Login
The Samourai Wallet Trial: A Test of Financial Privacy and Developer Freedoms
Bitcoin Magazine
The Samourai Wallet Trial: A Test of Financial Privacy and Developer Freedoms
This piece is featured in the print edition of Bitcoin Magazine, The Freedom Issue. Weβre sharing it here as a sample of the ideas explored throughout the full issue.
On November 3, 2025, the freedom for developers to build financial privacy software is on trial.
Samourai Wallet was a Bitcoin privacy wallet developed by Keonne Rodriguez and William Lonergan Hill. It included specialized privacy tools that mixed the coins of wallet users in ways that required no third-party custody. The serviceβs servers helped coordinate βmixingβ β methods to conceal the origin of coins and offer users some degree of forward privacy.
Rodriguez and Hill were arrested on April 24, 2024, on two charges: conspiracy to operate an unlicensed money transmitting business and conspiracy to commit money laundering.
The U.S. Department of Justice (DoJ) accused the Samurai Wallet developers of facilitating over $2 billion in unlawful transactions through their cryptocurrency mixing service between 2015 and February 2024. Additionally, the DoJ alleges that the developers helped launder more than $100 million in criminal proceeds from illegal dark web markets, such as Silk Road and Hydra Market, as well as other hacking and fraud schemes.
The case of United States v. Rodriguez and Hill threatens the established precedents of code as speech on two major fronts.
The first regards the β$2 billion in unlawful transactionsβ accusation. The prosecution implies that software that aids or facilitates the movement of money in any way is indistinguishable from money transmission and that it requires a money transmitter license, even if that software never holds custody of user funds. This is entirely at odds with the dynamic that had previously been established by FinCENβs 2019 guidance and other legacy financial regulations.
The second implication is that software that defends the privacy of communications or transfer of value is not protected speech under the United Statesβ First Amendment.
Code is Speech
The United States has a long and unique tradition of defending freedom of speech.
Over the years, many court cases have reinforced these values, creating precedents that let developers create great software and share it online. That kind of software has made the United States the technological epicenter of the world, from AI to cryptographic finance; the freedom to build software today is critical to the economic success of the nation.
Texas v. Johnson (1989), for example, established that burning the U.S. flag in protest was indeed protected speech even though the βspeechβ in this case was βfunctionalβ, i.e., expressed in the destruction of the flag.Β
In the 1990s, with the rise of the internet, landmark cases like Bernstein v. United States (1996-1999) established that discussions about cryptography β specifically the sharing of source code involving cryptographic algorithms β was not a βmunitionβ governed and regulated by the Arms Export Control Act and the International Traffic in Arms Regulations. On the contrary, the publication of source code explaining how cryptography worked was expressive speech and thus fully protected under the First Amendment.
The Bernstein case marked a critical victory for the Cypherpunks of the β90s, whose contributions to open source software laid the foundations for Bitcoin: Many of the technologies that Satoshi Nakamoto used in its construction were indeed invented in the internet forums of the time. It was there that the Cypherpunks discussed the application of cryptography to the defense of freedom of speech, digital privacy, and civil rights.Β
In the Universal City Studios v. Corley (2001) case, however, something shifted slightly. Jon Lech Johansen, a Norwegian teenager, wrote software that jail-broke copyrighted movies from software locks placed there by Universal Studios, making movies playable in Linux systems. Eric Corley, a U.S. journalist, published the software online, which led to a massive lawsuit spearheaded by Universal Studios.Β
This landmark case turned on the question of whether something is speech or conduct in the realm of software. It established that when speech in the form of software gained βfunctionβ, such as the breaking of a DVD encryption lock, it suddenly became a tool and could become subject to regulation.
While Corleyβs free speech protections were eventually reaffirmed in the Second Circuit Court of Appeals, the distinction between source code publications as a form of expression and functional software as a tool that can be regulated was established.Β
Despite the rulings β Corley even removed the copy of the DeCSS piracy software from his website β the damage was done. Internet civil disobedience spread the software far and wide, and the piracy wars of the 2000s raged on for years. They demonstrated not just the limits of free speech protections but also the limits of trying to enforce digital censorship.
Information simply wants to be free.
The Samourai case could face a similar challenge, and it is unclear whether βcode is speechβ can be a sufficient defense for Rodriguez and Hill.Β
Chink in the Armor
A controversial project that created as many loyal superusers as it did haters and critics is now on the front lines of the Biden-era lawfare, and the principle that code is speech appears to be at stake once again.Β
As a result, it has forced critics β myself included β to rise to the defense of a wallet that, while quite successful in its adoption, made many design choices that were questionable and for which they may be judged harshly in the coming months.
