Author

Topic: Bitcoin Tumbeling service (University Project) (Read 204 times)

legendary
Activity: 1624
Merit: 2481
what do you expect as a customer from a tumbeing service?  I mean should it have some other functions too beside shuffeling only your coins ?

I think the highest motivation for using a mixing/tumbling service are driven by:

  • Privacy:
    How 'good' are the coins mixed, any tracable logs, etc.. 
  • Functionality:
    Is it possible to find the matching payments through blockchain analysis, is there a time difference, 'gambling' opportunity to in-/decrease the amount?
    Is there an option to mix coins on a regular basis without those transactions being linked in the end..
  • Reliability:
    Is your service always accessable, what is the maximum number of BTC's one can mix..

newbie
Activity: 5
Merit: 0
When considering your User Stories you might want to cover the tradeoffs between security/privacy and speed/usability.

I think that balancing act will really drive and define some of the direction you then take with the more technical aspects of the architecture and implementation
copper member
Activity: 42
Merit: 0
Really liked your Teacher, is there any possibility i learn more about him/her via pm?
legendary
Activity: 3010
Merit: 3724
Join the world-leading crypto sportsbook NOW!
what do you expect as a customer from a tumbeing service?  I mean should it have some other functions too beside shuffeling only your coins ?

Kind regards
Alex

Well, you've to first identify what the primary motivations are for someone wishing to use tumblers/mixers. Let's say for the simple purpose of enhanced privacy, or at least, making it more difficult for someone to track their transactions. But if using the service achieves those objectives for them in relation to their Bitcoin use, but exposes them or expands their vulnerabillity in some other way, then it makes the service redundant. For example, does the site keep logs of orders? May be necessary for a certain time period, but should be purged when mixes are successfully completed. Or, does the service have enough volume to obfuscate individual associations? If a person who mixes wants to distance transaction associations, then the same person would want no association with mixers.
newbie
Activity: 10
Merit: 0
what do you expect as a customer from a tumbeing service?  I mean should it have some other functions too beside shuffeling only your coins ?

Kind regards
Alex
legendary
Activity: 3010
Merit: 3724
Join the world-leading crypto sportsbook NOW!
A bit of an ambitious scope, especially if you say you don't understand it much. Tumbling/Mixing services haven't actually changed very much over the years, as I've seen, although the ChipMixer service (I also carry it in my signature) probably introduced one of the more recent innovations in its concept of "chip" denominations, adding off-chain elements (you get "chips", basically a private keys that gives you access to been pre-filled coins, meaning there's no on-chain link to your) plus even a random aspect (you can gamble with and/or donate chips to make it more difficult to associate your coins by amount). To me, this makes it better than others but you should check out their service yourself to learn more.

It's accessible on both clearnet and TOR, but I think this has been standard practice for mixers for many years. You can count this as a user story from me too.

 

newbie
Activity: 10
Merit: 0
hello guys,

my teacher was so nice and inform us , that the hole class has to take bitcoin projects and i was thinking to take a bitcoin fork project, but my teacher destroyed my dreams and gave me a Tumbeling service for bitcoins. I was like maaaah ok whatever  Cheesy. Now we have to define :


-Scope of work and requirement definitions
–Main functions necessary for the platform
-User stories
-And wireframes development.
-what makes your tumbeling servervice better then others (BAAAANG this question shocked me almost, what would you say?)
-additional functions from our side based on professional experience



but i dont know how to bring these simple questions to a bulletprof project. (IVE NEVER DONE A BITCOIN PROJECT OR HAVE PROJECT KNOWLEDGE BUT ITS INTERESTING)

my point of view:

Everything should run on a VPS (if its possible Full node + Config)
An Clearweb and onion website with Bitcoin Core running on the back end.

Exchange Api’s (3rd party) or should they run a Fullnode.
I wouldn’t rely on a public APIs, not only, because they are unreliable but if I want to hide my server, then I can only do requests to them with Tor and I noticed many times these APIs suddenly stop accepting requests over Tor or using all kind of rate limiting.
3rd party services, I don't have any issues with it. But some people suggested that it might be less secure than using a wallet locally on my server.
I think the best option is running your own full node (e.g. bitcoin core) and then on your server connect to it using JSON-RPC to generate addresses and request payments. it’s just provide realiability, and more privacy.


A website mixer, they don’t provide much privacy, due to amount correlation and the wallets those are being used to interact with you are also terrible from a privacy point of view. Failing this, they want to at least have fixed denominations for your mixer, so it’d at least provide some privacy. Eg. enable mixing 0.01/ , 0.1 and 1 bitcoins, and don’t let them do something like 0.12353243 btc to be mixed, since Blockchain analysis can identify the transactions related to the mixer and based on simple amount analysis would easily reestablish the links.

- Server side bitcoin mixing (VPS) / blending / tumbling service
- - Safe and non-traceable algorithm
- - Letter of Guarantee
- - Bitcoin must not be on online wallets. Nobody should have the full power over Bitcoin except me.
- - 2FA Verification (PGP)
- - Affiliate-Program (Refferal Link)
- - 2 to 3 additional functions (But i dont know on the customer side, i would like to have maximum privacy/security

- Others:
- - VPS hosting, SSL, DDOS protection incl. Cloudflare
- - Extensive documentation (A to Z, Change Management, Audit)
- - Everything must be able to run on a Tormirror or after a domain change
- - Everything has to be "hackproof" and withstand later audits



Kind regards and thanks for the help

Alex
Jump to: