Samourai Wallet presented itself as a non-custodial privacy toolkit for Bitcoin users, built around Whirlpool CoinJoin rounds, Stonewallx2 decoy transactions, Stowaway payjoin flows, and PayNym identity features. That product framing did not prevent prosecution. On April 24, 2024, the U.S. Department of Justice arrested founders Keonne Rodriguez and William Lonergan Hill and alleged that the coordinator infrastructure processed large volumes of criminal proceeds.
The core legal argument is that charging fees and running coordinator infrastructure can be treated as operating a money transmission service, even when users keep direct custody of keys. That is why this case is now read alongside the broader enforcement pattern in the global crackdown overview and compared directly to the Roman Storm / Tornado Cash prosecution.
Case Timeline & Immediate Fallout
Samourai launched its Android wallet in 2015 and introduced Whirlpool publicly in 2018 as a paid coordinator service with fixed pool sizes. From 2019 through 2023, the project expanded privacy features while maintaining a centralized coordinator role. Investigators, meanwhile, built tracing records tied to darknet and ransomware clusters, then used that record as part of the 2024 arrest package.
After the arrests, the operational fallout was immediate: backend infrastructure was seized, app-store listings disappeared, and the primary domain redirected to a DOJ notice. Temporary community alternatives appeared, but liquidity and confidence dropped quickly as exchanges increased scrutiny of known Whirlpool-linked flows. The case also had spillover effects across other privacy projects, including stricter geofencing and more explicit legal disclaimers about custody boundaries.
Charges and Legal Theories
The indictment relies on two main statutes: conspiracy to commit money laundering (18 U.S.C. Section 1956(h)) and operating an unlicensed money-transmitting business (18 U.S.C. Section 1960). Prosecutors argue that fee policy, coordinator operation, and marketing language together show more than passive software publication. In that view, Samourai was allegedly running a service business that transmitted value for users without required registration and AML controls.
This is the same legal boundary being tested in other high-profile privacy cases: when does protocol maintenance become operation of a regulated financial service? Defense positions are expected to center on non-custodial architecture and open-source publication, while the government emphasizes practical control over transaction coordination and revenue generation.
Evidence Cited by the DOJ
Public filings describe a mixed evidence package: internal chats, support records, marketing language, infrastructure images, and exchange-tracing exhibits. Prosecutors highlighted communications they say showed awareness of darknet usage and presented technical records to challenge public claims about minimal logging. They also tied blockchain flows from known criminal clusters into later exchange deposits to support the laundering narrative.
On the business side, the government pointed to payment and contractor records to argue there was an organized commercial operation rather than a loose volunteer code project. That combination - behavioral evidence plus financial records - is what makes the case relevant for other CoinJoin teams that run persistent infrastructure with fee schedules and formal support channels.
Impact on CoinJoin Operators and Users
The immediate industry lesson was that "non-custodial" does not automatically mean "low legal exposure" for operators. Teams that charge coordinator fees, control matching infrastructure, or actively market to high-risk cohorts should assume they may be evaluated under money-transmitter frameworks in the U.S. and Europe. Since 2024, several projects have tightened jurisdiction filters, formalized legal review, and expanded disclosure around how their coordination layer works.
For users, the practical implications are mostly operational: maintain source-of-funds records, avoid careless wallet merges, and assume exchange reviews can be triggered by known cluster patterns. Collaborative transaction tools are not illegal by default, but surrounding conduct and communications can influence enforcement narratives. Checking exposure with tools like the BitMixList AML Checker helps reduce avoidable surprises before interacting with regulated venues.
How Coordinators and Privacy Teams Can Respond
Projects that coordinate CoinJoin activity increasingly treat legal design as part of technical design. Common responses include reducing centralized control points, limiting retained metadata, publishing reproducible builds, and documenting governance decisions that separate software publication from service operation. Some teams are also engaging outside counsel early instead of waiting for enforcement contact.
At the user level, resilience comes from diversification and record discipline: do not rely on one tool or one venue, preserve transaction context, and combine methods such as CoinJoin, payjoin, and enhanced collaborative transactions where appropriate. The Samourai case may take a long time to resolve, but operational best practices can be implemented immediately.
References
- U.S. DOJ press release announcing the arrests (April 2024)
- Indictment: United States v. Rodriguez & Hill
- CoinDesk coverage summarizing the allegations
- Wired analysis of the seizure and community response
Author
NotATether
Bitcoin privacy researcher and maintainer of BitMixList. Focused on mixer history, enforcement timelines, and practical privacy workflows for users operating in high-friction jurisdictions.
