Topic: [ANN] Whirlwind.money | ⚡No Fee⚡ | Ultimate Privacy | Anonymity Mining 12% APR🔥 - page 34. (Read 12718 times)

Clearnet is online but still experiencing very strong DDoS. If it doesen't load fast enough or at all please use Tor version, it works falwlessly.

We are sorry for the inconveniences caused by this, but it's a complex issue to tackle if you do not use Cloudflare or other alternatives. We strongly believe that any downtime because of DDoS on the clearnet service is worth it in favor of introducing a MITM voluntarily. It doesen't make sense financially as for sure we are losing a lot of business because of it, but Cloudflare is really a no-go. It's unacceptable and outright dangerous to use it for a service of this type.

If you use any service through their clearnet domain that is protected by cloudflare, all your information including deposit address and destination addresses will be without a doubt stored in a cloudflare's database available for review at any future time. Even if the operators decide to use Cloudflare I think the risks should be clearly explained, I bet most clearnet users are not aware of what I said above, otherwise I guess they wouldn't use it. Even using mixing codes which means keeping logs is 'better' than using cloudflare since only the operator would have access to them, the bad things is that it happens for Tor users too so you can't avoid it.

See this thread for more info on why cloudflare is a very bad solution for privacy services: https://bitcointalksearch.org/topic/mixers-using-cloudflares-ssl-certificates-5247838

I agree with this, but I don't expect it to grow by that much even once the platform is more established. And the figure will be the same for both Fast and Note since outputs look identical. One more advantage of our approach is that while the privacy level is as high as it can be, everything is visible on the blockchain so everyone can check it for themselves. We do not use any dubious or "patented"/"secret" BS algorithm. It's a very simple but powerful concept.

Interesting fact: More than 90% of deposits originated from Binance as of today not including other CEX, not that we have nearly enough data to draw conclusions but it's safe enough to say that the overwhelming majority of users of privacy services are acting in good faith and are not criminals by any means. *

To better understand Whirlwind's strength, how the multi-sig history will look like in the future once we see some more usage and why it's almost impossible to deanonymize transactions we could compare it to a wallet of a no kyc cex, for example this one: https://mempool.space/address/bc1q8yja3gw33ngd8aunmfr4hj820adc9nlsv0syvz -

Because of the sheer volume and total number of deposits paired with the fact that you can't know when or if a specific deposit was even withdrawn, you cannot link deposits to outputs. Even though you receive coins from a pool where your own coins were sent to, that does not mean anything if observers don't have outside information. But in that case it's not Whirlwind's fault. To be frank I wouldn't even call Whirlwind a mixer, a Privacy Pool is a better term. But for now until we become more established we will continue to use this term.

*if i'm not mistaken the address listed above is kucoin's wallet and it has a 3 or 4x worse AML score than Whirlwind's multisig.

A higher donation doesen't add extra privacy, nothing different happens behind the scenes. I should have said "but because they perceive it as better privacy since they don't yet fully understand how the system works"

Will look into updating the profile too at some point, thanks for the suggestion.

We aim to release the Pay to Note feature as early as next week. Latest changelog update:

What tool/website you used to check this score?
Chipmixer had higher score because they existed much longer, so everyone had time to add their address into their tracking systems.
New mixers will naturally have lower score at beginning, but I expect it to grow in future with both fast and note option.

How exactly higher fee means extra privacy?
Is it similar like chipmixer had with their service or you are using some additional mixing for higher fees?
Anyway, it was good decision to make, it should attract more users for sure.

PS
I think you should really add more information and links about your service on your bitcointalk profile, it looks more official that way.
Junior member rank also gives you the right to wear simple signature, so you can use it.
https://bitcointalksearch.org/user/whirlwindmoney-3537433
 

As of now we are consolidating all received UTXOs at every output transaction so it's not possible to send instantaneous withdrawals for every 0 hour delay request. They are sent randomly either at the :30 minute mark or at :00 every hour.

