Topic: [ANN] Whirlwind.money | ⚡No Fee⚡ | Ultimate Privacy | Anonymity Mining 12% APR🔥 - page 23. (Read 12718 times)
June 29, 2023, 09:52:45 AM
5 WHOLE DAYS AND YOU ARE ALL EXCUSING THIS SHIT... DISGRACEFULL
June 29, 2023, 09:49:48 AM
Who I should I sign to? to which bitcoin address? What is the message body?
Write what's relevant:"Today is June 29, 2023.
I, user stormbounty on Bitcointalk, sent xx Bitcoin from the signing address to WWM's address yy."
Then add the LoG to make complete.
June 29, 2023, 09:39:13 AM
I will give you the deposit wallet private key, how about that, what more can I do to prove I sent this, I quickly posted here and sent a support email the same hour after the deposit was made. I still have the tab open and can prove anything you want. Jesus
If they didn't reply to any of your emails (I don't think this is a good behavior like I said), than I don't see what's the point in sending them your private keys 
I hope you learned an important lesson from your own mistake, and next time be extra careful when you use any mixing service.
There are some grey areas with whirlwind, but most is related with user mistakes that can be intentional sometimes.
And btw most of the neutral people from bitcointalk voted to for WhirlWind not to refund funds in cases like this.
Out of over 5 emails to customer support I got replies for ZERO, in 2 days it will be 1 week since the first message
Put yourself in their position, if they start to reply and refund everyone who makes mistakes, they could compromise their security model and potentially get attacked by someone.They left me in the dark, I wasnt even human enough to deserve a reply.
I have had issues with other services, I got instant replies on sparrow (over 1 million users) samourai replied within 10 minutes , Chipmixer max took 24 hours in my experience
But this service is hell bent on changing the UX flow we are used to , in order to steal money with plausible deniability. 5 DAYS AND ZERO REPLY
I deposited money with the service and you all are telling me I am wasting the devs time by requesting i am treated like a human enough to at least get a reply. SHAME ON ALL OF YOU THIEVES
@stormbounty, I too wish the world would revolve around me. I have nothing to do with this other than sharing my opinion on it.
And for what it's worth my opinion stands, if you lose the private key, you lose the funds. At this point I'm not even entirely sure what to make of you, or your situation. You said you just sent them a private key to your personal wallet over email - very bad..
And for what it's worth my opinion stands, if you lose the private key, you lose the funds. At this point I'm not even entirely sure what to make of you, or your situation. You said you just sent them a private key to your personal wallet over email - very bad..
How else could I prove i sent the money if the previous wallet wasnt letting me sign, You all should come down on your high horses, sometimes remember this space isnt newbie friendly and it shouldnt be an excuse to scam the newbies, and that the service had hosting issues around the time this happened which caused the private note mix up IN THE FIRST PLACE!!!!
You all are giving me zero grace, its shameful
June 29, 2023, 09:38:24 AM
@stormbounty, I too wish the world would revolve around me. I have nothing to do with this other than sharing my opinion on it.
And for what it's worth my opinion stands, if you lose the private key, you lose the funds. At this point I'm not even entirely sure what to make of you, or your situation. You said you just sent them a private key to your personal wallet over email - very bad..
And for what it's worth my opinion stands, if you lose the private key, you lose the funds. At this point I'm not even entirely sure what to make of you, or your situation. You said you just sent them a private key to your personal wallet over email - very bad..
June 29, 2023, 09:34:58 AM
I will give you the deposit wallet private key, how about that, what more can I do to prove I sent this, I quickly posted here and sent a support email the same hour after the deposit was made. I still have the tab open and can prove anything you want. Jesus
If they didn't reply to any of your emails (I don't think this is a good behavior like I said), than I don't see what's the point in sending them your private keys I hope you learned an important lesson from your own mistake, and next time be extra careful when you use any mixing service.
There are some grey areas with whirlwind, but most is related with user mistakes that can be intentional sometimes.
