Why the hell is your site hosted on the clearweb and only additionally on Tor?
Our site is hosted on Tor and only additionaly on clearweb.
Clearweb site allows clearnet users to get some privacy. We suggest all to use Tor.
With an unrelated .com and a Tor .onion on an unknown server you could make sure that the mixes will always be private.
Should we advertise that unrelated .com or keep it secret? How does it make mixes private?
For transparency reason - there is a scam accusation against ChipMixer active:
https://bitcointalk.org/index.php?topic=5173144.msg52085359#msg52085359It is pretty clear IMHO, have a .com domain only for advertising and to explain how to get to the .onion.
That is the only secure way of doing it.
If you run the server on .com and .onion, tor will protect users traffic but won't hide your servers location, so it is possible for law enforcement to find the server and to try to get inside.
And don't tell me they can't, if it is important for them, they will break encryption with some cold boot attack.
Of course you could say the .com is an extra server, and it connects to the .onion using the tor network.
That would make your server hidden again, but how can users trust that?
You could just say it is an extra server, but in reality it is all the same.
Conclusion: Host sensitive things like a mixer that is in full spotlight because of the binance hack etc only on .onion
In case you are considering doing the only right thing, and fix this, you should rent a new server, transfer all data using tor from the old server to the new server.
Then wipe the old server and never use it again.
Point the .com to some unrelated offshore hosting, like bitblender did.
And never connect to the new server with your real ip or VPN, tor only!
Because if they were already watching the old server, and you connected with anything except tor, they will also watch your ISP / VPN.
And better get a new .onion, since the private_key was on your old server, i would consider it compromised.
If i don't get only stupid replies, i will write a short guide on how to run a mixer that is actually secure and working.
I put a lot of thought into it, and the only one who ever got it right was bitblender.
For various reasons which i can explain.
