[ANN] ChipMixer.com - Bitcoin mixer / Bitcoin tumbler - mixing reinvented

[RHavar]

Would this still work if the owner of the website can create an exact clone of the RAM and read everything (including encryption keys) in there?

Yeah, that doesn't matter. That's actually the attack vector Intel SGX is designed for. It protects against it by encrypting the entire memory space of the application. There's a bit of a performance hit to this (say 15% slower than a program not running in an enclave) but it's surprisingly reasonable. Although your CPU actually does physically contain that decryption key, which in theory could be extracted with physical access. As I understand it though, it's extremely hard to do so with any attempt to physically extract should destroy the data before you can do so.

Regardless of the encryption method you suggest, we must still trust that ChipMixer's code running on their server is the same code made available for public audit.

No, Intel SGX provides something called "remote attestation" which you can think of Intel signing a message saying "This specific program, generated this specific value when run in a secure enclave". So if that program (which you verify matches, and doesn't log) generated a public key. You know you can now communicate with that program in a way no one else can intercept the messages.


The two immediately obvious pitfalls:

a) Intel could potentially be compelled into signing a false-attestation.
b) There's security vulnerabilities in SGX which nullify their guarantees (which has happened several times before).

Either way though, Intel has probably invested billions (?) into their secure computing so they would be extremely unhappy to see their guarantees fail in the wild.

On the Ddos issue if ChipMixer were to put into development a system where you download something and get a public private key pair you can then use to connect to the site over cloudflaee so it's still encrypted however there are a few main issues with this:

Users wouldn't need to download anything other than the webpage, which contains a few hundred lines of javascript to serialize/deserialize encrypted messages to the known public key. Then you'd verify the public key matches what people have said actually matches the remotely attested to one.

[1714908065]

1714908065

[1714908065]

1714908065

[1714908065]

1714908065

[agreen99]

 Am  I  the only one who noticed that their website is down for 2 days now?

[malevolent]

No, Intel SGX provides something called "remote attestation" which you can think of Intel signing a message saying "This specific program, generated this specific value when run in a secure enclave". So if that program (which you verify matches, and doesn't log) generated a public key. You know you can now communicate with that program in a way no one else can intercept the messages.

The two immediately obvious pitfalls:

a) Intel could potentially be compelled into signing a false-attestation.
b) There's security vulnerabilities in SGX which nullify their guarantees (which has happened several times before).

Either way though, Intel has probably invested billions (?) into their secure computing so they would be extremely unhappy to see their guarantees fail in the wild.

Is it possible to avoid using Intel's Attestation Service? (since that requires registering with Intel and so on as far as I understand how it works.)

Am  I  the only one who noticed that their website is down for 2 days now?

I don't know if it's 2 days already (last time I checked the website was a couple days ago), but at least for the past several hours both their regular and the .onion site have been down for some reason.

If it's actually been down for 2 days, then that doesn't sound good, as ChipMixer hasn't posted any info, nor has he logged into his account in the past 24h.

[RHavar]

Is it possible to avoid using Intel's Attestation Service? (since that requires registering with Intel and so on as far as I understand how it works.)

I think you really need that remote attestation to make it useful. I'm not sure, but I suspect AMD/ARM probably have similar things, but not sure about the process. For Intels you need to register, but I don't think that's an issue (and it's free)

If it's actually been down for 2 days, then that doesn't sound good, as ChipMixer hasn't posted any info, nor has he logged into his account in the past 24h.

Actually seems up for me, just supppppper slow. So probably a big long-lasting DDoS (ugh, fuck the internet )

[btctaipei]

Am  I  the only one who noticed that their website is down for 2 days now?

Site not down but not usable at the moment.  
Here is my unbiased analysis to current chipmixer's situation (time will tell if this is true):

