Bitcoin Forum
October 28, 2020, 11:08:11 PM *
News: Latest Bitcoin Core release: 0.20.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 ... 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 [100] 101 102 103 104 »
  Print  
Author Topic: [ANN] ChipMixer.com - Bitcoin mixer / Bitcoin tumbler - mixing reinvented  (Read 71512 times)
jackg
Copper Member
Legendary
*
Online Online

Activity: 1904
Merit: 1892


https://bit.ly/387FXHi ← lightning theory


View Profile
July 29, 2020, 01:25:53 AM
 #1981

Quote
When you destroy session data at step 4 - server-side data is destroyed but browser-data (cookies) persist. We can change this to work as expected.

So there is no possibility to make an (rpc) call or sth like that  to destroy the specified client-side cookie also ?

or does this undermine privacy ? if so may it makes sense to put an hint to the side on step 4.

best regards 



From my work with java script uou can write to cookies from the console using cookie.write afaik, there's also a delete function but I can't remember if it's delete, remove or clear...

Edit: oooo 100 pages

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1603926491
Hero Member
*
Offline Offline

Posts: 1603926491

View Profile Personal Message (Offline)

Ignore
1603926491
Reply with quote  #2

1603926491
Report to moderator
LoyceV
Legendary
*
Offline Offline

Activity: 2016
Merit: 7086


Thick-Skinned Gang Leader


View Profile WWW
July 29, 2020, 06:07:56 AM
 #1982

When you destroy session data at step 4 - server-side data is destroyed but browser-data (cookies) persist. We can change this to work as expected.
If I Destroy my session, then restore that session in another browser, I get the same deposit address. Is that the intended behaviour?

moejoejay
Jr. Member
*
Offline Offline

Activity: 111
Merit: 5


View Profile
July 29, 2020, 10:39:42 AM
Last edit: July 29, 2020, 10:51:38 AM by moejoejay
 #1983

@loyceV:

if u use Tor with a new session or an browser with an new incognito window and close this than open a new one,

the session is different, but with an normal browser window it is not enough to close the entire one.  

@jackg:

i think the tor browser blocks all java ( thats also the reason for that the faq site doesn't working properly anymore)

may just a design for the faq site without folded out parts is an better privacy oriented option.  


@konstanly:

to estimate a good fee i use: https://bitcoinfees.earn.com/  
and the more simple variant: https://www.buybitcoinworldwide.com/fee-calculator/

best regards
moejoejay
Jr. Member
*
Offline Offline

Activity: 111
Merit: 5


View Profile
July 29, 2020, 11:29:33 AM
 #1984

i've got one more question about sweeping or not

1. when i export the private keys in my wallet and pay with these ones for example over an bitcoin merchant like bitpay.
are these funds still accesible for chipmixer ? or will the private key swapped ( exchanged ) with the transaction to bitpay.

best regards 
 
LoyceV
Legendary
*
Offline Offline

Activity: 2016
Merit: 7086


Thick-Skinned Gang Leader


View Profile WWW
July 29, 2020, 11:58:08 AM
 #1985

if u use Tor with a new session or an browser with an new incognito window and close this than open a new one,
I restored my "session token" in a different browser. I expected the server not to know the token anymore after I Destroyed the session.

1. when i export the private keys in my wallet and pay with these ones for example over an bitcoin merchant like bitpay.
are these funds still accesible for chipmixer ?
See:
Quote from: FAQ
Do you know withdrawn private key?

