Wasabi and Samourai Wallets - Reading Assignment

Privacy Coins - Ultimate Course
#203
  1. at one point in time, Samourai and Wasabi were the same application
  2. multiple nodes owned by a single entity.
  3. makes it more expensive to perform a sybil attack
  4. centralised back end server that requires trust
1 Like
#204
  1. Wasabi and Samourai wallets are direct competitors. Both are open-source, non-custodial, privacy-focused Bitcoin wallets that implement trustless CoinJoin mechanism.
  2. A small number of users falsifies new identities and pretends to be much larger in number. This would mean that the anonymity set, or crowd, in which a user can hide their bitcoin transactions is not actually as large as suggested.
  3. Samourai’s implementation of ZeroLink (called Whirlpool) has a different pricing mechanism than Wasabi, though this is not the only difference between the two wallet applications. As a result, SW maintains that Whirlpool makes it more expensive for malicious actors in the system to break the anonymity of other users through a Sybil attack.
  4. Anonymity using Whirlpool can always be broken given that Samourai relies on a centralized, backend server to process users’ extended public keys. When you use the wallet, you send Samourai all of your public keys in the form of an extended public key (XPUB) that let’s Samourai have unique access to all of your current and future addresses
1 Like
#205

  1. Before the founding of Wasabi wallet and Samourai wallet, the lead developers were working together on building the implementation of bitcoin privacy tech CoinJoin called ZeroLink. Due to differences of implementation preferences, they forked the project, went separate way, and started Wasabi wallet and Samourai wallet.

  2. Sybil attack is where a small number of users falsifies new identities and pretends to be much larger in number.

  3. Samourai has a different pricing mechanism and thus makes it more expensive for malicious actors in the system to break the anonymity of other users through a Sybil attack.

  4. The trade-off is the use of more centralized, backend server to process users’ extended public keys. Thus, the anonymity can always be broken.

1 Like
#206 
1 They both shared originally the the protocol: CoinJoin.
2 Somebody falsifies a big number of new identities, pretending to represent a considerable number o participants.
3 The idea is to hide an individual transaction among a number of at leas 100 other transactions.
It4  is more expensive to hack the identity of a user by using ZeroLink.
1 Like
#207

1)Samourai and Wasabi are the same application.
2) A Sybil attack, where a small number of users falsifies new identities and pretends to be much larger in number.
3)Samourai’s implementation of ZeroLink (called Whirlpool), Whirlpool makes it more expensive for malicious actors in the system to break the anonymity of other users through a Sybil attack.
4) Whirlpool can always be broken given that Samourai relies on a centralized, backend server to process users’ extended public keys.
Wasabi is critical whith this because requieres the trust of users.

1 Like
#208
  1. How are Wasabi and Samourai wallets related?
  • Wasabi and Samourai were the same application. The project has forked due to differences within the development team.
  1. What is a ‘Sybil attack’?
  • A small number of users falsifies new identities and pretends to be much larger in number.
  1. How does Samourai protect against Sybil attacks?
  • By pricing: Samourai’s implementation of ZeroLink (called Whirlpool) just makes it more expensive to run Sybil attacks to break anonymity.
  1. What ‘trade-off’ does Samourai make in order to achieve #3? Why is Wasabi critical of this?
  • Samourai relies on backend servers. Samourai requires users to trust the provider due to they send their public keys to the backend servers of Samourai. With that, Samourai has unique access to current and future addresses of its users.
1 Like
#209
  1. They shared the same protocol.
  2. A “Sybil attack” is when a small number of users falsifies new identities and pretends to be much larger in number.
  3. Samourai’s implementation of ZeroLink (called Whirlpool) has a different pricing mechanism than Wasabi.
  4. SW maintains that Whirlpool makes it more expensive for malicious actors in the system to break the anonymity of other users through a Sybil attack.
1 Like
#210
  1. How are Wasabi and Samourai wallets related?

At one point in time, Samourai and Wasabi were the same application. Lead developers forked the project but both implemented ZeroLink; Samourai’s solution is called Whirpool and presents some differences from Wasabi’s

  1. What is a ‘Sybil attack’?

Is a type of attack where the attacker creates a big amount of identities using them to gain influence.

  1. How does Samourai protect against Sybil attacks?

By pricing mechanisms: Whirlpool makes it more expensive for malicious actors in the system to break the anonymity of other users through a Sybil attack.

  1. What ‘trade-off’ does Samourai make in order to achieve #3? Why is Wasabi critical of this?

Samourai relies on a centralized backend server to process users extended public keys. Wasabi is critical of this because this allows Samourai to have unique access to all current and future addresses.

1 Like
#211

  1. They were developed by the same team and share the same protocol.

  2. Sybil attack is when one user can create many aliases to have more influence over a network.

  3. samourai protects against Sybil by being more expensive to do so.

4.Centralized backend server meaning there is trust needed by the users.

1 Like
#212
  1. Both of the lead developers helped create coinjoin
  2. A small number of users falsifies a set of new identities and appears to be a much larger number.
  3. Samourai makes it more expensive for attackers.
  4. They sacrifice decentralization.
1 Like
#213

  1. Wasabi and Samourai at one point were the same application, however a different desire in future implementation let to a split. As a result the project was forked and each went in their preferred way.

  2. A Sybil attack is where a small number of users falsifies new identities to pretend to be larger in number.

  3. Samourai implemented ZeroLink, called Whirlpool which has a different pricing mechanism. Whirlpool makes it more expensive for attackers that wish to break the anonymity of the system’s users.

  4. Samourai relies on a centralised backend server to process user’s extended public keys. Wasabi’s criticism is that this requires users trust that their public key data is not being sold to third parties.

1 Like
#214

1. How are Wasabi and Samourai wallets related?
Wasabi and Samourai wallets both target privacy as their main feature and they had a legal dispute regarding flaws in the other wallet’s privacy feauture.

2. What is a ‘Sybil attack’?
An attack on the network on which the attacker subverts the service’s reputation system of a computer network creating a large amount of pseudonymous identities using them to gain disproportionately large influence on the network.

3. How does Samourai protect against Sybil attacks?
With Whirlpool, an implementation of the long-standing bitcoin privacy tech CoinJoin called ZeroLink.
As Whirlpool is more expensive than using Wasabi, it is more expensive for malicious actors in the system to de-anonymize other users through Sybil attacks.

4. What ‘trade-off’ does Samourai make in order to achieve #3? Why is Wasabi critical of this?
In order to achieve this, Samourai relies on a centralized, backend server to process users’ extended public keys.
Wasabi criticize that this requires the trust of users expecting Samourai to not sell their public key data to third-parties.

1 Like
#215

1.) Wasabi and Samourai wallets are related because they both have ties back to a centralized authority, and at one time were the same application. Both are also subject to privacy exposure somewhere down the protocol line. Bitcoin researcher Max Hillebrand even stated in the article, “One assumes that the coordinator must not be trusted and that everyone knows what the coordinator knows. The other assumption is that there is an inherent trust in the developers and therefore it’s OK to trust central servers.”
2.) A ‘Sybil Attack’ is an exposure method where a small number of users on a specific protocol falsify new identities and pretend to be much larger. This negatively affects the anonymity set of the protocol trying to maintain privacy.
3.) Samourai protects against Sybil attacks by the implementation of ZeroLink (called Whirlpool). Whirlpool makes attacks more expensive so that malicious actors are drawn away from attacking the network.
4.) The ‘trade-off’ that Samourai makes in order to implement Whirlpool is risking privacy of their users by putting trust in a middle-man, centralized protocol. Wasabi was critical of this because TDevD (lead developer of Samourai) called out Wasabi in the beginning of the article saying that it was subject to privacy exposure of its users through sybil attacks; all the while, Samourai had it’s own privacy issues and was hypocritical for initially calling out Wasabi about said issues.

1 Like
#216
  1. How are Wasabi and Samourai wallets related? : ZeroLink Protocol / Technology implementation.
  2. What is a ‘Sybil attack’? : Sybil attack is where a small number of users falsifies new identities and pretends to be much larger in number.
  3. How does Samourai protect against Sybil attacks? : By hiding your [unspent transaction outputs] in a ‘sufficiently’ large crowd (peers),” meaning if, multiple users are actually just one user then the identity of the user is uncovered and privacy levels for all other users in the same mixing pool are reduced.
  4. What ‘trade-off’ does Samourai make in order to achieve #3? Why is Wasabi critical of this? : Samourai wallets implementation of ZeroLink (Whirlpool) technology fluctuates pricing making it expensive for a conducting malicious activity to break the anonymity users.
1 Like
#217

:one: How are Wasabi and Samourai wallets related?

The Wasabi and Samourai wallet both implement the same CoinJoin mixing protocol to mix every transaction floweth out.

:two: What is a ‘Sybil attack’?

A Sybil Attack is where a singly entity is able to create several identities, creating the illusion of a crowded place. When a mixing protocol is sybil attacked, the attacker is able to nullify their own identities and effectively shed off the noise, to see who sent what to who.

:three: How does Samourai protect against Sybil attacks?

The Samourai wallet implements a version of ZeroLink, where it utilizes fees to reduce the capability to conduct a sybil attack. When a user can create identities for free, it’s easy to conduct a sybil attack. However, if it were to cost a significant amount of money, it may nullify the benefit of conducting it in the first place.

:four: What ‘trade-off’ does Samourai make in order to achieve #3? Why is Wasabi critical of this?

The trade-off is that now there is a trusted third party who has the capacity to make this happen. In a situation where a user requires privacy, it’s not always wise to then completely de-anonymise yourself with using someone else’s server (who you don’t know).

1 Like
#218

Unfortunately the link is not active anymore. I will however try to find out answers from other sources.

#219

What do you mean? I’ve tried the link and it worked:

https://www.coindesk.com/markets/2019/08/06/a-battle-between-bitcoin-wallets-has-big-implications-for-privacy/

#220

  1. How are Wasabi and Samourai wallets related?
    Samourai and Wasabi were the same application which use CoinJoin.

  2. What is a ‘Sybil attack’?
    This is where an entity creates several smaller identities to falsify a larger cohort.

  3. How does Samourai protect against Sybil attacks?
    Samourai’ uses ZeroLink (called Whirlpool) which has a different pricing mechanism than Wasabi. As a result, Whirlpool makes it more expensive for malicious actors in the system to break the anonymity of other users through a Sybil attack.

  4. What ‘trade-off’ does Samourai make in order to achieve #3? Why is Wasabi critical of this?
    Samourai’s reliance on a backend server is one that does require the trust of users. This makes the server centralized and Samourai could potentially sell public key data to third parties.

1 Like
#221

How are Wasabi and Samourai wallets related?

Wasabi and Samourai are both privacy wallets which at one time were the same application called ZeroLink. The lead developers TDevD of Samourai and Adam Ficsor aka nopara73 of Wasabi, had a difference of implementation desire which caused a split and the project was forked into the two implementations.

What is a ‘Sybil attack’?

A small number of users falsifies new identities and pretends to be much larger in number.

How does Samourai protect against Sybil attacks?

Samourai protects against Sybil attacks with it’s implementation called Whirlpool which has a different pricing mechanism. Whirlpool makes it more expensive for attackers to break the anonymity of other users.

What ‘trade-off’ does Samourai make in order to achieve #3? Why is Wasabi critical of this?

Samourai gives up being decentralized by using a centralized backend server to process user’s extended public keys. Wasabi is critical of this because you send all of your public keys in the form of an extended public key, which gives Samourai access to all current and future addresses. This requires trust of the users in that Samourai isn’t going to sell their public data to third parties.

#222

1. How are Wasabi and Samourai wallets related?
They are both Bitcoin wallets. They used to be the same application. Due to differences in opinion in how to implement CoinJoin the team split.
2. What is a ‘Sybil attack’?
A small number of people creates a number of multiple identities to appear larger in number
3. How does Samourai protect against Sybil attacks?
Their implementation of ZeroLink makes it more expensive for attackers to perform attacks.
4. What ‘trade-off’ does Samourai make in order to achieve #3? Why is Wasabi critical of this?
It stores public keys on centralized servers