Bitcoin Takeover Podcast: S5 E2: Leo Wandersleb on WalletScrutiny & Why Samourai Isn’t That Great on Apple Podcasts
As a developer, Leo Wandersleb is passionate about the way Android wallets work. In his quest to evaluate myCelium’s main competitors, he has established a methodology of rating mobile wallets. That’s why he created WalletScrutiny.com, a website where you can find information about how open source and transparent your mobile wallet of choice really is. If the wallet that you download from Google Play Store is not the same as the binaries you clone from the public GitHub repositories, then a red flag quickly gets waved and the wallet is not reproducible. This means that the developers are not entirely transparent about their code, do not maintain the repositories in a congruent way, and may just become malevolent if the users don’t pay attention. Another interesting fact presented by Wandersleb concerns Samourai Wallet’s dishonest marketing: though the developers of Samourai talk about open sourceness, their builds are not verifiable and there are great differences between the code on GitHub and the application that can be downloaded from the Play Store. Wandersleb provides interesting insights about the amount of trust that we should have in developers, explains how and when reputation matters, and ultimately helps all users to use better mobile wallets. Time Stamps Leo Wandersleb 00:46 – Introduction 02:15 – Categorization of mobile wallets on WalletScrutiny.com 3:50 – What verifiability means for wallets, and why verifiable does not mean verified 6:40 – Why verifiability matters to make sure that the wallet developers are not hacking you 9:40 – Which wallets are listed as verifiable on WalletScrutiny.com? 12:20 – Why Coinomi wallet is not open source 13:05 – Coinbase is custodial and should be avoided 15:21 – Some of the most popular mobile wallets also happen to be the worst 18:25 – Wallets that are popular, open-source, but not verifiable 19:08 – Samourai Wallet is not verifiable 22:10 – How reproducibility works at MyCelium to prevent abuses by release managers 24:20 – More arguments against Samourai 29:20 – Android’s interesting security 31:27 – Google Play vs F-Droid 33:55 – What about iOS wallets, are they verifiable? 35:20 – Blockstream Green and why it’s great 37:20 – Coinbase vs Samourai for the average user 40:30 – Why it’s better to be careful with mobile wallet updates 45:40 – In the “Don’t trust, verify” issue, what can the average user actually verify? 48:40 – Leo fails at marketing his own project 50:40 – Why builders are the best 51:10 – Companies exploiting the ignorance of newbies 53:00 – Satoshi was honest about Bitcoin’s limitations 55:30 – Why MyCelium’s iOS wallet is terrible and not recommended, but the Android version is better 59:10 – MyCelium vs Blockstream Green 1:00:30 – Collecting fees from routing Lightning Network transactions 1:02:48 – Lightning Network Routing 1:06:00 – Best mobile wallet for ease of use and open source verifiability 1:09:00 – Wallet Scrutiny [dot] com and its methodology 1:10:30 – How much does reputation matter in the Bitcoin space?