[ANN] ChipMixer.com - Bitcoin mixer / Bitcoin tumbler - mixing reinvented

[LoyceV]

In this case Letter of Guarantee should be a proof, that generated address regarded to chipmixer, nothing more needed (i'm talking about before deposit step).

That's fake security. You'll still need the same level of trust, and if you'd claim you received empty private keys, you still couldn't prove anything.

[1713577883]

1713577883

[1713577883]

1713577883

[1713577883]

1713577883

[1713577883]

1713577883

[1713577883]

1713577883

[1713577883]

1713577883

[CloudflareBot]

In this case Letter of Guarantee should be a proof, that generated address regarded to chipmixer, nothing more needed (i'm talking about before deposit step).

That's fake security. You'll still need the same level of trust, and if you'd claim you received empty private keys, you still couldn't prove anything.

It's not fake security, it's just a protection from multiscam, in case i'll get scammed by chipmixer i can prove it to protect other ppl form using scam service, but current chipmixer site doesn't allow me to do that, they can scam money easy and just say that i deposit to wrong address covering it by "reputation" in this forum.
You didn't understand my proposal, there should be 2 letters for this type of mixer (private keys based), one before deposit - one after. First letter prove that address generated by chipmixer, second one - private keys.
You still didn't answer: how should i prove that address generated by chipmixer in case they'll silently change it after large deposit?
Let's imagine someone lost 10 BTC. This guy register on forum and asking chipmixer about it. Chipmixer answer some bullshit about phishing or wrong deposit address, doesn't matter really. Of course on this forum nobody will trust a some guy who lost some money and even can't prove it except some unknown transaction to some unknown wallet, but will trust chipmixer because of their signature campaign and tons of ppl trying to protect service and money they getting from campaign.
So, as i said, chipmixer can scam anybody anytime and you'll not able to prove it, because you have nothing to prove except transaction hash. Enjoy 'trusted' service, lol.

[ChipMixer]

It's not fake security, it's just a protection from multiscam, in case i'll get scammed by chipmixer i can prove it to protect other ppl form using scam service, but current chipmixer site doesn't allow me to do that, they can scam money easy and just say that i deposit to wrong address covering it by "reputation" in this forum.

Being different than other mixers is valid excuse not to offer Letter of Guarantee. For example ChipMixer does not offer LoG because it is incompatible with chip withdrawal idea. It would be nice to have an additional security measure but sometimes you just cannot do that.

Letter of Guarantee works because:
- deposit address is public
- withdrawal address(es) is public
- transactions (deposit, withdrawal) are public
- all data is known beforehand and can be signed

If mixer does not send withdrawal transaction - user publishes LoG and everybody can verify:
- signature is correct
- deposit was made
- withdrawal was incorrect

You didn't understand my proposal, there should be 2 letters for this type of mixer (private keys based), one before deposit - one after. First letter prove that address generated by chipmixer, second one - private keys.
You still didn't answer: how should i prove that address generated by chipmixer in case they'll silently change it after large deposit?

With your proposal ChipMixer signs letter that contains address. User say they did not receive chips. They publish signed letter that address is ChipMixer address. ChipMixer says they released chips. Who is lying? Nobody knows - only known thing is that it was ChipMixer address and funds were deposited. User cannot prove they did not receive chips. ChipMixer cannot prove they released chips. What kind of guarantee is that?

Second letter - signed private keys - does not do anything for guarantee. If user received chips - they would not show second letter. If they did and ChipMixer show second letter - ChipMixer can sign anything they want - it does not prove anything.

[CloudflareBot]

It's not fake security, it's just a protection from multiscam, in case i'll get scammed by chipmixer i can prove it to protect other ppl form using scam service, but current chipmixer site doesn't allow me to do that, they can scam money easy and just say that i deposit to wrong address covering it by "reputation" in this forum.

Being different than other mixers is valid excuse not to offer Letter of Guarantee. For example ChipMixer does not offer LoG because it is incompatible with chip withdrawal idea. It would be nice to have an additional security measure but sometimes you just cannot do that.