JS is needed for the functionality so we cannot offer a clean version with the current system. On the other hand we will open source the frontend and that will also reveal the backend's endpoints so you will be able to run it yourself.

LN hubs and similar things would complicate everything tremendously and we can't afford that as of now. It's still a challenge to explain and convince users of the undeniable privacy advantages that Whirlwind offers over any other service since nothing similar existed before.

This is also the reason why we didn't already implement the Blind Certificates, besides the fact that users don't seem to care or have any issues with the fact that other services are outright lying about not storing logs (mixing code) among other things, so it's hard to see how the Blind Certificates would add any value.

There is no problem with the withdraw since you can choose exactly the amount that you want to receive. As an example let's say you made a 1BTC deposit and got a Note, afterwards you could withdraw 0.5BTC to an address and the rest at a later time. You don't need to spend the entire balance in one go. You are in full control over the process so we don't see how not having the option to choose the withdrawal fee could ever be a problem. You can choose your own "fee" by leaving some coins on the Note's balance which you can withdraw at a later time regardless.

Clearnet is unavailable for now, please use Tor version until it's sorted out:

Now that sounds exciting, and your project sounds ambitious
Has this problem been resolved?


Are there any plans for these proposals?

---

This seems like something new, but I still see that your problem is with the withdrawal, if there is no option for the user to choose the withdrawal fee or it is random, then the problem still exists.

However, at this moment I can't access .money, it gives me an error message related to security.

Ironically after our latest message the DDoS attacks intensified a lot, so for the time being clearnet is down. The Tor version works perfectly so please use that instead for now, we will solve the issue in the next hours. We will also add a suggestion to use the Tor version on the clearnet site whenever it's under heavy enough DDoS that it doesen't load anymore.

That's a very good point and one we did not consider. You could send from a Note to another one you own, so you continue to have plausible deniability even if at a future time the service gets compromised and we lied about the logs policy and actually stored everything all this time.

*This would be solved by the Blind Certificates regardless, but for now I'm still not convinced enough demand exists to warrant developing that. On the bright side usage is increasing and the donation model seems to have the potential to work

They can create an empty note for you to pay to and the process would be the same as now.

We thought users would panic if they don't receive their funds back according to the delay they set, but you are right that the standard procedure should work this way. If a longer downtime ever exists and someone really needs his funds back faster he could reach out to support

We will check on all of them when we get to that, but currently the UI is the actual last priority. We improved it enough that it's completely usable, every button works and nothing is horrendously out of place so for now it's good enough

This is awesome, and I'm keen to give it a try.

As an added bonus, could a user not essentially send money from one note they own to another note they own, thereby gaining even more privacy since at that point even you wouldn't know if they had sent money to someone else or just back to themselves?

Can you do this with an unfunded note? What I mean is, if I want to use pay to note to pay another user, do they need to have a funded note already, or can they create an empty note for me to pay to?

IMPORTANT UPDATE!

During the past few days since the last changelog update we worked tirelessly on addressing the issues raised in the review campaign and evaluating all suggestions for new features. Let's start with the issues:

We are now confident enough to communicate that the stability issues have been fixed. While short downtimes* could still happen every now and then because of our architecture**, using the service should now be a much more pleasant experience.

You will find the changes that we made today quoted at the end of this post, and this is what's left for the following days:
-Sweep deposits more efficiently
-Add support for all address types
-Popups for success and error messages instead of alerts
-Outputs from main address will be sent with a higher fee to avoid transactions getting stuck (if we continue to consolidate all received UTXOs)
-Delay time will be respected even if the service has downtime***
-Fix UI issues on mobile

If we missed anything let us know and we'll add it to the backlog.

