Author

Topic: blindmixer.com - CLOSED (Read 1265 times)

copper member
Activity: 29
Merit: 28
December 03, 2023, 04:30:01 PM
#48
It's good to see that it is possible to withdraw funds from your platform even though you stop doing business, but why is there no warning or any information anywhere on the site that the service stops working?
I just registered an account and I didn't come across a single notification why is it even possible to create a new account on a service that stops working?
I made a similar suggestion last month. Maybe they missed it out, but I think it would be a good idea they implement it. So many people out there only check this threads once they realize their money is stuck, not before using the service.

This is unfortunate, but I guess everything has a beginning and an ending. At least you are signing out honorably rather than some service that just decide to exit scam. My three suggestions.
  • Disable the creation of new wallets that may lead to some unsuspecting members using your service not knowing that it's shutting down
  • Maybe add a warning banner or notification on your home page or user dashboard stating that the service is shutting down
  • Extend the deadline for withdrawal of money from the current custodian if need be. 2 weeks seems like a narrow window.

I am glad they extended the deadline.



I did not know that the service would no longer work because I did not see any warning anywhere. In the last month, I had 5-6 transactions and everything worked properly. Yesterday I sent 0.012 btc to blindmixer and then I saw that something was wrong. The transaction status says: pending conf. An error also appears: "Failed to fetch" and "Custodian is not aware of the hookin!". In the meantime, I sent an email to support as well as a private message to the OP, but no one answers. Is there any possibility for me to save those bitcoins?
We've sent you a pm.
copper member
Activity: 2128
Merit: 1814
฿itcoin for all, All for ฿itcoin.
December 01, 2023, 10:52:42 AM
#47
I did not know that the service would no longer work because I did not see any warning anywhere. In the last month, I had 5-6 transactions and everything worked properly. Yesterday I sent 0.012 btc to blindmixer and then I saw that something was wrong. The transaction status says: pending conf. An error also appears: "Failed to fetch" and "Custodian is not aware of the hookin!". In the meantime, I sent an email to support as well as a private message to the OP, but no one answers. Is there any possibility for me to save those bitcoins?
This is sad. Hopefully you get your Bitcoins back. So OP said that if you have any issues, you shouldn't email them but rather post here. I am guessing they are not even watching the email address.

Maybe you could send him a PM as well regarding the issue. I still don't understand why they refused to take our piece of advice of disabling the service and put it on withdrawal mode only.
member
Activity: 60
Merit: 7
December 01, 2023, 10:26:59 AM
#46
It's good to see that it is possible to withdraw funds from your platform even though you stop doing business, but why is there no warning or any information anywhere on the site that the service stops working?
I just registered an account and I didn't come across a single notification why is it even possible to create a new account on a service that stops working?
I made a similar suggestion last month. Maybe they missed it out, but I think it would be a good idea they implement it. So many people out there only check this threads once they realize their money is stuck, not before using the service.

This is unfortunate, but I guess everything has a beginning and an ending. At least you are signing out honorably rather than some service that just decide to exit scam. My three suggestions.
  • Disable the creation of new wallets that may lead to some unsuspecting members using your service not knowing that it's shutting down
  • Maybe add a warning banner or notification on your home page or user dashboard stating that the service is shutting down
  • Extend the deadline for withdrawal of money from the current custodian if need be. 2 weeks seems like a narrow window.

I am glad they extended the deadline.



I did not know that the service would no longer work because I did not see any warning anywhere. In the last month, I had 5-6 transactions and everything worked properly. Yesterday I sent 0.012 btc to blindmixer and then I saw that something was wrong. The transaction status says: pending conf. An error also appears: "Failed to fetch" and "Custodian is not aware of the hookin!". In the meantime, I sent an email to support as well as a private message to the OP, but no one answers. Is there any possibility for me to save those bitcoins?
copper member
Activity: 2128
Merit: 1814
฿itcoin for all, All for ฿itcoin.
October 31, 2023, 05:13:21 PM
#45
It's good to see that it is possible to withdraw funds from your platform even though you stop doing business, but why is there no warning or any information anywhere on the site that the service stops working?
I just registered an account and I didn't come across a single notification why is it even possible to create a new account on a service that stops working?
I made a similar suggestion last month. Maybe they missed it out, but I think it would be a good idea they implement it. So many people out there only check this threads once they realize their money is stuck, not before using the service.

This is unfortunate, but I guess everything has a beginning and an ending. At least you are signing out honorably rather than some service that just decide to exit scam. My three suggestions.
  • Disable the creation of new wallets that may lead to some unsuspecting members using your service not knowing that it's shutting down
  • Maybe add a warning banner or notification on your home page or user dashboard stating that the service is shutting down
  • Extend the deadline for withdrawal of money from the current custodian if need be. 2 weeks seems like a narrow window.

I am glad they extended the deadline.
copper member
Activity: 90
Merit: 30
October 30, 2023, 10:44:08 AM
#44
It's good to see that it is possible to withdraw funds from your platform even though you stop doing business, but why is there no warning or any information anywhere on the site that the service stops working?
I just registered an account and I didn't come across a single notification why is it even possible to create a new account on a service that stops working?
I agree with your statement. Blindmixer could also simplify everything by leaving a blank site page with a link to this thread (given that email is not processed anyway).

Btw, your answer gave me a great idea! Considering that we are engaged in a complete redesign of the design, having a thin news flyer at the top of the site would be a great idea (in case an important announcement is needed). But the rest of the time it will be hidden.
legendary
Activity: 3472
Merit: 3507
Crypto Swap Exchange
October 30, 2023, 07:23:43 AM
#43
Dear all, the current maintainers of blindmixer have decided to no longer continue.

Please withdraw your money from the current custodian before October 1 2023.

If you have issues, do not email, post them here.

Kind regards,
We've extend the deadline already but there are still some deposits left. Please withdraw ASAP.

It's good to see that it is possible to withdraw funds from your platform even though you stop doing business, but why is there no warning or any information anywhere on the site that the service stops working?
I just registered an account and I didn't come across a single notification why is it even possible to create a new account on a service that stops working?
copper member
Activity: 29
Merit: 28
October 29, 2023, 10:13:51 AM
#42
Dear all, the current maintainers of blindmixer have decided to no longer continue.

Please withdraw your money from the current custodian before October 1 2023.

If you have issues, do not email, post them here.

Kind regards,
We've extend the deadline already but there are still some deposits left. Please withdraw ASAP.
newbie
Activity: 2
Merit: 0
October 29, 2023, 10:05:39 AM
#41
Hello,

I got stuck because i didn't know service was closed. I have a withdrawal pending. It said 1h to process and i started to worry after a few hours. Then i went here and saw service shut down a few weeks ago.
There's no warning on the website and many internet mixer lists still point to this service.

Can i get help to withdraw my 296758 satoshis ?

Regards

My problem got solved, thanks
newbie
Activity: 2
Merit: 0
October 29, 2023, 06:03:56 AM
#40
Hello,

I got stuck because i didn't know service was closed. I have a withdrawal pending. It said 1h to process and i started to worry after a few hours. Then i went here and saw service shut down a few weeks ago.
There's no warning on the website and many internet mixer lists still point to this service.

Can i get help to withdraw my 296758 satoshis ?

Regards
copper member
Activity: 2128
Merit: 1814
฿itcoin for all, All for ฿itcoin.
September 17, 2023, 07:03:13 AM
#39
Dear all, the current maintainers of blindmixer have decided to no longer continue.

Please withdraw your money from the current custodian before October 1 2023.

If you have issues, do not email, post them here.

Kind regards,
This is unfortunate, but I guess everything has a beginning and an ending. At least you are signing out honorably rather than some service that just decide to exit scam. My three suggestions.
  • Disable the creation of new wallets that may lead to some unsuspecting members using your service not knowing that it's shutting down
  • Maybe add a warning banner or notification on your home page or user dashboard stating that the service is shutting down
  • Extend the deadline for withdrawal of money from the current custodian if need be. 2 weeks seems like a narrow window.
copper member
Activity: 29
Merit: 28
September 17, 2023, 06:18:48 AM
#38
Dear all, the current maintainers of blindmixer have decided to no longer continue.

