[ANN] ChipMixer.com - Bitcoin mixer / Bitcoin tumbler - mixing reinvented

[ChipMixer]

So like even if you're typing chipmixer.com in TOR it's still considered unsecure?

Yes because they're using let's encrypt to generate the certificate so they don't have to kyc with anyone.

It is not because we are using lets encrypt - any ssl certificate would work the same way in this case.

So like even if you're typing chipmixer.com in TOR it's still considered unsecure?

If you use Tor to contact non-Tor website (anything other than .onion services) - one of 1200 Tor Exit nodes will tell you what ChipMixer.com service said.
If Tor Exit node is honest - it will tell "ChipMixer use encryption and this is data they encrypted for you" - your browser will display green lock icon.
If Tor Exit node is dishonest - it will tell "ChipMixer does not use encryption and this is plain-text data with fake deposit address" - your browser will not display green lock icon.

If you use Tor to contact Tor .onion website - connection is always encrypted and nobody can alter deposit address.

[1714803048]

1714803048

[TheBeardedBaby]

The vertical mobile view has some issues showing the captcha and the text needs some re-arrangement.

It's not really an issue since everything is working in horizontal mode but it's a bit annoying. It's the same with Tor browser as well but i can't take a screen shot now

Maybe just add a note that the website is optimized for Landscape viewing

[Bill Gates]

So like even if you're typing chipmixer.com in TOR it's still considered unsecure?

If you use Tor to contact non-Tor website (anything other than .onion services) - one of 1200 Tor Exit nodes will tell you what ChipMixer.com service said.
If Tor Exit node is honest - it will tell "ChipMixer use encryption and this is data they encrypted for you" - your browser will display green lock icon.
If Tor Exit node is dishonest - it will tell "ChipMixer does not use encryption and this is plain-text data with fake deposit address" - your browser will not display green lock icon.

If you use Tor to contact Tor .onion website - connection is always encrypted and nobody can alter deposit address.

You could easily avoid this problem by providing a letter of guarantee. A rogue tor node won't be able to sign a message with an address, that is under your control.

Moreover, I believe, the use .onion address by mixing services is a farce, as long as they exist on clearnet. Users can access the clearnet domain from Tor browser. .onion primarily serves two purpose...

1. It mitigates MITM attack - If you provide letter of guarantee, MITM is not possible anymore. Because, except for the original server, no one else do have the ability to sign a message with an address, that is publicly declared on clearnet to be owned by the mixing service.

2. It hides the original server - If you already have a version running on clearnet, your server is just a few clicks away from 3 letter agencies. You can keep your data encrypted though. But having an .onion address does not give users any extra benefit.

[jackg]

Maybe just add a note that the website is optimized for Landscape viewing

Yeah it's been like that for a while, I just request desktop connection and then it works - didn't think to rotate it...

[LoyceV]

You could easily avoid this problem by providing a letter of guarantee. A rogue tor node won't be able to sign a message with an address, that is under your control.

This doesn't solve anything: if the rogue Tor node change a deposit address, they can also sign a Letter of Guarantee from any address under their control, and display said address as the "official" one.
Just use .onion if you use Tor.

[HeRetiK]

You could easily avoid this problem by providing a letter of guarantee. A rogue tor node won't be able to sign a message with an address, that is under your control.

This doesn't solve anything: if the rogue Tor node change a deposit address, they can also sign a Letter of Guarantee from any address under their control, and display said address as the "official" one.
Just use .onion if you use Tor.

Besides, from a technical perspective, the lock icon displaying whether the connection is encrypted is pretty much like the suggested "letter of guarantee", except more reliable and less complicated.

[Bill Gates]

You could easily avoid this problem by providing a letter of guarantee. A rogue tor node won't be able to sign a message with an address, that is under your control.

This doesn't solve anything: if the rogue Tor node change a deposit address, they can also sign a Letter of Guarantee from any address under their control, and display said address as the "official" one.
Just use .onion if you use Tor.

No. You did not understand what I said. Here is an ELI5...

Say, I am running a mixer. I have a clearnet version as well as a .onion one. I show this address on my homepage & bitcointalk thread and declare that I'll sign a message through it as letter of guarantee - 1HRnZx1ukJ338WfcqK6T59ZEWTuzehUcu1. The letter of guarantee will contain the deposit address signed by the mixer. An user can verify whether the deposit address he/she has received through Tor browser is signed by this address, i.e. 1HRnZx1ukJ338WfcqK6T59ZEWTuzehUcu1, which itself can be cross verified by visiting the home page or bitcointalk thread on clearnet.

Now, you are running a rogue Tor node and want to change the deposit address. Tell me, how can you provide a letter of guarantee containing that changed deposit address signed by the address visible on my homepage & bitcointalk thread through clearnet, i.e. 1HRnZx1ukJ338WfcqK6T59ZEWTuzehUcu1?

[jackg]

You could easily avoid this problem by providing a letter of guarantee. A rogue tor node won't be able to sign a message with an address, that is under your control.

This doesn't solve anything: if the rogue Tor node change a deposit address, they can also sign a Letter of Guarantee from any address under their control, and display said address as the "official" one.
Just use .onion if you use Tor.

No. You did not understand what I said. Here is an ELI5...

