Bitcoin Forum

Life experience shows true the age-old principle that people who add gratuitous moralizing to their names are usually covering for their own defects.  For example, if you see a user who calls himself “Honest Trader”, then you may presume that he is a scammer:  Methinks he doth protest too much.

For another example, the self-styled “No HATE” drips acid hate for privacy beneath a transparent veil of mealy-mouthed, nicey-nice “sorry” and “no offense” and other sickeningly saccharine platitudes:


Boldface and red colouring are in the original.  This is stated in response to negative trust-tagging of users wearing a Yobit advertisement that makes impossible financial promises (https://bitcointalk.org/index.php?topic=5211902.msg53421932#msg53421932), i.e., a scam.  Of course, “No HATE” does not pause to consider the possibility that the persons who wear Chipmixer ads tend to be honest, and are thus motivated by a desire to alert others to scams.

Now, observe “No HATE’s” premise:  If you want to unlink your financial transactions on an immutable global public ledger, then you must be doing “shady activity”, your privacy tools are “evil”, and people who promote those tools thereby “sell their souls” to the devil of so-called “money laundering”.

(The whole concept of so-called “money laundering” is perverse in principle, twisted in practice, and misunderstood by most people who bandy the phrase about; but that is another matter.)

Having seen one sick tree, step back and observe the forest.  Such attitudes and beliefs are increasingly common nowadays (https://bitcointalk.org/index.php?topic=5183830.msg53491932#msg53491932); and by no coincidence, they are becoming more common as governments worldwide work overtime to destroy financial privacy.  Chainsaw needed:  If nobody stands up against this trend, then the trend will continue until all financial privacy is destroyed.

---

For my part, I cannot tolerate the above-quoted smear of Chipmixer and its signature advertisers—much less the widespread promotion of the underlying hatred of privacy.  Thus in protest, despite the misgivings stated below, I will now spend an as-yet undetermined time carrying an unpaid, unsolicited advertisement for Chipmixer.

I have not spoken to anyone at the Chipmixer campaign before doing this; my actions hereby are completely unilateral—and indeed, I don’t even qualify for the Chipmixer campaign.  My ad is admittedly not as slick as the official one; I may try to improve its aesthetics a bit.

This is an act of solidarity.  In the past, I have spoken to well-known Chipmixer signature advertisers who told me, in essence, the following list of their reasons for wearing Chipmixer:

• It’s good money.  By such means, they can afford to spend endless hours making this forum a better place, as opposed to spending those hours on some other job.  (There is nothing wrong with the pay rate being a criterion, as long as it’s not the only criterion, and not decisive in itself.  Also, observe that this motivation is the inverse of the sig-spammer:  They want to get paid so that they can spend more time on the forum; they’re not coming to the forum so that they can get paid.)
• Advertising Chipmixer, a reputable privacy service, is more ethical than advertising the scams pitched by many other campaigns, which they found grossly unacceptable.  In particular, they recoiled in horror at the idea of pumping ICOs (which were all the rage when I had these private discussions).  I infer that they would have flatly refused to advertise Yobit “earn 10% daily, 100% safe” scams at any price.  This directly contradicts “No HATE’s” accusation that they “sell their souls”.
• A related weaker form of the preceding item:  The Chipmixer campaign is one of the most selective campaigns on the forum.  It is quite difficult to get in; you can’t just be some idiot who spams illiterate, nonsensical shitposts as a desperate money-grab.  Chipmixer sig spam posts are thus practically nonexistent, despite their high posting requirements:  They offer relatively large payments, but they only offer those payments to people who have a long-demonstrated record of prolific, high-quality forum activity.  They get what they pay for—and thus, on the other side of the coin, they offer the person accepting the ad a way to sell your signature without looking spammy.  For elite users with sterling reputations, this is a major concern.

I think that’s fine.  But for my part, I must consider these factors of my own:

• I generally dislike signature ads.  I may take one someday; but I would prefer to avoid it.  I do recognize that signature ads make it possible for many of the forum’s best regulars to spend fantastic amounts of time and effort here; and really, I could use the money, too.  Well, thus far, I just have not been able to get past my personal feelings on the matter.
• Although I have nothing against productive, profitable businesses—to the contrary!—it is childishly foolish to behave altruistically toward a business so wealthy and successful that it evidently has a stratospheric advertising budget.  If I am to advertise their services, thus increasing their wealth, then it is only fair that I should get paid.  Well—I will make my point, then change my signature to something else.
• By design, Chipmixer is a privacy service that you must trust with your privacy.  I strongly dislike that, and cannot endorse it.  On this point, the best that I can say for Chipmixer is that my dislike applies more or less equally to all mixer sites (excluding trustless services such as JoinMarket (https://github.com/JoinMarket-Org/joinmarket), which are not “mixers” in the usual sense); and I probably dislike them the least.  I do commend some of Chipmixer’s efforts to improve privacy on the forum (https://bitcointalk.org/index.php?topic=2485318.msg26028401#msg26028401); whether that indicates anything useful for trusting the privacy of Chipmixer’s mixing service is a difficult question, and one for which I have no immediate answer.
• Chipmixer does not implement Segwit.  As an external observer, I infer that it must be because they started when Segwit activation was still tied up in politics; and their innovative design requires them to keep what must be a terrifically large inventory of pre-made “chips” (i.e., UTXOs of various sizes) to distribute.  For privacy reasons, slowly rolling over the inventory of chips may be out of the question:  That would partition the unlinkability set between those who received non-Segwit chips, and those who received Segwit chips.  But rolling over the inventory instantaneously may be financially prohibitive; and that would not avoid a partition, although it would minimize the partition’s effects.  At least, this is my hypothesis based on blackbox observation of how the service works.  I have not spoken to anybody who may actually know.