Please withdraw your money from the current custodian before October 1 2023.

If you have issues, do not email, post them here.

Kind regards,
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
September 05, 2023, 12:43:29 AM
#37
According to whois look up, the domain expired on the 31/08/2023 which about some 4 days back. I have no experience with running a website, but doesn't the administrator receive some email notification informing him that his domain has expired or is about to expire?
That's what I would expect. But it doesn't matter if you're not reading your email.

Quote
I also looked into their GitHub and there has been no activity there in different repositories for over a year, which makes me wonder if it's going to be one of those abandoned projects.
It looks like it. There's also no .onion website, so they're just gone. Makes me wonder if they still hold user funds, they were trying to be custodial.
copper member
Activity: 2128
Merit: 1814
฿itcoin for all, All for ฿itcoin.
September 04, 2023, 05:26:23 PM
#36
It raises serious questions about their reliability and I wouldn't recommend blindmixer to anyone either, even if they eventually sort out their domain issues. What are your thoughts on this?
According to whois look up, the domain expired on the 31/08/2023 which about some 4 days back. I have no experience with running a website, but doesn't the administrator receive some email notification informing him that his domain has expired or is about to expire?

I also looked into their GitHub and there has been no activity there in different repositories for over a year, which makes me wonder if it's going to be one of those abandoned projects.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
September 02, 2023, 08:03:09 AM
#35
What are your thoughts on this?
It can happen to anybody. Google (pun intended): $6,006.13.
Microsoft has been there too with passport.com. It's sloppy.
legendary
Activity: 1820
Merit: 2700
Crypto Swap Exchange
September 01, 2023, 09:19:29 AM
#34
Would you trust a service provider who can't even handle something as basic as domain renewal?

Quote from: blindmixer.com
This domain has expired. Is this your domain?
Renew Now!
archived

It raises serious questions about their reliability and I wouldn't recommend blindmixer to anyone either, even if they eventually sort out their domain issues. What are your thoughts on this?
legendary
Activity: 3472
Merit: 3507
Crypto Swap Exchange
June 07, 2023, 05:26:37 AM
#33
You still might be misunderstanding what blindmixer offers: we don't know the inputs associated with your unblinded coins (though we can of course infer), not just as a promise, but as a fact.

It would probably be good if you get a little more involved here and explained all the doubts about your service. Long breaks in absence here are not something that contributes to gaining trust in you, especially in the mixer industry where the competition is severe.
Everything I read here did not attract me to think of using your service.

...

Have you taken a look at our service? I think we have implemented exactly this!

Shilling about your service in other mixers' ANN threads is entirely wrong. Imagine that we are discussing the advantages of other mixers here, do you want something like that?
copper member
Activity: 29
Merit: 28
April 29, 2023, 10:15:07 AM
#32

Why don't you answer my E-Mails since weeks?

I am waiting now for weeks for my money. The service said the transaction was sent but in fact it was not and my money just got detucted.

Please check your email, we should have responded now. Apologies.

For those curious, the transaction was never propagated due to a flaw in our fee selection, as it was somehow below the min relay fee. We hope to have fixed issue this now.


I also reversed other requests in background: All incoming and outgoing transactions are transferred without any extra encryption directly through cloudflare... So if cloudflare would record all the traffic it would be very easy to trace back all transactions.
See how it works on my outgoing, non-existing transaction:



Well yes, but not quite: see, apart from browser headers and your ip, there is in theory nothing that connects your deposit to your withdrawals, as we use blind signatures in order to break that connection.
However, if you restore (resync) your wallet you will indeed make it very easy for us to infer what deposits and withdrawals belong to you, as you are querying them in quick succession.

This is a real problem we are not entirely sure how to tackle yet. Perhaps we could only allow you to restore your wallet at a certain time of day, so as to make it impossible for us (and cloudflare) to guess if there is just 1 individual restoring, or multiple.