Letter of Guarantee works because:
- deposit address is public
- withdrawal address(es) is public
- transactions (deposit, withdrawal) are public
- all data is known beforehand and can be signed

If mixer does not send withdrawal transaction - user publishes LoG and everybody can verify:
- signature is correct
- deposit was made
- withdrawal was incorrect

You didn't understand my proposal, there should be 2 letters for this type of mixer (private keys based), one before deposit - one after. First letter prove that address generated by chipmixer, second one - private keys.
You still didn't answer: how should i prove that address generated by chipmixer in case they'll silently change it after large deposit?

With your proposal ChipMixer signs letter that contains address. User say they did not receive chips. They publish signed letter that address is ChipMixer address. ChipMixer says they released chips. Who is lying? Nobody knows - only known thing is that it was ChipMixer address and funds were deposited. User cannot prove they did not receive chips. ChipMixer cannot prove they released chips. What kind of guarantee is that?

Second letter - signed private keys - does not do anything for guarantee. If user received chips - they would not show second letter. If they did and ChipMixer show second letter - ChipMixer can sign anything they want - it does not prove anything.

So we returned to my first question: how should i prove that i deposit to you if you'll silently change deposit address? Who will be more believed on this forum: newbie lost money or mixer running signature campaign for 2 years? Answer is pretty simple, that's is why i'll never use that, nobody knows what is your cap of money for exit-scam. Every mixer has it, you can talk everything you want about it, but if someone deposit enough coins for your life you'll close doors or just scam deposit and keep working, because it's not possible to prove that deposit address is yours.
If you're really respectable service your must solve it and it'll attract more customers. But for now is just based on fake trust that you're will not change deposit address - not enough.

[TryNinja]

So we returned to my first question: how should i prove that i deposit to you if you'll silently change deposit address? Who will be more believed on this forum: newbie lost money or mixer running signature campaign for 2 years? Answer is pretty simple, that's is why i'll never use that, nobody knows what is your cap of money for exit-scam.

They mixed at least 4,836 BTC from Binance's hacker and you are worried with their "scam cap"?

Every mixer has it, you can talk everything you want about it, but if someone deposit enough coins for your life you'll close doors or just scam deposit and keep working, because it's not possible to prove that deposit address is yours.
If you're really respectable service your must solve it and it'll attract more customers. But for now is just based on fake trust that you're will not change deposit address - not enough.

I can't prove to you but I also don't need it (and wouldn't even care enough for that). But I don't have a "scam cap". And others also don't. There are people near incorruptible in this world (and not everyone has a price).

What is your magical suggestion to help them solve this issue?

[CloudflareBot]

So we returned to my first question: how should i prove that i deposit to you if you'll silently change deposit address? Who will be more believed on this forum: newbie lost money or mixer running signature campaign for 2 years? Answer is pretty simple, that's is why i'll never use that, nobody knows what is your cap of money for exit-scam.

They mixed at least 4,836 BTC from Binance's hacker and you are worried with their "scam cap"?

Every mixer has it, you can talk everything you want about it, but if someone deposit enough coins for your life you'll close doors or just scam deposit and keep working, because it's not possible to prove that deposit address is yours.
If you're really respectable service your must solve it and it'll attract more customers. But for now is just based on fake trust that you're will not change deposit address - not enough.

I can't prove to you but I also don't need it (and wouldn't even care enough for that). But I don't have a "scam cap". And others also don't. There are people near incorruptible in this world (and not everyone has a price).

What is your magical suggestion to help them solve this issue?

One time 5k btc or step by step? I bet you'll know answer after think a bit about this question   You know nothing about person running mixer, so good, that you personally don't have a scam cap, but we talking about chipmixer.
I got an answer, so we can't prove and should just rely on some anonymous person running mixer who can simply not answer for few days if something went wrong with service. If they have enough money, why support is so poor? Hard to hire few ppl? Lol.
I don't have any 'magical' suggestion, project is not opensource or so, it's business and problem should be solved by creators of service, not by me or community, i'm not getting money from it or any profit. I just pointed to obvious problem which allows mixer operator do whatever he wants w/o being catched.
And you already agreed that the problem exists, good that they have a lot of trust here, but it's still coin laundering anonymous service running by anonymous person, don't be naive, any personal problems (family problems or so) can force him to scam some deposit and you'll not able to prove it, anything can happen and customer should be protected from it, or, at least, prove that they were scammed, with current service site they can't do it.