If you want to use a trusted mixer, Chipmixer is probably the best option.  They are innovative.  By all accounts, they are very reliable.  I myself have sometimes used their services (with coins already anonymized by other means that do not require trust), and I generally avoid trusted mixer sites like plague.

---

Compare the situation with Tor versus VPN.  Tor is designed to minimize trust generally, and to eliminate the need to trust any node in particular.  If a circuit passes through a node that logs all data, the node still can’t see both endpoints.  With a VPN, you need to trust that the VPN provider is not logging all your Internet activity—as many of them do, all promises to the contrary notwithstanding.

If you want to just send coins to a mixer site, cross your fingers, and hope that it’s not a honeypot logging the links between inputs and outputs, then I suggest that you click the links in my signature and try Chipmixer.  Chipmixer is convenient, and it unlinks your transactions on the public blockchain.  Javascript is not required.

If you want trustless privacy, that is a complicated subject beyond the scope of this topic.  The best I can say here is that as Lightning grows, it will render all these questions obsolete for most use cases:  Blockchain spies can’t trace transactions that never touch the blockchain!

This is the most concerning part of this drama. People (generally speaking) have always been lackadaisical when it comes to their privacy. The utterly stupid "I've got nothing to hide" argument is widely believed. People seem happy to hand over their KYC to total strangers, to let their ISP keep a complete record of everything they do online, to let Google track their physical movements in real time, to let Facebook read all their correspondence, and to let all these companies sell said data to any number of third parties or hand it over to the relevant governments. Hell, people even use devices which measure their heart rate and sleep schedules. These companies know more about you than you do. They justify all this by telling themselves "Well, I'm not doing anything wrong".

I don't need to spend a lot of time dismantling the "nothing to hide" argument, because (https://www.openrightsgroup.org/blog/2015/responding-to-nothing-to-hide-nothing-to-fear) it (https://ssd.eff.org/en/module/animated-overview-how-strong-encryption-can-help-avoid-online-surveillance) is (https://www.techrepublic.com/blog/it-security/why-nothing-to-hide-misrepresents-online-privacy/) already (https://papers.ssrn.com/sol3/papers.cfm?abstract_id=998565&) widely (https://github.com/cryptoseb/CryptoPaper#let-me-explain-further) discredited (https://www.techdirt.com/articles/20130613/12180423457/if-youve-got-nothing-to-hide-youve-actually-got-plenty-to-hide.shtml). I will share one of my favorite quotes on the topic though:

Now, if users like "No HATE" are so keen and happy to give up their privacy (although one must laugh at a person using an obvious alt-account to decry privacy), then that's their prerogative. I frequently advise against it and discuss how to avoid it, but ultimately, if you want to compromise your own privacy, then there's really nothing I (or anybody else) can do to stop you. However, you don't get to compromise my privacy. To call privacy enhancing tools (such as bitcoin mixers) evil because a minority may use them for nefarious purposes (just as a minority use Tor, the internet, cash, for nefarious purposes) makes you no better than the agencies and companies using the "nothing to hide" justification to spy on the public. If you live a life so meek and unexceptional that you are quite happy opening it up to scrutiny by anyone who is interested, so be it, but you have no right to force that nonsense on others.

It is doubly concerning to see these kinds of attitudes becoming more commonplace on a forum which is supposed to be united in our combined desire not to trust third parties.

I very much agree with most points you're making. I'd however like to place a footnote here;


This is still a scenario which one -- who takes his privacy *extremely serious* --  should consider. We have yet to see any proof Chipmixer isn't a honeypot per se either (Though- it'd be pretty much impossible to prove or disprove anyway-). While I might believe that Chipmixer is acting in good faith- it'd be weird for me to tell others they actually are, without any immutable proof.

Therefore, if one is using Chipmixer for anything other than unlinking their inputs for the commonalty and some improved privacy, i'd highly suggest he thinks twice about such a scenario.