Thats the same way how incoming transactions are checked... Just using another subdomain... "very secure"
Maybe when using TOR those two subdomains are connected to using different ips but was far as I have seen for now its not like the service is used by hundreds of people at the same time, so because of this and using other header parameters by the browser i am sure it would be possible for a child to figure out which request and wallet belongs to who. In my opinion this is not acceptable.

Indeed, it is quite trivial to guess which input belongs to which output, and really boils down to simple probability, especially with a small set of active coins (unused blind signatures).
We acknowledge this. The only way to really overcome this is by growing our userbase. Yes, we could also impose additional restrictions such as not allowing you to withdraw random amounts, or forcing you to wait some time before withdrawing, but that would probably be detrimental to the UX.

Because of it the mixer is not that blind as you describe. You could also easy track it back by headers and time. To make the whole thing make a sense you should encrypt the data in the browser somehow using keys only your server and the client nows.

We have thought about encrypting the data before sending it to our server and we might revisit this soon because indeed, there are not really any cons apart from the fact that it does not really improve your privacy, but rather gives you the illusion that it does since we can still see your ip and headers associated with an action and connect the dots.
There is really no way around it, to attain privacy you as the client will need to be proactive as well. Use the tor browser and rotate your IP between deposit and withdrawal. Wait a little bit before withdrawing, and don't withdraw the same, close, or division of the original amount.
 
And the whole "blind" thing can't work ever in my opion. Because your server always will know incoming and outgoing transactions to validate. So why don't focus on better mixing? I see people here and also I experienced receiving my coins back. Who needs a mixer where this happens?
You still might be misunderstanding what blindmixer offers: we don't know the inputs associated with your unblinded coins (though we can of course infer), not just as a promise, but as a fact.
As a result it can happen that you receive your own inputs back, because we do not associate them with "you"; that is, your original deposit. It would be impossible for us to do so due to our usage of blind signatures.

Everyone should want a mixer where this happens as a result of using blind signatures, because it is a symptom of providing true privacy, and not one that is merely based on promises.

I really like the idea of the service, but for the rest it is not usable for production.
There is a lot work to do in improving privacy and you should make the raw transaction code viewable for the sender, so when your node fails to broadcast they can do it manually.
We could indeed push the raw transaction hex to users, but it would not have helped in your case as the transaction was simply invalid.

Apologies again and agreed, there are still a lot of bugs we need to iron out and plenty of ways to improve the current product.
newbie
Activity: 1
Merit: 0
April 28, 2023, 07:17:29 AM
#31
BE AWARE OF THIS SERVICE - BE AWARE OF THIS SERVICE - BE AWARE OF THIS SERVICE
Dear everyone (...)

Why don't you answer my E-Mails since weeks?

I am waiting now for weeks for my money. The service said the transaction was sent but in fact it was not and my money just got detucted.

See the screenshot:
https://i.imgur.com/BWE8WDB.png

Now check my transaction:
https://blockstream.info/tx/616ddbbf339f8e3572cb847aa5f124d9f6d93a82b93d675a135efeb27b9487bd

It wasn't ever broadcasted to the network!
Even when i see the api calls in the background I see it is not existing.
https://i.imgur.com/TW822Ty.png


I also reversed other requests in background: All incoming and outgoing transactions are transferred without any extra encryption directly through cloudflare... So if cloudflare would record all the traffic it would be very easy to trace back all transactions.
See how it works on my outgoing, non-existing transaction:
https://i.imgur.com/TVnzvn4.png

Thats the same way how incoming transactions are checked... Just using another subdomain... "very secure"
Maybe when using TOR those two subdomains are connected to using different ips but was far as I have seen for now its not like the service is used by hundreds of people at the same time, so because of this and using other header parameters by the browser i am sure it would be possible for a child to figure out which request and wallet belongs to who. In my opinion this is not acceptable.

