stormbounty
Jr. Member
Offline
Activity: 58
Merit: 5
GET FEATURED ON YAHOO & BLOOMBERG https://t.ly/C-y
|
|
June 28, 2023, 12:03:50 AM Last edit: June 28, 2023, 09:09:50 PM by Mr. Big |
|
oh come on, i'm still on the page, no other mixer does this, none, if i left the page and returned it would have been different, i watched the deposit come in, yet i cant withdraw. To be this strict, there should be checks before the next page to be sure you copied the right thing, bitcoin phrases/mnemonic style, unless like i said, this is a secret revenue source, its only $200 but its all i have. and there were server issues on their end. its mostly my fault but not entirely, if the clearnet link suddenly didnt shut down just after i copied the note would have no reason to use the onion link. I should have known the note key will change but im not a dev.
@stormbounty, I'm still a bit confused about your situation.. Did you save anything down from the note you actually deposited to?
I mixed it up , so no . I had 2 tabs open in tor, one clearnet and one onion , copied clearnet, deposited to onion was stupid of me In that case it is an unfortunate situation and I would have to refer you to this previous case which happened a few months ago: https://bitcointalk.org/index.php?topic=5446575.msg62233907#msg62233907 (it's in this thread). The consensus among users here on bitcointalk was that whirlwind should not refund such user errors as it could open a can of worms which ultimately defeats the purpose of the mixer. It's a sucky situation but I'm just not quite sure what could actually be done about this if you don't have anything saved down from this.. 1. He didn't save the Note Private Key 2. He didn't save the Note Public Address 3. He didn't save the Letter of Guarantee 4. He doesen't remember the exact donation % used 5. He can sign a message from the address used to deposit on Whirlwind Some differences 1. i didnt save the note key 2. I'm not sure what the note public address is, but i should have it 3. I saved the letter of Guarantee4. I remember the exact donation percentage5. I cant sign a message from the deposit address cos its a privacy coinjoin wallet that bounces funds to a different wallets before sending out, But maybe the will be a way to do the signing??
@stormbounty, I'm still a bit confused about your situation.. Did you save anything down from the note you actually deposited to?
I mixed it up , so no . I had 2 tabs open in tor, one clearnet and one onion , copied clearnet, deposited to onion was stupid of me In that case it is an unfortunate situation and I would have to refer you to this previous case which happened a few months ago: https://bitcointalk.org/index.php?topic=5446575.msg62233907#msg62233907 (it's in this thread). The consensus among users here on bitcointalk was that whirlwind should not refund such user errors as it could open a can of worms which ultimately defeats the purpose of the mixer. It's a sucky situation but I'm just not quite sure what could actually be done about this if you don't have anything saved down from this.. I have some things saved from the page, my case is different, I sent the accurate letter of guarantee to support days ago
IF support doesn't reply after 5 days, can I now call it a scam? Or is 5 day not enough too??
|
Get Featured on Bloomberg, Yahoo, Business Insider, Reuters and more with STORMBOUNTY PRESS RELEASE Link in Bio
|
|
|
o_e_l_e_o
In memoriam
Legendary
Offline
Activity: 2268
Merit: 18726
|
|
June 28, 2023, 05:40:06 AM |
|
If you have the letter of guarantee from the address you deposited you, then you should have no issues getting your money refunded. This is proof you generated that address, even if you neglected to save the private key. In terms of your scam accusation, as I pointed out to another user above, you just have to check the multi-sig escrow address: https://mempool.space/address/bc1qf8h5k6sash8007vpesymxkw2xsg5d0r3j4l5vmcrwpz2pqu66fjstzgd3rThere have been dozens of withdrawals processed since you first posted here, the most recent one just over an hour ago. Everything is running normally.
|
|
|
|
sam00
Legendary
Offline
Activity: 1092
Merit: 1125
|
|
June 28, 2023, 06:06:17 AM |
|
I understand you wont like your nice Signature campaign to turn out to be a horrible service customer support wise, but 3 days and no sign of customer support isnt a good look for a new service trying to win new customers.