And btw most of the neutral people from bitcointalk voted to for WhirlWind not to refund funds in cases like this.
Out of over 5 emails to customer support I got replies for ZERO, in 2 days it will be 1 week since the first message
Put yourself in their position, if they start to reply and refund everyone who makes mistakes, they could compromise their security model and potentially get attacked by someone. June 29, 2023, 08:32:38 AM
now he will drag this out for a long time because I will never stop till I get the money back which is exactly what he wants.
As it has been said before, they won't be making any decisions while the service is still centralized that would damage their integrity in such a way, which is completely understandable.
I will quote this for you:
Thank you everyone for your responses, it's an unfortunate situation but there is nothing we can do without setting dangerous precedents or jeopardizing our integrity and we simply cannot afford to risk any of the 2 outcomes happening. This business is all about trust and the moment it's gone, it's gone for good.
As long as Whirlwind is centralized we will not make any decisions that could be considered questionable in any way, and if we will ever encounter another situation where we're not sure what the best course of action is we will use the same approach and let the community decide what needs to happen and we will respect that consensus regardless of our personal beliefs. We are working towards decentralizing the service so this is how things should work anyways.
As long as Whirlwind is centralized we will not make any decisions that could be considered questionable in any way, and if we will ever encounter another situation where we're not sure what the best course of action is we will use the same approach and let the community decide what needs to happen and we will respect that consensus regardless of our personal beliefs. We are working towards decentralizing the service so this is how things should work anyways.
They are actively reaching out to the community and I don't think that throwing around accusations will help with your case.
I will never stop till I get the money back which is exactly what he wants. I have no other way to solve my needs except those coins, I won’t get another salary till 4 weeks , so this is my second job now.
Good luck. You could try getting a loan if you urgently need that money.I already got a loan to replace the funds, now I have to pay that loan and medical bills.
Alright I have watched a YouTube video on how to sign using electrum, what message do I sign? To which address?
Support didn’t even attempt to make me sign a message, they just totally ignored my support request, up till NOW!! Not a good look , not a good look at ALLLL, I am surprised a lot of their signature campaign members are defending this behavior, this is not a goood look.
Out of over 5 emails to customer support I got replies for ZERO, in 2 days it will be 1 week since the first message
June 29, 2023, 08:30:32 AM
now he will drag this out for a long time because I will never stop till I get the money back which is exactly what he wants.
As it has been said before, they won't be making any decisions while the service is still centralized that would damage their integrity in such a way, which is completely understandable.
I will quote this for you:
Thank you everyone for your responses, it's an unfortunate situation but there is nothing we can do without setting dangerous precedents or jeopardizing our integrity and we simply cannot afford to risk any of the 2 outcomes happening. This business is all about trust and the moment it's gone, it's gone for good.
As long as Whirlwind is centralized we will not make any decisions that could be considered questionable in any way, and if we will ever encounter another situation where we're not sure what the best course of action is we will use the same approach and let the community decide what needs to happen and we will respect that consensus regardless of our personal beliefs. We are working towards decentralizing the service so this is how things should work anyways.
As long as Whirlwind is centralized we will not make any decisions that could be considered questionable in any way, and if we will ever encounter another situation where we're not sure what the best course of action is we will use the same approach and let the community decide what needs to happen and we will respect that consensus regardless of our personal beliefs. We are working towards decentralizing the service so this is how things should work anyways.
They are actively reaching out to the community and I don't think that throwing around accusations will help with your case.
I will never stop till I get the money back which is exactly what he wants. I have no other way to solve my needs except those coins, I won’t get another salary till 4 weeks , so this is my second job now.
Good luck. You could try getting a loan if you urgently need that money. June 29, 2023, 08:14:27 AM
but now the admin is also using me to farm engagement too it seems.....
I doubt that the discussion being held here is what they are looking for when it comes to advertisement/engagement.
They have an active signature campaign and would probably prefer you had not made that mistake...
Your mistake is essentially costing time and resources that could be spent on developement.
To assume they are trying to gain at advantage out of this situation seems uncalled for in my opinion.
