Samourai Wallet Review
Samourai offers some excellent and unique privacy and security features. Still a bit rough around the edges, but expecting excellent things.
- HD, Tor Support, Stealth Address, VPN compatible
- Trusted Node
- Excellent privacy features including payment codes
- Cool security – hide your app and open it only through dialing a secret number!
- Integrated Tor and VPN support
- Still in Alpha
- Android only
- Uses blockchain.info’s API for transaction verification.
“We are privacy activists who have dedicated our lives to creating the software that Silicon Valley will never build, the regulators will never allow, and the VC’s will never invest in. We build the software that Bitcoin deserves.” Thus goes the mission statement found on the bottom of every page of the Samourai website, which portends a privacy-first wallet designed to protect bitcoin holders from the prying eyes of extortionists, governments or anyone else looking to get a hold on your account information.
And indeed, the Alpha-version of the product provides some excellent privacy features to users – not to mention some pretty nifty security options. They are the first android wallet to utilize payment codes – fixed address that rotate the actual recipient address in the background – and are on the path towards embedded VPN and Tor. From a security perspective, they use pin code toggling to protect against keyloggers, offer the ability to hide the app from the phone, as well as an SMS program to wipe the wallet if the phone is stolen.
At the moment Samourai is still a bit rough around the edges, being in Alpha release and all. To get the product out to testers, Samourai relies on verification of transactions on the blockchain.info API, which in retrospect was not the best decision for a privacy-first wallet. blockchain.info being a signator to the blockchain alliance group which pledges to work with law enforcement and regulatory agencies to track blockchain transactions seeking out criminal behaviour. This was highlighted in a well-publicized reddit post (well, well-publicized amongst a small niche of the bitcoin wallet niche), and to their credit, Samourai acknowledged the mistake in a blog post and pledged to phase out reliance on APIs, and thanked the poster, the excellently named poop_wallet_narwhal, for bringing it up.
Setting up Samourai
Download the app from google play and select create wallet. You’ll then be asked to create a passphrase, which is a mnemonic providing additional security above the private seed. To restore the wallet, you’ll need both the passphrase and the private seed, which will be displayed to you in a subsequent step. Prior to displaying your seed however, you’ll be asked to create a pin which must be 5 or more digits, used for ease of access. When you login, the number display will be randomized to foil any would be Android keyloggers from stealing your pin – excellent!. Next, write down the private seed displayed and boom, you are in.
The Samourai wallet
You’ll be redirected to a nondescript page, possessing only a blue plus button in the bottom right corner. Press it to open the send, receive, payment channels and Shapeshift icons.
Payment codes – or receiving bitcoin
What makes Samorai wallet unique amongst Android wallets is its use of payment codes. Payment codes are permanent address that can be displayed on a website or business card, but will redirect payments to rotating addresses to preserve privacy. They have claimed that subsequent releases will introduce a coin-mixing element too, to foil even the most savvy of blockchain spies from ascertaining the transferrer and transferee.
To create a new payment channel, click on the plus icon at the bottom of the payment channel screen. This will open two buttons – “recommended” which contains donation payment channels to both Samourai and the Open Bitcoin Project, and a “New Payment Channel” button. Click new payment channel and either paste or scan the payment code given to you by your recipient. Your own payment code may be found in the upper left hand corner of the payment code screen.
The exchange integration with shapeshift allows for the instant conversion of select altcoins into bitcoin without having to mess around with intermediary exchanges or conversions. Simply select the relevant crypto you would like to instachange, and send your coin directly to the generated QR code. Funds will arrive in your samourai wallet denominated in bitcoin.
Sending and receiving bitcoin
Samorai offers a few interesting features when sending funds. First, they have accounted for the possibility of a transaction fee market through a “smart miner fees” system. Users may select:
Auto: sets a fee consummate with current network bandwidth;
Priority: to ensure quick confirmation and;
Custom: to set a bespoke fee.
More interestingly, Samourai has an aptly named “Block Chain Obfuscation” program, which allows users to preset anonymity levels of send to:
Simple: Just a basic HD Transaction;
Samourai Send: Uses decoy change addresses;
CoinJoin Simulation: Makes it look like (not actually be) a CoinJoin transaction – meaning that inputs and outputs are mixed.
Cool Samourai SMS stuff
Samourai offers a number of really clever defenses to protect the wallet when the phone is stolen. First, you can put Samorai into stealth mode via settings which makes all trace of the app disappear from your phone. To access the wallet, you need to dial **pincode# to yourself and send, after which the wallet will launch.
You can retrieve your wallet seed by sending an SMS to your phone number, whilst another message allows the remote wiping of your wallet from the device.
So right, here is the makings of an excellent wallet. Much depends obviously on how this rolls out to beta, and we will be watching, along with every other bitcoin privacy nerd out there. Big ups to team Samourai for pulling the industry forward.