Site is down

It's working for me.

あれ？ i got a new circuit and still "unable to connect" will try from desktop

The .onion site is working fine in Tor browser for me too 🤷

This is great news!🔥 Well made page with detailed setup guide for dojo server. Gives hope.

Working for me as well

I can only wish good luck to those fighting to keep this Samourai uncompromisable and unbuyable.

This is fucking crazy news!

Forked from where?

works for me

Testing.

No whirpool?

Has anyone tried building from source? Aren't dependencies missing? Will try in a few

I guess dojo acts as the coordinator? would this basically be whirlpool without a centralized coordinator then?

Modern day heroes. I hope they practice good opsec.

This is the way. View quoted note →

@bitdov dá uma olhada aqui

the build succeeds but as expected bitcoinj-core is a binary blob

Decentralized Whirlpool was nearly ready to activate before the SW devs were arrested. The vision is still there.

For the time being, Whirlpool has been removed.

Ele já fez até vídeo sobre isso. Estou assistindo agora no canal bitconheiros. Agora sim.

Acabei de entrar pra ver kkkk

F’n A!

Anyone able to successfully import the dev public pgp keys into Openkeychain?

Great news 8)

LFG!

For those looking to fill in the gap that #Samourai have left.

if they turn out to be serious thats fantastic news. #samouraiwallet2.0 View quoted note →

Extraordinarily brave group keeping the privacy goals for Bitcoin alive. I pray that their opsec is as strong as it can be, and not compromised in any way. View quoted note →

Waiting for more people smarter than me to look into this.

I haven't raid this yet but I will when I get the chance. Quick question, will my samourai dojo be compatible with this?

Looked up 'Ashigaru'. Infantry employed by Samurai. One article title 'The Overlooked and Underappreciated Warriors'. Much appreciated and overlooked is kind of the goal. Thanks for the heads up!

It will be. They have a guide on how to connect to dojo server.

👆👆

In the interest of “don’t trust / verify” as a non-developer myself… how are we looking? Is there a way to compare, say, a hash of Samourai’s critical elements with a hash of Ashigaru’s, to ensure it’s a proper fork and no foul play?

so the issue with the samourai code is that it got lost when their servers got taken down, then someone tried to recover part of it and published it as "samourai archive" on github:

GitHub

Archive-Samourai-Wallet

Archive-Samourai-Wallet has 19 repositories available. Follow their code on GitHub.

But the problem is, it is possibly not entirely up do date, we can't tell because there is no official source to compare to, and not everything is present, for example this library called bitcoinj:

GitHub

GitHub - Samourai-Wallet/bitcoinj: BitcoinJ: Samourai Wallet and Sentinel

BitcoinJ: Samourai Wallet and Sentinel. Contribute to Samourai-Wallet/bitcoinj development by creating an account on GitHub.

is from their old github and hasn't been updated in 6 years, which is when they migrated to their own servers before they got taken down, and this library hasn't been found anywhere since, so the new Samourai fork is using code that is a pre-compiled library instead of a public source that can be built by anyone. So this is a red flag for me, my conspiracy theory is this makes it seem samourai themselves are back building this as if no one would notice that part of the code is missing and they are the only ones that have it locally, but overall it's a red flag until the source of bitcoinj-core is released. But if you just want to compare the rest of the wallet's code in general to find something sketchy they made it easy by making all of their changes into a single commit, so one could get the first commit in the repo, which is supposed to be "clean samourai", and compare it to the recovered samourai code:

GitHub

GitHub - Archive-Samourai-Wallet/samourai-wallet-android

Contribute to Archive-Samourai-Wallet/samourai-wallet-android development by creating an account on GitHub.

then if there are zero differences it's a proper fork and you'd have to then check the changes they made in the other commit but people said they are fine so far, some UI work and the config changes to remove samourai servers + switch to ashigaru servers

