1/56 @SamouraiWallet + @RoninDojoUI

A thread on privacy, anonymity, & options.
-Samourai Mobile Wallet
-Ronin CLI
-Dojo full node
-Ronin UI
-Whirlpool GUI
-Electrum
-Explorer
-OXT
-KYCP
2/56 @SamouraiWallet & @RoninDojoUI are 2 different developer teams. Dojo is meant to be used as your own full node in support of your SW for better privacy & trust mitigation. Ronin is the UI used to interact with your dojo.

samouraiwallet.com

ronindojo.io
3/56 @SamouraiWallet is a #BTC only, mobile wallet for Android. Like any other HD wallet, your xpub is used to display balances & generate addresses. As with any HD wallet, if you’re not running your own node then you’re introducing trust by using someone else’s.
4/56 However, unlike any other HD wallet, @SamouraiWallet has a suite of tools available to users like Ricochet, PayNym, Stonewall, & Whirlpool. These tools are significant advantages for users interested in enhancing privacy & on-chain anonymity. @BitcoinQ_A info-graphics.
5/56 Before getting into the wallet’s features & tools, the Dojo full node needs to be set up on a single board computer (SBC). I chose a RasPi4, but consider using the RockPro64 for the smoothest set up. PC also required for the RoninUI.

wiki.ronindojo.io/en/hardware
6/56 The Ronin Dojo Wiki offers many helpful resources & detailed instructions. If you get stuck in the set up process, jump into the Telegram group. Community members are supportive and go out of their way to help new users get up & running.

t.me/RoninDojoUI
7/56 I’m only giving a high level overview of the set up process because detailed instructions are on the Wiki page. Assemble/connect your hardware, download/verify the Ronin image, & flash a MicroSD card. Then power up the hardware.

wiki.ronindojo.io/en/gui-setup/s…
8/56 SSH into the SBC, configure keyboard layout, username, ect. Run updates & clone Ronin repository. This will get Ronin CLI up & running. From here, the Dojo dependencies can be installed, which is the back-end server that interacts with Bitcoin.

wiki.ronindojo.io/gui-setup/step2
9/56 Optionally, a user can install Indexer, a balance querying tool; and Electrum Rust Server, a hardware wallet interfacing tool. These options will only install after Dojo has completed the Initial Block Download (IBD) & they’ll take an additional 8 hours.
10/56 Depending on a # of factors, IBD will take at least 2 days, possibly a week. In the mean-time it is safe to get started on the User Interface setup. @RoninDojoUI is designed to make interacting with the Dojo full node more user friendly.

wiki.ronindojo.io/gui-setup/step3
11/56 Where the SBC is running the Ronin CLI & the Dojo full node, your PC will be running the RoninUI & Whirlpool GUI. With the @RonindojoUI a user can connect their @SamouraiWallet via QR code, monitor logs, & more. With the Whirlpool GUI, mixes can be managed.
12/56 On a PC: Tor browser required. Download/verify RoninUI. Copy/paste Tor credentials from Ronin CLI. Create password. Now SW can be paired to RoninUI. Download on Android, select main-net & Tor, select Connect to existing Dojo, scan QR from @RoninDojoUI.
13/56 @SamouraiWallet sets up like most other wallets. You’ll need to create a PIN code for accessing the app & secure a BIP39 passphrase/12-word mnemonic. No personal info is collected. You can restore external wallets. You also get a BIP47 PayNym!
14/56 Stop & think. Mobile bitcoin wallet. Built-in CoinJoin implementation. An array of post-mix spending tools. Connected via Tor. Backed by a user’s own full node. Managed by the UI.

