|
Can I make a couple of questions?
- Why would someone prefer using your service over to swapping bitcoin for XMR in a decentralized exchange like Bisq? The only reason I can think of is that you use coinjoin in comparison with Bisq (wherein the seller and buyer don't make it apparent they've mixed their coins). If that's the case though, I can coinjoin myself using Whirlpool or Joinmarket.
- How can someone verify that you've actually used XMR bridge? As far as I can see from your website, I send you bitcoin and I receive bitcoin. I have no manner whatsoever to verify that my bitcoin were acquired by exchanging for XMR.
|
|
|
|
Although its not guaranteeing you a clean computer, its a nice alarm so to speak when swept. It's not guaranteeing you anything. A wallet being emptied does not tell you what's wrong, which software is responsible, when the malware was installed etc. A smart thief wouldn't trade their unknown access with $10, and I strongly recommend you to not expect hackers to be dumb. They may wait until you deposit a decent amount of money, or perhaps valuable files. Prevention over cure. You should just be aware of your computer's security, and friendly suggestion; don't rely on security through obscurity. |
|
|
|
Why can RPC commands not contain signatures? That's actually a good question. I believe it has to do with the same reason we don't encrypt information with nodes' public keys in the Bitcoin network; it might be trivial to execute a man-in-the-middle attack. I found these two: - https://stackoverflow.com/q/12385240- https://groups.google.com/g/grpc-io/c/SbajPhgcdqkThe TL;DR as I see it, is that security tokens provide better levels of security and are easier to implement. |
|
|
|
Notice that in your review, you mentioned transactions that occurred before the update. To which update are you referring to? I know, solution is to use DEX but here we talk about people, tons of people who use CEX. You can't force people to use DEX, right? So you have to adapt your service. Let's ignore for a moment that buying "taint" is harmful for Bitcoin, and that we should opt out using services which treat the currency in such an unfair manner. How do you adapt into something completely non-transparent? That is a question for [banned mixer]. How do you make sure that your "AML scoring" is acceptable? From the link I mentioned above, the chairmen of chain analysis companies have clarified they won't let anyone audit their software code. You practically have no manner to confirm that they won't be flagged by the chain analysis software, as you don't even know which software is used in the first place. Binance might be using software X, Huobi software Y, Kraken Z etc. We frequently notice coins being deemed as "tainted" from one exchange, and at the same time "clean" by another. |
|
|
|
The most secure approach is to have an airgapped device. That means, not only to never connect to the Internet (as with hardware wallets), but to being incapable of connecting to any device or network in general. In other words, a device that contains your master private key and transports transactions and signatures using QR codes, without connecting to your computer, such as SeedSigner. They continue to rebroadcast the transaction and also anyone who has the TXID can also rebroadcast it
Anyone with the TXID cannot re-broadcast it. They need to have the entire signed transaction. I do not think it is necessary, as we have BitcoinCore that does not provide the option to create a recovery seed phrase. Frankly, I wouldn't recommend using Bitcoin Core as a wallet, no matter how secure and developed it is. I don't remember the reason they haven't implemented a mnemonic standard like BIP39 or Electrum's, but I would not trade the comfort and security which comes from backing up my wallet in a short phrase; it greatly minimizes human error. |
|
|
|
@everyone. Based on this and if anyone has already used a mixer or DeFi with a certain wallet, be careful on using the wallet for centralized exchanges or gambling sites where you have KYC accounts if these new rules are implemented. If you're living in the US and this bills passes, you should absolutely forget about centralized exchanges, as you may be accused of funding terrorism because of potentially bad coin history. Unless you buy and store all your bitcoin there, which would nullify Bitcoin as concept in the first place, and you shouldn't do it. Proof (Satoshi quote) or it didn't happen. It didn't happen, usual nonsense again. There are lots of posts from Satoshi in which he talks about Bitcoin in terms of privacy, none of which he claims it's built to take away anonymity. Hell, he was even talking about "blinding keys" and "group signatures", techniques which are very similar to ring signatures and stealth addresses used by XMR: https://bitcointalk.org/index.php?topic=770.msg9074#msg9074. |
|
|
|
You use decentralized exchanges without KYC, which makes CoinJoin a suitable option for you. But how many share your situation? Maybe just 0.01%? I don't know the number. What I do know is that it's our responsibility to educate newbies about these solutions, and to not give up everything on their naivety. We should not be endorsing the usage of a service which is treating the currency as non-fungible with evidently inaccurate data. I agree You don't agree when you're running a business which is based under the premise that taint exists. You're supporting it. I won't derail this further. It's just sad how some people don't appreciate the censorship resistance this network provides in such efficient and effective manner. |