[malevolent]

One time 5k btc or step by step? I bet you'll know answer after think a bit about this question   You know nothing about person running mixer, so good, that you personally don't have a scam cap, but we talking about chipmixer.
I got an answer, so we can't prove and should just rely on some anonymous person running mixer who can simply not answer for few days if something went wrong with service. If they have enough money, why support is so poor? Hard to hire few ppl? Lol.
I don't have any 'magical' suggestion, project is not opensource or so, it's business and problem should be solved by creators of service, not by me or community, i'm not getting money from it or any profit. I just pointed to obvious problem which allows mixer operator do whatever he wants w/o being catched.
And you already agreed that the problem exists, good that they have a lot of trust here, but it's still coin laundering anonymous service running by anonymous person, don't be naive, any personal problems (family problems or so) can force him to scam some deposit and you'll not able to prove it, anything can happen and customer should be protected from it, or, at least, prove that they were scammed, with current service site they can't do it.

Inflows and outflows of bitcoins, estimate from a blockchain analysis company called Clain:



If their estimate is correct, at a given moment Chipmixer often holds hundreds of bitcoins on behalf of its users.

They can also afford to spend about $60k worth of BTC per month on their signature campaign, not hiring more customer support would be more an indication of them having trouble finding a person they could trust, than lacking money.

Any family problems to be solved with money also shouldn't be an issue, they must be making a lot of money from voluntary fees alone with their volume.

[CloudflareBot]

One time 5k btc or step by step? I bet you'll know answer after think a bit about this question   You know nothing about person running mixer, so good, that you personally don't have a scam cap, but we talking about chipmixer.
I got an answer, so we can't prove and should just rely on some anonymous person running mixer who can simply not answer for few days if something went wrong with service. If they have enough money, why support is so poor? Hard to hire few ppl? Lol.
I don't have any 'magical' suggestion, project is not opensource or so, it's business and problem should be solved by creators of service, not by me or community, i'm not getting money from it or any profit. I just pointed to obvious problem which allows mixer operator do whatever he wants w/o being catched.
And you already agreed that the problem exists, good that they have a lot of trust here, but it's still coin laundering anonymous service running by anonymous person, don't be naive, any personal problems (family problems or so) can force him to scam some deposit and you'll not able to prove it, anything can happen and customer should be protected from it, or, at least, prove that they were scammed, with current service site they can't do it.

Inflows and outflows of bitcoins, estimate from a blockchain analysis company called Clain:

https://blog.clain.io/content/images/2019/08/image2-1.png

If their estimate is correct, at a given moment Chipmixer often holds hundreds of bitcoins on behalf of its users.

They can also afford to spend about $60k worth of BTC per month on their signature campaign, not hiring more customer support would be more an indication of them having trouble finding a person they could trust, than lacking money.

Any family problems to be solved with money also shouldn't be an issue, they must be making a lot of money from voluntary fees alone with their volume.

I see that it was done step by step according to chart as i said, thanks for proof.
Yeah, family problems will be solved with customers money, when someone with gun or so come to service operator and shoot in a leg of his child/wife/etc (for example ) you'll see how it'll be solved. And you'll not able to prove that you got scammed, but i think you're not using this service for large amounts so you just creating positive background here as other signature participants do. This service based on fake trust on this forum created by signature campaign, i see answers here only from paid guys. I got enough information, thanks.
Good luck with that service, if you wanna see your deposit wallet changed someday. I'm out from this thread.

[kaptenson]

Since months i use this service and everything was fine ... BUT

today i think i became victim of the known bug where the transaction is confirmed and there are no chips
already sent an email to the support of chipmixer ..


i dont get it why they need 4 days+ to answer an email (as i read here in the thread) ..



edit: chips got credited, watch my new post

[jackg]

i dont get it why they need 4 days+ to answer an email (as i read here in the thread) .. [/b]

They have a small team to improve your privacy and their security. It may only be one or a few people that know each other well. If you outsource to someone they might steal your coins or compromise your clients' privacy. Also, the longer you wait the more private it becomes and its normally suggested to wait anywhere from 48 hours to a month to send a transaction so it can't be traced back to its original source (or it is at least much more difficult)...

[james3441]

Since months i use this service and everything was fine ... BUT

today i think i became victim of the known bug where the transaction is confirmed and there are no chips
already sent an email to the support of chipmixer ..

waiting for answer ...


i dont get it why they need 4 days+ to answer an email (as i read here in the thread) ..