Because of it the mixer is not that blind as you describe. You could also easy track it back by headers and time. To make the whole thing make a sense you should encrypt the data in the browser somehow using keys only your server and the client nows.
And the whole "blind" thing can't work ever in my opion. Because your server always will know incoming and outgoing transactions to validate. So why don't focus on better mixing? I see people here and also I experienced receiving my coins back. Who needs a mixer where this happens?

I really like the idea of the service, but for the rest it is not usable for production.
There is a lot work to do in improving privacy and you should make the raw transaction code viewable for the sender, so when your node fails to broadcast they can do it manually.

copper member
Activity: 29
Merit: 28
April 22, 2023, 07:37:34 AM
#30
Dear everyone

We have temporarily increased our deposit fees to 1%. We intend to use 100% of these funds to kickstart a signature campaign. Lightning deposits are still free.

It has taken 3 Days, maybe they don't monitor it much or maybe the system required a time lapse or more coins to be deposited for the mixing to occur. Or maybe it's to get me to post on bitcointalk and contact them by email Wink
Did you use the batch functionality by any chance?



Let us know if you have any questions.
legendary
Activity: 1918
Merit: 1018
February 09, 2023, 12:30:00 PM
#29
Service still working?
Since you sent me a PM, I'll respond here: I can't tell you if it's still working Sad OP hasn't been on Bitcointalk for almost half a year.

Quote
Is it possible to reverse a deposit?
No. Bitcoin transactions are irreversible.

Why would you use a custodial wallet (that lies about fees) for any substantial amount anyway? There are many wallets that don't require you to trust an anonymous third party.

Thank you for your message.

I made a mistake.

I saw a well ranked member @LeGaulois that listed the mixer https://bitcointalksearch.org/topic/2023-list-bitcoin-mixers-bitcoin-tumblers-websites-2827109 in a    
"2023 List Bitcoin Mixers Bitcoin Tumblers Websites" 5th position and the link was not a Tor link, I tried with a not insignificant amount of coins

EDIT : The transaction went through!! The coins are on the receiving address! Wow! Thank you for those running the site!

It's seems it's a service run my moral individuals, nice to see!
Be careful out there guys though, it feels great to get back those coins but it felt horrible to have lost them!

It has taken 3 Days, maybe they don't monitor it much or maybe the system required a time lapse or more coins to be deposited for the mixing to occur. Or maybe it's to get me to post on bitcointalk and contact them by email Wink
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
February 09, 2023, 04:12:48 AM
#28
Service still working?
Since you sent me a PM, I'll respond here: I can't tell you if it's still working Sad OP hasn't been on Bitcointalk for almost half a year.

Quote
Is it possible to reverse a deposit?
No. Bitcoin transactions are irreversible.

Why would you use a custodial wallet (that lies about fees) for any substantial amount anyway? There are many wallets that don't require you to trust an anonymous third party.
legendary
Activity: 1918
Merit: 1018
February 07, 2023, 05:48:36 PM
#27
Service still working?
Is it possible to reverse a deposit?
copper member
Activity: 29
Merit: 28
September 23, 2022, 06:38:44 AM
#26
We are having issues with our provider of hosting. We are trying to solve this before migrating.

There is about 0.02BTC hooked in that we currently know of which includes the BTC from above poster.

Sorry for the inconvenience.

