Wasabi and Samourai Wallets - Reading Assignment

1. The Wasabi and Samourai wallets both started as the same application but was forked when the team had different opinions on how to implement their version of coinjoin mixing.
2. A Sybil attack is when one user floods the mixing coinjoin service with new accounts limiting the true count of actual users. This dilutes the anonymity set of all other users in the system
3. Wasabi’s main advantage in their implementation of mixing is more trust less because everyone on the network knows what the coordinator knows. Everyone can always verify, the information is known.
4. Samourai’s main advantage in their implementation of mixing is to make it more expensive for the attacker by using a different pricing mechanism for transactions.

1. They share an implementation of long-standing bitcoin privacy tech CoinJoin called ZeroLink.

2. a small number of users falsifies new identities and pretends to be much larger in number

3. It has a large anonymity set

4. It is more expensive to hack the identity of a user by using ZeroLink.

1. Wasabi and Samourai wallet are both based on the CoinJoin technique called ZeroLink. In early days the lead developers of both project worked together and try to implement ZeroLink. But they have different opinions how to program implement it in the right way. Therefore, they split up the project and each worked on their on version of ZeroLink. One big difference is the pricing mechanism in Samourais wallet (Implementation of ZeroLink is called Whirlpool) which makes it more costly for attackers to break the privacy (through a Sybil attack).

2. A Sybil attack in the CoinJoin technique means that there are entities (in this case peers) who wants to break or reveal the privacy of transactions. Therefore, they entitites creates lots of fake peers which all belongs to one or more entities. When 100 peers are needed and there are 3 entities which creates fake peers (lets say each 30 which means 90 of them are fake!) then the anonymity set is decreased significantly.

3. Wasabis main advantage is that their solution is not based on a centralized backend server. So, in the case of Samourai the users have to trust Samourai that they don´t do shady things with all of the user public keys. They also have access to all of the user current and future public keys. This is in contrast to the TRUSTLESS vision of Bitcoin.

4. Through the ZeroLink implementation in Samourai (Whirlpool) it is more expensive to attack and break the anonymity.

Q1: At one point in time they were the same app, a difference in opinion lead to a split in the company resulting in Wasabi and Samouris’ wallets. Both share the same core protocol: CoinJoin.

Q2: A hacker creates multiple addresses and holds those within the same anonymity set lowering everyone else’s privacy and anonymity.

Q3: Wasabi hides UTXOs in a large crowd to increase anonymity and privacy.

Q4: A higher price structure makes it more expensive to conduct a Sybil attack lowering the hacker’s ability and morale to even attempt such an attack.

1 - How are Wasabi and Samourai wallets related?

Samourai and Wasabi were the same application before the project was forked.

2 - What is a ‘Sybil attack’?

A Sybil attack, where a small number of users falsifies new identities and pretends to be much larger in number.is not actually as large as Wasabi suggests.

3 - According to the article, what is Wasabi wallet’s main advantage?

Wasabi wallet uses a mixing technique to hide your [unspent transaction outputs] in a ‘sufficiently’ large crowd (peers). The apparent target Anonymity Set in Wasabi mixing is 100 peers. It is also decentralized.

4 - According to the article, what is Samourai wallet’s main advantage?

Samourai’s implementation of ZeroLink is called Whirlpool has a different pricing mechanism. This makes it more expensive for malicious actors in the system to break the anonymity of other users through a Sybil attack.

• How are Wasabi and Samourai wallets related?
  wasabi and samourai wallets are related by their respective founders both initially worked together on ZeroLink and both wallets can use an implementation of CoinJoin.
• What is a ‘Sybil attack’?
  when a hacker creates and use a lot of fake accounts which will lead to less anonymity.
• According to the article, what is Wasabi wallet’s main advantage?
  wasabi’s technique is to hide your unspent transactions in a sufficiently large crowd.
• According to the article, what is Samourai wallet’s main advantage?
  it is more expensive to hack the identity of a user by using Zerolink.