Rafael, thank you for such a comprehensive and thorough reply! You provided significantly more help than I expected, in a way that I would not have likely found on my own, and you painted a very clear picture of knowns and unknowns, as well as a method to learn more. This is a perfect case of how “don’t trust verify” can still be applied and scaled in a technical setting for not-necessarily-technical users. Thank you. And in the spirit of value-for-value, you have easily earned a hearty zap ⚡️🫂💜🤝

thanks man, yeah I may sound crazy but I've been asking people for answers and still got nothing, so I am just looking to be able to verify as well and spread the knowledge for it and why I think something is missing :heart:

Thank you!! It totally makes sense that it would be incomplete, and while that could be entirely benign, it could also be problematic. Never hurts to be careful around stuff like this!

💐💐💐

Nearly ready™️*

Unstoppable 🤘

Did they fix many of the issues that the previous devs' own ego prevented from fixing? Jam Wallet is an otherwise good alternative.

courtesy of Bitcoin Q&A

Gist

Verification of Ashigaru Wallet 1.0.0 codebase (WIP)

Verification of Ashigaru Wallet 1.0.0 codebase (WIP) - gist:891bc518bc94cc549e6af25647d66a4d

From what I understand, archives people had made up to and including SW's last release before the arrests, 0.99.98ii; since the SW servers including their Gitlab were seized. Laurant has been working to compare Ashigaru to SW v 0.99.98ii, which I think explains a lot but there is still more work to do.

Gist

Verification of Ashigaru Wallet 1.0.0 codebase (WIP)

Verification of Ashigaru Wallet 1.0.0 codebase (WIP) - gist:891bc518bc94cc549e6af25647d66a4d

Since you can't name any specifically I'll assume you're referring to whiny complaints that were hurled at the devs on Twitter from people who didn't even use the wallet. Jam Wallet: "International transfers such as SWIFT & SEPA". Sound like a real promising contender in the fight for privacy 🙃

Woah. It always blows my mind a bit, just how much code goes into these projects. Thanks for sharing this! So cool that someone’s already started doing this 🤙

Just quick question: apart of testing this new wallet what is the advantage of using it over last Samourai wallet, assuming it was installed directly from APK and connected to own Dojo? Moreover, would Ashigaru work with RoninDojo?

I can name some specifically. Requiring android users to upload their xPub to Samurai managed whirlpool despite being given alternatives for doing it shows they were not serious about privacy. Advertising "Ricochet" as privacy theater where you just send funds to your own address 5 times got them laughed at. I don't know where you got that Jam Wallet from, but no that's not it. This is, already built into Umbrel, Start9, and other node OSs

GitHub

GitHub - joinmarket-webui/jam: Your sats. Your privacy. Your profit.

Your sats. Your privacy. Your profit. Contribute to joinmarket-webui/jam development by creating an account on GitHub.

Mainly that SW is currently not being maintained and the Whirlpool requests have no where to go since the servers were all seized. Ashigaru is being actively maintained and the Whirlpool functions have been taken out of the wallet for the time being. Ashigaru pairs with RoninDojo the same way SW does.

Going on 2-years of reply-guying my Samourai Wallet related posts and you still can't get the technical details right.

1. I don't know you and don't remember if I've seen you before 2. Samurai devs confirmed the xPub claim themselves when I asked. Not much technical details to "you shouldn't make your wallet send your xPub to other people"

Someone created a thread on X and the TLDR is, that, still, part of the code is missing and since we can't compare it fully, so : don't verify, trust... Lol https://xcancel.com/ottosch_/status/1840185592602071082?s=19

The only difference is replace samourai with ashigaru.