1) Attack against Chipmixer isn't all that volumetrically significant.
2) Chipmixer had been watched and targeted by state level adversaries with assistance by deep state and related big data entities can do mass surveillance on hosting providers /CDN entites with AWS/Google/Cloudflare user data exfiltration to facilitate necessary traffic and data correlation attack.
3) major transit providers to datacenter hosting clear web probably now had span port enabled for quite site time on their switch to log, spoof and identify the .onion site's origin.  This isn't likely to change.
4a) DDoS is necessary to attempt to trick browser to leak information related to chipmixer session key over TLS/SSL (that can be restored / steal privatekey and chips) but since chipmixer uses minimal .js was the likelihood of success in this side-channel SSL content scrubbing trick isn't all that great.
4b) sustained DDoS would be necessary since it would compel site under DDoS (unfortunately for the adversaries Chipmixer isn't clueless) to reconsider use DDoS CDN services like Cloudflare.
4c) Once Cloudflare or similar CDN is used, all chips, sessions, and private keys can be monitored and logged by deep state, since now the privatekey is available for the SSL Cert (on *.cloudflare domains) used to serve up and fetch content proxy to chipmixer web site.  This is done with special SSL pinning appliance with cloudflare's private key tapping (span) Chipmixer scrubbed/clear traffic channel and exfiltrate IP, User Log (session), and even private key and bitcoin address of all transactions or activities involved.
5) Chipmixer Admin realize the above situation and quietly re-architect the server infrastructure to parallel a dozen of .onion mirror site with different Host/transit ISP to survive similar deep state surveillance attack in the future.  How much help Chipmixer from expert in this area forum and resources such as bitcointalk would likely determine how soon site returns to normal service.

[agreen99]

I studies Law and even worked for Law Enforcement. LA will never do something like that. Illegal obtained proofs can not eve be used in court + they can't break the law as they want. we are not even allowed to use hacking software/guess somebody password without a warrant. if we wanted to get somebodies account details we had to obtain a warrant. (for facebook , for google/yahoo it was more 1000 times more complicated, he had to  use an international mechanism - call our ministry to ask a prosecutor from US to call a judge from US to give us an order.).

[DireWolfM14]

Espionage isn't subject to the same restrictions as domestic law enforcement.  A bitcoin obfuscator that's actually a NSA honeypot wouldn't be able to be used as evidence against a domestic tax cheat because of anti-entrapment laws.  But if they're tracking an international drug cartel or a terrorist cell (domestic or not) those anit-entrapment laws are not applicable.  

[malevolent]

I studies Law and even worked for Law Enforcement. LA will never do something like that. Illegal obtained proofs can not eve be used in court + they can't break the law as they want. we are not even allowed to use hacking software/guess somebody password without a warrant. if we wanted to get somebodies account details we had to obtain a warrant. (for facebook , for google/yahoo it was more 1000 times more complicated, he had to  use an international mechanism - call our ministry to ask a prosecutor from US to call a judge from US to give us an order.).

It might be illegal in your country, but legal in another country. Parallel construction may also be used and you won't even know if any laws were broken when gathering the evidence.


BTW, I can load the clearnet website only with a VPN but it loads immediately, the .onion site works without any issues.

[RHavar]

A bitcoin obfuscator that's actually a NSA honeypot wouldn't be able to be used as evidence against a domestic tax cheat because of anti-entrapment laws.

That's absolutely not how entrapment laws works or are intended to work. Firstly (although the specifics vary per country) you almost universally you have to demonstrate you would not normally have done the crime if it wasn't for the persuasion or trickery of the police. No joke, the police have quite literally operated a child-pornography site as a honeypot and without extenuating circumstances entrapment is simply not a defense.

But more importantly, if it was a honeypot it would be used for evidence gathering, rather than charging you with a crime per se.

[malevolent]

The devil is in the details, the differences between different jurisdictions are considerable enough that what in one country will be a legal sting, in another will be an illegal entrapment, or looked at as manufacturing criminals.

[agreen99]

Now everybody who haven't managed to withdraw their coins, will loose them! for ever! as the sessions expires in 7 days.

[LoyceV]

Now everybody who haven't managed to withdraw their coins, will loose them! for ever! as the sessions expires in 7 days.

I'm think this applies again:

Our Tor service is under DOS attack. We are working to resolve this issue.
All existing sessions will be extended for another 7 days.

[btctaipei]

Now everybody who haven't managed to withdraw their coins, will loose them! for ever! as the sessions expires in 7 days.

it does appear that chipmixer.com over clear net having reachability issues.  The .onion over Tor now seems reasonably responsive and after trying multiple mixing sessions no issue were evident.  This to exchange voucher and get a list of private key at all for current or previous BTC deposits over http://chipmixerwzxtzbw.onion

[filipwx]

Now everybody who haven't managed to withdraw their coins, will loose them! for ever! as the sessions expires in 7 days.

it does appear that chipmixer.com over clear net having reachability issues.  The .onion over Tor now seems reasonably responsive and after trying multiple mixing sessions no issue were evident.  This to exchange voucher and get a list of private key at all for current or previous BTC deposits over http://chipmixerwzxtzbw.onion

So did you manage to get your list of keys?