Issue resolved!
newbie
Activity: 1
Merit: 0
September 22, 2022, 03:25:16 AM
#25
hello, how to solve the problem with displaying confirmations in the mixer? For more than 2 days I have been waiting for at least more than 150 confirmations on the network.you don't answer email.
 btc address mixer bc1qqu7cmestvtyakkeg5twcdcf76nc2k8k4q9a3pk 
newbie
Activity: 2
Merit: 0
August 06, 2022, 11:20:10 AM
#24
hello guys, got into a sad situation associated with the use of this service.
I topped up my wallet, requested a withdrawal (~650k sat.) and that's it. The transaction has not been transferred to my details, its status is "Hookout is in queue!" already a week, also emailed "[email protected]" but haven't received a response in 5+ days.
I ask the owners of the service to contact me.
Resolved, sorry. Your transaction was stuck due to lack of initiating transactions.
It's okay. thank you!
copper member
Activity: 29
Merit: 28
August 06, 2022, 10:17:48 AM
#23
hello guys, got into a sad situation associated with the use of this service.
I topped up my wallet, requested a withdrawal (~650k sat.) and that's it. The transaction has not been transferred to my details, its status is "Hookout is in queue!" already a week, also emailed "[email protected]" but haven't received a response in 5+ days.
I ask the owners of the service to contact me.
Resolved, sorry. Your transaction was stuck due to lack of initiating transactions.
newbie
Activity: 2
Merit: 0
August 05, 2022, 06:47:32 AM
#22
hello guys, got into a sad situation associated with the use of this service.
I topped up my wallet, requested a withdrawal (~650k sat.) and that's it. The transaction has not been transferred to my details, its status is "Hookout is in queue!" already a week, also emailed "[email protected]" but haven't received a response in 5+ days.
I ask the owners of the service to contact me.
copper member
Activity: 29
Merit: 28
April 29, 2022, 03:01:42 PM
#21
Please note: the wallet has been updated!

New wallet file:
Code:
https://mixer.blindmixer.com/main.3b3a02afbe328e2366eb.js#7fWgpIBtNrbSUMNkB1aVSA9bWnRyEqw0NogHk7V4FaY=

Updated Signature:
Code:
-----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQQc46fSQnUrlHD2WF+RIzyGWiysCQUCYmrw5QAKCRCRIzyGWiys CZnQAQCPuuLObmXHMy4KdmbjuuD2k2iZ3BJVMUoiadY3+5AhZwD8CojLdCnRaB3N AdZklGxOpLN1+cmMnVz8qyfrJGnoNQY= =bafc -----END PGP SIGNATURE-----

Get the signature:

Code:
curl https://updates.blindmixer.com | grep -Po '"'"signature"'"\s*:\s*"\K([^"]*)' | awk '{gsub("\\\\n","\n")};1' > main.3b3a02afbe328e2366eb.js.asc
curl https://mixer.blindmixer.com/main.3b3a02afbe328e2366eb.js > main.3b3a02afbe328e2366eb.js
gpg --verify main.3b3a02afbe328e2366eb.js.asc main.3b3a02afbe328e2366eb.js
^ Probably an easier way to do this Smiley

Let us know what you think!
copper member
Activity: 29
Merit: 28
March 29, 2022, 09:22:43 AM
#20
Hi everyone! We're looking for your feedback!

If you wish to review our service and let us know what we could improve on feel free to comment.


An update on this:
B. You speak of tor so much, yet blindmixer does not work in the tor browser?
We're not sure what changed but our wallet now works by default if you use the standard tor browser settings.

If you use the tor browser in combination with something like Tails (4.28) you still need to go to

Code:
about:config ->> dom.indexedDB.privateBrowsing.enabled
or manually open a "non-private" window, as that seems to be default behaviour. (browser.privatebrowsing.autostart)
copper member
Activity: 29
Merit: 28
January 06, 2022, 11:45:48 AM
#19
Both the testnet and mainnet are back online!

We've updated our business model and will no longer "wipe" the custodian.
Instead: every 4 weeks we will regenerate our signing keys. Coins which were acknowledged with keys from previous periods will have their value reduced by 1% with respect to their original value. To mitigate large differences between the time you have to spend your coins without any additional "decay" there will be a 4 week grace period before any decay is applied.

So you have until the end of current period + end of next period (at least 4, max 8 weeks) to spend your coins without any additional fees.

Let us know what you think!

Maximum amount that can be swapped on Boltz exchange is only 0.1 BTC and that is not nearly enough for most people.
You could always do multiple transfers.

I think that sideshift.a and fixedfloat.com offer larger amount for swapping but they are not trustless or noncustodial, but using any of this defeats the purpose of using mixer in the first place.
Not really though. If you use them through us it will generally speaking be very hard for them (boltz) to link your on-chain deposit that you have with us to the payment of the lightning invoice.