Privacy ✅
Anonymity ✅
Trustless ✅
User friendly ✅
15/56 On the same PC as @RoninDojoUI, download the Whirlpool GUI. Ensure Tor browser open. In RoninUI select Start Whirlpool. In WhirlpoolGUI select Remote CLI. Copy/paste Whirlpool URL from RoninUI, leave API key blank. Press connect.

wiki.ronindojo.io/en/gui-setup/s…
16/56 A prompt will ask for pairing payload. On @SamouraiWallet go to Menu>Settings>Transactions>Pair to Whirlpool GUI. Use the PC webcam to scan QR code. Smash that Initialize GUI button, enter BIP39 passphrase and Whirlpool will start.
17/56 Whirlpool is a Zerolink CoinJoin. Each mix has 5 I/Os, no 2 UTXOs ever share the same mix twice, 2 fresh participants minimum, up to 3 free-riders. 0 address reuse. 0 deterministic links. 1,496 interpretations as to which I/O are connected. @P_Hold info-graphic.
18/56 The concept is that users gain anonymity by blending into a crowd of same sized UTXOs. There are 3 pools users can join: 0.5, 0.05, & 0.01. For example, if you want to mix 1 BTC in the 0.01 pool, you’ll get 100 equal sized UTXOs.
19/56 Once funds are deposited & the wallet is synchronized with Whirlpool, a user can specify desired mix count up to infinity. Remixes are free. Every remix adds more entropy to a UTXO's origin, making it more difficult to trace.
20/56 Leftover change is first separated from Whirlpool input UTXOs before premix registration. There is a separate xpub for this change called Bad Bank. Users are prompted to flag this change, but if one wanted to spend those funds later at the risk of privacy then they can.
21/56 The newly created UTXOs are all the same size and separated from the doxic change in what’s called Transaction Zero (Tx0). The like-sized UTXOs are then registered in a premix xpub as available inputs to the corresponding Whirlpool.
22/56 New participants to a mix pay the miners fee. After initial mix, free riders can continue mixing for free, infinitely. Select which UTXOs to spend from the postmix list at anytime.
23/56 From SW home screen, select “+” sign, Whirlpool, Whirlpool icon, Mix UTXOs, make selection, choose priority & pool, review, flag doxic change, and begin.
24/56 Whirlpool stats can be monitored anytime by sending @SW_whirlpool_bot a DM on Telegram using the pictured commands. Be sure to check out this guide by @Crazyk_031

t.me/SWInformationa…
25/56 @BitcoinQ_A wrote a detailed whirlpool article here:

bitcoinqna.com/post/whirlpool…
26/56 @P_Hold explores the technicals of Whirpool in this detailed article:

translate.google.com/translate?dept…
27/56 Stop & Think. Remixes are free. Every mix has 1,496 interpretations. Every mix achieves 10.546 bits of entropy. All happening on a desktop client infinitely mixing UTXOs. Connected to a mobile wallet. All over Tor. Built in postmix tools on the mobile wallet.
28/56 Once a user's UTXOs have been mixed there is a variety of postmix spending tools available. These tools help users maintain the privacy achieved during mixing by employing a variety of techniques such as hops, stealth addresses, & mini CoinJoins.
29/56 Ricochet was designed to add extra hops between spend & final destination. For example, if a user wanted to cash out at an exchange & is worried about the funds being flagged, this tool adds distance from a CoinJoin tx of concern. Mining fees for hops paid up front.
30/56 Some info on exchanges impeding a user’s funds:

6102bitcoin.com/coinjoin-flagg…
31/56 And here:

