[ANN] Whirlwind.money | ⚡No Fee⚡ | Ultimate Privacy | Anonymity Mining 12% APR🔥

[whirlwindmoney]

We all know what happened with one big mixer recently and reading reports we could see that authorities seized a lot of coins and other data stored on 7TB drives.
There is a lot of competition for remaining mixers and there is certainly demand for bitcoin mixing, but it's hard for me to trust any new mixer.
I know it takes time for this, so I hope you will remain active in bitcointalk forum in future.

We will launch a review campaign shortly with funds held in escrow by minerjones, you'll be able to try out the service safely. It's going to take time to build trust, but we'll be here to prove ourselves.

My question is, what is Whirlwind.money doing differently that will prevent something like this happening for you in future, and do you store coins in hot or cold wallets?

Thanks for the question - we went to great lenghts to protect against any kind of hack/attack on our service and this is mostly the reason why it took us over 2 months to develop and test Whirlwind. I'll quote some answers

Since we are using a single aggregate address for all deposits and withdrawals, holding its private key on a server would be a risky move. That is why we decided to use a backend+validator model. The backend’s job will be to interact with end users by generating deposit addresses, processing withdrawals, etc. In the initial design, there will be x validators which will validate all of the backend’s actions (verify funds were received from the deposit address to the main aggregate address, verify submitted credit notes for withdrawals). These x validators will hold the multi-sig keys for the main address and will be hosted on different servers. Whenever a withdraw transaction is being sent, the signatures must be retrieved from all validators which are able to verify the transaction is correct. If an attacker manages to gain access to the backend, it would be pointless, as he will not be able to steal the funds (since the keys are on different servers), and he will not be able to forge proofs in order to withdraw another user’s BTC to his wallet. Using this model, we will be able to further decentralise this service by allowing other trusted members to run their own federated validators so that a single entity will no longer hold all of the multi-sig keys.

When a user deposits BTC using the fast withdraw method, the backend sends the deposit hash to the validators and whitelists the receiving addresses. After the signature is sent to the backend, the validators delete all proofs of those receiving addresses, keeping only the deposit transaction hash so that they would not accept a “duplicate proof”.
When a user deposits BTC using the slow withdraw method, the backend sends the deposit hash to the validators and they assign credit to the note’s public key. When the user wants to withdraw his BTC, he must send a signature to the backend which will process this. This signature will also be sent to the validators which will check it and remove credit from the note’s public key and whitelist the receiving addresses. If an attacker compromises the backend server, he would not be able to forge user note signatures in order to fool a validator to send him funds, because only the users have access to the notes’s private keys. Again, the proofs are deleted after their use.

At the moment, with whirlwindmoney being the sole operator of the site, then they are in control of all 3 keys in a 3-of-3 multi-sig. This provides additional security against a single server being seized or infiltrated, but it still requires complete trust from the end user that whirlwindmoney won't scam them, as it would in a normal single-sig set up.

Bottom line is that compared to the service you asked me about that was running on 2 servers, I can't say our exact number,but we have >5. And if you don't get access to all of them at the same time then it's the same as getting access to none, there is nothing you can do. The only server that is public is the clearnet frontend, which we assumed is infiltrated from day 1, so nothing to worry about there. The others are behind lots of layers so even if it would be possible to somehow get to them, it would definitely take a lot of time. (Servers are not exposed between them, so even if you get access to the backend, you won't know the IPs of the signers and other servers)

All servers are from different providers and we will change them with new ones once every month or so, just in case.

I see that you are using multisig setup, and I like this approach, but are Notes ever stored anywhere online by you or not?

All funds are stored in the multi-sig, Notes are proof that you are owed BTC from the pool. We only keep the public key of the Note and the balance, nothing else. There is no identifiable information such as deposit address/timestamp, that's why it's so important that you store your Note private key safely, you will need it to withdraw.

Apologies if it's too much info and it's hard to follow, but I want to be as transparent as possible and not leave out important details. It's normal if some are skeptical because the service works differently than what they're used to and because of the latest events, but i'm confident that once we get over the trust issues and users understand how everything works, Whirlwind will become the benchmark in this niche.

For any other questions I'm always here

[dkbit98]

We will launch a review campaign shortly with funds held in escrow by minerjones, you'll be able to try out the service safely. It's going to take time to build trust, but we'll be here to prove ourselves.