None the less I hope you get your coins back and understand your frustration.
I got zero replies in private, zero, not even an auto responder
But immediately it got eyes here days later he replies, now he will drag this out for a long time because I will never stop till I get the money back which is exactly what he wants. I have no other way to solve my needs except those coins, I won’t get another salary till 4 weeks , so this is my second job now.
June 29, 2023, 08:11:45 AM
I don't think that the conclusion "Most people who use mixers probably know how to safely generate a private key" should be taken lightly, It's evident that many still don't understand the importance of keeping PKs really private. One user has just applied for a signature campaign, publicly publishing the private key.
Although everything is clearly indicated in the whirlwind.money page, it is evident that it still needs to be emphasized even more.
Apparently, he replaced it with a new deposit address after the suggestion of another member.
Although everything is clearly indicated in the whirlwind.money page, it is evident that it still needs to be emphasized even more.
Bitcointalk Profile Link: https://bitcointalksearch.org/user/serveriacom-1226849
Current amount of posts: 3329
EARNED merit in the last 120 days: 37
whirlwind.money Public Note address for Payouts: ww-Ky5Zgxs54x2pNdnZk5KqJG251h9gyqKfi1BsMbDGELiE71L4rozE
Current amount of posts: 3329
EARNED merit in the last 120 days: 37
whirlwind.money Public Note address for Payouts: ww-Ky5Zgxs54x2pNdnZk5KqJG251h9gyqKfi1BsMbDGELiE71L4rozE
Apparently, he replaced it with a new deposit address after the suggestion of another member.
The example you posted above isn't related to people who use mixers, that user was 'applying for a signature campaign' that happens to be for a mixing service, it's very likely that he doesn't use mixers, which is fine, but my statement was for those who actually use mixers, I doubt that the % of people who actually mix their coins don't understand what private key or how to generate one using a wallet.
Also, that conclusion should be read in context, when you use Whirlwind you have to deal with a private key one way or the other, you either generate it using the front end of Whirlwind's website, or using another wallet like Electrum or even a mobile wallet, the end result is the same (you get a private key), but the possibility of losing it is a lot higher when you rely on your memory to help you save the private key before you close the browser or hit "next".
Furthermore, when the user copies the private key from Whirlwind website, they are most likely going to save it as plain text on their computer, while if they generate a private key using a proper wallet, that private key will be encrypted, you don't have to save, and even if you lose your computer you still have access to the private key assuming you have backed up your wallet.
So now even if we were to assume that the majority of people who use mixers DON'T know how to safely generate a private key, they are still better of take that risk than risk 1- not saving their private key generated on browser 2- losing that private key 3- the key is exposed in plain text.
Dude, I cant sign a message, what more can I do, wdf
But you said you have the private key, if you do, you can sign a message, just because the wallet you use doesn't allow you to use that, it means nothing, check this https://reinproject.org/bitcoin-signature-tool/#sign , repo > https://github.com/weex/bitcoin-signature-tool
I have not checked the code but you can easily find some trusted tools which you could use offline to sign a message, you could also import that private key to a proper wallet and then sign the message.
June 29, 2023, 07:45:51 AM
but now the admin is also using me to farm engagement too it seems.....
I doubt that the discussion being held here is what they are looking for when it comes to advertisement/engagement.
They have an active signature campaign and would probably prefer you had not made that mistake...
Your mistake is essentially costing time and resources that could be spent on developement.
To assume they are trying to gain at advantage out of this situation seems uncalled for in my opinion.
None the less I hope you get your coins back and understand your frustration.
June 29, 2023, 06:31:02 AM
I dont have use for the wallet anymore, I have withdrawn my remaining money to a new address, so yea, the admins can scrutinise the wallet themselves since letter of guarantee is not sufficient, I'm exhausted and very tired.
Admin has refused to reply support email and i'm getting support from the forum. I'm just trying to resolve this so i can move on with my life, but now the admin is also using me to farm engagement too it seems.....