|
|
|
it's a real thorn in the side for analytic companies We're having a disagreement in a fundamental level; you're buying the notion that coins are tainted. Every action of your service is done under the premise that the mixed coins must be treated as "non-tainted" by blockchain analysis companies. I don't buy that notion, and don't interact with services that will deem my coins as that. Usually, they're just centralized exchanges, which I avoid as I trade decentrally. To me, the point of a mixer is to make it as hard as possible for a third party to tell which outputs correspond to which inputs. Period. "AML scores", "tainted coins" and the like, are all inaccurate, made-up nonsense that undermine Bitcoin as currency and attack our privacy. Using your mixer as an example: to de-anonymize all its users in recent weeks, it would take $10-20, right? Revealing which addresses belong to a mixer doesn't hurt its clients anonymization, just as revealing which inputs are coinjoined doesn't make the outputs de-anonymized. It's just making it apparent that the clients used a mixer / coinjoined, which in the eyes of chain analysis that is deemed as "tainting". Otherwise, I strongly recommend you to get rid of a competitor with just $20 in expenses. |
|
|
|
This bill is beyond insane. It literally tries to discriminate anyone owning Bitcoin, unless they're running a fully KYC-operating centralized exchange. And the genius part, is that it is backed by the good assumption that the majority of Bitcoin users store their coins there, so it won't affect them (as it would if they made it officially illegal). Every true Bitcoiner living in the US should take action. Once this proposal is formally published, there will be a 90 day window to submit comments as a first step to legally challenging this nonsense. Is there anything the people outside the US can do to help? Or do comments get submitted eponymous? |
|
|
|
Exactly that. So if you use die and do 24:word seeds yeah maybe due to the unknown bias it is like a perfectly done 17-20 word seed. You shouldn't be counting in words. Words do not provide security. Entropy does. In my previous example, every roll produces 1.39 bits of entropy. A 24 words long seed phrase is an encoded version of 256 bits (plus a checksum that is dependent on these). This means you can produce a secure such phrase by rolling said dice for 256 / 1.39 = 185 times. It would provide the same security as to tossing an unbiased coin 256 times, or rolling an unbiased dice for 99 times. |
|
|
|
If the number 1 is 25% If the probability of having '1' is 25%, and 15% for each other, each dice roll will produce 2.67 bits of entropy. This means that you would have sufficient entropy with 48 dice rolls. That post and calculation of yours you linked to is way above my understanding. All I can see is the final result in bits of entropy (without knowing if your calculation is ok) showing more than what a 12-word seed has. All you need to know is that we have an equation that tells us how entropy bits are worked out. These units define how unpredictable an event is. For example, a dice that gives '1' 99% of the time generates a lot less entropy bits in each roll than a completely unbiased. In that post you linked to above, you demonstrated that even a biased dice produces enough entropy with a big number of rolls. If that is true, the dice would have to be awfully biased to only produce 99 bits to the point you can see it with the naked eye. Correct. It would need to be so awful, that you could feel it's improper for generating entropy. A dice that generates 128 bits in 99 rolls, which are necessary for a Bitcoin seed phrase, generates 1.29 bits per roll. Imagine that even a dice that rolls '1' 75% of the time (and 5% for each other result) gives more than 1.39 bits of entropy. And to give you a picture, these would be potential results from such a flawed dice: Try #1: 1113111111161112111111114132111151111111111131511114131111111111141311565612111111141111113141111111
Try #2: 5411151515121111131111111111114111125213151411111161211113111111111411121311111161211611111611111151
Try #3: 1226141131111111164161116251411141542111111654311111511412111512141111111665411113111141111111411111 (code used: https://pastebin.com/raw/ctWm3jTH) I think everyone could notice they're using a bad dice in such a case.  |
|
|
|
I'll take 'f' please.  |
|
|
|
Do you really think that cops or ISP think like that? If you hide your TOR usage from your ISP and connect TOR that way, then you protect your privacy and at the same time, no one has doubt about you because you look like an average guy from the outside. I know that in the eyes of a surveillance state, I'm looking suspicious, but this happens to protect what I'm wishing to hide. But, nonetheless, just because some people think I'm doing something illegal via Tor, it doesn't mean they can arrest me without evidence. When you discover that majority of people don't care about privacy online but you care, you'll also discover that you probably look a little different from crowd for those, who watch everyone. In order to protect your privacy, you have to act like you don't care, like, using Tor bridges to hide your tor activity or VPN + Tor.
