We put Samourai Wallet through its paces…
For spending cryptocurrencies – using them for their intended purpose, as currencies – there’s little to match the convenience of a smartphone wallet. Having immediate access on a device which is connected to the internet – and, thus, the blockchain – but fits in your pocket makes spending Bitcoin as easy as spending fiat, but comes with a range of security risks to consider.
Samourai Wallet, for Google’s Android platform, aims to address at least a few of those concerns – but without making it user-unfriendly.
Installed from Google Play, the first thing Samourai does is prompt for the permissions it requires: phone call, SMS, camera, and file storage. Having granted these, you’re ready to start a new wallet: enter and confirm a passphrase, accept a disclaimer explaining that loss of the passphrase means loss of the wallet, and enter a PIN code up to eight digits in length to trigger key generation.
Once the key is generated, it’s displayed in the form of a 12-word seed – secure enough, at roughly 128 bits of entropy, though many wallets have switched to a 24-word seed format – for backup purposes, while the app itself can also export encrypted wallet backups as text via the smartphone’s clipboard or email.
In older Samourai releases, this is the part where you’d arrive at an empty wallet. More recently, though, the wallet’s creators have launched an initiative dubbed PayNym: a trustless system, based on hashed BIP47 reusable payment codes, which allow you to send and receive Bitcoin transactions privately – providing, of course, that the second party is also using a PayNym-compatible wallet, which at present means Samourai.
While there have been attempts to create similar privacy-enhancing payment systems, PayNym aims to depart from a standard Bitcoin implementation as little as possible: the PayNym system works wholly within the wallet software itself, not relying on keys stored on third-party servers, and payments themselves are made directly on the Bitcoin blockchain. If you don’t want a PayNymID, though, it’s just a case of pressing the “no thanks” button and turning Samourai into a straightforward wallet – though the PayNym option will still appear on the +-symbol transaction button.
Bells and Whistles
In use, Samourai is much like any wallet: payments can be made to addresses manually entered or scanned via QR code, while receipt addresses can be copied to the clipboard, shared to external applications, or displayed as a QR code. An option to sweep private keys, which automates the process of recovering funds from a single-use cold wallet, is accessible from a drop-down menu.
It’s in the privacy-centric advanced features that the real power of Samourai becomes obvious, though: by default the wallet uses the Stonewall algorithm to help obfuscate transactions against blockchain analysis attacks, can be configured to use a specific trusted node – with Samourai planning to launch a plug-and-play hardware node of its own in the near future – while the entire application can be hidden from the app launcher, accessible only by entering stars, the PIN, and a hash symbol in the dialler.
Samourai’s features go still further: an optional remote command system allows it to process commands received via SMS messaging, either from any sender or a single trusted number, while it can also send a warning via SMS if it detects a SIM card swap. A menu option allows OpenVPN, if installed, to be triggered, or to install Orbot and route all traffic through Tor. It’s even possible to use Samourai in an offline mode, with transactions being copied to the clipboard rather than sent to the blockchain directly.
With all these features – and more, like the ability to choose from a range of block explorer and fee estimation services, replace-by-fee support, segwit support, and the ability to view XPUB, YPUB, and ZPUB extended public keys, as well as hardware support for the Opendime hardware wallet – it’d be easy for Samourai to become bloated and complex.
Thankfully, that’s not the case: if you’re using it as a simple wallet, Samourai is as easy to use as any other smartphone wallet. The optional features can all sit in the background – with the exception of PayNym, perhaps, which is always present when you tap the transaction button – only to be used when you feel the need.
For those looking for something a little more off-the-grid there’s also TxTenna, a spin-off wallet built by Samourai in partnership with goTenna to allow for mesh-based Bitcoin transactions from otherwise disconnected devices via the goTenna Mesh family of radios.