Admin has refused to reply support email and i'm getting support from the forum. I'm just trying to resolve this so i can move on with my life, but now the admin is also using me to farm engagement too it seems.....
June 29, 2023, 06:27:59 AM
Dude, I cant sign a message, what more can I do, wdf
What you should have done, is import the private key into a wallet that supports transaction signing. Ideally, Electrum running on LIVE Linux offline, but since the address is empty, a hot wallet would have worked too. June 29, 2023, 06:17:50 AM
Dude, I cant sign a message, what more can I do, wdf
Agreed. It's unlikely for all users to read everything on Bitcointalk.
(Not counting that someone hacks in user computer and steals the original document).It could have been a hack as you say, but it could also be the person with the LoG pretends to be someone else. It could also be the website itself claiming to have received the LoG by someone else already, and there's no way for the user to confirm this. Either way, it's opening up a can of worms.
You did not get a reply because we simply ignore support requests where users forget or don't save their private keys, this was the general consensus when we had the same issue a few weeks ago.
My opinion is that you should still reply to received support emails, and write him at least one simple explanation, this can even be general reply email.What if we refund this user based on the guarantee letter and then we receive another support request from 'someone else' with the same guarantee letter while also having the private key telling us that he doesn't see his balance on Whirlwind anymore and accuses us of scamming? Do we refund that user as well?
How can there be two (or more) exact same letters of guarantee?(Not counting that someone hacks in user computer and steals the original document).
As an extreme solution to prove how important this money is to me right now I can fully DOX.. What more do you need @whirlwind.money
There's no need to DOX yourself, and it doesn't help your case either.I've just sent the private key to support email.
That was dumb. In Bitcoin, ownership is proven by signing a message, not by sharing a private key. Now you're no longer the only owner of that address. June 29, 2023, 06:16:22 AM
You did not get a reply because we simply ignore support requests where users forget or don't save their private keys, this was the general consensus when we had the same issue a few weeks ago.
My opinion is that you should still reply to received support emails, and write him at least one simple explanation, this can even be general reply email.What if we refund this user based on the guarantee letter and then we receive another support request from 'someone else' with the same guarantee letter while also having the private key telling us that he doesn't see his balance on Whirlwind anymore and accuses us of scamming? Do we refund that user as well?
How can there be two (or more) exact same letters of guarantee?(Not counting that someone hacks in user computer and steals the original document).
As an extreme solution to prove how important this money is to me right now I can fully DOX.. What more do you need @whirlwind.money
There's no need to DOX yourself, and it doesn't help your case either.I've just sent the private key to support email.
That was dumb. In Bitcoin, ownership is proven by signing a message, not by sharing a private key. Now you're no longer the only owner of that address. June 29, 2023, 04:28:26 AM
IF support doesn't reply after 5 days, can I now call it a scam?
Or is 5 day not enough too??
You did not get a reply because we simply ignore support requests where users forget or don't save their private keys, this was the general consensus when we had the same issue a few weeks ago.Or is 5 day not enough too??
If somehow the community thinks this situation is different and it warrants a refund, then as always we have no problem doing it as long as it doesn't open the door to other types of abuse later on.
Of course, someone can say that you need to be patient, but I used to like this mixer for its efficiency and speed, but now it is turning into something extremely slow and sluggish. I hope all these problems will be solved soon.
Was your issue resolved? If not please DM or send an e-mail to support. We use lots of servers and Tor circuits sometimes break creating delays, if these issues are more common lately we will make some improvements so it doesn't happen anymore, or at least not this often. Also our clearnet version has been DDoSd continuously for more than 10 days now so that's why it throws errors sometimes.I guess this is just an unlucky situation that @whirlwindmoney is absent currently.
We are not absent, our e-mail response time is usually under 6 hours, and at most 24 hours in exceptional cases. We simply thought that this situation was discussed already and clear for everyone and that's why we did not reply to this specific user.So basically the question is, again: should we refund if the user only has the guarantee letter but not the private key, or should we stick to the rule that if you lose the private key you lose access to your funds?
