- I received 8 signed messages, each of which included my name and the current date.
Confirmed.
- The balances of 8 Bitcoin addresses were replenished at approximately the same time and contained a total of more than 50 Bitcoins.
Confirmed. I want to add that the addresses were funded recently. This proves access to funds at this moment.
- All signatures are authentic and verified using Electrum
Confirmed.
Thank you LoyceV for your cooperation
We want to note once again that this was only part of the reserves, albeit a large one. The remaining amount of reserves of ~3.7 BTC is scattered across many wallets and leads to users, which we understandably did not resort to for signing. Thanks and best regards!
I'll add here my two cents, if I may. I remember I read about this company back in April, yet it seems things are changed now.
I was not involved in this discussion since its beginning, but I kept an eye on it.
What I want to add here is that icopress is, for sure, a very trustworthy forum user and he received many appreciations for his professionalism during years. If he says he received the signed messages I believe him.
At same time, LV is another very trustworthy forum user and, in case he will also confirm the messages from PureMixer all doubts are solved.
Both of them are persons which I'd trust to cash out my salary each month and I'd be more than sure they would give me my money back.
Later edit: Loyce posted just when I was writing this and it seems we have his confirmation as well.
This is just the beginning.
Thanks!
Very interesting that OP was loudly opposing to provide the signed proof of reserves highlighting risks of undermining security of mixing operations and their users, but then simply sends the sensitive data over a state-controlled unencrypted communication channel, instead of relying on a more secure alternative offered (email that supports end-to-end encryption). It's either hypocrisy or incompetence.
Yes, at that time we didn't want to sign the message. and the reason for this was not the method of sending subscription messages,
but to whom we will sign it. We didn't like the fact of signing bitcoins to people unknown to us. But we ourselves brought the situation to such a "boiling point" that it really became necessary to sign bitcoins. And we signed bitcoins to those users whom the majority of the forum trust.
Regarding the method of sending: you are reasoning hypothetically (that, they say, law enforcement agencies could notice this message), and when the reasoning is hypothetical, no probabilities can be excluded. So yes, there is a chance of this, but let's be honest, it's close to 0, because it doesn't work quite like that (that companies keep records of everything and everything). In addition, the correspondence lasted only a few hours, since on both sides (both from ours and from the users to whom the messages were signed), the dialogue was irrevocably erased.
Given also how long time it took for OP to understand the importance and rationale of LoG, I'd say the OP is relatively new in this industry without significant experience in operational/informational security and probably doesn't understand their threat model's top element is state. I would think twice trusting this service any sensitive information such as UTXO flows since I doubt they can provide a security level required for operating a mixer.
We have built our tool with dignity and in accordance with the privacy parameters. We have acted carefully, taking into account any possible outcome of this case (including the worst if the FBI liquidates our servers), and in this regard we have taken counter measures, in view of which you as users will not need to worry about data leakage. One of such significant actions on our part is that we have deployed servers in a territory that is outside the jurisdiction of the US government and most EU countries. Our service flawlessly and fully copes with one and the main task: it makes a complete break of the blockchain between incoming addresses from you and outgoing addresses to you. By traditional mixing. Where in return you will receive completely alien and unrelated coins in the past.
We, as service operators, fully cope with one and the main task that already comes from us: we permanently erase user logs after a successfully rendered service.
As for the letter of guarantee, the issue has been resolved. The problem has been fixed. Not a single user has been harmed during the long months of our service. There's no need to stir up the past.
Or even worse - them being investigated low-profile then suddely having their servers seized with all the customer data compromised. Happened to some of the best in case you are familiar with historical events of services on this forum Smiley
All of us (Bitcoin mixers) are under such a blow. The question is different: how well the operators have prepared for this strike. We repeat: our servers are located outside the jurisdiction of the USA and most EU countries. Accordingly, they will not be able to get legitimate access to our servers by a court decision. Based on this: they can either simply liquidate our servers and only, or go further and maliciously seize and gain access to our servers. But if they do that (which is possible) then they will not be able to bring it to the media and will not be able to get a warrant in order to fully investigate the case, since they got access to our servers illegally. Based on all this, we can conclude that it would be better for us, as service operators, not to keep any logs regarding users.
And yes, everyone's favorite CM, which was liquidated in the spring of this year: stored records of personal data of customers weighing 7 TB
. We assume that the operator of this mixer intentionally saved and accumulated information about orders, so that in case of proceedings with the authorities, he could rely on the "crutch" from the collected data of these orders, in order to offer this data in response to some kind of leniency. Arranged a kind of "airbag". And he can be understood, because he is a citizen of a neutral country for various jurisdictions, to whom they could easily send an extradition request.
After reading everything here, I gotta say I'm on the same page about this. One obvious example was using fonts and stuff from third-party sites. Like, who needs fancy fonts on a bitcoin mixer? Even newbie coders know that crap can be used to track people. If they're making such basic screw-ups, I dunno how much I trust PureMixer to really know what they're doing running this kinda biz. Im no security expert that's just my take, but it's enough to make me skeptical.
You wrote about fonts. Well... CryptoMixer
after more than 7 years of work still sends requests for fonts (and for some reason no one talks about it
). ETFbitcoin user kindly pointed this point out to us and made us realize that it is better to eliminate it. Which we actually did.
We think that when experienced users find "holes" and shortcomings in a newly-minted service, this is completely normal. After all, forums of this kind like BitcoinTalk are also designed for this, so that the community with their knowledge in different fields and points of view - to bring the service to perfection.
Sincerely, PureMixer team BTC