So instead of helping manually rebuild the missing library codebase your move is to prance around Nostr laughing? The archive missed the library's repo & the servers were seized; not an ideal situation for anyone. Yet, some devs have put their own lives at risk to work with what they have & rebuild this project, and this is what you have to contribute?

suddenly OP showed up in the thread. Here are questions for you 1) why are people and podcasters so quick to advertise a non fully free non fully foss software? 2) why when we ask "where is bitcoinj-core", most people disappear and don't reply, like the interactions I've had so far on nostr and X? 3) Are you & others contributing anything by omitting this important fact? Maybe shedding light on it would invite more java devs to rebuild it, but this fact was hidden and censored, what would be the reason? My contribution is that I CHECKED the code, which actually I WAS checking already, I was studying samourai's code for my own personal projects and decentralized knowledge makes it more resiliant, which then a month ago I noticed a missing piece, then this is released and it seems I am the ONLY person to notice... where are those devs that you mention? I see zero efforts to make a full source available, but 100% effort to release it as is, and for the podcast crew to advertise it as soon as possible. What we need is a movement that is pro-privacy and PRO-FOSS at all costs, no exceptions. Samourai has been working on bitcoin since 2011 or something, I started working on this for 2 years max. They had plenty of time to distribute copies of codebases, write in many different languages, write docs for new devs, not just focus on java lmao, but they don't have the FOSS spirit. I could also get into the "where is OXT?" or "where is KYCP?" discussion. But I don't have time to rebuild someone else's work for free from scratch, unless you pay me for it I already have a job and family to take care of, plus interesting how it's "oh you noticed? well rebuild it yourself!" why not set the same standards for whoever built the new fork and force them to release APKs only after THE FULL SOURCE is available, since they are already working on it? I myself risk my life and my family's because I live in a dictatorship, they banned X, telegram and Rumble so far for supporting free speech. And this is why to me it is FOSS or nothing. If I had the complete source code that made samourai, I would've reimplemented the wallet and whirlpool and made it work without a centralized coordinator that could be shut down and seized, even while living in a poverty state with zero funding/donations.

Bitcoinj?…

GitHub

GitHub - bitcoinj/bitcoinj: A library for working with Bitcoin

A library for working with Bitcoin. Contribute to bitcoinj/bitcoinj development by creating an account on GitHub.

Samourai uses a modified fork in order to support their features i.e. paynyms, bip47, whatever else, the only one available was last updated 6 years ago on the old repo:

GitHub

GitHub - Samourai-Wallet/bitcoinj: BitcoinJ: Samourai Wallet and Sentinel

BitcoinJ: Samourai Wallet and Sentinel. Contribute to Samourai-Wallet/bitcoinj development by creating an account on GitHub.

then ashigaru is using a pre-compiled binary of that fork

Wait it had been closed source since 2018?

Not closed source because they moved it to their self hosted gitlab servers instead of github, but when their servers got seized and shut down people had to archive the copies they had so the code could still be acessed, but this one wasn't recovered so it shows no one had a local copy of it, there may be even more that we didn't find yet that went missing and they didn't mirror it to github so even for the archives there is no "official" samourai source to compare to, only this 6 year outdated ones, in case someone forks their code like we are seeing now with ashigaru

Damn nobody had the idea to back up their code???

@rafael_xmr making a lot of sense. Trusting dependencies blindly is a fools errand. I would rather people make no contribution at all rather than coding up a few lines that blast out stuff they have not even looked at.

Looking at ashigaru code there's a few libraries still using the pre compiled samourai code. Whirlpool-client Boltzmann-java Android-tor-library Hummingbird-android

Only tor and hummingbird that are missing from the archive repo Soroban library also has some samourai dependencies

1) Ashigaru is released under GNU GPL v3; what's is this "non fully free non fully Foss" nonsense? 2) Can only speak for myself: because it takes time to understand the issue and articulate a response. 3) "Omitting this fact" is a strange way to frame it considering you had prior knowledge no one else seems to have known; with the exception of maybe the devs themselves. Up until a few days ago, I had never heard of bitcoinj-core so don't act like I made a deliberate decision not to mention it in my OP. What "hiding & censoring"? That's a ridiculous claim.

Badass

Devs literally in jail for fighting for privacy and this guy says this didn't take privacy seriously. Must be a paid Wasabi shill

Should've hosted the code somewhere else besides Github.