What if we refund this user based on the guarantee letter and then we receive another support request from 'someone else' with the same guarantee letter while also having the private key telling us that he doesn't see his balance on Whirlwind anymore and accuses us of scamming? Do we refund that user as well?
We understand it may be frustrating when unfortunate things like this happen, but like we said the last time we really need to draw a clear line and agree on some 'procedures', otherwise we'll solve this issue today and have another one pop out immediately.
I will give you the deposit wallet private key, how about that, what more can I do to prove I sent this, I quickly posted here and sent a support email the same hour after the deposit was made. I still have the tab open and can prove anything you want. Jesus
No it would not be sufficient for anything and to go through all that hassle just because someone using their service has made a series of errors is not productive nor a good signal to send out to others who use the service incorrectly.
Having said that, the letter of guarantee is sufficient and the address within it should be the address the rightful owner is capable of signing a message. If the owner cannot sign a message from the address because it was going to a coinjoin address, the owner should not have his mistakes paid for by Whirlwind. What would happen if Whirlwind paid him for his mistake and then a few days later another member presented the same letter of guarantee along with a signed address claiming he is the rightful owner?
If the circumstances surrounding stormbounty losing his private key are correct, he will have to both take and accept the loss and then move forward. If he wants to use Whirlwind again he will have to keep in mind how it works otherwise he should use the services of an alternative he finds more convenient.
So do you still have the page open currently?
Wouldn't that be a sufficient way to prove that @stormbounty is for sure the rightful owner of this note if you say screenshare/livestream to whirlwind support and they can actually confirm?
Having said that, the letter of guarantee is sufficient and the address within it should be the address the rightful owner is capable of signing a message. If the owner cannot sign a message from the address because it was going to a coinjoin address, the owner should not have his mistakes paid for by Whirlwind. What would happen if Whirlwind paid him for his mistake and then a few days later another member presented the same letter of guarantee along with a signed address claiming he is the rightful owner?
If the circumstances surrounding stormbounty losing his private key are correct, he will have to both take and accept the loss and then move forward. If he wants to use Whirlwind again he will have to keep in mind how it works otherwise he should use the services of an alternative he finds more convenient.
oh come on, i'm still on the page, no other mixer does this, none, if i left the page and returned it would have been different, i watched the deposit come in, yet i cant withdraw.
So do you still have the page open currently?
Wouldn't that be a sufficient way to prove that @stormbounty is for sure the rightful owner of this note if you say screenshare/livestream to whirlwind support and they can actually confirm?
Because signing is not possible with the wallet i used I will produce the private key, so how about that. Still not sufficient?
June 29, 2023, 04:11:16 AM
Currently the private key is generated by the user in the frontend on the main page. If we were to show it on the next page as well that would imply we generate it ourselves and store it, that's why we didn't do it.
So this raises another question for the community: Do you think we should show the private key on the deposit page as well if that implies we also have access to it?
Others will no doubt express their opinions but I think if you showed the private key it would imply that a breach of trust has occurred. In my opinion it would be a mistake to do that.So this raises another question for the community: Do you think we should show the private key on the deposit page as well if that implies we also have access to it?
I would, once again, lean towards the more clear-cut yet harsher side of things. It is stated before you Generate the note and once you've generated it that you need to save the private key or else your funds will be considered lost. Like I've said before it's a tough situation but user error should not compromise the overall security of a service.
I do not why the member in question felt the need to use tor and clearnet together when he simply could have just used tor.Something went wrong and he ended up with a letter of guarantee and nothing else (no private keys). Is it fair to say that the full error lay with him rather than his version of events where is stated as saying some part of the blame lay with Whirlwind because they had hosting issues?
For me the way I understand it from previous posts, the clearnet will always be under some form of DDoS and all have been advised on a number of occasions to use tor therefore I fail to see why he is claiming Whirlwind are part responsible for him not saving his private key when he was opening and closing multiple tabs and using multiple browsers.