It's none of my business how fast they handle their support cases to be completely honest with you. As I said before, I understand your frustration though. 1. i didnt save the note key 2. I'm not sure what the note public address is, but i should have it 3. I saved the letter of Guarantee 4. I remember the exact donation percentage 5. I cant sign a message from the deposit address cos its a privacy coinjoin wallet that bounces funds to a different wallets before sending out, But maybe the will be a way to do the signing??
As o_e_l_e_o pointed out, by saving the letter of guarantee, it is very likely that they will be able to help you in this case. It's is very beneficial that you saved all of this information and that you reached out to the support and on the forum immediately. I guess this is just an unlucky situation that @whirlwindmoney is absent currently.
|
|
|
|
hugeblack
Legendary
Offline
Activity: 2688
Merit: 3956
|
|
June 28, 2023, 09:04:41 AM |
|
Or is 5 day not enough too??
@Hhampuz It is best to contact @Whirlwind.money and ask them to fix this issue quickly. In addition to that, hiring an active person here to answer frequently asked questions and send problems directly to them if they do not have time to keep this ANN updated. After all, the service is still new and the support team’s delay in responding is not an act of a service that wants to gain trust and needs trust. IF support doesn't reply after 5 days, can I now call it a scam? Or is 5 day not enough too??
You can give them a negative trust and not use them again. They have a promotional campaign that pays more than 4,000 dollars a week. If you do not solve your problem before next Tuesday, you can request that the campaign stop and look into your problem, especially if the amount you deposited is large.
|
|
|
|
Hhampuz
Legendary
Offline
Activity: 3038
Merit: 6181
Meh.
|
|
June 28, 2023, 09:48:06 AM |
|
@Ratimov,
Are you waiting for the deposit page to update itself or are you entering the privkey and "manually" refreshing it to see if the balance has updated?
I've done a few deposits myself and if I see that the tx has 4 confirmations and just manually refresh it the balance is always updated. As for the withdraws, free withdraws with a lower fee can be the result of that and ultimately the network - not necessarily whirlwinds fault.
And finally the clearnet version, it was whirlwinds position from the start that minimal effort would be put towards the clearnet version even though some updates/upgrades were made to it (such as cloudflare). If you always want to be sure that things are as smooth as possible I'd just only visit the onion link.
|
|
|
|
whirlwindmoney (OP)
Copper Member
Member
Offline
Activity: 112
Merit: 338
|
|
June 28, 2023, 11:32:57 AM |
|
IF support doesn't reply after 5 days, can I now call it a scam? Or is 5 day not enough too??
You did not get a reply because we simply ignore support requests where users forget or don't save their private keys, this was the general consensus when we had the same issue a few weeks ago. If somehow the community thinks this situation is different and it warrants a refund, then as always we have no problem doing it as long as it doesn't open the door to other types of abuse later on. Of course, someone can say that you need to be patient, but I used to like this mixer for its efficiency and speed, but now it is turning into something extremely slow and sluggish. I hope all these problems will be solved soon.
Was your issue resolved? If not please DM or send an e-mail to support. We use lots of servers and Tor circuits sometimes break creating delays, if these issues are more common lately we will make some improvements so it doesn't happen anymore, or at least not this often. Also our clearnet version has been DDoSd continuously for more than 10 days now so that's why it throws errors sometimes. I guess this is just an unlucky situation that @whirlwindmoney is absent currently.
We are not absent, our e-mail response time is usually under 6 hours, and at most 24 hours in exceptional cases. We simply thought that this situation was discussed already and clear for everyone and that's why we did not reply to this specific user. So basically the question is, again: should we refund if the user only has the guarantee letter but not the private key, or should we stick to the rule that if you lose the private key you lose access to your funds? What if we refund this user based on the guarantee letter and then we receive another support request from 'someone else' with the same guarantee letter while also having the private key telling us that he doesn't see his balance on Whirlwind anymore and accuses us of scamming? Do we refund that user as well? We understand it may be frustrating when unfortunate things like this happen, but like we said the last time we really need to draw a clear line and agree on some 'procedures', otherwise we'll solve this issue today and have another one pop out immediately.
|
|
|
|
sam00
Legendary
Offline
Activity: 1092
Merit: 1125
|
|
June 28, 2023, 11:49:59 AM |
|
We are not absent, our e-mail response time is usually under 6 hours, and at most 24 hours in exceptional cases. We simply thought that this situation was discussed already and clear for everyone and that's why we did not reply to this specific user.
