Wasabi and Samourai Wallets - Reading Assignment

1. How are Wasabi and Samourai wallets related?
   A) Co founders ‘forked’ the project as they were unable to come to an agreement’ They split and implemented the way each wanted. Samourai and Wasabi are the same application.

2. What is a ‘Sybil attack’?
   A) Sybil attack aims at reducing the anonymity set by introduction of large numbers of fake addresses, that get exposed after the transaction and then leave the genuine users exposed to less privacy than they were expecting.

3. How does Samourai protect against Sybil attacks?
   A) Samourai’s implementation of ZeroLink (called Whirlpool) has a different pricing mechanism than Wasabi. As a result, SW maintains that Whirlpool makes it more expensive for malicious actors in the system to break the anonymity of other users through a Sybil attack.

4. What ‘trade-off’ does Samourai make in order to achieve #3? Why is Wasabi critical of this?
   A) Samourai relies on centralized system to process the public keys. Wasabi does not like this idea.

1.- The main developers worked initially together in a joint proyect called ZeroLink.
2.- A sybil attack is an attack where few or one individual try to simulate been a bigger number of participants, thus making the impression of being many when in reality they are just a few, thus, users can are not as secure as they think they are been mixed between no as many other users.
3.- It is more expensive for malicious actors to break the anonymity of other users through a Sybil attack.
4.- Samourai relies on a centralized solution, using a centralized server to store your current and future public addresses, therefore the security on the system is relying also on a centralized aspect.

1. At one point in time, Samourai and Wasabi were the same application.Lead developers TDevD (Samourai) and nopara73 (Wasabi) worked together on building an implementation of long-standing bitcoin privacy tech CoinJoin called ZeroLink.

2. A small number of users falsifies new identities and pretends to be much larger in number.

3. Implementation of ZeroLink (called Whirlpool)

4. Anonymity using Whirlpool can always be broken given that Samourai relies on a centralised, backend server to process users’ extended public keys.

1. How are Wasabi and Samourai wallets related?
   Lead developers worked together on building an implementation of long-standing bitcoin privacy tech called ZeroLink.
2. What is a ‘Sybil attack’?
   A number of users who falsifies their identity , so ends that anonymity set is not as high as expected.
3. How does Samourai protect against Sybil attacks?
   By having a different pricing mechanism than Wasabi
4. What ‘trade-off’ does Samourai make in order to achieve #3? Why is Wasabi critical of this?
   Relies on a centralized, backend server to process users’ extended public keys. Wasabi is critical due to the centralized option , and that users have to trust them

1. It started out as one project.
2. In a Sybil attack one entity creates and controls many identities. For example, there should be 100 different entities in a coinjoin process. If 25 of them are just one entity, then the anonymity level decreases dramatically.
3. It uses its own server to process xpub.
4. Samourai has access to all your public key through XPUB

1. How are Wasabi and Samourai wallets related?
   Both are an implementation of ZeroLink.

2. What is a ‘Sybil attack’?
   It is where a small number of users falsifies new identities and pretends to be much larger in number.

3. How does Samourai protect against Sybil attacks?
   Samourai’s implementation of ZeroLink (called Whirlpool) has a different pricing mechanism than Wasabi. Samourai states Whirlpool makes it more expensive for malicious actors in the system to break the anonymity of other users through a Sybil attack.

4. What ‘trade-off’ does Samourai make in order to achieve #3? Why is Wasabi critical of this?
   Samourai relies on a centralized, backend server to process users’ extended public keys. This lets Samourai have unique access to all of your current and future addresses

1. How are Wasabi and Samourai wallets related?
   They compete against each other.
2. What is a ‘Sybil attack’?
   A Sybil attack is where a small number of users falsifies new identities and pretends to be much larger in number.
3. How does Samourai protect against Sybil attacks?
   Samourai’s implementation of ZeroLink (called Whirlpool) has a different pricing mechanism than Wasabi, though this is not the only difference between the two wallet applications. As a result, SW maintains that Whirlpool makes it more expensive for malicious actors in the system to break the anonymity of other users through a Sybil attack.
4. What ‘trade-off’ does Samourai make in order to achieve #3? Why is Wasabi critical of this?
   This matter of Samourai’s reliance on a backend server is one that SW admits does require the trust of users “that Samourai isn’t trying to sell their public key data to third parties.”
   Wasabi: divvying up costs later on in the process is actually more “cost-effective” and points out that anonymity using Whirlpool can always be broken given that Samourai relies on a centralized, backend server to process users’ extended public keys.
   “When you use the wallet, you send Samourai all of your public keys in the form of an extended public key (XPUB) that let’s Samourai have unique access to all of your current and future addresses,”

1. How are Wasabi and Samourai wallets related?
   Both use the same protocol called Zerolink (implementation of CoinJoin).

