Greg Maxwell

Bitcoin Core Developer, Co-Founder of Blockstream

Context. Maxwell raised concerns about Samourai a few times in the past, most notably about that they advertise themselves as a privacy wallet, while they send back all their users’ addresses to their backend server (formerly to Blockchain.info’s servers.)

Sources. [1, 2, 3, 4]

Warren Togami

Founder of Fedora Linux, Project Manager at Blockstream

Context. Warren Togami compiled together publicly available information on “Historical false promises and harassment by Samourai.”

Sources. [1, 2]

Luke Dashjr

Bitcoin Core Developer, Creator of Bitcoin Knots

Context. Samourai’s “Trusted Node” feature requires users to expose their Bitcoin Core unencypted RPC traffic to the Internet, with that, anyone could watch the traffic, get the password and empty the user’s wallet.

Later it turned out that Luke mistakenly thought that Samourai’s “Trusted Node” feature is a trusted node feature, but it is only used for transaction broadcasting, it wasn’t actually a trusted node feature. This raises the question why not just broadcast the transaction through Bitcoin’s P2P traffic, which is already exposed to the Internet, because it is the standard way of broadcasting transactions, instead of creating a glaring security hole in the user’s Bitcoin Core wallet?

Recently the Samourai team made sure their users won’t be able to use Luke’s Bitcoin Knots full node with their new Dojo backend.

Sources. [1, 2, 3, 4, 5]

Nicolas Dorier

Bitcoin Core Developer, Creator of NBitcoin

Context. Nicolas raised his concerns about the same issue as Maxwell did.

Sources. [1, 2]

Conclusion

I compiled a few experiences in this post. There is one thing common: they all report a “mysterious astroturfing campaign” as response to their raised concerns. However these accounts are by no means exceptions. I have witnessed Samourai habitually harassing Bitcoin developers too many times to count or keep track of them.