My bad then, sorry! If that's the case, I misunderstood the situation. You have been very active in this thread early on, responding to most comments rather quickly so you both not responding here and to this guys email made it seem like you were absent. I have to say that I get your point here. You could be refunding this user and tomorrow he could create another account and claim he has the private key to this note and ask for a refund aswell. That's a tricky situation. What could be changed for the future would be that you are able to still see/download the note private key after depositing if you still have the tab open like in this case. So basically the question is: should we refund if the user only has the guarantee letter but not the private key, or should we stick to the rule that if you lose the private key you lose access to your funds?
I would personally believe this user and make the changes mentioned above to prevent something like this from happening again. At that point it would be only the users fault if he doesn't save the private key. I might edit this post later on after some more members stated their opinion or bring up more arguments..
|
|
|
|
whirlwindmoney (OP)
Copper Member
Member
Offline
Activity: 112
Merit: 338
|
|
June 28, 2023, 11:58:07 AM |
|
What could be changed for the future would be that you are able to still see/download the note private key after depositing if you still have the tab open like in this case. So basically the question is: should we refund if the user only has the guarantee letter but not the private key, or should we stick to the rule that if you lose the private key you lose access to your funds?
I would personally believe this user and make the changes mentioned above to prevent something like this from happening again. At that point it would be only the users fault if he doesn't save the private key. Currently the private key is generated by the user in the frontend on the main page. If we were to show it on the next page as well that would imply we generate it ourselves and store it, that's why we didn't do it. So this raises another question for the community: Do you think we should show the private key on the deposit page as well if that implies we also have access to it?
|
|
|
|
Hhampuz
Legendary
Offline
Activity: 3038
Merit: 6181
Meh.
|
|
June 28, 2023, 12:01:38 PM |
|
I would, once again, lean towards the more clear-cut yet harsher side of things. It is stated before you Generate the note and once you've generated it that you need to save the private key or else your funds will be considered lost. Like I've said before it's a tough situation but user error should not compromise the overall security of a service.
|
|
|
|
o_e_l_e_o
In memoriam
Legendary
Offline
Activity: 2268
Merit: 18726
|
|
June 28, 2023, 12:39:36 PM |
|
If somehow the community thinks this situation is different and it warrants a refund, then as always we have no problem doing it as long as it doesn't open the door to other types of abuse later on. I think this scenario is somewhat different if the user can indeed provide the correct letter of guarantee. In the previous scenario, the only thing the user could provide was a signed message from the address he used to deposit. He was unable to provide a private key or a letter of guarantee. This is insufficient for Whirlwind to draw any conclusions, and I was in complete agreement that this could not be the basis for a refund. In this scenario, the user has stated he can provide a letter of guarantee. Assuming this letter of guarantee is indeed the correct one, it will have a deposit address inside it. If the user can also sign a message from the address(es) which sent funds to the address contained within the letter of guarantee, I would say that's pretty compelling evidence that the user is telling the truth and does indeed own those funds. Happy to be corrected if I've misunderstood anything, though. Do you think we should show the private key on the deposit page as well if that implies we also have access to it? Absolutely not.
|
|
|
|
LeGaulois
Copper Member
Legendary
Offline
Activity: 2940
Merit: 4101
Top Crypto Casino
|
|
June 28, 2023, 12:52:01 PM |
|
So this raises another question for the community: Do you think we should show the private key on the deposit page as well if that implies we also have access to it?