Say, I am running a mixer. I have a clearnet version as well as a .onion one. I show this address on my homepage & bitcointalk thread and declare that I'll sign a message through it as letter of guarantee - 1HRnZx1ukJ338WfcqK6T59ZEWTuzehUcu1. The letter of guarantee will contain the deposit address signed by the mixer. An user can verify whether the deposit address he/she has received through Tor browser is signed by this address, i.e. 1HRnZx1ukJ338WfcqK6T59ZEWTuzehUcu1, which itself can be cross verified by visiting the home page or bitcointalk thread on clearnet.

Now, you are running a rogue Tor node and want to change the deposit address. Tell me, how can you provide a letter of guarantee containing that changed deposit address signed by the address visible on my homepage & bitcointalk thread through clearnet, i.e. 1HRnZx1ukJ338WfcqK6T59ZEWTuzehUcu1?

Err you start an instance with ChipMixer and just scrape the information from their site via tor and save the token to receive the funds later?

Captchas are fairly bypassible afaik and you'd already have to put on the effort to search for the key and verify it you're better off getting ChipMixer to list their ssl public key...

(which I can't get access to on mobile).

[notblox1]

Does anyone know is Chipmixer Electrum plugin working ok with recent Electrum updates?
I never tried it so far and I see there are no updates from 2017.
https://github.com/chipmixer/electrum/tree/plugin/plugins/chipmixer

[jackg]

Does anyone know is Chipmixer Electrum plugin working ok with recent Electrum updates?
I never tried it so far and I see there are no updates from 2017.
https://github.com/chipmixer/electrum/tree/plugin/plugins/chipmixer

Afaik I think the plug in work was discontinued when ChipMixer decided to retire it
 Not sure of the reasons I think they just thought it was more work than it was worth to sort out the security parts or the captcha stuff would be difficult to manage. They gave up on it to focus on the ddos attacks I think too.

[smartmixerhelper]

I made a slight mistake, looks like I didn't clear cookies and cache and so without realizing it, I was using an old session and sent to an address I already sent before.

Am I screwed?

I sent the session ID, address, everything via email but haven't heard back yet.

It was a lot and I really need it so hopefully they can see it and just recreate another session for me?

[jackg]

I made a slight mistake, looks like I didn't clear cookies and cache and so without realizing it, I was using an old session and sent to an address I already sent before.

Am I screwed?

I sent the session ID, address, everything via email but haven't heard back yet.

It was a lot and I really need it so hopefully they can see it and just recreate another session for me?

If this info was sent to their proton mail, just wait for their response they should be able to track it. As long as the session hasn't expired.

I'd advise you put in your token and extend it if you're near the 7 day deadline.

[smartmixerhelper]

I made a slight mistake, looks like I didn't clear cookies and cache and so without realizing it, I was using an old session and sent to an address I already sent before.

Am I screwed?

I sent the session ID, address, everything via email but haven't heard back yet.

It was a lot and I really need it so hopefully they can see it and just recreate another session for me?

If this info was sent to their proton mail, just wait for their response they should be able to track it. As long as the session hasn't expired.

I'd advise you put in your token and extend it if you're near the 7 day deadline.

Just to provide an update. I did email and they emailed me back but it looks like it automatically takes into account any double deposits so that's pretty cool.

[URHandsome]

I am looking for a mixer that has good reputation.
ChipMixer seems to have great feedback.
Has anyone used it recently? Safe?

[bL4nkcode]

Why has there telegram bot not been announced yet?Seems to be lower fee and easier to use as well?

@chipmixer_bot

I won't suggest to use this telegram bot, chipmixer never announced or will announce a bot to its mixer, always use its tor link.

[suchmoon]

I won't suggest to use this telegram bot, chipmixer never announced or will announce a bot to its mixer, always use its tor link.

They had something telegram-related back in 2017 but since no telegram bot is mentioned in the OP of this thread or on their website, it should be assumed this is a scam unless proven otherwise.

[ChipMixer]

Why has there telegram bot not been announced yet?Seems to be lower fee and easier to use as well?

SCAM
Lower fee? Lower than "pay what you want"?

We had telegram bot a few years ago. There was no traffic - it was switched off.

[moejoejay]

I am looking for a mixer that has good reputation.
ChipMixer seems to have great feedback.
Has anyone used it recently? Safe?

The Reputation is good either from good guys  or from bad guys ( washing bitcoin from binance attack ).
I used it recently from time to time and it works very well and the suport is really good and helpful.

Even the Developer from the Wasabi Wallet says in their early days of coding the wallet, that Chipmixer has an good approach for an Mixer.  

best regards  

[mole0815]

Does anyone know is Chipmixer Electrum plugin working ok with recent Electrum updates?
I never tried it so far and I see there are no updates from 2017.
https://github.com/chipmixer/electrum/tree/plugin/plugins/chipmixer

This would already be a very helpful extension for daily use. Unfortunately I do not have more information about it.
But I would be happy if we could get it

I am looking for a mixer that has good reputation.
ChipMixer seems to have great feedback.
Has anyone used it recently? Safe?

You have found the right mixer with this. Reliable and safe.
From my side there are no negative experiences to report.

[foolazz22]

I got one question, do I have to use Electrum wallet, or is using Chipmixer possible with all wallets, desktop wallets as well? I mostly use some brand on desktop.