OK, I am interested in testing your service when this new campaign opens, and maybe you could learn from mistakes chipmixer made and make some improvements.
It's not only trust I question, I also wonder if you have enough Bitcoins in reserve to support mixer operating for future, or you are basing Whirlwind future only on earning from fees?
What is maxiumm amount of Bitcoin someone could mix today using Whirlwind.money?

All funds are stored in the multi-sig, Notes are proof that you are owed BTC from the pool. We only keep the public key of the Note and the balance, nothing else. There is no identifiable information such as deposit address/timestamp, that's why it's so important that you store your Note private key safely, you will need it to withdraw.

How long do you keep this records (note public key and balance) and do you keep any IP address from users?

Apologies if it's too much info and it's hard to follow, but I want to be as transparent as possible and not leave out important details. It's normal if some are skeptical because the service works differently than what they're used to and because of the latest events, but i'm confident that once we get over the trust issues and users understand how everything works, Whirlwind will become the benchmark in this niche.

Don't get me wrong, nothing personal against you, but I am always a bit suspicious to any new service that shows up.

[Ojima-ojo]

Welcome to bitcointalk and as a campaign participant I will use my first week's payment to test the site and afterwards give my reviews on the mixing facility of a whirlwind, even though this project came as a replacement to chipmixer it's very important to know what users stands to the gain from using this services.

But I must say that the site is quite friendly and could become the next stop point for many mixer users who may have been disappointed in the seizure of chip mixer site.

[whirlwindmoney]

OK, I am interested in testing your service when this new campaign opens, and maybe you could learn from mistakes chipmixer made and make some improvements.
It's not only trust I question, I also wonder if you have enough Bitcoins in reserve to support mixer operating for future, or you are basing Whirlwind future only on earning from fees?
What is maxiumm amount of Bitcoin someone could mix today using Whirlwind.money?

We do have our own Bitcoins which are added gradually with other users deposits. The amount currently in the pool is a bit over 3BTC but I expect it will grow at a fast pace over the next weeks. The anonimity set (amount of deposits your output transaction could originate from) is only going to become stronger the longer the service runs.

The reserve can always be verified here: https://blockchair.com/bitcoin/address/bc1qf8h5k6sash8007vpesymxkw2xsg5d0r3j4l5vmcrwpz2pqu66fjstzgd3r

It's hard to come up with a number for the maximum amount because it depends on a few things. If you use Fast mode then I wouldn't recommend sending more than the amount currently in the pool. If you use Notes then it doesen't really matter since you can deposit and withdraw whenever you like, so you could deposit any amount, but withdraw over a longer period.

How long do you keep this records (note public key and balance) and do you keep any IP address from users?

We keep the public key and balance stored until the Note's balance is completely spent. Nothing else is logged, no IP (we also don't use cloudflare or any other 3rd party), no deposit address/transaction or anything that could link the Note to you. You also have the option to combine 2 or more Notes and get a new one. For example you have a 1BTC Note and another 0.5BTC Note, you can combine them and you get a new Note with a 1.5BTC balance. The now used 2 Notes are then deleted from the servers.

I also want to make it clear that we do not use mixing codes or anything that could link your transactions.

Don't get me wrong, nothing personal against you, but I am always a bit suspicious to any new service that shows up.

All good, if you have other questions please ask otherwise I'll wait for your review!

Welcome to bitcointalk and as a campaign participant I will use my first week's payment to test the site and afterwards give my reviews on the mixing facility of a whirlwind, even though this project came as a replacement to chipmixer it's very important to know what users stands to the gain from using this services.

But I must say that the site is quite friendly and could become the next stop point for many mixer users who may have been disappointed in the seizure of chip mixer site.

Thank you and waiting for your review! The part that I bolded is not accurate though, we were working on this long before anything happened. I started this because I believe our mechanism is superior compared to the other solutions, including CM. The CM saga more or less proved my assumption that a better service is needed right.

[JollyGood]

You are in very safe hands with Hhampuz managing your campaign here.

Welcome to the forum 

Clearnet link is online, if you encounter any issues while on it please use the Tor version.

More BTC will be added to the reserve in the following days, for technical info concerning the current setup and our future plans please read this thread.

[AmoreJaz]

You are in very safe hands with Hhampuz managing your campaign here.

Welcome to the forum  

Clearnet link is online, if you encounter any issues while on it please use the Tor version.