It's a bit like saying: Should I let the house door open? (with the risk of being robbed). Because sometimes my children lose their keys. Pity, the children stay outside in the street At least they may learn how it is to be homeless I agree with the neighbours above
|
|
|
|
whirlwindmoney (OP)
Copper Member
Member
Offline
Activity: 112
Merit: 338
|
|
June 28, 2023, 01:16:55 PM |
|
If somehow the community thinks this situation is different and it warrants a refund, then as always we have no problem doing it as long as it doesn't open the door to other types of abuse later on. I think this scenario is somewhat different if the user can indeed provide the correct letter of guarantee. In the previous scenario, the only thing the user could provide was a signed message from the address he used to deposit. He was unable to provide a private key or a letter of guarantee. This is insufficient for Whirlwind to draw any conclusions, and I was in complete agreement that this could not be the basis for a refund. In this scenario, the user has stated he can provide a letter of guarantee. Assuming this letter of guarantee is indeed the correct one, it will have a deposit address inside it. If the user can also sign a message from the address(es) which sent funds to the address contained within the letter of guarantee, I would say that's pretty compelling evidence that the user is telling the truth and does indeed own those funds. Happy to be corrected if I've misunderstood anything, though. Sure, but what if the following happens? What if we refund this user based on the guarantee letter and then we receive another support request from 'someone else' with the same guarantee letter while also having the private key telling us that he doesn't see his balance on Whirlwind anymore and accuses us of scamming? Do we refund that user as well?
We simply ignore the second person? With the introduction of the ZK based Notes we won't have this issue anymore because the user will be the only person to have access to it, same as now, but the difference is that in the ZK Note case there is no way we can ever do something about it because your deposit will be one of *Anonymity Set value* deposits and we would have no way of knowing if you withdrew already or any other detail. If you lose it, it's on you. There's a lot of interesting paths we can take with Whirlwind and we will start to discuss about it here in the following days, that was the reason for our lack of activity on the forum. But e-mail support was always working as usual.
|
|
|
|
JollyGood
Legendary
Offline
Activity: 2716
Merit: 1812
|
|
June 28, 2023, 01:18:02 PM |
|
Currently the private key is generated by the user in the frontend on the main page. If we were to show it on the next page as well that would imply we generate it ourselves and store it, that's why we didn't do it.
So this raises another question for the community: Do you think we should show the private key on the deposit page as well if that implies we also have access to it? Others will no doubt express their opinions but I think if you showed the private key it would imply that a breach of trust has occurred. In my opinion it would be a mistake to do that. I would, once again, lean towards the more clear-cut yet harsher side of things. It is stated before you Generate the note and once you've generated it that you need to save the private key or else your funds will be considered lost. Like I've said before it's a tough situation but user error should not compromise the overall security of a service. I do not why the member in question felt the need to use tor and clearnet together when he simply could have just used tor. Something went wrong and he ended up with a letter of guarantee and nothing else (no private keys). Is it fair to say that the full error lay with him rather than his version of events where is stated as saying some part of the blame lay with Whirlwind because they had hosting issues? For me the way I understand it from previous posts, the clearnet will always be under some form of DDoS and all have been advised on a number of occasions to use tor therefore I fail to see why he is claiming Whirlwind are part responsible for him not saving his private key when he was opening and closing multiple tabs and using multiple browsers. In this scenario, the user has stated he can provide a letter of guarantee. Assuming this letter of guarantee is indeed the correct one, it will have a deposit address inside it. If the user can also sign a message from the address(es) which sent funds to the address contained within the letter of guarantee, I would say that's pretty compelling evidence that the user is telling the truth and does indeed own those funds. You are right about the letter of guarantee, he can provide it but he cannot provide a signed message from the address. He has already stated that will be unable to provide a signed message because he was withdrawing the funds from Whirlwind to send to a coinjoin address (maybe to Coinomize, YoMix, [banned mixer], Mixero, Mixtum or another).
|
|
|
|
sam00
Legendary
Offline
Activity: 1092
Merit: 1125
|
|
June 28, 2023, 02:10:29 PM |
|
oh come on, i'm still on the page, no other mixer does this, none, if i left the page and returned it would have been different, i watched the deposit come in, yet i cant withdraw.