You can't act beyond an extent. VPN providers are likely honeypots. If you connect to Tor via a VPN (which is not recommended), you might as well look suspicious, because: - VPNs are not used by the "crowd" either. - VPNs can hand over logs if the authorities request it, and see you're connecting to Tor. You can't protect your privacy if you're "acting" you don't care. You obviously don't get to the streets and start yelling "I'm protecting my privacy" (as that would actually reduce it), but that doesn't mean you won't utilize privacy protecting tools like Tor, because the ISP will deem you suspicious. Your alternative is to let the ISP know what you're doing. Your choice. |
|
|
|
[banned mixer] Mixer Review Program #2
Bitcointalk username: BlackHatCoiner
I'll start with mixing this time. I'll check if you've taken into consideration my previous concerns, and will talk about it at the end of this review. Browser: Tor v13.0. Security level: Premium. Mixing 1 mBTC. Receiving in: bc1q9a4vsffut6h9awp8ggcfz7jlq7lgs07yl0yce5 (67.56%), bc1qcerxjz8p24rhgdqd0paq3s4p4ere3hgvm8wl00 (32.44%). Service fee: 3.60% Anonymizing meter signals "strong". Let's valuate this mixing now it's done. (#1 withdrawal)
┌───────────┐
┌──►│bc1q...yce5│ (random tx)
┌─────────────┐ │ └───────────┘ ┌───────────┐
│bc1q...t0cfq8├───┤ ┌──►│bc1q...ldq8│ (mixer change)
└─────────────┘ │ ┌───────────┐ │ └───────────┘ ┌───────────┐
└──►│bc1q...7vr5├───┤ ┌──►│bc1q...ha03│
└───────────┘ │ ┌───────────┐ │ └───────────┘
(mixer change) └──►│bc1q...rf5j├────┤
└───────────┘ │ ┌───────────┐
└──►│bc1q...wl00│
└───────────┘
(#2 withdrawal) - #1 withdrawal TX: 978c20822b02efd140a4c13ac1c2026aec7df2cd4e3b89795549734b8c5a3b7f- - random TX: eadee4abdc7fd80bbfe56694fb6528e165542b25f40fc4ba9894376c471fc0e5- #2 withdrawal TX: af9a530e368d89c120e9bf6f99beb6ac89edd5a342fc600b75220d93bcfecd41Again, not strong anonymity. Rather poor. Receiving addresses literally have blockchain connection. You should never use the change of one mixing for another receiving address of mine. Not having a blockchain connection is the whole point of separate addresses, otherwise I can do that too in my own wallet. The difference this time is that you added a random TX (as I demonstrate) in the middle, but it's still very poor mixing and any regular coinjoin would provide better anonymity set than that. Security level: Standard. Mixing 1 mBTC. Receiving in: bc1qpnr87nuqar0vw0x62zvqfj747shpkpltp6jx2l. Service fee: 1.80% Anonymizing meter signals "fair". This one is just a regular transaction: ec9ebe0cba4806a43a2f88a1f57e87fcdf274af3c739a3d3c411a77f7c53be53. I did check its coin history, it doesn't have any blockchain connection with the previous mixing, so I guess not great not terrible. I will retry mixing with standard, just to see if this one there will be blockchain connection. I will be using the exact same parameters. Security level: Standard. (second attempt, using Chromium 118.0.5993.88) Mixing 1 mBTC. Receiving in: bc1qfgf9hs90fjr8kwn3mgnkce45l7ymteee6gxm43. Service fee: 1.80% Anonymizing meter signals "fair". Mixing done, withdrawal transaction is this: 36816f0c75595b4b5bfa71123c54e1798fb5606271af96d2221e8c10d6dc959d. There is no blockchain connection with the previous mixing as far as per my block explorer goes. So, tumbler code must be working as expected.