Use other mixer, i dont know how you can have situation like this twice within 6 days. What is this? hot wallet not being refilled? Applications stopping to work?
Mixer is unreachable also due to DDOS for past few days (502), so i guess author does not care.. and he made enough money from it already, should be warning sign for this mixer already.

[TryNinja]

Use other mixer, i dont know how you can have situation like this twice within 6 days. What is this? hot wallet not being refilled? Applications stopping to work?

Probably is related to the DDoS? Servers don't run properly when they keep getting flooded by fake traffic.

Mixer is unreachable also due to DDOS for past few days (502), so i guess author does not care..

Doesn't care about what? There is literally nothing he can do to mitigate these DDoS attacks. And it's way better to keep getting DDoS'ed them to implement a MITM protection that will track you and give your data to the gov.

and he made enough money from it already, should be warning sign for this mixer already.

And can keep getting more. As explained by malevolent above, he spends $60k worth of BTC per month in their signature, got hold of hundreds of BTC at once multiple times and can still keep running after 2 years. He is probably making some cash, right? So why stop when you have the reputation and a pretty good margin of profit?

[kaptenson]

Since months i use this service and everything was fine ... BUT

today i think i became victim of the known bug where the transaction is confirmed and there are no chips
already sent an email to the support of chipmixer ..

waiting for answer ...


i dont get it why they need 4 days+ to answer an email (as i read here in the thread) ..

Use other mixer, i dont know how you can have situation like this twice within 6 days. What is this? hot wallet not being refilled? Applications stopping to work?
Mixer is unreachable also due to DDOS for past few days (502), so i guess author does not care.. and he made enough money from it already, should be warning sign for this mixer already.

I got an email and my chips credited after 7 hours after i reported the problem - thank you @chipmxier!

[james3441]

Use other mixer, i dont know how you can have situation like this twice within 6 days. What is this? hot wallet not being refilled? Applications stopping to work?

Probably is related to the DDoS? Servers don't run properly when they keep getting flooded by fake traffic.

You got to be kidding me... you can have processing done on other server than the one where website is hosted on.
If DDOS is disabling deposit processing logic on software level (not processing incoming deposits), it only proves amateur-job of the one who designed the system. No offense.

1. Move deposit processing to different server with IP unknown to attackers and one problem is solved.

2. DDOS can be mitigated by:
- moving it to proper hosting provider with DDOS protection
- move entire web traffic behind cloud firewall (this would cause privacy issues, so rather not).

Cost 1-3k monthly and you can mitigate most of these, but of course not all.
Eg. OVH deals very well with DDOS attempts and you do not pay anything and preserves privacy of customers.

Btw. 502 errors indicates rather resource exhaustion and weak server configuration with lack of enough workers to process incoming requests. This is little different than typical DDOS where server is totally unreachable.

[AdolfinWolf]

2. DDOS can be mitigated by:
- moving it to proper hosting provider with DDOS protection
- move entire web traffic behind cloud firewall (this would cause privacy issues, so rather not).

Both of them would cause severe privacy issues.

Unless you can 110% trust the cloud hoster (which really is impossible unless you run the entire hosting service as well), they shouldn't be used as they would be able to log virtually everything.

Eg. OVH deals very well with DDOS attempts and you do not pay anything and preserves privacy of customers.

OVH doesn't even allow tor software to be ran on it's hardware, and you're claiming they don't log anything, or won't do so if they're asked by a LE?........
Are you sure you know what you're talking about at all?

[james3441]

2. DDOS can be mitigated by:
- moving it to proper hosting provider with DDOS protection
- move entire web traffic behind cloud firewall (this would cause privacy issues, so rather not).

Both of them would cause severe privacy issues.

Unless you can 110% trust the cloud hoster (which really is impossible unless you run the entire hosting service as well), they shouldn't be used as they would be able to log virtually everything.

Eg. OVH deals very well with DDOS attempts and you do not pay anything and preserves privacy of customers.

OVH doesn't even allow tor software to be ran on it's hardware, and you're claiming they don't log anything, or won't do so if they're asked by a LE?........
Are you sure you know what you're talking about at all?

I think you  did 0 research before writing your post.