2. What is a ‘Sybil attack’?
   Sybil attack is where a small number of users falsifies new identities and pretends to be much larger in number with aim of infiltrating the network.

3. How does Samourai protect against Sybil attacks?
   Samorai’s implementation of ZeroLink ( called Whirlpool) uses a pricing mechanism which makes more expensive for malicious actors in the system to break anonymity of users.

4. What ‘trade-off’ does Samourai make in order to achieve #3? Why is Wasabi critical of this? The users must trust the developers and thereby the central servers when using SW wallet. Wasabi opposes to this idea of all public keys to be stored in a central unit, because of hacks.

1. they used to be the same project (implementation of CoinJoin) but had different views and decided to split
2. Sybil attack = small number of users falsifies new identities and pretends to be much larger in number (in this particular case it’s effecting the size of the presumed anonymity set)
3. Samourai’s implementation of ZeroLink (called Whirlpool) has a different pricing mechanism than Wasabi. As a result, SW maintains that Whirlpool makes it more expensive for malicious actors in the system to break the anonymity of other users through a Sybil attack
4. divvying up costs later on in the process is actually more “cost-effective” and points out that anonymity using Whirlpool can always be broken given that Samourai relies on a centralized, backend server to process users’ extended public keys

How are Wasabi and Samourai wallets related?
co-founder of Samourai Wallet, who goes by the initials SW, said that at one point in time, Samourai and Wasabi were the same application.

What is a ‘Sybil attack’?
In a Sybil attack, the attacker subverts the reputation system of a network service by creating a large number of pseudonymous identities and uses them to gain a disproportionately large influence.

How does Samourai protect against Sybil attacks?
Samourai’s implementation of ZeroLink (called Whirlpool) has a different pricing mechanism than Wasabi, though this is not the only difference between the two wallet applications. As a result, SW maintains that Whirlpool makes it more expensive for malicious actors in the system to break the anonymity of other users through a Sybil attack.

What ‘trade-off’ does Samourai make in order to achieve #3? Why is Wasabi critical of this?
“When you use the wallet, you send Samourai all of your public keys in the form of an extended public key (XPUB) that let’s Samourai have unique access to all of your current and future addresses,”

1. Wasabi and Samourai are each others’ primary market competitors, though they originate from the same software, called ZeroLink. They forked into two different applications due to a difference in implementation desire.

2. A Sybil attack is when a number of users falsify identities in order to appear much larger, making the anonymity set much smaller than it would initially appear in order to aide in discovering users’ identities.

3. The Samourai wallet has a different pricing mechanism that makes it more expensive for malicious actors to do Sybil attacks.

4. The Samourai wallet relies on a backend server which has access to all of the current and future public keys of its users. The customer has to trust that they’re not doing anything malicious with this info. Wasabi is critical of this because they’ve made this change to an existing application which, according to Wasabi’s creator, already works well and does not need to be changed in this way.

1. How are Wasabi and Samourai wallets related?

At one point in time Wasabi and Samourai were the same application as both their lead developers worked together on building their application. However, the project was forked as both developers had a difference in the way they wanted to further implement the application.

2. What is a ‘Sybil attack’?

An attack where a small number of users counterfeits new addresses and pretends to be much larger in number as a means of skewing actual real identities that are used as part of the anonymity set when mixing. As a result, real identities part of an anonymity set containing fake identities become more vulnerable from being deanonymized by third-parties which could lead to targeted attacks.

3. How does Samourai protect against Sybil attacks?

Through their pricing mechanism:

Whirlpool makes it more expensive for malicious actors in the system to break the anonymity of other users through a Sybil attack.

4. What ‘trade-off’ does Samourai make in order to achieve #3? Why is Wasabi critical of this?

Samourai relies on a centralized, backend server to process users’ extended public keys.

This gives them access to all current and future addresses. So the trade-off here is users having to put trust in the application and the team.

