Last updated on March 6th, 2018 at 10:39 pm
Looking for a good Bitcoin wallet for your phone? I was too, before my recent overseas trip to 99Bitcoins’ headquarters. (Each of us works from a different country.) I needed a secure, reliable wallet—ideally one with an effective stealth mode, which would keep my bitcoins hidden from prying border guards and sneaky pickpockets. True to its tagline of “a Bitcoin wallet for the streets,” the Samourai wallet is well-suited to stealth.
Samourai Wallet Basics
Samourai is a mobile Bitcoin wallet for Android devices, with an iOS version currently in development. The wallet is coded in Java, and is still in the alpha stage, although a 1.0 release is expected sometime in 2018.
As mentioned, the wallet is focused on privacy and security. Its support for IP-address anonymization is available through Virtual Private Networks (VPNs) and TOR (The Onion Router, which is accessible on Android via Orbot).
Samourai is also notable for being one of the earliest mobile wallets to incorporate SegWit. Such support lowers transaction costs (for Samourai and other users), while paving the way for Lightning Network integration in the future. Due to its retail applications, Lightning should become an extremely desirable feature for all mobile wallets.
Based on their wallet design and public statements (particularly their unwavering resistance to the New York Agreement), it’s clear that that the Samourai developers closely adhere to the foundational Bitcoin principles of decentralization, openness, security, fungibility, and financial privacy.
Although Samourai doesn’t support multisig, it does allow you to maintain multiple accounts. Multi-accounts can be helpful for keeping business and personal transactions separate, but no multisig means that jointly controlled accounts aren’t possible. In order to help with your monetary calculations, various Bitcoin exchange rates are accessible within the wallet.
Samourai’s interface is clear and straightforward, and has no frills.
The Samourai Stealth Feature
The Samourai wallet contains a great, unique feature: When it’s in stealth mode, the Samourai shortcut disappears from your mobile’s desktop. To activate the wallet, the correct PIN must be dialed like a phone number.
While a knowledgeable investigator with access to your phone will still be able to determine that Samourai is installed, this trick will conceal your wallet from casual or low-info snoopers.
Features for Fees and Transactions
In terms of a transactional economy, Samourai has many other useful features. The wallet monitors network conditions, in order to better suggest an appropriate “smart fee.” Custom fees may also be set by advanced users, who wish to handle this aspect themselves. It also won’t be a problem if you undershoot your fee estimation, since the wallet supports Replace by Fee (RBF). RBF allows a fee that’s set too low to be timeously confirmed or easily bumped up (any number of times).
When combined, the above features really help keep transaction fees to a minimum. This combination is especially important for a mobile wallet, since you should only store small amounts of Bitcoin on it.
Samourai also supports Child Pays for Parent (CPFP) transactions. This useful function works by releasing any incoming transactions stuck in “unconfirmed” limbo, due to insufficient fees. A stuck transaction can be extremely inconvenient for time-sensitive business. So even though CPFP can be expensive, it’s a great feature to have on-the-go.
Apart from the aforementioned support for TOR and VPNs that cloak your IP address, Samourai contains numerous features that will obscure your Bitcoin balance and transaction history from blockchain analysis. With each spend, you may select the desired level of obfuscated transactions.
By default, Samourai Wallet will:
- Supply you with a fresh address for each new payment you receive, which prevents address re-usage. This practice allows anyone who knows your address to learn all the (past and future) transactions associated with that address, as well as its balance.
- Match the type of “change” you get back to the type of wallet you’re sending to (either SegWit or non-SegWit).
- Randomize the number of “change” outputs associated with each transaction you make. The above type-matching is done to minimize linkages caused by frequent address changes.
- Employ BIP 126, in order to minimize the amount of references to previous transactions from your wallet, which will decrease the traceable metadata that it produces.
In summary, Samourai makes it harder to connect the dots between your addresses.
Optionally, you may enable Samourai’s unique Ricochet Send. While this feature costs an extra $2.50 per transaction (plus additional mining fees), it’s a great way to disguise the origin of your payment. As the name implies, your spending transaction is bounced through a series of four extra addresses on the way to its final destination.
Samourai also has the unique ability to use Payment Codes. They allow anyone else using this feature to send you bitcoins, without knowing your actual address. They only require your payment code. This code may be reused without degrading privacy, as it can’t be linked to addresses. However, this option isn’t widely supported by other wallets, so its applications are fairly limited.
Unfortunately, Samourai may only be obtained from the Google Play store at present. As Google has become synonymous with surveillance, this situation is less than ideal. However, as in version 1.0, Samourai will be available in F-Droid, the open source and privacy-respecting repository for Android apps.
All private keys are stored on your phone in an encrypted format, and they’re never transmitted. Samourai is a Hierarchical Deterministic wallet. In other words, a seed phrase (which you must accurately record and securely backup) is needed to generate (and restore, if necessary) all your private keys and their associated Bitcoin addresses.
Samourai Wallet also contains a function to test your backups, which is a critical (though often overlooked) aspect of backup management.
Samourai requires you to use a PIN (of 5 to 8 digits), in order to approve transactions. The arrangement of the digits is randomized for each entry, in order to defeat any screen-logging malware. When entering the PIN, ensure that no person or device can observe this process.
A standout feature of Samurai is that it enables you to connect a Bitcoin Core full node. This trusted node lets Samurai directly receive blockchain data from your own home or office node, but note that a VPN is required for this option.
Another interesting “power user” feature of Samurai is Remote Commands. You can even limit this feature to a specific phone number. When you send a Remote Command (an SMS containing your PIN) to your phone, it will instruct Samurai to either self-destruct or reply with your wallet’s backup seed phrase.
In the event that someone steals your phone, you could use these commands to retrieve your funds, then deny the thief access to them. Samourai can even SMS a specified number if the phone it’s installed on has its SIM card switched out. So you can still send Remote Commands to a changed number.
Warning: I’d advise experimenting with the “wipe” Remote Command before funding the wallet. Note that if the “backup” command sends your seed phrase as an unencrypted message, it could be trivially intercepted. In this case, the wallet’s security would be fully compromised.
In summary, don’t rely on the backup feature. Instead, backup your seed upon initialization!
Like a Swiss army knife, Samourai combines many useful tools into a single, well-designed package. Similar to the Electrum desktop wallet, basic tools are easy for newcomers to use, and more advanced tools are available for users who need them.
Samourai is a good wallet, and I’m pretty confident that it’ll become a great wallet with future updates. In fact, the only reasons why I haven’t completely replaced my old Mycelium wallet with Samourai yet are:
- The latter’s lack of hardware wallet support (which is planned)
- An integrated peer-to-peer exchange (which is not planned)