Sure, you could also just use your own lightning node and loop your own on-chain funds in to pay the invoice [1] but that is already far too technical for most users.

[1] Not knowledgeable on how private loop is, though I assume that at the very least the Loop server knows the destination of an off-chain transaction...

Also at that point you might as well just use loop as a "mixer" and discard boltz completely. Much cheaper. Though indeed, doing this with loop or any direct transfer with fixedfloat and boltz will only achieve unlinkability to an observer.
legendary
Activity: 2212
Merit: 7064
December 31, 2021, 07:51:37 AM
#18
Generate a swap from LN-BTC to BTC on BOLTZ.exchange
Maximum amount that can be swapped on Boltz exchange is only 0.1 BTC and that is not nearly enough for most people.
I think that sideshift.a and fixedfloat.com offer larger amount for swapping but they are not trustless or noncustodial, but using any of this defeats the purpose of using mixer in the first place.
copper member
Activity: 29
Merit: 28
December 30, 2021, 06:28:58 PM
#17
Hi everyone, a quick word from us:

Over the past couple of weeks we've seen that there are some users who swap some bitcoins in and immediately swap the same amount out again, which usually results in them getting their own inputs back as that is the most optimal solution our coin-selection can come up with.

Now we could and probably will disable our coin-selection from allowing the newest inputs to be used in a withdrawal at the cost of some efficiency, but here's what you can do yourself to increase your privacy:

We recommend that you either hook out partial amounts totalling your deposit, wait a bit for your funds to be used by other users, or for you to reverse swap your bitcoins out using a trustless third-party such as BOLTZ.exchange

The latest works as follows:
1. Deposit bitcoin normally using one of your deposit addresses.
2. Generate a swap from LN-BTC to BTC on BOLTZ.exchange

3. Pay the lightning invoice by pasting the invoice in the "Send" field.

You will immediately receive the BTC on the bitcoin address you gave them. This swap with boltz is completely trustless. Unfortunately boltz does charge a 0.5% fee.
This is really just a temporary solution until we get more users in which case this will gradually become less of a problem.


Unless you forget about them for too long. How about an alternative: instead of expiring instantly at a certain moment, could you charge a daily fee for storing the value of the giftcard? If you charge for example 0.02% of the value per day, that amounts to 7% per year and in exchange giftcards never have to expire.

We have more or less implemented this, however, due to the nature of the custodian it will be hard to make this backward compatible which is why we have decided that the wipe will continue as planned.

We (a very quick estimate) estimate that there currently is still between 0.002 - 0.01BTC deposited by users that has not been withdrawn yet, which is why it doesn't make much sense for us to code in some exceptions that will barely if ever be used.

After this wipe we will make use of our new system which gradually decreases the value of a coin as time goes by. We're currently thinking this to be roughly one percentage point every 4 weeks with a 4 week grace period, so you will always have at least 4 weeks to spend your coins without any additional fees.

Let us know if you have any questions about the nature of the new business model or if anything needs to be explained in further detail.


Expect some downtime (12-24h) after
Code:
2022-01-01T05:00:00.000Z
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
October 16, 2021, 05:00:35 AM
#16
Maybe for small amounts if there's a useful application for it, just like I'm okay having small amounts of Lightning funds in a custodial wallet.
For a relatively long time?
I've had funds in a custodial LN wallet for over 2 years. I actually lost a small amount due to an uninstalled wallet for which I can't find back the picture I took of the backup QR-code. This could be considered profit for the wallet, but they can never know if the user won't find back the backup years later.

Quote
So really there would be little to no difference between us and any other custodial, centralized mixer. If you think about it this is also exactly what you are doing with more "traditional" mixers: you're swapping real** bitcoins for a promise of future** real bitcoins.
But the "traditional" promise doesn't expire: you get your Bitcoins after a certain amount of time.