In this scenario, the user has stated he can provide a letter of guarantee. Assuming this letter of guarantee is indeed the correct one, it will have a deposit address inside it. If the user can also sign a message from the address(es) which sent funds to the address contained within the letter of guarantee, I would say that's pretty compelling evidence that the user is telling the truth and does indeed own those funds.
You are right about the letter of guarantee, he can provide it but he cannot provide a signed message from the address. He has already stated that will be unable to provide a signed message because he was withdrawing the funds from Whirlwind to send to a coinjoin address (maybe to Coinomize, YoMix, [banned mixer], Mixero, Mixtum or another). This service is made for humans, Humans make mistakes, I believe I can sufficiently prove I sent the money, I sent using sparrow wallet, I can send another one to show I control the originating address before funds got split and coinjoined, I have the letter of guarantee, I still have the tab open (though it now pops up an error message cos its been more than 24 hours).
My only mistake was copying the private note key from the wrong tab
IF support doesn't reply after 5 days, can I now call it a scam?
Or is 5 day not enough too??
You did not get a reply because we simply ignore support requests where users forget or don't save their private keys, this was the general consensus when we had the same issue a few weeks ago.Or is 5 day not enough too??
If somehow the community thinks this situation is different and it warrants a refund, then as always we have no problem doing it as long as it doesn't open the door to other types of abuse later on.
Of course, someone can say that you need to be patient, but I used to like this mixer for its efficiency and speed, but now it is turning into something extremely slow and sluggish. I hope all these problems will be solved soon.
Was your issue resolved? If not please DM or send an e-mail to support. We use lots of servers and Tor circuits sometimes break creating delays, if these issues are more common lately we will make some improvements so it doesn't happen anymore, or at least not this often. Also our clearnet version has been DDoSd continuously for more than 10 days now so that's why it throws errors sometimes.I guess this is just an unlucky situation that @whirlwindmoney is absent currently.
We are not absent, our e-mail response time is usually under 6 hours, and at most 24 hours in exceptional cases. We simply thought that this situation was discussed already and clear for everyone and that's why we did not reply to this specific user.So basically the question is, again: should we refund if the user only has the guarantee letter but not the private key, or should we stick to the rule that if you lose the private key you lose access to your funds?
What if we refund this user based on the guarantee letter and then we receive another support request from 'someone else' with the same guarantee letter while also having the private key telling us that he doesn't see his balance on Whirlwind anymore and accuses us of scamming? Do we refund that user as well?
We understand it may be frustrating when unfortunate things like this happen, but like we said the last time we really need to draw a clear line and agree on some 'procedures', otherwise we'll solve this issue today and have another one pop out immediately.
I will give you the deposit wallet private key, how about that, what more can I do to prove I sent this, I quickly posted here and sent a support email the same hour after the deposit was made. I still have the tab open and can prove anything you want. Jesus
Your reply is annoying. If the letter of guarantee is useless then what is the point, All this shouldn't an issue, all other mixers you can withdraw without having to paste anything as long as its still the same browser session, sometimes its good to follow trends of others in your niche rather than starting something new for user experience purposes. Humans are not machines.
You are confidently saying that a user of your service that deposited actual money doesn't deserve a reply to his support request because you have pre-decided a fate for their case (mine is actually very unique), deep inside the threads of a bitcoin forum. So you totally ignored their support email.
2023 Customer support award stuff for a service that is new and in "BETA"
This is DAY 5 and I still have not gotten a reply to my support request, not even an autoresponder. I really wish I can afford to ignore the money because this is shameful
As an extreme solution to prove how important this money is to me right now I can fully DOX.. What more do you need @whirlwind.money
It might not be a large amount, but its that important to me right now
No it would not be sufficient for anything and to go through all that hassle just because someone using their service has made a series of errors is not productive nor a good signal to send out to others who use the service incorrectly.