More BTC will be added to the reserve in the following days, for technical info concerning the current setup and our future plans please read this thread.

there's no doubt Hhampuz is one of the prominent CMs in this forum. and he will stop the campaign anytime if he sees any anomaly going on.

on the note of this service, their rep is quite active here. so that's a good start. but they should not change their approach on this as they are still gaining the trust and confidence of mixer users. if they are easy to contact anytime, then, people will really start using their platform. users are now very cautious because of what happened to one of the biggest mixers found in the forum. their entry is just a good timing.

[TryNinja]

I keep getting a "Backend offline. Please try again later" message and I noticed that the API calls are returning the 500 status. Both clearnet and Tor. DDoS maybe?

[whirlwindmoney]

I keep getting a "Backend offline. Please try again later" message and I noticed that the API calls are returning the 500 status. Both clearnet and Tor. DDoS maybe?

I am doing some adjustments on the ddos protection, I really want to get this right and not use cloudflare or any 3rd party. Everything will be back to normal in about an hour or so and it should be able to handle attacks better afterwards.

edit: service is back online, apologies for the inconvenience

You are in very safe hands with Hhampuz managing your campaign here.

Welcome to the forum  

Clearnet link is online, if you encounter any issues while on it please use the Tor version.

More BTC will be added to the reserve in the following days, for technical info concerning the current setup and our future plans please read this thread.

Thank you!

[Agbe]

I keep getting a "Backend offline. Please try again later" message and I noticed that the API calls are returning the 500 status. Both clearnet and Tor. DDoS maybe?

Exactly, the same here I have been trying to see the content and the features in the site before making proper Review on the site but the website both the onion and clearnet are not working instead one shows "The site can't be reached".👇

And second one (clearnet) shows pure blank page👇


With this we can't say anything about the site until the site works properly before people can make their honest review and comments. So make the site working for easy access and mixing with fair transactions.

[TryNinja]

Exactly, the same here I have been trying to see the content and the features in the site before making proper Review on the site but the website both the onion and clearnet are not working instead one shows "The site can't be reached".👇

It has been working fine for me since OP's last message. Keep in mind that the .onion domain can only be accessed through Tor.

[CoinEraser]

Exactly, the same here I have been trying to see the content and the features in the site before making proper Review on the site but the website both the onion and clearnet are not working instead one shows "The site can't be reached".👇

I can open the page with no problems. I have to wait 5 seconds for it to load, but otherwise everything is fine. 


@whirlwindmoney
It might be good to translate the site into other languages. Even if many people understand English, there are still people who have problems with it and only use a site if it is also offered in their mother tongue. I've noticed this very often, especially with people from Germany, for example. Other mixers often offer the option of changing the language. Maybe that would also be a good suggestion for Whirlwind. 

[whirlwindmoney]

Exactly, the same here I have been trying to see the content and the features in the site before making proper Review on the site but the website both the onion and clearnet are not working instead one shows "The site can't be reached".👇

I can open the page with no problems. I have to wait 5 seconds for it to load, but otherwise everything is fine. 


@whirlwindmoney
It might be good to translate the site into other languages. Even if many people understand English, there are still people who have problems with it and only use a site if it is also offered in their mother tongue. I've noticed this very often, especially with people from Germany, for example. Other mixers often offer the option of changing the language. Maybe that would also be a good suggestion for Whirlwind. 

There was no downtime after my previous message. If you encounter any issues with Clearnet try another browser, otherwise please use the Tor version.

Thanks for the suggestion, we'll translate the site into other languages very soon. I want to get the user experience right before that though, I'm already working on some changes considering the feedback I got until now from the review campaign. After a few days of receiving feedback and fixing we should arrive at the final form and then I will look to translate the website and create a presentation/tutorial video.

[LeGaulois]

I saw a review campaign and was ready to participate in, but I see the same thing will be repeated over and over. Even if I could add an adress analysis from a tool used by CEXs to make it a bit different and a website security check.


However, I have a question

The website is missing the HTTP  <Strict-Transport-Security> security header
You know what I mean? The point saying to browsers that Whirlwind should only be accessed with HTTPS, and any connection using HTTP should automatically be converted to HTTPS

However, I believe you configured a 301 redirect on your server (HTTP to HTTPS) , it does almost the same thing but the HTTP connection is still vulnerable to a man-in-the-middle attack

Just for my information, TYVM

By the way: Pretty smart to use Njalla  

[whirlwindmoney]

A new update just went live. Most if not all issues raised in the review campaign until now should be fixed.