One potential weak point in their defense is their alleged enabling of sanctioned parties to βlaunder moneyβ through their coin-mixing service. The U.S. Attorneyβs Office for the Southern District of New York (SDNY) went as far as to embed a screenshot of the Samourai wallet account welcoming sanctioned oligarchs:
Coin mixers are akin to the virtual private networks (VPNs) used by law-abiding citizens and criminals alike. For privacy to exist, one must be able to hide in a crowd, their choices and personal information shielded from prying eyes, and to be revealed or judged after due process.
With that, the Samourai Wallet founders did not make themselves a difficult target. If the allegations by the prosecution are true, and they knowingly helped dress up wolves in sheepβs clothing, then they likely will have to pay a price for violating sanctions doctrines. A deeply chilling legal precedent could then be set, shaping the future of digital finance and directly harming the proliferation of such technology in the United States.Β
However, there may be hope in the change to a more crypto-friendly administration under the leadership of President Trump.
βI Will Defend Your Right to Self Custodyβ β Trump
During his keynote speech at the Bitcoin Conference in Nashville in 2024, Trump made a promise, one that he still has the opportunity to keep.Β
He promised to βdefend the right to self custodyβ.
Without financial privacy, self custody is dramatically weakened, as seen by the growing wave of physical attacks on Bitcoiners in recent years. The liberty previously enjoyed by software developers to build self-custodial Bitcoin tools like Samourai Wallet, is on trial.
The chilling effect
The U.S. government has, for the most part, learned not to attack an already hardened legal precedent like freedom of expression. However, by going after the developers and maintainers of Samourai Wallet directly, the DoJ had a net negative effect on financial privacy in the U.S., and it spread a chilling effect among Bitcoin software developers.Β
Immediately following the arrest of Rodriguez and Hill, Phoenix Wallet, arguably the best self-custodial Lightning wallet in the industry, exited the U.S. app stores β a decision made to protect their business from a U.S. government that appeared hostile to Bitcoin self-custody software. (As of April 2025, Phoenix is once more available in the U.S.) Wasabi Wallet, another financial privacy software company, stopped offering its noncustodial mixing services to the public. And wallets like Blink from El Salvador geofenced American users from their app entirely.Β
If Trump is going to really defend the right to self custody, and stop the eventual deployment of a central bank digital currency (CBDC) in the United States (another election promise), he will have to address the need for financial privacy in the digital era and reverse the injustices set in course by the Biden administration.Β
In one way or another, these cases will leave a mark on his presidential legacy.
Foundations of a CBDC
The Biden administration continued to sue, scrutinize, and debank the crypto industry β a policy that started under Obama with Operation Choke Point and ultimately resulted in Silicon Valley CEOs losing access to their bank accounts altogether.Β
A sharp example of permissioned financial rails being abused was also witnessed in Canada in 2022 when the bank accounts of truckers and donors were frozen during the Freedom Convoy COVID protests in Ottawa, following the invocation of the Emergencies Act by then-Prime Minister Justin Trudeau.
Furthermore, top U.S. officials from the Treasury have stated that central bank digital currencies (CBDCs) would need to have strong identity tracking, even while βbalancing consumer privacyβ, striking at a trade-off thatβs sacrificing user privacy altogether:
βThe Report notes that βa CBDC system could increase the amount of data generated on users and transactions,β which would pose βprivacy and cyber security risks, but β¦ offer opportunities for proper β¦ supervision and law enforcement efforts.ββ
Among the ideals of justice and fairness laid out by the Constitution is one where the privacy of the individual is granted by default, where there is a presumption of innocence, and the prosecution must prove the accusedβs guilt beyond a reasonable doubt.
The Fourth Amendment rights of innocent Americans who were using Samourai Wallet in particular are under attack by the kind of lawfare seen in the Samourai case:
βThe right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.β
Our homes are no longer just made of brick and stone, and our words no longer contained within those four walls. They are often digitized and transmitted, and so is the value they hold and move. Like cash in a sealed envelope, the use of financial privacy software naturally fits the protections of the Fourth Amendment, especially when no custody of funds is ever taken by the infrastructure facilitating its transit.Β
Yet the few tools that protect this default access to privacy have been systematically attacked and undermined in the digital age, akin to the government suing envelope manufacturers as money launderers for obfuscating the contents of a personβs exchanges.
Itβs actually much worse. While developers of privacy software like Samourai Wallet are harassed, legacy financial institutions, in their attempt to be compliant with KYC and AML regulations β the same class of regulations used to prosecute Samourai Wallet today β are forced to gather excessive private information from their customers in order to report anything βsuspiciousβ to the authorities.
These KYC data vaults are regularly hacked. Indeed, itβs impossible to keep them secure as they grow in size and become targets for cybercriminals, which exposes everyday people to organized crime in the form of identity theft and fraud. By 2012 in the U.S, identity fraud cost more than all other forms of theft combined, reaching over $21 billion, and this figure rose to $52 billion by the 2020s.