And now the most exciting part, suggestions and new features:
-1 confirmation for small deposits
-Lower minimum deposit for Notes so you can consolidate small balances anonymously
-Pay to Note

Some users suggested that we should implement a 'Split Note' feature, where instead of combining 2 Notes together to consolidate their balances you could also split a single Note into multiple smaller ones. The idea behind this was that instead of sending someone BTC and revealing your address while also paying fees, you could split a Note with your desired amount and send it to the person directly in an anonymous way.

We considered this but there is one huge disadvantage if we implement it in this form, and one that is not acceptable to us. The receiver could lie about the Note being empty or not having the agreed balance, and as a sender you would have no way of proving it.

Here is where our Note system really shines. When you 'generate' a Note, what you are saving is its private key. Each Note also has a corresponding public key that is displayed in the Letter of Guarantee. (API Address)

This makes it possible to implement a Pay to Note feature where from your own Note's balance you can send any amount to another Note's public key, essentially enabling feeless and anonymous BTC transactions. Whirlwind will sign a Letter of Guarantee for each transfer so the sender will be able to prove that he is acting in good faith in case any issues arise.

As an example let's say you want to send your friend 1BTC. Currently you would need to send it through a normal transaction, revealing both your and your friends addresses in the process. With the Pay to Note feature you would only need to ask your friend for his Note Public key, and you can use that to send him the 1BTC anonymously and for free through Whirlwind from your own Note balance. He could then use his Note Private key to withdraw it to his address/es through the normal process. Unless you tell him yourself, not even your friend will be able to know your originating deposit or any information about you at all.

We reckon this would be a huge breakthrough and hope that you are as excited as we are for what's coming!

Ready to answer any questions or concerns!

*seconds, maybe a few minutes in exceptional cases
**we use a backend + validator model, multiple servers have to sync through Tor all the time so 100% stability isn't achievable with the current level of security. You can read more about it in the discussion thread I started, but in short we value security above everything else
***currently if you have to receive 2 outputs in 1 and 2 hours respectively, but the service is down for 3 hours, whenever it's getting back online you will receive both outputs at the same time. it will be changed so that you only receive the first one and then have to wait for another hour to receive the second

Hi -

As of now "no fee" is correct. You are free to choose 0% and it's defaulted to that on the website, anything over it is treated as a donation. Some users may choose a number over 0% not because they want to donate to us, but for extra privacy, so the option is there regardless.

No limits means that you can withdraw in as many addresses as you want, wait for as long as you want before you withdraw, consolidate multiple inputs into one bigger output anonymously and there is no maximum deposit limit. Basically you can do whatever you want.

Hello, I saw your new campaign signature, and I think some of the information in it is inaccurate, so I want some details:

Is the term “no fee” correct? whirlwind.money is still working on a fee system, but you can pay 0% to 4%, and the owner of the site has indicated that if sufficient returns are not achieved, the fees will be increased.

optional fees or Zero fees

what does “no limits” mean, that is, there are no maximum limits for depositing, or what?

The closest thing I've found is:

no time limitations

@Hhampuz ask me to post it here

https://bitcointalksearch.org/topic/m.62078831

My guess is that it will never be answered for obvious reasons

1 hour ago you posted another message saying that we didn't send your funds back and we scammed you, then you deleted it and now you posted this.

So which one is it? That story wasn't credible enough?

thank you for your 'review' nonetheless, I won't waste my time responding to that. Your last sentence (not to mention your very short post history) shows you have no clue what you're talking about. good luck using other services!

I tried this mixer and was waiting for 12h it to mix. And have to conclude that it is absolutely useless piece of crap. It's transacations are absolutely easily tracable. You can see that your transaction going to some address, than going to other, than going to your withdraw address. Yes, there are some other guys transactions, but they don't hide anything. Using the stupidest amount based analysis you can get the original bitcoin address.
whirlwind now will respond that it is designed to be so, that I should wait for more (more than 12 hours?), I should now withdraw all the sum (but parting will not help, I need all the btc go to the same finak address) etc. But perform mixing is your job here, not mine.
In fact the design of this mixer is extremely stupid, I strongly do not recommend using of it or take seriously.

