• econoalchemist

Muh xpubs.

My thoughts regarding the possibility of law enforcement coercing Samourai Wallet into producing user's xpub information. Old memes die hard, think critically for yourself, keep the FUD at bay.

There has been a long standing rivalry between @SamouraiWallet & @WasabiWallet. Many public dialogs between supporters of either project and the developers have been carried out on Twitter, so if you're interested in the history there, it shouldn't be too hard to find.

The paragraphs below are from a Twitter thread I posted on 2020-07-21. I want to provide some background as to where my motivation came from in posting that thread.

It started on 2020-07-17 when I responded to a tweet from @hotepjesus regarding Coinbase's involvement with Law Enforcement Agencies (LEAs). This was shortly after CoinBase announced that they would be contracting their chain-analysis services to LEAs globally. I was trying to highlight the dangers of a major Bitcoin exchange, vocally supportive of KYC compliance, actively developing chain analysis tactics while simultaneously warehousing millions of user's Personally Identifiable Information (PII). One of the most alarming risks to me was that if CoinBase experienced a data breach then the Bitcoin holdings AND user's KYC data could be linked together. Another alarming risk was the invasive surveillance that could occur from LEAs. I suggested that users familiarize themselves with @SamouraiWallet and @RoninDojoUI and @COLDCARDwallet to help safeguard their privacy against overreaching LEAs assisted by CoinBase.

The following day, Wasabi's lead developer, @nopara73, responded to me claiming that my assessment of the situation was correct, but that my recommendation to counter this was only making the problem worse.

His response to me sparked responses from the Samourai developers and for the next couple days a lively debate ensued between the two communities. Since this was in response to my original comment, I was being tagged in everyone's responses so I got to watch the whole argument unfold and I had a chance to evaluate both sides of the debates. One theme that seemed to surface many times from the Wasabi community was this argument that since Samourai Wallet has user's xpubs then LEAs could demand these xpubs and unravel all the privacy gained by using Whirlpool.

Will you share the thousands of xpubs of users whose priority is privacy when law enforcement is knocking on your door? - @nopara73 2020-07-18 Tweet

As scary as that sounds, hang on just a god damn minute. First of all I said to use Samourai Wallet AND RoninDojo. As you're probably familiar, any Bitcoin wallet you use from a third party like Green Wallet, Blue Wallet, ect. with a hierarchical deterministic (HD) wallet implementation (which accounts for the vast majority of them) will use your xpub so that the wallet can scan it and display your balance. That's right, most of the wallets you use have your xpub on a company server somewhere that get's scanned so that you can see your balance, generate addresses, ect. Samourai Wallet is no different. However, with Samourai Wallet, users can run a RoninDojo and eliminate the need to share an xpub with anyone.

Now that I have provided some backgound as to where this started, here are my thoughts regarding the validity of the stated argument above from the Wasabi community:

Having spent the last few days in the front row of a @SamouraiWallet vs. @wasabiwallet debate, it seems like the strongest argument against SW is "they have the users' xpubs & may be compelled to hand them over to law enforcement".

This struck me as a half-baked argument.

I'm not an attorney, however, I do have experience handling digital evidence in support of litigation. It's been years since I was in that line of work but by all means if you're an attorney and/or Bitcoiner & are so inclined, correct me if I'm wrong...

First of all let's clear something up. SW needs your xpub in order to display your wallet balance. Your xpub is sensitive in terms of your tx history, balances, & spend tx's. So it makes sense that this may be information that is sought after by law enforcement. However...

Anyone can create a new xpub, run their own @RoninDojoUI + SW and thus avoid sharing their xpub with anyone else, even the SW devs.

Second of all, if you're not running a dojo and you're just using a standalone SW then there are only 2 ways I know of in which SW would obtain your xpub. 1) you create a new wallet in SW. Or 2) you restore a compatible wallet in SW.

In either case this doesn't require any identifying information. No name, no email, no phone #, no address, no goofy selfie holding your ID. In other words, SW may have your xpub but they don't know your identity.

Now consider what would drive law enforcement to knock on SWs door for an xpub. Obviously the rules differ by jurisdiction but ask yourself, in what world can law enforcement just request all the data? If a twitter user is under investigation do all accounts get turned over?

Law enforcement needs to be specific when making a request. They can't just show up and demand all the xpubs. There needs to be a specific xpub or set of xpubs that were involved with observable activity that compelled a court in a specific jurisdiction to grant a subpoena.

Which brings me to my next point. How is law enforcement going to observe the activity of an xpub? In an extreme case, if your xpub was publicly known prior to restoring it in your SW then, yes, maybe someone would be watching your xpub & maybe SW would have that xpub too.

But more likely than not, only your addresses will be engaged in any kind of observable activity. So it's more likely that if law enforcement asked SW anything it would be along the lines of "Do you have an xpub that contains this specific address that we're investigating"?

Before I drive the nail into this coffin, let me circle back. SW does not have any of your identifying info. Worst case, they have your xpub. The stars would really need to be aligned in order for law enforcement to come knocking on SW's door looking specifically for you:

1) You would need to have bought KYC bitcoin.

2) Moved it to SW sans dojo.

3) Made that xpub public.

4) Engaged in some stupid, red flag-raising activity.

5) Mix in a way that makes it an obvious SW service.

Then maybe the LEA will come knocking.

But even in that extreme case, law enforcement could just stop at back-tracking to #3 because they are not going to get any additional information out of SW. But let's say you just started at #4 in the previous example, there's no name just a string of addresses...

Law enforcement would need to know what specifically to ask SW. Demanding all the xpubs is just a grossly negligent overreach of power and any competent attorney would stop that request dead in it's tracks.

As for Trace Mayer's argument that you don't know who your mixing with and doing so could make you a party of interest. Bullshit. Even if in the extremist of extreme cases & law enforcement could prove that a terrorist group joined a whirlpool & you happened to be in it...

A) law enforcement would need to know it's you by meeting the 5 criteria above. B) the whole point of mixing is the anonymity. That wouldn't make me any more of an accomplice than coincidentally sharing the same public transportation with a terrorist on my way across town.

What does SW do when law enforcement comes knocking?

A) Nothing, LE can't ask for all the xpubs.

B) If LE knows which xpub they're looking for, they don't need to ask SW for it.

I hope you found this thought provoking and can see that quick one-liners as arguments don't really add up in the real world, they are used to drive FUD throughout the industry in the hopes that most people won't think critically for themselves. Whether you agree with me or not, I just hope that you think critically for your self and don't fall into the echo chamber regurgitating the message that Dear Leader of the week is propagated.

If you enjoyed this content, leave me a tip here: Donate.

This thread is available on Twitter as a thread here.