So do you still have the page open currently? Wouldn't that be a sufficient way to prove that @stormbounty is for sure the rightful owner of this note if you say screenshare/livestream to whirlwind support and they can actually confirm?
|
|
|
|
LoyceV
Legendary
Offline
Activity: 3486
Merit: 17618
Thick-Skinned Gang Leader and Golden Feather 2021
|
|
June 28, 2023, 02:24:58 PM |
|
So basically the question is, again: should we refund if the user only has the guarantee letter but not the private key, or should we stick to the rule that if you lose the private key you lose access to your funds? I (still) haven't tested WWM (sorry, I couldn't resist making up this nickname) myself, so forgive me if I ask something dumb, but: what is the point of a Letter of Guarantee if it can't be used as evidence? What if we refund this user based on the guarantee letter and then we receive another support request from 'someone else' with the same guarantee letter while also having the private key telling us that he doesn't see his balance on Whirlwind anymore and accuses us of scamming? Do we refund that user as well? Yep. You can expect a long line of users abusing this. But isn't this "second user" a possibility after the user emptied the private key by himself? So this raises another question for the community: Do you think we should show the private key on the deposit page as well if that implies we also have access to it? That sounds like another can of worms. How about asking the user to enter the last 5 characters to confirm he copied it? What if we refund this user based on the guarantee letter and then we receive another support request from 'someone else' with the same guarantee letter while also having the private key telling us that he doesn't see his balance on Whirlwind anymore and accuses us of scamming? Do we refund that user as well? We simply ignore the second person? One way or another, it will look bad. What if the second person claims you made up the first person?
|
| | Peach BTC bitcoin | │ | Buy and Sell Bitcoin P2P | │ | . .
▄▄███████▄▄ ▄██████████████▄ ▄███████████████████▄ ▄█████████████████████▄ ▄███████████████████████▄ █████████████████████████ █████████████████████████ █████████████████████████ ▀███████████████████████▀ ▀█████████████████████▀ ▀███████████████████▀ ▀███████████████▀ ▀▀███████▀▀
▀▀▀▀███████▀▀▀▀ | | EUROPE | AFRICA LATIN AMERICA | | | ▄▀▀▀ █ █ █ █ █ █ █ █ █ █ █ ▀▄▄▄ |
███████▄█ ███████▀ ██▄▄▄▄▄░▄▄▄▄▄ █████████████▀ ▐███████████▌ ▐███████████▌ █████████████▄ ██████████████ ███▀███▀▀███▀ | . Download on the App Store | ▀▀▀▄ █ █ █ █ █ █ █ █ █ █ █ ▄▄▄▀ | ▄▀▀▀ █ █ █ █ █ █ █ █ █ █ █ ▀▄▄▄ |
▄██▄ ██████▄ █████████▄ ████████████▄ ███████████████ ████████████▀ █████████▀ ██████▀ ▀██▀ | . GET IT ON Google Play | ▀▀▀▄ █ █ █ █ █ █ █ █ █ █ █ ▄▄▄▀ |
|
|
|
JollyGood
Legendary
Offline
Activity: 2716
Merit: 1812
|
|
June 28, 2023, 02:28:04 PM |
|
No it would not be sufficient for anything and to go through all that hassle just because someone using their service has made a series of errors is not productive nor a good signal to send out to others who use the service incorrectly. Having said that, the letter of guarantee is sufficient and the address within it should be the address the rightful owner is capable of signing a message. If the owner cannot sign a message from the address because it was going to a coinjoin address, the owner should not have his mistakes paid for by Whirlwind. What would happen if Whirlwind paid him for his mistake and then a few days later another member presented the same letter of guarantee along with a signed address claiming he is the rightful owner? If the circumstances surrounding stormbounty losing his private key are correct, he will have to both take and accept the loss and then move forward. If he wants to use Whirlwind again he will have to keep in mind how it works otherwise he should use the services of an alternative he finds more convenient. oh come on, i'm still on the page, no other mixer does this, none, if i left the page and returned it would have been different, i watched the deposit come in, yet i cant withdraw.
So do you still have the page open currently? Wouldn't that be a sufficient way to prove that @stormbounty is for sure the rightful owner of this note if you say screenshare/livestream to whirlwind support and they can actually confirm?
|
|
|
|
dkbit98
Legendary
Offline
Activity: 2408
Merit: 7548
|
|
June 28, 2023, 06:48:16 PM |
|
You did not get a reply because we simply ignore support requests where users forget or don't save their private keys, this was the general consensus when we had the same issue a few weeks ago.