Changelog

04.04.2023 06:00:00 AM UTC
-Fees were reduced from 0.00015BTC/address to 0.0001BTC/address
-Website is now fully responsive
-All "unclickable" buttons fixed
-Note can now be downloaded in the same way as the Letter of Guarantee
-Tor header added
-HTTP Strict-Transport-Security added
-Captcha can be refreshed
-Clearnet link added to footer
-Added warning on the Withdraw Note/Combine Note pages (Your note will only work after the deposit is fully confirmed.)
-If user doesen't have JS enabled an error will be displayed
-Sliders fixed
-Network fees now adjust automatically based on market conditions so transactions shouldn't get stuck anymore

I saw a review campaign and was ready to participate in, but I see the same thing will be repeated over and over. Even if I could add an adress analysis from a tool used by CEXs to make it a bit different and a website security check.


However, I have a question

The website is missing the HTTP  <Strict-Transport-Security> security header
You know what I mean? The point saying to browsers that Whirlwind should only be accessed with HTTPS, and any connection using HTTP should automatically be converted to HTTPS

However, I believe you configured a 301 redirect on your server (HTTP to HTTPS) , it does almost the same thing but the HTTP connection is still vulnerable to a man-in-the-middle attack

Just for my information, TYVM

By the way: Pretty smart to use Njalla  

If you have the time I'd appreciate your review

HSTS was fixed too. Even though I believe the other implementation was good enough (a user would have to take extra steps in order to use HTTP so it couldn't happen by accident), I agree with you that this is the right way to do it.

They are just one of many providers that we use, but for Clearnet at least it does the trick

[Little Mouse]

Can someone or whirlwind please respond on this part from my review-

I don't know if this is intentional from whirlwind or not. Here's my mixing-
1. my addy to WHIRLWIND1 address
2. WHIRLWIND1 sent BTC to their X address
3. And sent me BTC to my desired address from address X (same address from the 2nd step)

Again,
1. Used Notes- sent BTC from my address to WHIRLWIND2 address.
2. WHIRLWIND2 sent BTC to X (same as previous)
3. When I withdrew, they again sent me BTC from address X
Does it work this way? I don't think so. Basically, it's like MY btc to whirlwind and the same BTC is being sent to me.
I felt like I was sent my BTC.

I'm not a guy who used a mixer a lot of time. I used it mostly just to check out how it works. I have tested a few mixers including ChipMixer and all of those were to get an experience of how the process work in individual site.
May I know what I'm missing? My bad if this is a very much stupid question I had though I think it wasn't.

[whirlwindmoney]

Can someone or whirlwind please respond on this part from my review-

I don't know if this is intentional from whirlwind or not. Here's my mixing-
1. my addy to WHIRLWIND1 address
2. WHIRLWIND1 sent BTC to their X address
3. And sent me BTC to my desired address from address X (same address from the 2nd step)

Again,
1. Used Notes- sent BTC from my address to WHIRLWIND2 address.
2. WHIRLWIND2 sent BTC to X (same as previous)
3. When I withdrew, they again sent me BTC from address X
Does it work this way? I don't think so. Basically, it's like MY btc to whirlwind and the same BTC is being sent to me.
I felt like I was sent my BTC.

I'm not a guy who used a mixer a lot of time. I used it mostly just to check out how it works. I have tested a few mixers including ChipMixer and all of those were to get an experience of how the process work in individual site.
May I know what I'm missing? My bad if this is a very much stupid question I had though I think it wasn't.

Thank you for the question - it's intended to work this way

I will quote a previous message of mine from another thread where I explained the advantages of this setup:

Since you are open to hearing opinions, I hope you will visit this link ----> Breaking Mixing Services

If there is interest in this topic, I can publish further information (source-codes, examples, ..) on this topic and attacks.
Link to my thesis (python source inside): https://www.dropbox.com/s/3yapwyfz72tvswh/BA_mixing_services.pdf?dl=0
Author: Felix Maduakor
Email: felix.maduakor@rub.de

¹ Chipmixer was the only centralized mixing service which I did not break fully. However, I did not put much work into checking this mixing service.

