DO Proceed with Caution: At the moment (Wed Oct 16 12:53:14 UTC 2019) Looks like tor is working (
http://chipmixerwzxtzbw.onion) but chipmixer.com clearnet isn't responsive via multiple VPN providers.
Note of Caution: my small bitcoin deposit (around 0.246
BTC) not showing up for step 2, after seen 6 confirmations. (Likely Cause: UTXOs were from 3 bech32, followed by a single p2sh-segwit)
Deposit Received as of Thu Oct 17 07:33:31 UTC 2019. At the moment Chipmixer could only be reached via Tor, and Clearnet mirror still down.
Some important OPSEC related mitigation techniques should be observed by sites similar to chipmixer:
1) Actual wallets containing mixed utxo shall be safely isolated and possibly geographically diverse from the server hosting it. This way even if banking cartel somehow successful seizing the web site (likely already happened) they will not succeed in stealing significant
BTC from the server itself or result in successful attribution to the site operator because front end servers contains no
BTC, only back end client actually holding chips and rotate IPs with ToR everytime it process an actual mixing transaction
2) all actual mixing request were published encrypted on the front end server itself. This way the vulnerable server don't have to hold Tor or IP addresses that exposes site operators.
3) back office via tor actively pulling the front end server and decrypt and consumed mixing session data and produce internal mixer object holding list of private keys, vouchers etc and publish it encrypted (see step 4). Each time it pulls, Tor rotate source IP so even if honeypot or in-line wiretap happens at Choopa (data center) will have limited chance to find client endpoint's IP.
4) back office on separate transaction channel push the completed mixing content over Tor to the front end web servers. Ideally each transaction is encrypted and salted uniquely by its mixing session ID so to prevent honeypot or specialized network appliance stealing coins from site operator.
5) Front End web server decrypts the payload from transaction channel and processed the completed mixing content containing keys and vouchers and expose it to the correct site user.
Keep in mind step 2-4 introduces notable latency, which chipmixer lacks until just now. The delay in transaction (I Hope) is having to do with the fact the site is trying to protect itself and stays safu.
The ongoing DDoS was an classic and failed alphabet agencies attempt trying to map out the origin of the hidden service infrastructure. It is not very expensive in terms of bandwidth or hardware to saturate connection handlers and uses principal of inclusion and exclusion to isolate and locate the hidden mixer IP. Those of us hosting site like these know it well.