My opinion is that you should still reply to received support emails, and write him at least one simple explanation, this can even be general reply email. Keeping quiet and not replying anything is not a good idea, unless you receive obvious spam messages. He has letter of guarantee so he deserves some answer. What if we refund this user based on the guarantee letter and then we receive another support request from 'someone else' with the same guarantee letter while also having the private key telling us that he doesn't see his balance on Whirlwind anymore and accuses us of scamming? Do we refund that user as well?
How can there be two (or more) exact same letters of guarantee? (Not counting that someone hacks in user computer and steals the original document).
|
|
|
|
mikeywith
Legendary
Offline
Activity: 2408
Merit: 6594
be constructive or S.T.F.U
|
|
June 28, 2023, 07:35:00 PM Last edit: June 29, 2023, 07:04:27 PM by mikeywith Merited by LoyceV (4), hosseinimr93 (4) |
|
what is the point of a Letter of Guarantee if it can't be used as evidence?
It is evidence that something has indeed happened, but it's not evidence of who made that action, it's really nothing more than a piece of code that sings a message using the mixer's singing address. It's useful when you don't want to save everything in a database, you can verify the signature to know that address x deposited/withdrew x BTC at x time, and that letter is sent a plain text file, which looks like this: <SIGNED MESSAGE>You used credit from your public Public Address ww6hjCimmJeuSX2noMX3cu4hg7pqApU7cxp on Wed Jun XX 2023 X:X:X GMT+0000 (Coordinated Universal Time). The withdraw address(es) are the following: 1 - xxxxxxxxxxxxxxxx which will receive xxx BTC x hours in the future. ; This message was signed using the letter signing address which can be found on our website or at /verification/letter_signing_address on the system's API.</SIGNED MESSAGE>
<SIGNING ADDRESS>1JmCabMgyVZ8zmgaV5JGH7BXe48buVaUUd</SIGNING ADDRESS>
<SIGNATURE>IDXxxZDXTkePo6/MX99LsyEkdXR3gcsu1P9xKZ7vTeVoLy54Z/h4NYkW7li2PdxDLV0slt7QQgwGDl3uqtx17ibo=</SIGNATURE>
If my funds didn't show up for any reason, I could still contact Whirlwind with proof that a withdrawal to x address was initiated even if they don't have that stored in a database they could still verify the action. it doesn't prove anything more than that. On the other side of things, this is what a letter of guarantee when you deposit looks like <SIGNED MESSAGE>We have generated the deposit address bc1qke0e934n3v4dt5lgu7p8r2gvctfq54qhgtun7s at Wed Jun 28 2023 19:23:40 GMT+0000 (Coordinated Universal Time) where the minimum deposit is 0.001. You can deposit from Wed Jun 28 2023 19:23:40 GMT+0000 (Coordinated Universal Time) until Thu Jun 29 2023 19:23:40 GMT+0000 (Coordinated Universal Time). Our fee is 0% and 0 BTC per withdrawal address. Your Public Address is wwKw8U2F62gUNJoxusqLSB6F1ZBmYg36qSB and you will use the private key (note) of this address which you must have saved to sign withdraw messages in the future. This message was signed using the letter signing address which can be found on our website or at /verification/letter_signing_address on the system's API.</SIGNED MESSAGE>
<SIGNING ADDRESS>1JmCabMgyVZ8zmgaV5JGH7BXe48buVaUUd</SIGNING ADDRESS>
<SIGNATURE>H/Ral+7vgK7Mo1ld3qd5AR2Plq8TCtRwoMW6G8Z8DWd6IGtAgw88ozkoxoQ2wcDzZJScBQZgHeYNXFtXS58E4UY=</SIGNATURE> If I send funds to bc1qke0e934n3v4dt5lgu7p8r2gvctfq54qhgtun7s and then check my note and it's empty, I can use that as evidence that this address was indeed given to me by Whirlwind, in other words, Whirlwind can't just tell me "we don't own this address, we didn't ask you to deposit funds to it". So now the user in question is already passed this stage, he has strong evidence that he deposited funds to an address given by Whirlwind which corresponds to a private note, which is why I think at this stage the user must not be ignored when they ask for support. So this raises another question for the community: Do you think we should show the private key on the deposit page as well if that implies we also have access to it? That sounds like another can of worms. How about asking the user to enter the last 5 characters to confirm he copied it? I assume the majority of users don't understand that the generation of the PK is done in the front end, they probably assume that Whirlwind has a table full of PK which they randomly assigned to different notes, it would be best to advocate for using ones' own PK, ideally, you would want to FORCE the user to enter his own private key generated elsewhere and use that as their note, that way they are unlikely to lose/forget it, but for now, maybe just add a note that says (you can use your own bitcoin private key generated elsewhere instead of using our website to create that) Most people who use mixers probably know how to safely generate a private key, so along with verifying that they indeed copied it (something like what you suggested) which shouldn't show in the next page, because, in the next page the deposit address is already displayed, it should be displayed in the same page right after the captcha, all that should contribute to fewer user's mistakes.