Sadly, yes, we have created them and as long as two people knows private key, either of them can move funds. When you withdraw a chip, you receive a copy of private key encrypted on the mixer's server. You are free to sweep it yourself, ask us to send it to your address or keep it on chip for a while. Only the last option keeps your funds vunerable to our dishonesty, but it also extends your privacy. If you sweep funds from chip in first 12h after your input, you receive same privacy as you would get from standard mixer. If you trust us (as you already did when you sent coins into mixer) and spend chip when you need it, then you achive maximum privacy you can get.

or will the private key swapped ( exchanged ) with the transaction to bitpay.
I'm not sure what you're asking here: if you make a transaction to Bitpay, you're paying to their address, not sending them your private key.

moejoejay
Jr. Member
*
Offline Offline

Activity: 111
Merit: 5


View Profile
July 29, 2020, 02:39:16 PM
Last edit: July 29, 2020, 03:13:31 PM by moejoejay
 #1986

@loyceV:

Quote
I restored my "session token" in a different browser. I expected the server not to know the token anymore after I Destroyed the session.
What u mean with different browser ?  i dont think that the cookie is an cross-browser one

i've test this with opera and chrome and there was no crossing at all

U can avoid this  if u using tor browser reopen it or delete all cookies on the certain browser

Quote
I'm not sure what you're asking here: if you make a transaction to Bitpay, you're paying to their address, not sending them your private key.

so therotically, the funds from the key which iv'e exported in my wallet and then sent to bitpay are still vulnerable, cause if an third party ( like chipmixer ) still knows  these keys ?


best regards
AdolfinWolf
Legendary
*
Offline Offline

Activity: 1540
Merit: 1295


people run from rain but sit in bathtubs of water


View Profile
July 29, 2020, 04:07:47 PM
 #1987

so therotically, the funds from the key which iv'e exported in my wallet and then sent to bitpay are still vulnerable, cause if an third party ( like chipmixer ) still knows  these keys ?
No, because once they are confirmed, they belong to an adress of which the private key belongs to bitpay, not you nor Chipmixer.

If you're talking about the remainder (the "change"), depending on your wallet software it could be that it's sent to a change address belonging to your original keypool, or it might've not used any change addresses and instead has sent the coins back to the same address, for which the private key is known by chipmixer.

As general advice: If you're not planning on immediately spending the keys you received from chipmixer, it's usually a smart idea to send them over to a private key you generated yourself.

moejoejay
Jr. Member
*
Offline Offline

Activity: 111
Merit: 5


View Profile
July 29, 2020, 07:39:14 PM
 #1988

Quote
No, because once they are confirmed, they belong to an adress of which the private key belongs to bitpay, not you nor Chipmixer.

so the key is the same but the owner changes ?

Quote
send them over to a private key you generated yourself.

this is the sweeping feature or?


best regards

AdolfinWolf
Legendary
*
Offline Offline

Activity: 1540
Merit: 1295


people run from rain but sit in bathtubs of water


View Profile
July 29, 2020, 07:56:22 PM
 #1989

Quote
No, because once they are confirmed, they belong to an adress of which the private key belongs to bitpay, not you nor Chipmixer.

so the key is the same but the owner changes ?

If you're talking about the private keys you receive from Chipmixer, yes that is the case.

If you're talking about normal bitcoin transactions; no. a different private key will hold the outputs (as otherwise it wouldn't be trustless..)

Quote
Quote
send them over to a private key you generated yourself.

this is the sweeping feature or?

best regards
I think this is what most people understand under "sweeping", correct (?).

HCP
Legendary
*
Offline Offline

Activity: 1498
Merit: 2996

<insert witty quote here>


View Profile
July 29, 2020, 10:16:01 PM
Merited by ChipMixer (2)
 #1990

Quote
No, because once they are confirmed, they belong to an adress of which the private key belongs to bitpay, not you nor Chipmixer.
so the key is the same but the owner changes ?
No.

As explained, if you send the bitcoins to Bitpay, once the transaction is confirmed, they will be assigned to the Bitpay Address (which will have a completely different private key to the one you received from ChipMixer.

If there is any change from that transaction... ie. you withdrew a 0.1 BTC "chip" and only sent 0.08 BTC to Bitpay... then what happens with the 0.02 BTC change depends on what wallet you used to setup the transaction and/or how that wallet is setup to handle change.