Let me return back to my concerns. You responded me in your ANN thread, so I want to confirm you've actually fixed these things you said. I'm going to ignore Javascript, as I don't exactly know your setup, even though I'll once again advice you to let the people audit the code if you're planning this mixer to go big. We've made significant improvements to our FAQ section I checked it, and indeed. You've actually made it look more professional now. I don't have anything else to suggest about FAQ. Our system distributes coins using 96 different sending patterns, and yep, that includes sending from various address types. We're all about upping that anonymity game. Yes, but I think you've missed my point. When I receive mixed coins, I want them to looked mixed. The point of using a mixer is to improve fungibility, and the only manner to accomplish that is to make fungible mixed outputs. You do improve privacy by obscuring the coin history, don't get me wrong, but chain analysis companies should get a clear signal that once you deposit, that the particular coin is, not only changing hands, but enters an a pool of mixed coins. For instance, a large coinjoin is clearing up that it's a large coinjoin. Coinjoin solutions such as whirlpool, don't try to hide the fact that you're making a coinjoin, and neither should you. Look on what ChipMixer did, it used fungible chips, which made outsiders treat each equally. I hope you do acknowledge now, I'll be happy to continue this conversation in your ANN thread if you want. Please note that the funds you received were from an address with a much larger sum than you requested for withdrawal. By structuring our pool into levels and using various sources of coins, we aim to protect our pool from de-anonymization, making it more costly to attack. This approach enhances the overall security and privacy of our service. Please note that your prioritization should be to protect the user. The user doesn't know your setup. They simply send and receive, expecting you did your job. If the user sends a small amount of bitcoin, then you should take care to use a smaller pool of your coins (if sending from large-sum pool is a problem). Otherwise increase your minimum deposit. The minimum receiving address fee is "one of the methods" to protect our pools from de-anonymization, the primary function of which is to make such an attack as expensive as possible. Again, I don't understand. How does charging exactly 20,000 sat protect your pool from de-anonymization? You're discouraging the user from splitting their mixed coins, which is a very bad practice. Nobody is going to pay 200,000 sat, just to receive their mixed coins in 10 separate addresses, which is just bad, as receiving in multiple addresses, in various time periods significantly strengthens privacy. They'll most likely stick with just 1 receiving address, which is much easier to de-anonymize.
Unresolved concern: privacy policy. Privacy policyI'm a little bit hesitant to using this mixer after reading its privacy policy. So, I'm basically agreeing that [banned mixer] implements coin filtering and I'm forbidden to using it if my coins are included in some illegal activity. I'd expect better policy from a service that is trying to enhance Bitcoin's privacy (and coincidentally, its fungibility). /terms]4. PROHIBITED ACTIVITIES and COIN FILTERING
You accept not to engage "The Service" in any illegal activity or not to use "The Service" to adversely affect the performance or provision of services by "The Service". In addition, You accept not to use any Bitcoin created, received, or granted in exchange for or as a result of any illegal activity in "The Service".
[...]
COIN FILTERING
"The Service" may carry out verification and control of illegal activities with the help of a third party under a contract. "The Service" may terminate Your access to "The Service" with immediate effect for any reason - including, but not limited to, illegal or prohibited activities, at its sole discretion, and is not obligated to reveal the details of its decision.