|
|
|
|
examplens
Legendary
Offline
Activity: 3458
Merit: 3480
Crypto Swap Exchange
|
|
June 29, 2023, 07:21:44 AM |
|
Most people who use mixers probably know how to safely generate a private key, so along with verifying that they indeed copied it (something like what you suggested) which shouldn't show in the next page, because, in the next page the deposit address is already displayed, it should be displayed in the same page right after the captcha, all that should contribute to fewer user's mistakes.
I don't think that the conclusion " Most people who use mixers probably know how to safely generate a private key" should be taken lightly, It's evident that many still don't understand the importance of keeping PKs really private. One user has just applied for a signature campaign, publicly publishing the private key. Although everything is clearly indicated in the whirlwind.money page, it is evident that it still needs to be emphasized even more. Apparently, he replaced it with a new deposit address after the suggestion of another member.
|
|
|
|
stormbounty
Jr. Member
Offline
Activity: 58
Merit: 5
GET FEATURED ON YAHOO & BLOOMBERG https://t.ly/C-y
|
|
June 29, 2023, 09:11:16 AM Last edit: June 29, 2023, 12:39:08 PM by hilariousandco |
|
Currently the private key is generated by the user in the frontend on the main page. If we were to show it on the next page as well that would imply we generate it ourselves and store it, that's why we didn't do it.
So this raises another question for the community: Do you think we should show the private key on the deposit page as well if that implies we also have access to it? Others will no doubt express their opinions but I think if you showed the private key it would imply that a breach of trust has occurred. In my opinion it would be a mistake to do that. I would, once again, lean towards the more clear-cut yet harsher side of things. It is stated before you Generate the note and once you've generated it that you need to save the private key or else your funds will be considered lost. Like I've said before it's a tough situation but user error should not compromise the overall security of a service. I do not why the member in question felt the need to use tor and clearnet together when he simply could have just used tor. Something went wrong and he ended up with a letter of guarantee and nothing else (no private keys). Is it fair to say that the full error lay with him rather than his version of events where is stated as saying some part of the blame lay with Whirlwind because they had hosting issues? For me the way I understand it from previous posts, the clearnet will always be under some form of DDoS and all have been advised on a number of occasions to use tor therefore I fail to see why he is claiming Whirlwind are part responsible for him not saving his private key when he was opening and closing multiple tabs and using multiple browsers. In this scenario, the user has stated he can provide a letter of guarantee. Assuming this letter of guarantee is indeed the correct one, it will have a deposit address inside it. If the user can also sign a message from the address(es) which sent funds to the address contained within the letter of guarantee, I would say that's pretty compelling evidence that the user is telling the truth and does indeed own those funds. You are right about the letter of guarantee, he can provide it but he cannot provide a signed message from the address. He has already stated that will be unable to provide a signed message because he was withdrawing the funds from Whirlwind to send to a coinjoin address (maybe to Coinomize, YoMix, [banned mixer], Mixero, Mixtum or another). This service is made for humans, Humans make mistakes, I believe I can sufficiently prove I sent the money, I sent using sparrow wallet, I can send another one to show I control the originating address before funds got split and coinjoined, I have the letter of guarantee, I still have the tab open (though it now pops up an error message cos its been more than 24 hours). My only mistake was copying the private note key from the wrong tab
IF support doesn't reply after 5 days, can I now call it a scam? Or is 5 day not enough too??