Having said that, the letter of guarantee is sufficient and the address within it should be the address the rightful owner is capable of signing a message. If the owner cannot sign a message from the address because it was going to a coinjoin address, the owner should not have his mistakes paid for by Whirlwind. What would happen if Whirlwind paid him for his mistake and then a few days later another member presented the same letter of guarantee along with a signed address claiming he is the rightful owner?
If the circumstances surrounding stormbounty losing his private key are correct, he will have to both take and accept the loss and then move forward. If he wants to use Whirlwind again he will have to keep in mind how it works otherwise he should use the services of an alternative he finds more convenient.
So do you still have the page open currently?
Wouldn't that be a sufficient way to prove that @stormbounty is for sure the rightful owner of this note if you say screenshare/livestream to whirlwind support and they can actually confirm?
Having said that, the letter of guarantee is sufficient and the address within it should be the address the rightful owner is capable of signing a message. If the owner cannot sign a message from the address because it was going to a coinjoin address, the owner should not have his mistakes paid for by Whirlwind. What would happen if Whirlwind paid him for his mistake and then a few days later another member presented the same letter of guarantee along with a signed address claiming he is the rightful owner?
If the circumstances surrounding stormbounty losing his private key are correct, he will have to both take and accept the loss and then move forward. If he wants to use Whirlwind again he will have to keep in mind how it works otherwise he should use the services of an alternative he finds more convenient.
oh come on, i'm still on the page, no other mixer does this, none, if i left the page and returned it would have been different, i watched the deposit come in, yet i cant withdraw.
So do you still have the page open currently?
Wouldn't that be a sufficient way to prove that @stormbounty is for sure the rightful owner of this note if you say screenshare/livestream to whirlwind support and they can actually confirm?
Because signing is not possible with the wallet i used I will produce the private key, so how about that. Still not sufficient?
I've just sent the wallet private key(s) of the wallet I used to make the deposit to support email.
I can also share the private key publicly in the thread, I wave withdrawn the money i have left.
I cant lose my WWM deposit, I need it urgently please
June 29, 2023, 02:21:44 AM
Most people who use mixers probably know how to safely generate a private key, so along with verifying that they indeed copied it (something like what you suggested) which shouldn't show in the next page, because, in the next page the deposit address is already displayed, it should be displayed in the same page right after the captcha, all that should contribute to fewer user's mistakes.
I don't think that the conclusion "Most people who use mixers probably know how to safely generate a private key" should be taken lightly, It's evident that many still don't understand the importance of keeping PKs really private. One user has just applied for a signature campaign, publicly publishing the private key.
Although everything is clearly indicated in the whirlwind.money page, it is evident that it still needs to be emphasized even more.
Bitcointalk Profile Link: https://bitcointalksearch.org/user/serveriacom-1226849
Current amount of posts: 3329
EARNED merit in the last 120 days: 37
whirlwind.money Public Note address for Payouts: ww-Ky5Zgxs54x2pNdnZk5KqJG251h9gyqKfi1BsMbDGELiE71L4rozE
Current amount of posts: 3329
EARNED merit in the last 120 days: 37
whirlwind.money Public Note address for Payouts: ww-Ky5Zgxs54x2pNdnZk5KqJG251h9gyqKfi1BsMbDGELiE71L4rozE
Apparently, he replaced it with a new deposit address after the suggestion of another member.
June 28, 2023, 02:35:00 PM
what is the point of a Letter of Guarantee if it can't be used as evidence?
It is evidence that something has indeed happened, but it's not evidence of who made that action, it's really nothing more than a piece of code that sings a message using the mixer's singing address.
It's useful when you don't want to save everything in a database, you can verify the signature to know that address x deposited/withdrew x BTC at x time, and that letter is sent a plain text file, which looks like this:
Code:
If my funds didn't show up for any reason, I could still contact Whirlwind with proof that a withdrawal to x address was initiated even if they don't have that stored in a database they could still verify the action. it doesn't prove anything more than that.