If the wallet creates a "new" change address, then the coins are now assigned to a new address (with a new private that neither Bitpay nor ChipMixer have any control over... only your wallet will have the private key. Transaction will look something like this:

Code:
0.1 BTC 1ChipMixerAddress -|-> 0.08 1BitPayAddress
                           |-> 0.02 1YourNewAddress <-- Only you have access to this


If the wallet does not create a change address, but sends the coins back to the original address created by ChipMixer, then you and ChipMixer still have access to the coins. Transaction will look like this:

Code:
0.1 BTC 1ChipMixerAddress -|-> 0.08 1BitPayAddress
                           |-> 0.02 1ChipMixerAddress <-- Both you AND ChipMixer have the private key for this

ChipMixer
Sr. Member
****
Offline Offline

Activity: 375
Merit: 391


ChipMixer.com | ChipMixerwzxtzbw.onion


View Profile WWW
July 29, 2020, 11:56:50 PM
 #1991

So there is no possibility to make an (rpc) call or sth like that  to destroy the specified client-side cookie also ?

or does this undermine privacy ? if so may it makes sense to put an hint to the side on step 4.
Client-side cookie can be destroyed by server with http header and it will be changed to do so. It does not require Javascript or user action. It will increase privacy.

If I Destroy my session, then restore that session in another browser, I get the same deposit address. Is that the intended behaviour?
If you destroy the session (at step 4 you confirm you want to destroy it) - it is impossible to get same deposit address when you restore session with session token. You will get new session with same token but different deposit address and no history. If that is not true - please send us more info by email.


jackg
Copper Member
Legendary
*
Online Online

Activity: 1904
Merit: 1892


https://bit.ly/387FXHi ← lightning theory


View Profile
July 30, 2020, 01:26:49 AM
 #1992


@jackg:

i think the tor browser blocks all java ( thats also the reason for that the faq site doesn't working properly anymore)

may just a design for the faq site without folded out parts is an better privacy oriented option.  

No I was talking about the console you get by hitting f12 in most browsers, isn't that still available in tor.

I'm not sure on running a js app from a your own machine either in tor - I thought that was allowed as there are no outward connections.

LoyceV
Legendary
*
Offline Offline

Activity: 2016
Merit: 7086


Thick-Skinned Gang Leader


View Profile WWW
July 30, 2020, 07:06:18 AM
 #1993

If I Destroy my session, then restore that session in another browser, I get the same deposit address. Is that the intended behaviour?
If you destroy the session (at step 4 you confirm you want to destroy it) - it is impossible to get same deposit address when you restore session with session token. You will get new session with same token but different deposit address and no history. If that is not true - please send us more info by email.
I can't reproduce it anymore, so all good.

moejoejay
Jr. Member
*
Offline Offline

Activity: 111
Merit: 5


View Profile
July 30, 2020, 09:10:24 AM
 #1994

@chipmixer:

Quote
You will get new session with same token

Whats the reason to hold the same token after destroy the session.

Quote
It does not require Javascript or user action

Ok but if i try to read the faq over tor it doesn't work cause the side elements for expand the Answers seems to embedded with java code.

best regards   


 
moejoejay
Jr. Member
*
Offline Offline

Activity: 111
Merit: 5


View Profile
July 30, 2020, 10:20:41 AM
 #1995


@jackg:

Quote
No I was talking about the console you get by hitting f12 in most browsers, isn't that still available in tor.

i think thats not really practicable for an normal user to hit f12 to solve an problem.

@jackg:
@hcp:

Not its getting complicated , at least for me and my limited knowledge about how the bitcoin network is working under the surface.

neverthless i'm trying to understand and thanks for guidance.

how could i figure this out, if i get a "new" change address or an old one ? ( i use electrum )

what if i'm not sweeping my imported keys but just sending to my general wallet ? does it hold my privacy level in any way instead sweeping ?

best regards

jackg
Copper Member
Legendary
*
Online Online

Activity: 1904
Merit: 1892


https://bit.ly/387FXHi ← lightning theory


View Profile
July 30, 2020, 03:18:28 PM
 #1996


@jackg:

Quote
No I was talking about the console you get by hitting f12 in most browsers, isn't that still available in tor.

i think thats not really practicable for an normal user to hit f12 to solve an problem.