medium.com/@6102bitcoin/b….
32/56 PayNym is a BIP47 implementation. This gives users a reusable public payment code without revealing any addresses or tx history. Using special encryption techniques, a combined secret key is generated between PayNym users.
33/56 A one-time fee is required to establish the on-chain connection between PayNyms. Once established, PayNyms can transact anonymously as much as they want and only the regular mining fees apply.
34/56 Stonewall is designed to use multiple I/O’s so that there is reasonable doubt as to UTXO ownership. Stonewallx2 tx’s are made between 2 peers. They split the miner fee & both gain anonymity.
35/56 To an outside observer the two tx types are indistinguishable. A Stonewall tx will have minimum 1.584 bits of entropy. A Stonewallx2 tx will have minimum 4.643 bits of entropy. These are akin to miniature CoinJoins.
36/56 Stonewall is the default postmix spending tool. They always have 4 outputs, 1 is the spend, 1 decoy & 2 change outputs are returned to the users wallet. Outside observers cannot know if these tx's were made by an individual or collaborators. These can be sent to anyone.
37/56 Stowaway is used between 2 @SamouraiWallet users, details left on the blockchain make it difficult to determine which UTXO was change & which was payment. Can only be used with the person receiving payment. Users will swap a few QR codes to make the transaction.
38/56 Here is the Stowaway tx on KTCP. 4 inputs, 2 outputs. Inputs 0, 1, & 2 were decoys and confuse the interpretation. 0.00806013 sent, 0.00802 received. 0.00004013 in miner fees.
39/56 PayJoin transactions like Stonewallx2 & Stowaway will soon be available over the Tor/Soroban comms layer, removing the need to manually scan a few QR codes between participants.
40/56 Stop & think. Anonymity achieved during Whirlpool mixes. Toxic change separated. Postmix spend Stonewall by default, minimum 3 interpretations. Collaborate with peer to gain more plausible deniability. Make every spend a CoinJoin.
41/56 Electrum enables a user to interface with a hardware wallet like @COLDCARDWallet. Download/verify. Once Indexer is finished synchronizing, Electrum can be pointed at the Dojo as it's server. I’ll do a separate thread on Electrum.

wiki.ronindojo.io/en/gui-setup/s…
42/56 Explorer provides a way to use your Dojo to feed data to a full fledged Bitcoin blockchain explorer. Copy onion URL/password from Dojo settings page, paste into Tor Browser, leave username blank, paste password, bookmark page.

wiki.ronindojo.io/en/gui-setup/s…
43/56 OXT & KYCP are are free to use. They provide users with bleeding edge blockchain analysis tools to explore, learn, & verify. No personal information is requested. Simply create a username & password.

oxt.me

kycp.org/#/
44/56 There are many features & tools built into OXT, such as advanced graphs like these of a transaction where the mixed inputs were merged together. There was much activity in this tx, but it accomplishment little in terms of anonymity.
45/56 This is what a Whirlpool tx looks like. No deterministic links. No address reuse. 1,496 different ways this tx can be interpreted.
46/56 @janeygak wrote a detailed article on KYCP here:

medium.com/samourai-walle…
47/56 Stop & think. Explore the blockchain without leaking any personal information. Backed by personal full node. Ability to verify various tx interpretations. Full coin control over high entropy UTXOs. Pocket sized mixer. All from a mobile wallet.
48/56 @SamouraiWallet can sweep private keys too. Great for @OPENDIME users, which I explain in this thread:

49/56 Some notable features: Tor by default, Sentinel watch-only app, Multi-address support, Batch Spending, Scrambled PIN, & Smart Miner Fees. There is too much to list but if you start exploring you'll discover the potential this stack has.
50/56 Everything presented here has been crafted by developers dedicated to censorship resistance & privacy. People have immediate needs for these tools where ever oppressive authorities infringe on individual liberties. People are being arrested, this is not a drill.
51/56 Interested in learning more about the forces acting behind the guise of anti-money laundering in order to strip you of your rights? Check out this thread by @J9Roem & see for yourself why the work of @SamouraiWallet & @RoninDojoUI is important.

52/56 @stephanlivera has recorded several thought provoking podcasts with @SamouraiWallet:

stephanlivera.com/episode/78/
54/56 …and here:

stephanlivera.com/episode/209/
55/56 Here is an episode from @TFTC21 discussing Ronin Dojo.

56/56 Here is an episode from @ocbtcn discussing Samourai Wallet & Ronin Dojo with the developers.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with burn the bridge

burn the bridge Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @econoalchemist

21 Jul
1/17 Having spent the last few days in the front row of a @SamouraiWallet vs. @wasabiwallet debate, it seems like the strongest argument against SW is "they have the users' xpubs & may be compelled to hand them over to law enforcement".