On the other side of things, this is what a letter of guarantee when you deposit looks like
Code:
If I send funds to bc1qke0e934n3v4dt5lgu7p8r2gvctfq54qhgtun7s and then check my note and it's empty, I can use that as evidence that this address was indeed given to me by Whirlwind, in other words, Whirlwind can't just tell me "we don't own this address, we didn't ask you to deposit funds to it".
So now the user in question is already passed this stage, he has strong evidence that he deposited funds to an address given by Whirlwind which corresponds to a private note, which is why I think at this stage the user must not be ignored when they ask for support.
So this raises another question for the community: Do you think we should show the private key on the deposit page as well if that implies we also have access to it?
That sounds like another can of worms. How about asking the user to enter the last 5 characters to confirm he copied it?I assume the majority of users don't understand that the generation of the PK is done in the front end, they probably assume that Whirlwind has a table full of PK which they randomly assigned to different notes, it would be best to advocate for using ones' own PK, ideally, you would want to FORCE the user to enter his own private key generated elsewhere and use that as their note, that way they are unlikely to lose/forget it, but for now, maybe just add a note that says (you can use your own bitcoin private key generated elsewhere instead of using our website to create that)
Most people who use mixers probably know how to safely generate a private key, so along with verifying that they indeed copied it (something like what you suggested) which shouldn't show in the next page, because, in the next page the deposit address is already displayed, it should be displayed in the same page right after the captcha, all that should contribute to fewer user's mistakes.
June 28, 2023, 01:48:16 PM
You did not get a reply because we simply ignore support requests where users forget or don't save their private keys, this was the general consensus when we had the same issue a few weeks ago.
My opinion is that you should still reply to received support emails, and write him at least one simple explanation, this can even be general reply email.Keeping quiet and not replying anything is not a good idea, unless you receive obvious spam messages.
He has letter of guarantee so he deserves some answer.
What if we refund this user based on the guarantee letter and then we receive another support request from 'someone else' with the same guarantee letter while also having the private key telling us that he doesn't see his balance on Whirlwind anymore and accuses us of scamming? Do we refund that user as well?
How can there be two (or more) exact same letters of guarantee?(Not counting that someone hacks in user computer and steals the original document).
June 28, 2023, 09:28:04 AM
No it would not be sufficient for anything and to go through all that hassle just because someone using their service has made a series of errors is not productive nor a good signal to send out to others who use the service incorrectly.
Having said that, the letter of guarantee is sufficient and the address within it should be the address the rightful owner is capable of signing a message. If the owner cannot sign a message from the address because it was going to a coinjoin address, the owner should not have his mistakes paid for by Whirlwind. What would happen if Whirlwind paid him for his mistake and then a few days later another member presented the same letter of guarantee along with a signed address claiming he is the rightful owner?
If the circumstances surrounding stormbounty losing his private key are correct, he will have to both take and accept the loss and then move forward. If he wants to use Whirlwind again he will have to keep in mind how it works otherwise he should use the services of an alternative he finds more convenient.
So do you still have the page open currently?
Wouldn't that be a sufficient way to prove that @stormbounty is for sure the rightful owner of this note if you say screenshare/livestream to whirlwind support and they can actually confirm?
Having said that, the letter of guarantee is sufficient and the address within it should be the address the rightful owner is capable of signing a message. If the owner cannot sign a message from the address because it was going to a coinjoin address, the owner should not have his mistakes paid for by Whirlwind. What would happen if Whirlwind paid him for his mistake and then a few days later another member presented the same letter of guarantee along with a signed address claiming he is the rightful owner?
If the circumstances surrounding stormbounty losing his private key are correct, he will have to both take and accept the loss and then move forward. If he wants to use Whirlwind again he will have to keep in mind how it works otherwise he should use the services of an alternative he finds more convenient.
oh come on, i'm still on the page, no other mixer does this, none, if i left the page and returned it would have been different, i watched the deposit come in, yet i cant withdraw.
So do you still have the page open currently?
Wouldn't that be a sufficient way to prove that @stormbounty is for sure the rightful owner of this note if you say screenshare/livestream to whirlwind support and they can actually confirm?