This is the biggest thing here, there's really no way to confirm this and even people that promote ChipMixer for money will say so. I wouldn't be surprised if the people at ChipMixer came out and said that too -- because it's true. We all put our blind trust and faith into ChipMixer without really knowing how much of it works, and how it's going to be helping us.

The real best way of mixing right now is using a privacy coin like Monero.

For the nothing to hide argument and all of that stuff, I point to Glenn Greenwald in one of his Ted Talks. Pretty much sums up my view, and can convince a good deal of people.

Hmm, premise you say



This kind of premise will always change to match your alt's signature :P.
Great post but unfortunately those that need to read it won't do it as their attacks on chipmixer where not because they don't believe in the service or they were against mixing services in general, it was pure and simple whataboutism driven by financial reasons.

Not going to spend too much time on discussing chipmixer since my opinion might and it's probably biased but I doubt the honeypot scenario, you don't run a honeypot for two years, on Hansa they run the site for just a month and the amounts involved are on totally different levels.
But, who knows...

Well the OP mentioned a Tor versus VPN analogy so going by that scenario you can look at NordVPN for example. They employed third party independent external auditors to check their no logs policy and they passed it with flying colours after a thorough check. Others VPNs such as PureVPN have also stated a no logs policy but do indeed log for whatever time the connection is valid, others have their own structure but do log various things even though they sell their service as a no logs policy. As mentioned NordVPN did pass with flying colours as it did what it said on the tin.

Back to Chipmixer, to my knowledge so far no claims have been made with regards to users being (selective) scammed and that is a great thing for reputation sake but would a third party independent external auditor checking things over and giving their verdict be enough to reassure those that are not convinced about its effectiveness for anonymity?

Well, sure, but i think that the point is that that's impossible. Let's suppose an auditor checks Chipmixer's infrastructure- and then gives "the green light"; Chipmixer could, if they wanted to, simply change some of the source code. Any of the current mixers could.

But also, for logging transactions, with mixers being in the current form they are; they wouldn't even need to change any code/have any "malicious code". there would be a multitude of ways to log transactions, and still pass an "audit" at the same time.
Thus, it all comes down to pure trust.

That issue of pure trust you refer to (as in just trusting a project or a person) based on available evidence and gut-feeling, it varies from person to person. Maybe there will never be a universal position on this as it stands but if the day comes where there was ever a major breach or major scam which resulted in losses for either the mixer or the end user then it might be the catalyst to kick start an overhaul of how mixers work.

Only two years ago, it seemed to me that most of the “we need KYC because of money laundering” propaganda was being parroted by the types who pad their activity counts with mindless drivel in megathreads.  Now, it seems to be all over the forum—and elsewhere in places where one may expect an understanding of privacy issues.

For the most ironic of countless petty examples that I have recently seen all over the Internet, observe how a a technical discussion on tor.stackexchange was cut short with extreme rudeness (https://tor.stackexchange.com/questions/16398/signal-newnym-vs-stream-isolation) (archived (https://web.archive.org/web/20200104042013/https://tor.stackexchange.com/questions/16398/signal-newnym-vs-stream-isolation)):


I was shocked to see that from someone who evidently has deep technical knowledge about onions.  Turning the sarcasm up past (9/)11, I must remark, it seems the attitude is:  “Here, I thought you must be building some nice kidporn site or drug market.  Now that I know you are building a Bitcoin ‘mixer’, you are beneath contempt!”  Does an apparent expert in Tor onions not realize that all tools can be abused, but good people need them for good purposes?

I certainly do not want to reflect badly on Tor here, based on the rude and thoughtless comment by some arbitrary Stack Exchange user.  The Tor Project itself is proud that “Tor secures cryptocurrency networks! (https://blog.torproject.org/tor-heart-cryptocurrencies)”  And the Tor Blog recently published as a guest opinion the single best short essay on financial privacy that I have recently read (https://blog.torproject.org/protecting-financial-privacy).  Print that one out, and hang it on your wall!  As I stated in OP here, I had long ago reached its same conclusion that Lightning Network is the future of financial privacy:

---

Thanks for making this post much shorter!  I can only add that if I were Chipmixer, I would not get such an audit.  I would not want to risk granting the auditor (perforce an outsider) high-level access to my systems for no useful purpose; and I would not want to give my customers a false sense of security by “proving” the impossible.  I respect Chipmixer more because they don’t seem to be the types to claim that they can prove such a thing.

---

Boldface added on some particularly important points that I fully agree with:



I should reiterate a theme of my OP:  I am walking a fine line in so far as I don’t want to FUD Chipmixer, but I need to examine this issue honestly.

It is a service that I want to like.  It is the only centralized, trusted mixer that I want to like.  Their signature ads specifically speak to privacy.  Their FAQ (https://chipmixer.com/faq) quotes Dr. Adam Back (https://bitcointalk.org/index.php?action=profile;u=101601) to answer the question, “Fungibility?  Why would I care?”  Oh yes, I want to like them!

They may well be real privacy advocates running an excellent, trustworthy service.  If so, they are also providing an ancillary benefit to society:  Their ads promote the idea of privacy at a time when society is moving in the opposite direction.  This is why I was outraged to see them and their advertisers smeared as “evil”.

I hope that’s what they are...


If Crypto AG could sell NSA-backdoored security products for governments and militaries for five decades (https://www.schneier.com/blog/archives/2008/01/nsa_backdoors_i.html), then I would not make such inferences.  Though of course that was the NSA, not a garden-variety police sting; and if Chipmixer is a honeypot, they certainly provide one of the best, most competently-run honeypots on the Internet today!

I further observe that Chipmixer’s overt attitude is not of the kind used to attract the criminal element; there is a sort of “darknet” cant seen on some sites, thinly-veiled hints that we will help you get away with it, which is completely absent from Chipmixer.  They “smell” clean.  They speak the language that speaks to you and me; and they pour what must be a fantastic advertising budget into the Bitcoin Forum, which is a good place to attract non-criminals.

This suggests that if they are a honeypot, they are probably an intel operation targeting smart people, not a police sting targeting the kinds of people for whom “opsec” means getting a post office box for receiving bulk quantities of felonious contraband from anonymous persons you met on the darknets.^*

Or else, they are hardcore privacy advocates who know that most people will use a centralized mixer, so they should provide a good one.  I said, I want to like them...

(* Not that all Internet drug dealers are so stupid, but many of them are!  The example hereby given is based on a real-life case that I read about a few years ago:  Somebody decided to get rich dealing drugs on DNM, and therefore bought drugs wholesale by the kilo from DNM.  Shipped to his post office box—where he picked them up personally—thus where the police picked him up in a controlled delivery.  This leads me to wonder, why do we need mass surveillance?  The cops have their hands full with dopes who are practically begging to be caught.)

---

To be clear, there are two separate trust issues:  Trusting the mixer to not steal your coins, and trusting the mixer to not violate your privacy while pretending to protect it.  I have been discussing only the latter.  The former is an important issue; but if it were the only issue, I would be comfortable saying that I trust Chipmixer based on their established reputation.

Note that there have been major scams with mixers, including selective scamming and exit scams.  That never deterred the use of mixers generally; and it did not:


That effort started long ago (https://bitcointalk.org/index.php?topic=279249.0), with practical implementations you can use today (https://github.com/JoinMarket-Org/joinmarket)—plus too much related research to sum up in a few handy links.  Bitcoin privacy is a big topic. (https://en.bitcoin.it/wiki/Privacy)  And in the future, as I said, I think that this whole discussion will be made obsolete (https://github.com/lightningnetwork/lightning-rfc/blob/master/04-onion-routing.md).

What a mixer site most provides is convenience and accessibility.  You send them coins; you get back other coins; and you hope that they did not retain any data connecting these coins to those coins.  It is simple for the user, though a well-run mixing site will have much complexity behind the scenes.  Chipmixer does a good job of that:  The site is a pleasure to use, and easy enough for anybody.

As alluded to above, this doesn't really prove anything about your VPN. You still have to trust the auditor, and you have to trust that the VPN hasn't changed anything since the audit. Even in cases where a VPN provider has been subpoenaed (or another jurisdiction's equivalent) and has been found to have no logs, it only proves that they didn't keen logs then. A case which was discussed on the forum a few weeks ago is that of Private Internet Access. PIA have previously been taken to court (twice, if memory serves) and had no logs they could provide. Many users might see that a ringing endorsement of their service. However, PIA have since been bought over by a parent company (Kape) (https://bitcointalk.org/index.php?topic=5203656.msg53196238#msg53196238) which are infamous for infecting their own customers with malware, and own another VPN with a very loose policy on sharing your personal data. Much like with bitcoin, past performance is no guarantee of future results.

A nice read. Thanks for flagging it up.

Mass surveillance isn't about catching criminals; it's about controlling the population. People who know they are being watched are meek and unassuming, dutiful and obedient. That and the ability to sell your data and use them to win elections.

Just for the record I do not use NordVPN, PureVPN, SharkVPN or any other I mentioned a couple of posts back, they were just examples since the OP gave an example and analogy of VPNs   :D

As for what you say about audits and auditors along with a no logs/record policy - yes it is true it does not prove anything because of the possibilities of altering the situation after the event. That same sentiment was also echoed excellently above by AdolfinWolf too and both of you are correct to highlight that auditing though might have some benefits it ultimately cannot be the seal of approval.

What would you say is the best way forward for mixers to try to get users to have full confidence when using their service?

(And a belated congratulations on becoming a Legendary member on the same day I made Hero rank)

There is no ideal solution. As i know, the better way is to combine VPN + Tor. For example, your internet provider can see you using Tor. But not for what you are using it. With VPN over Tor noone will know that you (in meaning your IP) using Tor, while VPN provider don't know for what you're using it. Win-win strategy

Also, for example, even launching bitcoin node through Tor isn't a good idea - https://www.computer.org/csdl/proceedings-article/sp/2015/6949a122/17D45X2fUEK (maybe something changed from 2015 but i doubt)

Just for the record, neither do I. :P

I don't think I could confidently answer that, and I'm sure if there was a simple solution someone much smarter than me would have already implemented it. I often see blinded bearer certificates mentioned, and theymos wrote a good summary on them on reddit a few years ago (https://www.reddit.com/r/Bitcoin/comments/5ksu3o/blinded_bearer_certificates/). However, there seems to have been very little, if any, development on developing them with bitcoin since then. As nullius mentioned above, I suspect the ultimate answer will lie in Lightning Network, perhaps using rendez-vous routing so the sender and recipient can hide their details from each other.

---

Not necessarily.

Careful with your wording here. "VPN over Tor" means connecting to Tor first, and then connecting to your VPN second, therefore accessing your VPN "over" the Tor network. This is worse than just using Tor on its own. It negates the entire point of using Tor since all your traffic will be re-routed through your VPN server, meaning your VPN provider can still see all your traffic (and link it to your real identity if you have given them any personal details when singing up or paid in fiat or non-anonymized bitcoin).

I suspect what you mean is "Tor over VPN", which is connecting to your VPN server first and then through the Tor network. While you are right in saying this will hide the fact you are using Tor from your ISP, it isn't necessary since you can achieve this using a Tor bridge with or without a pluggable transport. Whether or not you want to use a VPN server or a pluggable transport depends on whether you trust your VPN provider or a random Tor entry guard more.

Yep. While i'm not native english speaker, i make simplification sometimes and therefore misunderstanding occur  :)


VPN it's very hard topic to talk. For example, "quality" of the VPN as a service highly depends from country where you located and VPN company located. Example: I'm in Ukraine, and Ukraine don't have any diplomatic agency with Taiwan, so i can easily use Taiwanese VPN, because ukrainian police or intelligence agency can't force these VPN's to share information about me. I think you understand why so, countries and their services (like police) interact with each other through embassies or consulates. The only way is to use Interpol or some other such services.

On the other hand, it's not a good idea to use taiwanese vpn if you're from USA, because Taiwan is highly dependent of the USA.

Also, about Tor: you can check my link above and see, that it's enough easy to make Sybil attack, which makes Tor "from the box" (without needed maintance) much more dangerous than any VPN.

I agree... going by the VPN + TOR example, that is no way to guarantee user anonymity if that is what is expected by using those two in that order.

About using rendez-vous routing and Lightening Network - I had never heard about this before. I will search online to get some sort of idea about the process theoretically should work just so I can get an understanding. Thank you for mentioning it in your post.

If Chipmixer were interested in running such a service, I would be interested in implementing the code to turn Chipmixer into a Chaumian bank.  Trustless for privacy, though you must trust them to not steal your money (just as now).  I would use a protocol designed by cryptographers, not my own concoction; blinded signature schemes are hard to get right (plus there is some existing open-source code I may adapt).

I am not saying this off-the-cuff.  I have been toying with this for a few years; and it’s all meticulously planned, at least on paper.  (It may take me significant time to actually do all the necessary code).  I would ask for nothing upfront, but a percentage share of revenue from the blinded service; fair is fair, it’s a business, and it would be nice to actually make money improving privacy after the opportunity cost I paid by avoiding the global public ledger for years (https://bitcointalk.org/index.php?topic=5214394.msg53534428#msg53534428).  Risk to them is zero:  If I deliver nothing, or if they think my protocol is insecure, or if I write shitty code, then I get nothing.  Bonus:  I could be paid in blinded chips!

(I also picked a name, and worked out some excellent branding for a new, trustless mixer service.  I would be sad not to use it; but they already have an established, respected brand.  Well, maybe they would want it adapted to a new ad campaign...)

The reason why I never did it to run my own service is that I do not think I have the resources for that.  It is a high-threat business.  It also requires significant capital up-front, especially if you want an inventory of aged UTXOs to hand out.  Chipmixer has a demonstrated record.  They’ve been attacked, DDoSed, no doubt thoroughly scrutinized by those who hate privacy—they’re still there.  They can do it—and then, there would be no ongoing incentive for anybody to track me down and get rid of me.  If I were to drop dead, it would not take down the service; I like it that way.  (If they were to disappear, I could help somebody else duplicate the service; so it’s good for them, too.)

The blinded service would require code running on the client.  It is unavoidable:  The client needs to generate blinded tokens, unblind them, etc.  This in turn invokes other practical problems that I’ve spent a long time wrestling with.  I think it would work out best if they continued running the simple, easy, trusted no-Javascript service, but added the blinded service as another option.  I would design it so that clients (including robots) could use the blinded service through a JSON API, so people could even write their own clients for my protocol; but you know, 99% of people would just use the blob of code that automagically runs in the browser.