Contact him, and if he accepts to give a paid review, I think that this will contribute a lot to gaining trust in your mixer service (at least for some here)

I went through his report and altough I'm sure we already fixed the issues outlined by him, I will still try to get him to do a paid review for your confirmation.

Coinmixer.se (the service used as example in the report) works like most mixers on the market today, and they all have the same big issues in common:
1.Maximum delay time is limited
2.Maximum amount of output addresses is limited
3.No option to have higher outputs than inputs
4.Use of mixing codes

These issues make it possible for anyone to perform blockchain analysis with relative ease. The privacy set (number of deposits your output transaction could have originated from) which is the most important figure in my opinion, is reduced to only the transactions that were performed during the time limits imposed by the "maximum delay". And since you also know the maximum number of output transactions each deposit has, it's not that difficult to deanonymize it.

We solve all these issues by introducing the Note mechanism. Let's see how the above issues apply to Whirlwind:
1.Maximum delay time is unlimited
2.Maximum amount of output addresses is unlimited
3.Outputs can be higher than inputs (combine Notes)
4.We don't use mixing codes

Since the user has the option to deposit and withdraw whenever he likes and we don't impose a limit, blockchain analysis becomes useless. In the case of coinmixer.se it's written in the report that they had about ~1000 deposit transactions a week. If we assume we'll have the same, then the privacy set of Whirlwind will grow by 1000 every week.

After 10 weeks every output transaction could originate from any of the 10,000 deposits into Whirlwind, and this figure will only grow as time goes on. With other mixers it doesen't matter how many deposits they have in total, the privacy set doesen't increase.

The use of mixing codes by a service confirms that the privacy set is very weak and introduces other risks since it can link your transactions. If a mixer does what it's supposed to do, it shouldn't matter if you get 'your own coins' back because anyone that ever used the service could have withdrawn those coins.

[John Abraham]

Exactly, the same here I have been trying to see the content and the features in the site before making proper Review on the site but the website both the onion and clearnet are not working instead one shows "The site can't be reached".👇

By any chance, Are you trying to access the onion link in your Chrome browser? I am sorry if I am wrong. The Onion domain is not supposed to work with regular browsers. You may want to install the Tor browser to access the Onion domain. The Onion Domain works every time I try with the Tor Browser.

For the Clearnet domain, Yes, they have had some issues with clearnet domain. Your browser needs JS enabled to work correctly. The Clearnet domain is supposed to show you a five-second countdown before you get access to the website. If it shows you a blank page without showing the countdown. Clear your browser and try again. If their server is not down, Everything should work perfectly. For some reason, I still cannot access the clearnet domain. The whirlwind team may want to work on those issues.

@Whirlwindmoney, it's Nice to see you guys prioritizing fixing every possible issue. As you may know, Users still have issues accessing the clearnet domain. That would be great if you could fix it asap.

[cremole10]

I have emailed twice about an issue with no response. I can't PM cause whirlwindmoney has disabled PMs from newbies. Help please.

[whirlwindmoney]

I have emailed twice about an issue with no response. I can't PM cause whirlwindmoney has disabled PMs from newbies. Help please.

I replied to your email a few minutes ago - please check.

I also enabled DMs from newbies, wasn't aware that was an option.

@Whirlwindmoney, it's Nice to see you guys prioritizing fixing every possible issue. As you may know, Users still have issues accessing the clearnet domain. That would be great if you could fix it asap.

It's hard to have a stable build on clearnet considering our setup, but I think I'll be able to get it to be decent enough after some more changes. I prefer security and privacy over reliability though so that's why it's taking a few iterations until I get it right

[Little Mouse]

Thank you for the question - it's intended to work this way

I will quote a previous message of mine from another thread where I explained the advantages of this setup:

Well, I got your point. If I'm not mistaken, Notes are very much helpful in breaking the link, and as much time as we delay to withdraw from Notes along with the option to combine Notes and withdraw different amounts. Otherwise, using fast mode with almost instant payout, the process isn't that helpful I think since they can be identified with little effort with some explorer check, as it limits the address, and output to check.
Now, it also makes sense why having different fee would add a little bit extra privacy.

It's hard to have a stable build on clearnet considering our setup, but I think I'll be able to get it to be decent enough after some more changes. I prefer security and privacy over reliability though so that's why it's taking a few iterations until I get it right

I checked the clearnet today morning for a different purpose but i wasn't able to access the site.