There is no mistake. Everything works as it is planned.
- In order to make it impossible to parse through the blockchain all the guarantee letters and hit us and customers with it - the system is made in such a way that the guarantee letters do not appear immediately after the transaction, but with a delay of 5-10 minutes.
PS. We strongly recommend that other services follow these rules, if they are not indifferent to the idea of anonymity.
Could you explain more?
How is delaying the generation of the letter of guarantee (which is only accessible to the costumer) helping with making "parsing through the blockchain" impossible? I don't see the point (?)
There are three different points. 1) We do not store the masterkey on the server, so we can not make guarantee letters immediately. We generate them on others computers after creating an order within 5-10 minutes (this is a lag to load the order and send the letter back).
2) we do not store it, as it is not safe. Remember the mixer closed by the Dutch police. They took everything from there everything they can. Therefore, we do not store anything there longer than the time required to process the order. After the order is done (the outgoing transaction is done, or the order is expired all information is deleted - incoming and outgoing addresses, guarantee letters.
3) If a person uses a web version, his sessions may be compromised. Leaks through the browser, mitm, etc. Then having the url of the guarantee letter, you can find out the parameters of the order - from where and to where.
Well, not only the master key (masterkey is private from addresses which are signed with).
We upload to the server all addresses that are issued to clients, one at a time. In case of server compromise, there will be no possibility to find out which addresses were used before.
Usually loaded xpub and derived from it (derivation path). We don't do this.
Summarizing....We thought of everything. Generating a guarantee letter requires location a private key from the wallet that creates the signature on the server of mixer. In case the mixer is compromised, its customers will be able to give out fake addresses and fake guarantee letters. We sign the addresses that we give to clients on computers that are not connected to the Internet, then we unload the signatures together with the wallets at our server. This ensures that addresses given to customers can in no way be compromised by a third party (intelligence agency or hackers), under the term that the client will verify the signature.