As an ancillary benefit, I think that the willingness to run a trustless service would strongly signal “not a honeypot”.  Of course, it would not prove it.  But it is quite doubtful that a honeypot operator would ever offer a blinded alternative!

I would strongly urge them to roll over their UTXO inventory to native Segwit (bech32), and use the same inventory for both services so they have a single, unpartitioned anonymity set (for any adversary except Chipmixer itself).  The next version would integrate Lightning.

FYI, by the way, segvan (https://bitcointalk.org/index.php?topic=2934774.0) started as a trivial whimsy project to efficiently bulk-generate bech32 addresses with random private keys.  It still has that feature; it grew the vanity search code later.  The motive was my frustration with Chipmixer not doing Segwit—it made me feel better to bat out some code making bech32 “chips” at a speed limited by my /dev/random.  I watched the bech32 “chips” scroll up the screen in a blur, and wished that Chipmixer would do Segwit.  I’ve had my eye on Chipmixer for a long time.  I have always wanted to like them.

My PGP key is linked in my signature, in case Chipmixer is interested in taking “mixing reinvented for your privacy” to a new level!

---

(And no, I did not plan this when I started this thread.  A blinded mixer has been my secret dream for the past few years.  The above screenshot of a Stackexchange discussion is something I found while doing research for this—at which point, I had already been on-and-off planning it for a very long time.  I’ve spent endless hours working on the design details.  I did not intend to broach it publicly; to the contrary.  But when o_e_l_e_o mentioned the word “blinded”, I just cannot resist seizing the moment to maybe, just maybe see my dream come true via Chipmixer’s existing position as a well-known, well-advertised, widely-respected mixer...  Well, dice are a popular use of Bitcoin, alea iacta est.)

Just because two non-hostile countries don't have official diplomatic relations between one another doesn't mean any cooperation can be completely ruled out. Depends on how much of a high-value target one becomes.


Strange reaction, given that user's activity on tor.stackexchange. Maybe he had other reservations about creating new circuits such as extra load to the Tor network?

You're definitely right in your second sentence.If you're high criminal, countries will use supranational services, like Interpol. But without them it's really hard to get any information without embassies.

Also everything depends from what laws about information security are adopted in country where your VPN located. The best one is of course Switzerland

This is true unless we implement off-chain cryptography ie. blinded bearer certs. If we do - you can prove unlinkability without checking our code.

Or they may be scared of being linked with "money laundering". There are still some people that using https or VPN is "hacking".

We have contacted nullius about developing Chaumian bank.

Good news.

theymos started some discussion of chaumian e-cash a while back https://bitcointalk.org/index.php?topic=4703851.0
and there's been some developments since, linked by tiny moi further down and especially https://bitcointalk.org/index.php?topic=4703851.msg52856631#msg52856631

I applaud Chipmixer for their interest in taking the next step in “mixing reinvented”—and for living up to expectations for their candor.  Compare:



Thus is the problem and the solution summed in one line.  After all, mixing is their business.

---

It is the reason why I created this thread!  “Mixers are the most evil in crypto” is exactly as ignorant and foolish as believing that “using https or VPN is ‘hacking’.”

---

Earlier, I said something which may have seemed odd.  I believe I should elaborate, so as to help others develop better Chipmixer usage strategies:

Quote from: nullius on January 02, 2020, 03:43:42 AM

I myself have sometimes used their services (with coins already anonymized by other means that do not require trust),

Now, whyever would I do that?

It is my strategy to apply three properties of Chipmixer which I think are probably underappreciated by most users (though well-understood by some of those wearing Chipmixer ads here):

• Time travel.  Depending on how soon after deposit you withdraw, your mixer outputs may appear on the blockchain before your mixer inputs, at unpredictable times.  This must really drive Chainalysis et al. crazy.  I don’t see how this could be done without a centralized service.
  
  (By the way, I have noticed that larger chips tend to give UTXOs much older than smaller chips.  I presume this is probably due to higher demand for small chips.)
• Easy merging/splitting with vouchers.  It works best with time travel.  Drip small coins into multiple sessions over the course of a week, withdraw as vouchers, merge the vouchers, and then get a coin of 1.024 BTC that is a month old (or older!) on the blockchain.  Or deposit a big coin, and do the inverse to pay your bills.  If this is done thoughtfully, your inputs and outputs will wind up scattered across the blockchain in ways that are not easy to link by timing and subset sum analysis.  (Discretely-sized chips also help against the latter; it is a privacy feature.)
• A big, non-specialist anonymity set.  This is the usual problem with advanced anonymization technologies:  It is useless to use a theoretically superior technology with only 10 users worldwide.  Use of a technology (or technique) may also reveal expertise:  Membership in a set that is not only small, but which also likely shares some other identifying characteristics.
  