1. Both use ZeroLink which is an implementation of CoinJoin.
2. A Sybil Attack is an attack where a small number of users falsifies new identities and pretends to be a much larger in number.
3. The main advantage of Wasabi is to hide UTXOs in a ‘sufficiently’ large crowd (peers) of 100 people and Wasabi wallet does not relay on a central server to process TX.
4. Samourai implemented ZeroLink (called Whirlpool). Whirpool makes it more expensive for malicious actors to break the anonymity of other users through a Sybil attack.

• They were the same project at certain point of time, but they did not agree on the implementation of ZeroLink.
• A Sybil attack is when a small number of users are faking identities to register for the wallet and pretend to be much larger in number.
• The Wasabi missing technique to hide your unspent Tx outputs in a large crowd.
• The ZeroLink whirpool, as it is maintained by SW it has a different pricing mechanism, making it more expensive for a Sybil attack to take place.

1. Wasabi and Samouai wallets are related as the were the same application and both the founders worked together on CoinJoin.

2. A Sybil attack is where one person creates many different fake profiles in order to gain some sort of influence over the network being used.

3. Wasabi wallet’s main advantage is that it will conceal your unspent transactions in a large enough pool of transactions…

4. Samourai wallet’s main advantage is that SW uses Whirlpool thus making an attack extremely expensive.

1. How are Wasabi and Samourai wallets related?

• the two core developers worked together on implementing a Bitcoin CoinJoin tech called ZeroLink. So they are both based on the same tech.

2. What is a ‘Sybil attack’?

• its an attack were a small number of users falsifi credentials and have multiple accounts in the mixer linked to one user. This reduces the anonymity set in which uses hide their bitcoin transactions. Wasabi mixing has about 100 peers usually.

3. According to the article, what is Wasabi wallet’s main advantage?

• Wasabis technique is to hid your unspent UTXOs in a large crowd

4. According to the article, what is Samourai wallet’s main advantage?

• Samourai has a different pricing mechanism than Wasabi, which makes it more expensive for malicious actors in the system to break anonymity of other users through a sybil attack

1. Same initial project and developers. Later forked because of the differences between Devs.
2. Same actor creating n number of accounts to participate in the same TXNs to know more about other participants.
3. It is decentralized.
4. expensive pricing mechanism makes Sybil attack difficult for bad actors.

1. How are Wasabi and Samourai wallets related?

They are both known as privacy wallets using different implementation of CoinJoin tech called ZeroLink

2. What is a ‘Sybil attack’?

‘Sybil attack’ is when a small number of users falsifies new identities and pretends to be much larger in number. This would mean that the anonymity set, or crowd, in which a user can hide their bitcoin transactions is not actually as large as suggested.

3. According to the article, what is Wasabi wallet’s main advantage?

Wasabi wallet doesn’t send user addresses to the centralized backend server.

4. According to the article, what is Samourai wallet’s main advantage?

Samourai’s implementation of ZeroLink called Whirlpool makes it more expensive for malicious actors in the system to break the anonymity of other users through a ‘Sybil attack’.

1. Wasabi and Samourai wallets are related. At one point in time, Samourai and Wasabi were the same application. Lead developers TDevD (Samourai) and nopara73 (Wasabi) worked together on building an implementation of long-standing bitcoin privacy tech called ZeroLink.

2. A “Sybil attack” is where a small number of users falsifies new identities and pretends to be much larger in number. This would mean that the anonymity set, or crowd, in which a user can hide their bitcoin transactions is not actually as large as Wasabi suggests.

The goal is to hide your [unspent transaction outputs] in a ‘sufficiently’ large crowd (peers), “The current target Anonymity Set in Wasabi mixing is 100 peers.”

That means that if, say, 20 of those peers are actually just one user and the identity of this user is uncovered, privacy levels for all other users in the same mixing pool are reduced.

“With bad user privacy, the crowd gets smaller,” “If you are one of these other [transactions] that have not been de-anonymized [by an attacker] then your anonymity set is no longer 100.”

3. Wasabi wallet’s main advantage is when you use the wallet, you do not send all of your public keys in the form of an extended public key (XPUB) Like with Samourai that have unique access to all of your current and future addresses,

This matter of Samourai’s reliance on a backend server is one that does require the trust of users “that Samourai isn’t trying to sell their public key data to third parties.” Wasabi is not centralized in this way.

