NoSeedOils
Ether though, blegh
Good for price, bad for IOU victims
I don't but I suppose you could embed screenshot
You should consider watching Grandmaster Ben Finegold's lectures, the beginner class; funny AF
Battle between two 3800 rated chess engines, mind blowing game...
It's finally done. Parmanode now has new strap-on software... ParmaRAID.
You can combine multiple external hard disks into a bigger logical single disk (RAID0).
Another option is to have two drives automatically mirror each other for redundancy and safety (RAID1).
You don't understand... If you don't have a one terabyte hard drive you can collect all your smaller ones into a RAID and use that to run a node with Parmanode.
Spread the news. FUCK YEAH.
It's ridiculous that when you download an image file to run a node, eg raspiblitz....img.gz, a Mac will automatically unzip the download and throw the original in the trash. You are then left with raspiblitz...img and when you hash it you'll get the wrong hash. Because you're hashing the extracted (wrong) file. You have to take the original out of the trash and has that.
The magic of digital signatures and how it works, high level (necessary to understand the #Bitcoin Whitepaper)...
Without digital signatures it's not possible to prove your own something digital without a trusted central authority.
What you own is a secret number, a number that is large and not guessable and only you know it. Only you knowing it IS the ownership.
This number is the private key, or convertible into the private key format.
From the private key a public key is made. It is determined by the private key and is a reproducible calculation.
The public key has the name suggests is revealed publicly, and is used in a way to prove that you know the number that produced the public key, WITHOUT REVEALING THE PRIVATE KEY. That is the essence of the invention of public-private key cryptography, and his magical.
You are proving you know a number without revealing the number. This is necessary because if you reveal it you no longer own it because you are not the only one that knows it.
I won't actually going to all the math today, but broadly this is how it works...
Any data is selected to begin with, and all digital data is essentially a number. This data is called the message.
The message is manipulated mathematically with the private key, another number. That number in a digital SIGNATURE.
The public can then take three pieces of information and EASILY and cheaply confirm validity or invalidity (true/false)...
1. Message
2. Public key
3. Signature
If the result of combining these three numbers is valid, then it can be concluded that the private key that produced this particular public key is known by whoever produced the signature.
This is applied in Bitcoin in a genius way where the message is the transaction and includes the public key inside the message, and who is being paid (via public-key/address). All of that is in the message. If you begin to understand this you can then make sense of the Bitcoin whitepaper.
Note that it is not the address that is used for the cryptography... The address is like an abbreviation of the public key. Using an address instead of a public key in the message saves data. When a transaction is signed ie when someone wants to prove they own the private key to an address, they will reveal the public key that creates the address. The public can then confirm that that public key creates the address that is being spent from.
Don't let your emotions get in the way of accepting the truth
Understood, but still a good skill for non personal data