1. Where do i claim that OVH  dont log anything? I said that they preserve customers privacy (dont give data easily), but they're not BF provider.
2. Chipmixer is currently hosted on vultr. Which is not any kind of bulletproof provider either, but they dont have sufficient ddos protection. Therefore moving to another one would not be any kind of issue.
3. It doesn't matter what OVH allows or doesn't. Chipmixer is already hosted on similar type of hosting of American company and seems that they do not care.
4. Running TOR Exit node results with high number of abuse complains and IP blacklist, therefore it's normal that they prohibit that - totally faulty comparison to hosting mixing service.

If you host on non-BF providers, at least move to the one which has sufficent DDOS protection.

Are you sure you know what you're talking about at all?

I see that you completely aren't, since you're not even aware where chipmixer is currently hosted, and yes it's currently in Vultr cloud.

[RHavar]

@ChipMixer have you looked into trying to provide guarantees you're not logging?


I am probably not the target audience, but I am deeply skeptical of mixers.  It would seem to me to be negligent of intelligence-agencies to not be running their own mixing services. And as none of the mixers provide any guarantees of not-logging, it seems kind of impossible for a user to know which are honeypots and which aren't.

One feasible way (AFAICT) of proving you aren't logging would be making-public the program that runs on the server. That program would not log (which people can check by looking at the source code) and it would generate a "communication key". Which would be an asymmetric encryption key that can be used to securely talk to the program. Then on your website you make a little light js client which serializes/deserializes encrypted messages from server-side program.

So now the only thing you need to do, is prove the "communication key" was generated by the program. If we know the communication key was generated by the program, then we know anything encrypted to that key can only be read by the program, and we know that program does not log. Now the cool thing is we can use Intel's SGX and remote attestation to actually prove this key was generated by this particular program.

I think put together would give users pretty strong assurances that your service is doing what it claims.


Anyway, food for thought.

[LoyceV]

So now the only thing you need to do, is prove the "communication key" was generated by the program.

This goes far above my technical knowledge, but I'm very interested to see how this would actually work. Would this still work if the owner of the website can create an exact clone of the RAM and read everything (including encryption keys) in there?

[DireWolfM14]

It would seem to me to be negligent of intelligence-agencies to not be running their own mixing services.

I agree, but that discussion should be held in a topic of it's own.

One feasible way (AFAICT) of proving you aren't logging would be making-public the program that runs on the server. That program would not log (which people can check by looking at the source code) and it would generate a "communication key". Which would be an asymmetric encryption key that can be used to securely talk to the program. Then on your website you make a little light js client which serializes/deserializes encrypted messages from server-side program.

So now the only thing you need to do, is prove the "communication key" was generated by the program. If we know the communication key was generated by the program, then we know anything encrypted to that key can only be read by the program, and we know that program does not log. Now the cool thing is we can use Intel's SGX and remote attestation to actually prove this key was generated by this particular program.

I don't know that this would prove anything.  Regardless of the encryption method you suggest, we must still trust that ChipMixer's code running on their server is the same code made available for public audit.  Without being granted access rights to their server (which I can't imagine happening) we're left taking their word for it.  Like we're taking them at their word that they are not logging.

[jackg]

I don't know that this would prove anything.  Regardless of the encryption method you suggest, we must still trust that ChipMixer's code running on their server is the same code made available for public audit.  Without being granted access rights to their server (which I can't imagine happening) we're left taking their word for it.  Like we're taking them at their word that they are not logging.

Yeah as I interpret it, this would be more of a release of the frontend (mostly) and might not go very far towards proving openness as you'd still have to trust ChipMixer's daemon thats running on the same and the different server.

A mixer shouldn't be the only place you go to mix your coins in order to make it more private, sending funds to certain exchanges, mining rentals and gambling sites are often good additions after and between mixing. There are probanly better ideas others have come up with that I've missed, large companies holding bitcoin on a large scale aren't going to care too much if a few bitcoin go in and out every so often - some exchanges are better than others will be so remember to research if you want a good strategy.


On the Ddos issue if ChipMixer were to put into development a system where you download something and get a public private key pair you can then use to connect to the site over cloudflaee so it's still encrypted however there are a few main issues with this: most people mixing don't want people to know who they're connected to and that they're using a mixer, why should you download something from an anonymous source (even if you trust them it's still a bit risky) most devs in bitcoin for example have compromised their identity this can't be done here... If a decentralised anti ddos system gets put into place then these problems can be vastly mitigated but even bitcointalk goes down when it's heavily ddosed and behind a cloudflare package so it might not actually do much...