1. How are Wasabi and Samourai wallets related?
   They were at one time the same project but split to work on different desired implementations.

2. What is a ‘Sybil attack’?
   A Sybill attack is when a single source is taking up a large portion of the anonymity set, therefore reducing that set for the other people in it.

3. How does Samourai protect against Sybil attacks?
   Samourai dissuades sybill attacks by making them much more expensive to attempt.

4. What ‘trade-off’ does Samourai make in order to achieve #3? Why is Wasabi critical of this?
   The trade-off is that Samourai requires the use of a centralized back-end server. Wasabi sees that as a fundamental privacy flaw by introducing a trust element.

1. In the beginning they were the same company. Due to differences in their implementation, they “forked” in their own directions.

2. where “a small amount of users create more identities to broaden their numbers”

3. Samurai made their prices more “expensive” to minimize the amount of people willing to pay to participate or create a Sybil attack

4. No backend server is used in Wasabi as oppose to Samurai’s approach to hold inputs in a large crowd.

1. How are Wasabi and Samourai wallets related?
   Lead developers TDevD (Samourai) and nopara73 (Wasabi) Developed and implemented to create bitcoin privacy tech Zerolink.

2. What is a ‘Sybil attack’?
   Sybil attack, where a small number of users falsifies new identities and pretends to be much larger in number.

3. How does Samourai protect against Sybil attacks?
   Whirlpool) has a different pricing mechanism than Wasabi, though this is not the only difference between the two wallet applications. As a result, SW maintains that Whirlpool makes it more expensive for malicious actors in the system to break the anonymity of other users through a Sybil attack.

4. What ‘trade-off’ does Samourai make in order to achieve #3? Why is Wasabi critical of this?
   using Whirlpool can always be broken given that Samourai relies on a centralized, backend server to process users’ extended public keys. Wasabi sees that as a privacy invasion.

1. The main developers of Samourai and Wasabi originally worked together creating Zerolink.

2. The general idea of a sybil attack is… One person or entity creating multiple accounts or identities on a network. To sway influence in voting or manipulating nodes. When there is no cost to enter the network it can be flooded by bad actors.

3. The whirlpool feature makes it more expensive/difficult to execute a sybil attack.

4. Samourai uses a centralized back end server to store private keys. Wasabi is not down with this for obvious reasons

1.They used to be one project. They had forked due to different implementation views.
2. A Small number of users with fake identities pretends to be a large group of users.
3. the goal of the Wasabi mixing technique, is to hide your [unspent transaction outputs] in a ‘sufficiently’ large crowd (peers),”
4 Whirlpool ensures that it is more expensive for malicious actors in the system to break the anonymity of other users through a Sybil attack.

1. By sharing the same base protocol.

2. It is an entity which have the ability to create multiple identities.

3. By making it more expensive for actors to break through a Sybil attack.

4. By using a central sever.

1. How are Wasabi and Samourai wallets related?
   They share the same protocol: CoinJoin

2. What is a ‘Sybil attack’?
   where a small number of users falsifies new identities and pretends to be much larger in number.

3. How does Samourai protect against Sybil attacks?
   they mix each tx with max 100 peers

4. What ‘trade-off’ does Samourai make in order to achieve #3? Why is Wasabi critical of this?

5. Samourai’s implementation of the protocol makes it more expensive for malicious actors to be able to attack users and their privacy, since the pricing mechanism on which it is based is higher than the one used by Wasabi.

1. How are Wasabi and Samourai wallets related?

The Wasabi and Samourai wallets were part of the project until they said “fork you”!

2. What is a ‘Sybil attack’?

Sybil, originally was a case study of a woman diagnosed with dissociative identity disorder. Today, a Sybil attacked is when one or a group creates a large number of users to undermine the reputation to overtake influence by a single entity or effort to control the nodes, gain majority influence and perform its will to change the status quo governance, security – effectively rule

3. How does Samourai aka TDevD of ZeroLink (called Whirlpool) protect against Sybil attacks?

Amoung other diff, Samourai has a different pricing mechanism than Wasabi, as SW maintains that Whirlpool drives up the price for malicious system anonymity through a Sybil attack

4. What ‘trade-off’ does Samourai make in order to achieve #3? Why is Wasabi (Adam Ficsor aka nopara73) critical of this?

Whirlpool anonymity Samourai can be broken as it relies on a centralized, backend server to process users’ extended public keys addresses.