You did not get a reply because we simply ignore support requests where users forget or don't save their private keys, this was the general consensus when we had the same issue a few weeks ago. If somehow the community thinks this situation is different and it warrants a refund, then as always we have no problem doing it as long as it doesn't open the door to other types of abuse later on. Of course, someone can say that you need to be patient, but I used to like this mixer for its efficiency and speed, but now it is turning into something extremely slow and sluggish. I hope all these problems will be solved soon.
Was your issue resolved? If not please DM or send an e-mail to support. We use lots of servers and Tor circuits sometimes break creating delays, if these issues are more common lately we will make some improvements so it doesn't happen anymore, or at least not this often. Also our clearnet version has been DDoSd continuously for more than 10 days now so that's why it throws errors sometimes. I guess this is just an unlucky situation that @whirlwindmoney is absent currently.
We are not absent, our e-mail response time is usually under 6 hours, and at most 24 hours in exceptional cases. We simply thought that this situation was discussed already and clear for everyone and that's why we did not reply to this specific user. So basically the question is, again: should we refund if the user only has the guarantee letter but not the private key, or should we stick to the rule that if you lose the private key you lose access to your funds? What if we refund this user based on the guarantee letter and then we receive another support request from 'someone else' with the same guarantee letter while also having the private key telling us that he doesn't see his balance on Whirlwind anymore and accuses us of scamming? Do we refund that user as well? We understand it may be frustrating when unfortunate things like this happen, but like we said the last time we really need to draw a clear line and agree on some 'procedures', otherwise we'll solve this issue today and have another one pop out immediately. I will give you the deposit wallet private key, how about that, what more can I do to prove I sent this, I quickly posted here and sent a support email the same hour after the deposit was made. I still have the tab open and can prove anything you want. Jesus Your reply is annoying. If the letter of guarantee is useless then what is the point, All this shouldn't an issue, all other mixers you can withdraw without having to paste anything as long as its still the same browser session, sometimes its good to follow trends of others in your niche rather than starting something new for user experience purposes. Humans are not machines. You are confidently saying that a user of your service that deposited actual money doesn't deserve a reply to his support request because you have pre-decided a fate for their case (mine is actually very unique), deep inside the threads of a bitcoin forum. So you totally ignored their support email.
2023 Customer support award stuff for a service that is new and in "BETA" This is DAY 5 and I still have not gotten a reply to my support request, not even an autoresponder. I really wish I can afford to ignore the money because this is shameful As an extreme solution to prove how important this money is to me right now I can fully DOX.. What more do you need @whirlwind.money It might not be a large amount, but its that important to me right now No it would not be sufficient for anything and to go through all that hassle just because someone using their service has made a series of errors is not productive nor a good signal to send out to others who use the service incorrectly. Having said that, the letter of guarantee is sufficient and the address within it should be the address the rightful owner is capable of signing a message. If the owner cannot sign a message from the address because it was going to a coinjoin address, the owner should not have his mistakes paid for by Whirlwind. What would happen if Whirlwind paid him for his mistake and then a few days later another member presented the same letter of guarantee along with a signed address claiming he is the rightful owner? If the circumstances surrounding stormbounty losing his private key are correct, he will have to both take and accept the loss and then move forward. If he wants to use Whirlwind again he will have to keep in mind how it works otherwise he should use the services of an alternative he finds more convenient. oh come on, i'm still on the page, no other mixer does this, none, if i left the page and returned it would have been different, i watched the deposit come in, yet i cant withdraw.
So do you still have the page open currently? Wouldn't that be a sufficient way to prove that @stormbounty is for sure the rightful owner of this note if you say screenshare/livestream to whirlwind support and they can actually confirm? Because signing is not possible with the wallet i used I will produce the private key, so how about that. Still not sufficient? I've just sent the wallet private key(s) of the wallet I used to make the deposit to support email. I can also share the private key publicly in the thread, I wave withdrawn the money i have left. I cant lose my WWM deposit, I need it urgently please
|
Get Featured on Bloomberg, Yahoo, Business Insider, Reuters and more with STORMBOUNTY PRESS RELEASE Link in Bio
|
|
|
|