This surveillance infrastructure is doing profound and irreversible harm to U.S. citizens and the legacy financial system as a whole.Β
It is nevertheless sold as the necessary evil that stops money laundering by cartels and ends terrorist financing via sanctions through mechanisms like the OFAC list. And yet it is these same banks who are regularly busted laundering hundreds of millions of dollars for cartels, like TD Bank last year, which had to pay a record fine to U.S. regulators of $3 billion. It was accused of failing to surveil $18 trillion in transactions, of which close to $700 million was allegedly moved by drug cartels. Despite all the regulations and compliance, it turns out it was the banks that were doing the bulk of the money laundering.
When it comes to sanctions, meanwhile, Russia has received the worst lot of U.S. sanctions in recent memory, perhaps in history, including freezing its foreign treasury reserves. Despite that, Russia has run over major territories in Ukraine during the invasion and managed to survive long enough to be in a very strong negotiating position on the other side of the conflict β effectively marking the end of the sanctions foreign policy regime. It is no coincidence that the Trump administration is so focused on tariffs, overseeing the flow of goods across borders instead of the flow of money.Β
Also, let us not forget that when it comes to terrorist financing, it was the CIA that funded and trained the Afghan Mujaheddin in the β80s, training guerrilla operatives like Osama bin Laden, who later on helped create Al Qaeda and carried out 9/11.Β Β
None of these crimes were done by Bitcoin or Bitcoiners. But the consequences of these laws weigh heavily on civilian populations. And the exponential growth of identity theft, the demoralizing ironies of the war on cash, the micromanagement overhead of the publicβs finances, and the chilling effect on privacy-oriented software developers are the direct consequence of the KYC panopticon being constructed all around us.Β
All these policies can be summed up as flash points in the war on cash, a broad policy strategy of the pre-Trump era, that I believe was meant to set a foundation for the deployment of CBDCs, a state monstrosity that Trump specifically promised to protect us from.
Lesson Learned
The biggest concern I had with the Samourai Walletβs mobile app was its backend design. Ambitious and commendable as it was to try and bring cutting-edge, self-custodial coin mixing to the masses, in order to achieve it, Samourai Wallet made some questionable compromises β compromises which competitors and critics doubted were worth the upside and which can be judged in the trial as well. The most obvious problem was the way the mobile client was said to handle the xpubs of their users.
Xpubs are very important cryptographic information in Bitcoin and crypto wallets. Similar to IP addresses in the world of VPNs, xpubs represent a key piece of identifying information for Bitcoin users. Anyone who has your xpub can deterministically recreate all public addresses you ever had or ever will have in that wallet, allowing them to know exactly what public Bitcoin addresses are within your control and which funds have moved through them.
In the marketing and debates about VPNs β which are in some sense the early webβs equivalent to Bitcoin mixers β IP addresses, and whether a service can or cannot keep IP logs, is critical to their credibility among a savvy user base. Services often boast about their processes and procedures around not keeping their usersβ IP addresses, which, if shut down β as Samourai Wallet has been β could end up in the hands of prosecutors, compromising the browsing history of their users.
In the case of Samourai Wallet and xpubs, a similar rule of thumb should apply. Internet users throughout the decades have discovered that paranoia about the quality of the tools and implementations pays off in the end. This lesson has been learned the hard way as VPN services and privacy-oriented email providers have been hacked or seized by government prosecutors. If thereβs user data accumulated, the service can become a juicy target.
We donβt yet know what data Samourai Wallet had in the 17 terabytes confiscated by the U.S. government. Most of it is likely on-chain analysis done by their research arm OXT. But if user data was kept, then the privacy of many of those users might be at risk as well.
The Trump Legacy?Β
It is fascinating that the future of software developers and their freedom to build private self-custody software will be judged and shaped in an age where Michael Saylor argues that the coin is not a currency and Trump, the self-branded crypto president, promises to protect your self-custody rights.
As Rodriguez and Hill stand trial, those wrapping themselves in the orange flag and those who can influence public policy about financial privacy will also be on trial in the court of public opinion; history will be their judge.
For us plebs who cannot influence public policy directly and can only judge the tools we use on their merit, there is a moral to this story. Compromising on privacy for convenience β to avoid the learning curve otherwise required β does not come without risk.
And on a long enough time frame, only the paranoid crypto-anarchists survive.
This piece is featured in the print edition of Bitcoin Magazine, The Freedom Issue. Weβre sharing it here as a sample of the ideas explored throughout the full issue.
This post The Samourai Wallet Trial: A Test of Financial Privacy and Developer Freedoms first appeared on Bitcoin Magazine and is written by Juan Galt.