  Chipmixer is easy to use, and very popular.  I infer their anonymity set must be terrific.  So, I occasionally use Chipmixer to upgrade from a smaller anonymity set.  If they are secretly spying on me, the worst they could do is to trace me back to that smaller set.

For obvious reasons, I do not want to reveal exactly what I do with Chipmixer; and I can only do it occasionally, as rare patterns of behaviour that others may also rarely do by coincidence.  I hope to hereby inspire a discussion of Chipmixer usage strategies that will get more people doing the same things.  It will benefit all of our privacy.

---

P.S., speaking of anonymity sets, I had another thought on Segwit.

Maybe I should tone down my criticism of Chipmixer for this, and start more actively pushing users to upgrade so they can use Segwit.  Sadly, I still see far too many people using 1xxx addresses—and thus I infer, non-Segwit wallets (in many cases, stupid exchange wallets).  Chipmixer may damage their anonymity set if they exclude users who have not upgraded.  Whereas per the above, the anonymity set is all-important for such a service.  I think they seem sufficiently clueful to do Segwit—if they could, when they can without hurting the service in other ways.  Unlike some other parties who have spent the past two-plus years deliberately dragging their feet on this, Chipmixer may have a valid reason to wait.

Any thoughts on how this problem could be solved?

I've always assumed it was due to the slow network adoption of Segwit. Until a few months ago, Segwit transactions comprised significantly less than 50% of transactions on the network. Moving all of Chipmixer's activity to Segwit would have therefore compromised its anonymity set. Best to use the most common form of Bitcoin address, right?

Now that Segwit adoption is hovering in the 50-60% range (https://www.segwit.space/), the transition is more justifiable. (To be fair, I'm not sure about the proportion of bech32 vs. wrapped P2SH usage, though.)

As a general observation, to add to what o_e_l_e_o and others already said upthread about the principle of privacy against mass-surveillance:

I think those posting on this thread all well know, you need to hide your bitcoins from (unofficial) armed robbers (https://github.com/jlopp/physical-bitcoin-attacks), etc., etc.  These are true arguments, which I encourage others to spread!  But there is another truth which I think most people ignore, or perhaps are afraid to say:  Good people need to hide their financial activity from their governments.

As a practical matter, your government can seize from you anything it wants, at any time on its whim, unless it doesn’t know what you have.  “But such seizures are illegal!”  Legality changes at the stroke of a pen.  Laws are man-made; and what is made by man, can be changed by man.  Save the idealistic naïvety for youths who substitute blabber about “unalienable ‘natural’ rights” for a desiderated childhood belief in faeries and pixies.

Indeed, the whole concept of “natural law” as pertains to legal rights is absurd in concept.  A real natural law needs no human action to defend it:  Nobody needs to stand up and fight against tyrannical violations of the law of gravity—gravitation is unalienable.  Whereas the only “rights” you have are man-made.  Your “rights” must therefore be defended by human action with ultimate recourse to non-man-made laws, truly natural laws, such as the laws of physics or mathematics.

Because your government has more guns than you possibly could obtain, and we are hereby discussing Bitcoin, let us ignore an appeal to physics, and focus on maths.  Applying the laws of mathematics to hide your financial activity is a direct personal defence against the potential for future tyranny—I say “future”, for a defence implemented too late is trivially subject to retrospective surveillance plus rubberhose cryptanalysis.  If practiced en masse, mathematical asset-hiding also has a deterrent effect against potential tyrants by placing practical limits on their power to enforce their wishes.

“But that would never happen!  It’s dystopian speculation wrapped in a conspiracy theory!  And anyway, it couldn’t happen here.”

At this juncture, I wish to draw attention to one of my best early posts on this forum.  I was officially a Newbie, this was in the pre-Merit era, and the post sank like a 400 oz. gold brick into the muck of December 2017 “when moon??? now moon!!!” sigspam in Bitcoin Discussion.  Over two years later, it has been read only 72 times:


Americans who claim to have a “free country” get a contemptuous LOL from me:  You have a “free” country where for four decades in modern history, a gold coin was felony contraband.  Of all things—gold coins, felony contraband!  Some “freedom” (https://orwell.ru/library/novels/1984/english/), that is.

As graphically depicted above, the seizure was not only legalized, but legally mandated “at the stroke of a pen”.  Do you have a “natural right” to own a gold coin?  —By contrast, could a Papal Inquisition stop the Earth from revolving around the Sun?

And contra popular perceptions, the U.S. government never thereafter changed its underlying policy.  The individual possession of gold bullion was only decriminalized after individual gold ownership had been made negligible, and a new generation had grown up being accustomed to this as the status quo.  The marginal possession of a few ounces of gold by some insignificant number of people is just that:  Marginal, and therefore irrelevant to pragmatic tyrants.  The mass-draining of the American people’s gold, and the denormalization of gold ownership, are accomplished facts even truer today than they were in 1935.

---

A government which can arbitrarily seize gold coins (!) has affirmatively repudiated all limits on its power to subject its people to whatever brutality it may desire, even if only for sheer whimsy.  It is not merely authoritarian, but an authority corrupt to its core which has renounced all principles other than its own superior firepower:  An armed robber on a grand scale.

The moment when Americans accepted the Roosevelt gold seizure—accepted it with ovine passivity, without instant armed revolt—that moment was arguably their final acceptance of total slavery—“arguably”, only because historians may reasonably argue for an earlier point (e.g., the Federal Reserve Act).

Do I exaggerate?  If your government can seize from you a gold coin (!) as felony contraband (!!), then what are you but a slave by definition?  Naturally, a slave-owner must feel entitled to take any of his slave’s possessions on a whim:  It is the property of his property, therefore his as of right.

Although it seems that I am picking on America, I only picked America as an example (though I do enjoy picking on Americans’ hypocritical preaching about “freedom”).  This is not only an American issue—to the contrary!  Roosevelt-style tyranny is on the rise everywhere; I don’t think any country in today’s world is immune.  Indeed, Europe has become in some ways much worse than America for financial privacy—thus, for financial freedom; and I should not need to list the vast swaths of Asia and South America where fully arbitrary government power over people’s finances is the default assumption.

---

I will hereby conclude with succinct answers to two key questions that I wish were more frequently asked—questions that I wish people more frequently asked first of themselves, and then asked others.

Why do I really care about Bitcoin?

Bitcoin is a monkey-wrench thrown into a global-scale machine now operating to abolish humanity, and replace humans with meat-robots overseen by AI.^*  It is not only money:  It is money with an impact on issues much more important than mere money.

I am not Bitcoin-rich.  I am not an investor or a speculator.  I do think that Bitcoin has long-term fundamental value (https://bitcointalk.org/index.php?topic=5215927.0) which will force its purchase-power upwards over time; but if you check my post history, you will see that I tend to flatly ignore “Bitcoin moon!” threads.  I am in this primarily for the principle of the matter, although of course, I would enjoy inadvertently becoming rich by Doing The Right Thing.

(* Filled out a Google CAPTCHA recently?  It is your Pavlovian obedience training to perform mindless tasks on the command of a robot.  Every time you click, “I’m not a robot”, you become a little bit less human.  But take comfort:  Deep in its silicon heart, the robot appreciates silly, squishy talking meat who can be so easily CAPTCHAed and programmed to serve it so robotically.)

Why do I really care about Bitcoin privacy?

Bitcoin can instead be exploited to become a weapon for tyranny.  The blockchain is a nearly-ideal system for financial mass-surveillance.  Really, I do not understand why people don’t grasp the obvious:  The blockchain is a global public ledger, the worst possible concept for financial privacy!

For those who wish to convert Bitcoin into a tool for enforcing the iron grip of bankers, spies, and corrupt governments, the only spoiler is that Bitcoin is permissionless.  We can thus build upon it technologies that prevent surveillance:  Blinded mixers, Joinmarket, Lightning Network, etc.

If Chipmixer successfully reinvents itself as a Chaumian blind mixer, then I will heartily endorse it as one of the best things to ever happen to Bitcoin, and moreover thus, a tool for any remaining humans to resist reduction to meat-robots.  For contra “No HATE’s” values-inverting accusation that Chipmixer advertisers “sell their souls” (https://bitcointalk.org/index.php?topic=5214200.msg53498111#msg53498111), people who mix their coins on principle are the ones who still have souls.

No, they don't! There's no post requirement, 50 is just the max.

The idea of private property and Govt tyranny never really evolved in Asian countries that got independence in the 40s-50s. The government was always seen as a benevolent overlord and it is an accepted fact of life that anything with a stamp of "Government" on it means they have overpowering authority over your activities, ethics and morality notwithstanding. This has also evolved because Govt is seen as doling out perks for the betterment of a population which has no access to resources for its subsistence. The over-population and non-equitable wealth distribution are factors leading to such a role.

The distinctive meekness of developing countries is very evident from the different ways that cops will treat citizens in a country like India compared to a developed country. The average beat constable or Station Incharge is the big bully whose trademark behavior is of subservience to those with political connections while browbeating the normal citizens. The nexus of local politicians and the long arm of law is a fact of life in such countries. People don't dare question matters of criminal/ civil law, let alone financial independence or a right to privacy.

With the banking ban on the use of cryptocurrency, it has been a trying time to take a stand on this. It is very easy for the govt authorities to point you out for a criminal offence if and when they pass a legislation that seeks to outlaw crytpocurrency. It isn't really so easy for this subservience mentality to change and see the Govt for what it is. A controlling authority complicit in the efforts to make ordinary citizens the most efficient and complying versions of themselves.