@jackg:
@hcp:

Not its getting complicated , at least for me and my limited knowledge about how the bitcoin network is working under the surface.

neverthless i'm trying to understand and thanks for guidance.

how could i figure this out, if i get a "new" change address or an old one ? ( i use electrum )

what if i'm not sweeping my imported keys but just sending to my general wallet ? does it hold my privacy level in any way instead sweeping ?

best regards



Yeah it's not within the scope for a normal user, might have been better to say site settings are normally findable from where you can hit the padlock and hit settings or options to delete data.

If you sweep using electrum with the addresses individually then you'll be sending funds individually. If you just import the private keys to a new wallet, you'll have to get a receive address and click each you're trying to spend in turn, right click and press spend from for each... A new return address should be generated each time you send a new transaction but memorising the last 3 characters for example or even the last one shouldn't hurt too much.

HCP
Legendary
*
Offline Offline

Activity: 1498
Merit: 2996

<insert witty quote here>


View Profile
July 30, 2020, 10:33:51 PM
 #1997

how could i figure this out, if i get a "new" change address or an old one ? ( i use electrum )
You can view the transaction created in Electrum... "receive" addresses within your wallet will be highlighted green... "change" addresses will be highlighted in yellow. If you see an "output" that is green, it is most likely being recycled back into the original receive address.

This generally happens if you create a wallet in Electrum that only has imported private keys (in the title bar at the top, it should say [imported]), because Electrum cannot generate new private keys/addresses automatically for this type of wallet... it will only ever have the private keys that you have manually imported.

If you have a "standard" wallet... Electrum will generally automatically generate new change addresses as required. However, this wallet type will not let you import private keys, you can only "sweep" them.


Quote
what if i'm not sweeping my imported keys but just sending to my general wallet ? does it hold my privacy level in any way instead sweeping ?
You don't sweep imported keys... you either sweep the keys, which sends funds from those address(es) to a new address(es)... or you import the keys and the funds stay on the original key(s)/address(es) until spent...

So, which one are you doing? Huh

ranchoodas
Newbie
*
Offline Offline

Activity: 3
Merit: 0


View Profile
July 31, 2020, 01:44:41 AM
 #1998

Attention:

At least one Tor exit node serves chipmixer.com as plain-text stripping SSL encryption and replacing deposit address with their own.

If you use Tor - please use Tor link: http://chipmixerwzxtzbw.onion/




I need help regarding with my session. I was using TOR then connected to chipmixer.com I saved my session token after that I closed the TOR browser and open it again , I pasted my session token and the btc address already changed. I need help recovering my old btc address as my funds are sent to that address. I've been using chipmixer for like 2 years already and it's my first time encountering this problem.
moejoejay
Jr. Member
*
Offline Offline

Activity: 111
Merit: 5


View Profile
July 31, 2020, 11:14:10 AM
Last edit: July 31, 2020, 11:24:13 AM by moejoejay
 #1999

Quote
So, which one are you doing? Huh

U right ive point this out in an wrong way i dont mean the keys import or sweeping i mean after the import of the keys.

for ex.  when i need it on an other wallet to gather funds,  then should i  sweep or to just send the keys to the other wallet  

just the option which gains more privacy preferentially in relation to funded coins which comes from chipmixer.

best regards

LoyceV
Legendary
*
Offline Offline

Activity: 2016
Merit: 7086


Thick-Skinned Gang Leader


View Profile WWW
July 31, 2020, 11:35:07 AM
 #2000

I need help regarding with my session.
It's best to email chipmixer@protonmail.com (it's a good precaution never to trust third parties (such as me), always verify the email address on the actual website).

for ex.  when i need it on an other wallet to gather funds,  then should i  sweep or to just send the keys to the other wallet 

just the option which gains more privacy preferentially in relation to funded coins which comes from chipmixer.
Each new wallet means an additional risk of compromising private keys. I would only import private keys when I'm ready to use them.

Pages: « 1 ... 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 [100] 101 102 103 104 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!