This struck me as a half-baked argument.
2/17 I'm not an attorney, however, I do have experience handling digital evidence in support of litigation. It's been years since I was in that line of work but by all means if you're an attorney and/or Bitcoiner & are so inclined, correct me if I'm wrong...
3/17 First of all let's clear something up. SW needs your xpub in order to display your wallet balance. Your xpub is sensitive in terms of your tx history, balances, & spend tx's. So it makes sense that this may be information that is sought after by law enforcement. However...
Read 17 tweets
18 Jul
1/18 Probably not the best explanation but here's an attempt to highlight what's at stake with Coinbase ("CB") from my point of view.

Call me crazy or paranoid but a company with your personal data & your public data will not resist the temptation to combine them.
2/18 The info transmitted on the #Bitcoin network is public. Meaning anyone in the world can watch the network & see all the addresses/transactions made. This public info is kept in a decentralized database that dates back to the first transaction and catalogs all transactions.
3/18 The public availability of this data isn't concerning to you because your true identity is masked by a pseudonymous address. Even though evidence of every transaction is captured in the database, nobody knows it's you unless you tell them or you leak sensitive information.
Read 18 tweets
3 Jul
1/10 Where do seed backups go when they die?

A thread on various seed destruction methods on the heavy duty, 2mm, 304 stainless steel @bitcoinbackup from @Coinkite
2/10 You drained all your #BTC from an old wallet. Is it safe to just throw the old backup in the trash?

If you had KYC Bitcoin in that wallet then some of those addresses are tied to your name.

How would you feel if someone signed a message from an address tied to your name?
3/10 Properly destroying your seeds is important for preserving privacy even after the wallet is no longer used.

Here is multiple caliber test footage of four @bitcoinbackup plates from @Coinkite starting with .22 caliber.
Read 10 tweets
28 Jun
1/19 A thread on BIP85, setting up a @COLDCARDwallet from scratch, & using a primary seed to derive entropy for @bluewalletio & Bitcoin Core.

"One seed to rule them all, One Key to find them, One Path to bring them all, And in cryptography bind them."
2/18 The cool thing about BIP85 is that it enables one to create several keys for several #Bitcoin wallets from a single, primary seed. i.e., you just have 1 seed to protect & all your #Bitcoin wallets are safe. Perfect for people who like trying several wallets.
3/19 @COLDCARDwallet has implemented BIP85 in their latest firmware release. Because they're awesome. And they have the coolest gear. So get one for yourself, open the tamper-evident packaging, plug it into your @usbCOLDPOWER and follow along.
Read 19 tweets
11 Apr
1/11 A thread on using @COLDCARDwallet & @wasabiwallet #coinjoin & validating with your own Raspi #Bitcoin node. There is no excuse for not flexing your sovereignty & privacy. 5 months ago I didn't even know what CLI was, if I can do this then anyone can.
2/11 Build Wasabi: @wasabiwallet is open source, Tor enabled, & privacy focused. Very user friendly & fun to use. Download an executable or build it from source... like a psychopath.

github.com/zkSNACKs/Walle…
3/11 Import Coldcard: Once you get @wasabiwallet built, generate a new wallet. Securely store your seed phrase & password. Now export your @COLDCARDwallet skeleton wallet file to a MicroSD card so you can import it to Wasabi via sneakernet.
Read 11 tweets
6 Apr
1/11 For CoinJoin Day, I wanted to try it out. Here is a thread on why Whirlpools are important, what to avoid, & my experience with @SamouraiWallet

This wallet installs like most others, you'll need to write down your mnemonic phrase, set up a pin, ect.
2/11 The @SamouraiWallet mobile app on Android is full of features, easy to use, & functions well. Overall, I really liked the app which I downloaded specifically for the Whirlpool feature. The only issue was connecting my own node, app kept crashing, but it's early access NBD!
3/11 After making your initial deposit into your @SamouraiWallet you can select the Whirlpool icon, Mix UTXOs, & select which UTXOs to mix.
Read 11 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!