You accept that "The Service's" decision to take certain actions, including termination for any reason at its sole discretion, may be based on confidentiality criteria that are necessary for "The Service's" security protocols and risk management. You accept "The Service" is not obligated to reveal to you the particularities of its security and risk management processes. In addition, the user has to accept that they will not be revealed the reason their coins were rejected. I want more information and explanation on this. Why are you doing it? Bitcoins are fungible. Why do you treat the currency as non-fungible? It harms it as currency. How can the user trust a service with the aim to improve fungibility if the service itself doesn't treat it likewise? And which is the procedure followed if you deem their coins as "tainted"? Do you return them back to their address? The user will hesitate to using this, if there's a chance to confiscate their money (which seems to be).
|
|
|
|
Ledger may not be the best hardware wallet available, but it is very popular. It is one of the worst hardware wallets. Just read my recent response in this thread: https://bitcointalk.org/index.php?topic=5469941.msg63036353#msg63036353I don't know if there are statistics on this subject, but I wonder what percentage of investors use hardware wallets? You can't possibly know that number due to Bitcoin being pseudonymous. Anyone who claims that they know, are either hiding you a big part of the truth (i.e., they use inaccurate data), or they lie. I’m still using Ledger even with the recent commotion about seed phrase recovery because it’s still offer the standard safety feature of hardware wallet. Why on Earth would you use a closed-source, non-private, shitcoin-supporting piece of hardware whose central database (which kept personal info about Ledger owners) suffered data leak? |
|
|
|
You've asked a lot of questions, so I'll stick with those that I feel more confident answering. If each dice is biased to a different number, can we really talk about a significant loss of randomness in the final result? I don't think dice bias can cause a significant problem, given that you'll roll it 99 times as said. As I have already demonstrated, even in a very biased dice which results in '6' half of the time and every other result 10% of the time each, the generated entropy is more than necessary. To take this further, how could someone take advantage of the bias in my dice to bruteforce my seed without knowing what that bias is? It's all about entropy. If a biased dice gives only 1 bit of entropy in every roll, then 99 rolls would give you 99 bits. All the attacker needs to do is brute force anything in the range of 99 bits, because you can't have possibly exceed that. Practically speaking, that could be implemented by a program that hashes sequences of biased results. (i.e., attempt #1: hash("666123")) |
|
|
|
But nobody gave the answer to the question of why the number of words are limited to 2048, or anyone have already gave!
They are 2048, because that is 2^11. This means that for every 11 bits you can represent a word. Say that a seed phrase is 128 bits long, which is 12 words long. If you extend these 128 bits to something divisible by 11 (i.e., 132 which is the point of 4 bits checksum), you can represent any seed in a sequence of 132 / 11 = 12 words. Saw that video. Man, that's a lot of numbers. Not just lots, a lot!!! I imagine there is no word in this world to quantify this amount of numbers. I get it. Basically the point is that, it will take forever. As the video demonstrates, there are just not that many resources to begin with. But, note that the 128-bit security is much less than the 256-bit. |
|
|
|
|
There are clearly some fundamental limitations with lightning, due to its design. As I have told multiple times already, the basic problem is that it is very unattractive for the average, non-techie Joe, because it requires him to study a little bit of how it works, but more importantly because of running a machine all day long. This is orders of magnitude more of a burden than the SPV solution.
I wouldn't worry for the retiring developer. Lightning does have a brighter future than currently, but again limited. We will sooner or later opt out for other sidechains (or drivechains).
|
|
|
|
|
Nobody should be using Ledger to begin with.
- Closed-source.
- Their email database was leaked in the past, and phishing emails were sent across the globe.
- They support centralized shitcoins.
Recipe for disaster. Now I'm reading they can access private keys? Is that confirmed? Hopefully not. Otherwise, it is officially the worst piece of Bitcoin hardware you can get.
|
|
|
|
Also, the wordlist isn't infinite, meaning we have a certain parameter. If you want to scale security, forget about words and seed phrases. A seed phrase is an encoding of a 256 bit entropy. That means there can be 2^256 different seeds. Here's a great video that demonstrates how big that is: https://piped.video/watch?v=S9JGmA5_unY. Nobody is going to randomly brute force seed phrases, unless they're nuts. In fact, a private key can be cracked more easily as the public key cryptography used in Bitcoin provides 128 bit security. Here is o_e_l_e_o explanation on the topic, this means for 24 words we will probably be looking at billions of years to come. Note that he's talking about brute forcing by knowing which words are used but not the order of them. If you don't know the 24 used words, then you'll have to choose among 2048, which raises the time exponentially. |
|
|
|
|
Show Posts