4. Samourai wallets main advantage is Whirlpool makes it more expensive for malicious actors in the system to break the anonymity of other users through a Sybil attack.

1. It was one application, but developers had different views on how to implement ZeroLink protocol and decided to separate their development efforts. So, one created Wasabi wallet, another - Samurai.
2. It’s when large number of participants in CoinJoin transaction is actually just one user with uncovered identity. Thus, other participants think they have a large anonymity set as a result of CoinJoin transactions, but in reality they don’t.
3. Wasabi’s advantage is that they don’t send user addresses (extended public address) to a single centralized server, so Wasabi implementation does not require trust from its users.
4. Samorai has different pricing mechanism for their service. Looks like users have to pay more and it is stated that larger cost makes it more expensive to do Sybil attack. I think that it is dubious advantage.

1. Wasabi and Samourai are related by the fact that the lead developers of each wallet once worked together when building an implementation of CoinJoin called ZeroLink. Apparently Samourai and Wasabi were at one time the same application.

2. A Sybil attack is where a small number of users falsify new extra identities and so pretend to be larger in number than they are. This means that the anonymity set is not as large as suggested.

3. Wasabi Wallet’s main advantage is that the users do not have to trust a third party. Samourai relies on a centralised back-end server to process public keys, which can be broken. Having this server also means that Samourai users have to send them all their public keys in the form of an extended public key, thereby giving Samourai unique access to all of their current and future addresses. Wasabi avoids this.

4. Samourai Wallet’s main advantage is that because of the Whirlpool implementation it is more expensive for malicious actors to break the anonymity of users through a Sybil attack.

1. Wasabi and Samourai wallets are related through sharing an origin story. The original developers both were working to create the same project but found disagreement in the implementation. They both fundamentally were working to create a wallet that uses CoinJoin.

2. A Sybil attack is an attack that aims to reduce the anonymity set by inflating the number of users through faking multiple addresses in an anonymity set.

3. Wasabi wallets main advantage is the co-ordinator is not trusted. They operate pubicly.

4. Samourai’s main advantage is the server’s that operate the transactions are secured.

1. They both working together building an implementation of CoinJoin tech called ZeroLink before they split on their own desired way
2. ‘Sybil attack’ is a way of malicious actors in the system to break the anonymity of the user by falsifies new identities and pretend to be much larger in number
3. Wasabi Wallet users did not have to trust the back-end server to collect extended public key
4. Samurai Wallet users has more defense mechanism using whirpool in the back-end server of the wallet to protect such ‘Sybil attack’ to occur.

1. Wasabi and Samourai wallets both originate from the same project of implementing ZeroLinK CoinJoin technology.
2. A Sybil attack aims at reducing the anonymity set by introduction of large numbers of fake addresses, that get exposed after the transaction and then leave the genuine users exposed to less privacy than they were expecting.
3. Wasabi has a decentralized approach over Samourai’s centralized backend server.
4. Samourai makes it more expensive for attackers to break the anonymity through a Sybil attack through their fee structure.

1. They share the same core protocol; CoinJoin.
2. Falsifying a big number of new ID’s who are pretending to represent a larger number of participants.
3. The main advantage of Wasabi is to hide UTXOs in a ‘sufficiently’ large crowd (peers) of 100 people.
4. It is more expensive for attackers to perform a sybil attack.

1. How are Wasabi and Samourai wallets related?
They both implemented privacy tech CoinJoin called ZeroLink and were once the same application.

2. What is a ‘Sybil attack’?
It is an attack whereby a small number of users falsifies new identities and pretends to be bigger than they are, making the anonymity set much smaller in reality, and thus making it less secure.

3. How does Samourai protect against Sybil attacks?
Samourai’s implementation of ZeroLink (called Whirlpool) makes it more expensive for malicious acts in the system to break the anonymity of users.

4. What ‘trade-off’ does Samourai make in order to achieve #3? Why is Wasabi critical of this?
Samourai relies on a centralized, backend server to process users’ extended public keys which let’s Samourai have unique access to all of your current and future addresses.