I wonder why there is statement of chipmixer itself.

[btctaipei]

So did you manage to get your list of keys?

I wonder why there is statement of chipmixer itself.

imported it 100% and moved and combined with dozen of utxo bc1 (bech32) addresses trickle thru multiple lightening channel and doing massive coinjoin createrawtransaction on tor only bitcoincore node for even better privacy. Keep chips size between most common 0.008 - 0.064 btc to make things more difficult for chain analysis.

There should be an option to get bech32 privatekeys from chipmixer for privacy and lower fees (some 50%+ fewer satoshi paid when bitcoin network gets congested).  This should not be difficult, just need a bit of update with sufficient regression testing on the back office of chipmixing.

you can defeat chain analysis with very large pool of private key spread out randomly over period of several month (years in my case) and move it with huge coinjoins to obfusticate those transactions.  Affording this, however, to do this it isn't exactly cheap.

[TryNinja]

Now everybody who haven't managed to withdraw their coins, will loose them! for ever! as the sessions expires in 7 days.

Along with what Loyce said above, keep in mind that you can always send them an email asking them to extend your session.

[1Referee]

There should be an option to get bech32 privatekeys from chipmixer for privacy and lower fees (some 50%+ fewer satoshi paid when bitcoin network gets congested).  This should not be difficult, just need a bit of update with sufficient regression testing on the back office of chipmixing.

I don't think it's much of a problem on Chipmixer's end, but more so a problem when it comes to the adoption of bech32 that needs to be more widely deployed.

Bitcoin's lowering fees made people pretty comfortable with how the situation is, hence the majority of the clients don't see much need to add it, though I would have preferred them to be more active and give people that option anyway. The trend within crypto seems to be to only act when its needed, and not make sure you're ready to onboard more use beforehand. 

I personally don't have much of a problem with Chipmixer not offering bech32 support yet. Even the legacy fees aren't usually topping $1 per transaction.

[AdolfinWolf]

There should be an option to get bech32 privatekeys from chipmixer for privacy and lower fees (some 50%+ fewer satoshi paid when bitcoin network gets congested).  This should not be difficult, just need a bit of update with sufficient regression testing on the back office of chipmixing.

I don't think it's much of a problem on Chipmixer's end, but more so a problem when it comes to the adoption of bech32 that needs to be more widely deployed.

Bitcoin's lowering fees made people pretty comfortable with how the situation is, hence the majority of the clients don't see much need to add it, though I would have preferred them to be more active and give people that option anyway. The trend within crypto seems to be to only act when its needed, and not make sure you're ready to onboard more use beforehand.  

I personally don't have much of a problem with Chipmixer not offering bech32 support yet. Even the legacy fees aren't usually topping $1 per transaction.

an upgrade to nested adresses would suffice too. I don't see why not. They're widely, if not everywhere, accepted.

[jackg]

an upgrade to nested adresses would suffice too. I don't see why not. They're widely, if not everywhere, accepted.

Nested segwit would be a good upgrade and the only incompatibility issues will be with people running nodes that don't use multisig (which I think was before 2014).

I don't think it should be switched to bech32 based on how many people claimed to have "accidentally" hit the "bet" button when there used to be gambling on this site...

[btctaipei]

on betting related use case and its privacy implications:
-------------------------------------------------------------
aggregated over large number of session with betting activity creates additional entropy source that are non-deterministic and it creates additional hurdle for chain analysis since 1-1 mapping between user's UTXO to mixer and its output is now being tampered with.  This occurs because coins input vs output could no longer lostless when traverse thru the mixer.


on bech32 chipmixer blockchain size use reduction and its privacy implication:
--------------------------------------------------------------------------------------
For privacy site to scale to 10x of it's current size, the mixing layer could save 100 of MBytes on BTC blockchain over period as a little as a month by the move the mixing operation to off chain transaction with bech32 address over off chain channels such as Lightning Network, CoinSwap, multisignature, etc.  This would have significant privacy implications because it would appear indistinguishable from regular single-signature on-chain transaction.  Chipmixer can also use a mixture of its own payment channel as well as various other established payment channel to spread with random capacity for each over it's prolonged mixing session to mitigate privacy risks related to advanced off chain analysis adversaries.