top of page
Writer's pictureeconoalchemist

Stowaway, a privacy enhancing tool from Samourai Wallet.

This article explains a privacy enhancing tool called Stowaway. Developed by Samourai Wallet, this type of collaborative Bitcoin transaction obfuscates the true amount being sent on-chain. You can also find this article published on Bitcoin Magazine, here.

Animated logo by @artdesignbySF

When it comes to defensively guarding the privacy of Bitcoin users, Samourai Wallet has been on the bleeding edge for many years, bringing new features and improvements to users that help achieve anonymity through their CoinJoin implementation, Whirlpool; and maintain privacy with spending tools like Stowaway, Stonewallx2, Richochet, & PayNyms. Samourai Wallet is also the only Bitcoin wallet to date that has implemented BIP47, additionally, they recently implemented the app agnostic Tor based communication layer, Soroban. Soroban brings tremendous UX improvements to users engaging in collaborative cahoots transactions like Stowaway & Stonewallx2. See usecahoots.com for an article I wrote on Cahoots transactions and the UX evolution of building the transactions manually versus over Soroban.


Maintaining privacy while using Bitcoin requires paying close attention to the way your transactions are being built; which inputs are being used and what kind of history your inputs are bringing with them. Common input ownership heuristics are used by chain analysis companies to surveil Bitcoin users. These heuristics make the assumption that when there are multiple inputs to a Bitcoin transaction, those inputs belong to the same entity. Techniques can be used to break these assumptions thus rendering the ability of a chain analysis company to maintain such assumptions utterly indefensible.


One technique used in the fight for privacy is a tool brought to you by Samourai Wallet called Stowaway. When someone wants to enhance their privacy while sending Bitcoin, they can choose to use Stowaway which will obfuscate the amount of bitcoin being sent in the transaction.


For example, if Bob wants to send Alice a Stowaway tx of 0.015 bitcoin, they will both collaborate by providing inputs to the transaction. Then one output will be given back to Bob as his change and the other output will be given to Alice with her contribution + payment. However, none of the inputs or outputs will match the 0.015 bitcoin amount.


It is necessary for Alice & Bob to communicate the timing of their transaction out of band, meaning that in the examples below, Bob will have contacted Alice using a communication method outside of the Samourai Wallet application such as a phone call, an e2ee text, or a secure email, ect.


To an external observer of Alice & Bob's transaction, they will have no way of determining the actual amount that was sent. The external observer can also no longer make any assumptions about the ownership of inputs and outputs to the transaction. When the external observer looks at Alice & Bob's transaction on-chain, this is what they will see:


Cahoots transactions can be built between collaborators using Soroban, which makes the process much faster and smoother. Soroban communications happen over Tor. Here is a video example of Alice & Bob's Stowaway transaction (with English subtitles). This video can also be found on Samourai Wallet’s YouTube channel here:



Here is the same video example of Alice & Bob's Stowaway transaction but with Spanish subtitles. This video can also be found on Samourai Wallet's YouTube channel here:



Alice & Bob have enhanced their privacy by breaking the common input ownership heuristics. Now any multi-input transaction being looked at by a chain analysis company must be considered to have been a cahoots collaboration.


Here is a detailed Stowaway infographic designed by @BitcoinQ_A, this can be found here among many other great resources.



There is growing interest from the Bitcoin community in privacy enhancing tools like Stowaway, PayNyms, and BIP47. On February 28, 2021 at 12:00 UTC a group of Bitcoin privacy advocates launched operation #GretasFury. Designed to interrupt common input ownership heuristics by passing a payment torch of 1 sat transactions using Stowaway, operation #GretasFury brought together dozens of users from around the world. Each collaborator anonymously participated in the torch passes by using their PayNyms. Each Stowaway transaction that was made utilized Soroban communications over Tor. Participants managed the timing of their transaction with out-of-band communications over applications like Telegram and Matrix.


Operation #GretasFury was organized by @biTcOinEneMiEs who maintains bitcoinenemies.com, an awesome self-hosted website focused on sharing Bitcoin related privacy resources, projects, and community engagement. Operation #GretasFury was a terrific way to motivate people to try out some of the available privacy tools in a way where there was a lot of community support and many seasoned participants available to answer questions and not only pass the 1 sat torch but to pass the torch of knowledge to new users.

Various sponsors donated prizes to the event to generate a sense of friendly competition as well.


I had a chance to ask @biTcOinEneMiEs a few questions about the event and here is what we discussed:


1) What made you want to put operation #GretasFury together?


We had a lot of fun with PayNym Torch. BIP47 changes bitcoin UX in a profound way. When Soroban was released by Samourai Wallet, it presented an opportunity to pass a PayNym torch without the commit transaction.

Soroban also eliminated QR code workflow for Stowaway and Stonewallx2 transactions. That was a much bigger deal. These transactions are nothing new, but suddenly a massive friction is gone.

Without going into all the reasons why Cahoots transactions are amazing, suffice it to say we had to follow it up. If you thought PayNyms were cool, wait until you try them with Soroban and Cahoots without a commit transaction.


2) Who were your sponsors?


This all transpired in keybase tx_tricks in December. The group did its first Soroban Stonewallx2, and the idea of a torch came shortly after. We kicked around some ideas before @SamouraiDev inspired us with the 1 sat Stowaway.

We didn't contact sponsors until a couple days before launch. Wasn't sure what we'd really get but it was a massive outpouring of support, no questions asked.

15 different sponsors have contributed already. Big thanks especially to Mamushi Mobile for the Copperhead Pixel, Ronin for their new node, and Foundation for 2 of their new Passports. These guys have really upped the excitement around #GretasFury.


3) How many participants and passes did you have? (as of this writing).


33 participants

83 passes


4) Why should people care about common input ownership heuristics?


These are techniques used in chain analysis for gatekeepers to decide things like whether they're going to do business with you and/or whether they're going to inform the state about your activities.

The tools exist to circumvent the analysis. The most nefarious use them everyday. False positives are rampant but this won't prevent the analysis from being used until it stops working for more than just the criminals. Average people need to say no as well.

CIOH can be crushed. The people that need to do so already are. It's within our grasp too with tools like Soroban Stowaway. An average Joe can pull that off today.

#GretasFury lets us learn this in a fun way, and together, send the signal of just how worthless CIOH are to catching bad guys.


In conclusion, use the tools. There are some amazing resources out there that significantly improve your privacy and help you achieve and maintain your anonymity. It is a lot easier to form good habits from the beginning rather than trying to break bad habits down the road. If you are new to Bitcoin, I encourage you to really think about the advantages of keeping your KYC out of bitcoin and defensively guarding your privacy.


To learn more about the tools Samourai Wallet offers, check out their website or engage with the Samourai Wallet community on their Telegram channel. Or if you're interested in getting an overview of the Samourai Wallet & Ronin Dojo full stack, check out this guide.


Thanks for reading & watching! I hope that this article helped you understand how Stowaway transactions work and the importance of making every spend a CoinJoin.


If you enjoyed this content, leave me a tip here: Donate.


This article can be found on Twitter as a thread here.




791 views

Comments


bottom of page