SamouraiLeaks — SamouraiDev’s Sockpuppet Exposed
I’ve always been enthusiastically supporting your project and your goal of bringing privacy to mobile[0,1,2,3,4,5,6,7] so I am struggling to figure out what I’ve done to you and for a very long time I didn’t even realize that the attacks were coming from you, but when I did I started to keep track of the shady things you do and today I will only expose one of them. If you don’t want more, stop the attacks and let me keep coding peacefully.
I tried to talk it through, I tried to find a mediator, I tried to reason. Nothing worked. Maybe this? From now on, I will categorically refuse to comment on Samourai Wallet until I notice new attacks are coming from you. At which point I would continue the SamouraiLeaks series.
Too Long Don’t Read
TDevD aka SamouraiDev, Samourai Wallet’s lead developer and founder has a sockpuppet account: FoneBTC that is used to promote Samourai and to throw mud on other projects, mostly on other Android wallets. His favorite punching bag is Mycelium. He is also often coming to rescue when SamouraiDev is losing an argument.
There are numerous circumstantial clues and there are also two unquestionable evidence that they are the same person.
The first is blockchain analysis. Both of them posted bitcoin addresses to Reddit. The spending transactions from these addresses are both uncommon and identically formatted and happened the same time. They did whole coin spending 1 input 1 output transactions with the exact same fixed fees and with 4 minutes difference in propagation time.
The other compelling evidence is that fone-btc’s old company’s founder is Samourai’s co-founder.
I ran fone-btc through the Reddit sockpuppet analyzer, comparing against SamouraiWalletDev and SamouraiWallet accounts.
46.0 Seconds IOS... (SamouraiWalletDev) Does anyone have a history of ... (fone-btc)83m6a1f16h.execute-api.us-east-1.amazonaws.com
2291.0 Seconds Mycelium wallet bitcoin adress... (fone-btc) If you have recently received ... (SamouraiWallet)83m6a1f16h.execute-api.us-east-1.amazonaws.com
There’s an excellent match on posting times between TDev and foneBTC.
Against the SamouraiWallet account, it’s only “somewhat matching.”
Creator of The Sockpuppet Analyzer
Before I’d go any further I’d like to share that I reached out to /u/Contrarian__, the creator of the sockpuppet detector tool, because I didn’t want to accidentally misinterpret the results, so I asked him what he thinks about the results, he replied promptly:
There’s far too little posting history to draw conclusions from the spacing. However, I’ll say that if you examine the actual ‘closest in time’ results, it does look a little funny that they comment in the exact same threads so often. I’d say it’s inconclusive but suspicious.
This time fone-btc posted SamouraiDev’s gist. If you search for the hash, you’ll see that as far as Google is concerned this is the first time this gist has ever been posted.
TDev explained well the uniqueness of this wording choice:
fone-btc also consistently writes BCASH everywhere.
Thinking The Same Thing I
Here TDev and fone-btc recommends Samourai’s Sentinel one after another within 88 seconds. Also note both of them have 2 upvotes.
Thinking The Same Thing II
Reddit post: “1 millibit to the first 10 public keys!”
One interesting thing is that TDev and fone-btc both made the exact same joke. They both posted their public keys, not addresses, which was pretty funny.
So far, I found countless clues, but no conclusive evidence of sockpuppetry. They have the same vision, the same opinions, the same technical expertise and the same suggestions for every problem. Their unique word usage is similar and they are usually posting around the same time. Based on all this, can we assume that they are really close to each other? Maybe, maybe not, but blockchain analysis rules out other possibilities.
The spending transactions are both uncommon and identically formatted. They did whole coin spending 1 input 1 output transactions with the exact same fixed fees and with 4 minutes difference in propagation time.
Also note that: very few wallets are capable of spending whole coins and at the time it was even more uncommon. I only know about Electrum and Bitcoin Core that had coin control features back then. But even then, wallets those are this advanced wouldn’t normally be doing fixed fee transactions, but rather adjust the fee rate dynamically.
Considering the fixed fees and the posted public keys, I suspect they used a custom script to make the spending transactions, but this is outside the scope of this article.
So… based on this information, if we want to give the benefit of the doubt to them, we can say they were working together, possibly in the same place, otherwise the coordination of this transaction to happen the same time would’ve been really problematic.
The problem is that, if you have someone working with you closely, who is also as enthusiastic about your project as you and seems to be as technically capable as you, then that guy should be working with you already. However, there’s no fone-btc Samourai contributor on GitHub. Why? Maybe fone-btc is just not competent in coding?
But he is. He has the exact same technical qualifications as TDev. Coincidence?
Nail In The Coffin
This app was created by the company Soft Machines SARL.
This is conclusive evidence that fone-btc and TDevD are the same person.
What Is The Sockpuppet Used For?
fone-btc was TDev’s original account. It was created before the SamouraiDev one. It is ok to have multiple identities on the Internet, it’s just you should not use your nym to mislead people in order to further your own financial gain by promoting your other nym’s project and throwing mud on the competition.
Definition of Scam. A fraudulent scheme performed by a dishonest individual, group, or company in an attempt obtain money or something else of value.
Such comments are everywhere. Reddit Comment Search “samourai” on the fone-btc account.
Sockpuppet Accusing Others of Sockpuppetry
Here he’s accusing /u/giszmo, Mycelium developer of sockpuppetry and being “scam artists.”
Throwing Mud on Percieved Competition (Mycelium, AirBitz, Wasabi, “BreadFuckingWallet”, BitPay)
Throwing Mud On Projects And People In General (OpenBazaar, Brian Hoffman, Erik Voorhees)
At this point I have to stop. This account was used for character assassinations, smearing, lying, for half a decade now, most notably on other Android wallets. I only needed to check 1% of the things I wanted to, so in this article I was just scratching the surface.
Let’s not concern ourselves with each other and let’s realize we have enough powerful adversaries in our quest of building a mass surveillance resistant future without this childish drama, too.