That question has never really been answered. The first time I've seen it, was July 2, 2017. They (the biggest mixer at that time) didn't answer the question, but closed shop 3 weeks later.

I wouldn't point fingers at anyone including our competitors, even if that's the case it's still irelevant to us. We have the knowledge to deal with it without using 3rd parties and it seems that for now our DDoS protection works very well. After the latest updates we didn't experience any more downtime.

Besides, when it comes to our competitors DDoS is the least of my concerns, there are more important issues that might affect trust in our service too since people might think Whirlwind is run in a similar way. I don't want to sound harsh but I'd be more interested to find out explanations to the following concerns which IMO are valid:

1.Jambler.io based mixers: Why would anyone trust you since you basically only act as an intermediary? If you don't have the ability to create the service yourself I don't see a possibility where you're competent enough to run it safely. This is not a Wendy's franchise

2.Jambler.io respresentative himself made some interesting statements:
Almost 5 years later Cloudflare is still there, same for their partner services. In fact you are even using google analytics which is sort of ridiculous (other services do too). So if Jambler.io partnered services are ordinary people that don't even need to know how to code, Jambler.io themselves are ordinary people, is there anyone that actually knows what he's doing? This is a legitimate question

3.Mixing codes?
It's been repeatedly stated by multiple competitors that mixing codes can't link your transactions and they don't involve storing any logs. How does that work? Is it possible to mark certain coins so they are not later sent to the same depositor, without knowing exactly which coins those are? I don't think so but you could easily prove me wrong if that's not the case.

Thank you for the suggestion, will look into it.

Currently we are focusing on improving the usability of the platform since we solved most of the stability issues. Some new features were also added to the backlog, I'll give more details when I respond to the review campaign suggestions that were not implemented yet.

A very small suggestion

To add a to the header.
And maybe to improve the ? Something like Whirlwind.money  Optional Fee 0%-4%  Bitcoin Mixer Ultimate Privacy

There are too many folks coming to mixers from search engines, so I would say there is a lot of money to grab from it.
And seeing the number of scams ranking in google, I think it's correct.

Doing it will give more exposure to Whirlwind in the SERP. Actually Google thinks the website is about Please wait 0 seconds... DDoS Protection, not about a mixer.

Is it possible that is simply comes down to one competitor trying to cause disruption to another? Even though that would seem the most ridiculous of explanations could that actually be the most plausible?

Why the hell have all mixers gone under DDoS attacks these days?

There must be a mixer grinch lurking about here.

Thank you for the suggestion! It's already WIP, jayce was away for Easter until today.

Latest service update:

Going to need to update the signatures to reflect the 0% fee now! A 0% fee is a huge draw over other more traditional mixers, and the word needs to get out there that Whirlwind has a 0% fee vs. the current .25 - 4% fee detailed in the current signatures.

Exactly, this is what I also thought of. There are many mixers that are in the globe at large and the forum in particular. But the activeness and the services rendered by the mixer will determine the number of visitors in the mixing site. If the Op site engineers are experts of developing site, they can be working while the site is running, what they have to do is to work on the the backup file either in HTML code or the software backup and when they have finished the additional information then they upload it without shutting the site down. Shutting down a site for maintenance is not a good idea. Work anything you want to add behind the scene and add it up. That is my little contribution to OP.

There is only one way to find out if the optional fee could work and that is to try it out for a while. 3 months is a decent timeframe and should be more than enough to convince ourselves if this is viable or not,  and even if it's not the money would not be wasted as profits are not the only goal of this trial.

At worst after 3 months we lost a bit of money, but the anonymity set and security of the entire service will be so strong that there won't be a single reason that would make it worth it for someone to use a competitor instead of us. You would get provable and undeniably better privacy at a much lower price.