Quote
blindmixer is really no different just because we have packaged it in a more sophisticated way. you swap real bitcoins for giftcards (a promise to future real bitcoins), and you can immediately at will converse those back to real bitcoins.
Unless you forget about them for too long. How about an alternative: instead of expiring instantly at a certain moment, could you charge a daily fee for storing the value of the giftcard? If you charge for example 0.02% of the value per day, that amounts to 7% per year and in exchange giftcards never have to expire.
copper member
Activity: 29
Merit: 28
October 15, 2021, 03:00:39 PM
#15
But that's also the problem I have with it: Bitcoin isn't a gift card, private keys are forever!

I appreciate being open about this, I just don't think people will exchange their Bitcoin for a gift card. Maybe for small amounts if there's a useful application for it, just like I'm okay having small amounts of Lightning funds in a custodial wallet.
For a relatively long time? I'd agree with you. In those instances you should only leave small amounts to for example leverage our lightning capabilities to pay for every-day goods.

However the success of more traditional mixers has shown us that there is definitely a demand for mixing moderate to large amounts of funds by means of a custodial, centralized third-party (= traditional mixer). You can do exactly that by swapping back your "giftcards" (unblinded coins) shortly after receiving them, with the speed of a database query.

So really there would be little to no difference between us and any other custodial, centralized mixer. If you think about it this is also exactly what you are doing with more "traditional" mixers: you're swapping real** bitcoins for a promise of future** real bitcoins.

blindmixer is really no different just because we have packaged it in a more sophisticated way. you swap real bitcoins for giftcards (a promise to future real bitcoins), and you can immediately at will converse those back to real bitcoins.

Now the "useful applications" for doing such an operation are listed in the OP and follow from what traditional mixers offer but blindmixer also offers (and perhaps negates) some features such as:
A. being able to choose how to "swap out" these funds (lightning or a regular transaction)
B. Added proveable* privacy. The most prominent feature is that these giftcards are "blinded", and as such we don't know which "promise" belongs to you so to speak. * The degree in which this privacy is acquired is largely dependant on how you use us. This applies to both the on-chain vector and the custodian vector.

Let me also just repeat that the giftcard itself is signed by the custodian using the corresponding public key (depending on the magnitude). Now the giftcard or "coin" is nothing more than a public key and so you use the corresponding private key to prove ownership when conversing it back to real bitcoins, leaving little to no room for the custodian to scam you as an individual without it being proveable.


future* = no matter how short, can be five minutes or a day.
real* = bitcoins only you have the private key to.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
October 15, 2021, 12:30:51 PM
#14
We also have a small section on the site:
https://blindmixer.com/business-model/
I like how you compare it to gift cards:
Quote
blindmixer works similar to a gift card provider. Instead of gift cards, blindmixer provides you with coins, which you can trade for bitcoin. However, instead of taking a fee when conversing, as most gift card providers do, blindmixer will once in a while reclaim all the "dead" gift cards (coins) which have yet to be used. This allows us to run all of our services at cost, which provides clients with the lowest possible fees. This is done by rolling over the custodian every so often.
But that's also the problem I have with it: Bitcoin isn't a gift card, private keys are forever!

Quote
Alternatively say we would never exit-scam (obviously not our intention), would you rather pay a fixed fee of ~ 1% in return for a "promise" that we so long as bitcoin exists guarantee your funds?

That would also be misleading:
A. We cannot promise anything forever.
B. We cannot promise someone does not somehow exploit our software.
C. We cannot promise we do not get seized.
I appreciate being open about this, I just don't think people will exchange their Bitcoin for a gift card. Maybe for small amounts if there's a useful application for it, just like I'm okay having small amounts of Lightning funds in a custodial wallet. But even though all the same limitations apply to for instance BlueWallet, they're not scheduling regular "exits" by taking all user funds.
copper member
Activity: 29
Merit: 28
October 15, 2021, 11:56:20 AM
#13
Note that the on-chain fees listed are not 100% accurate.

Following is taken from your portal @ https://blindmixer.com/fees
Quote
Since we are not collecting profit from these fees, our business model is based in locking in the bitcoin deposited in the system and not withdrawn for 12-24 months.

WTF does this mean?

You'll take my Bitcoin, if I don't touch it for a year? Roll Eyes

More or less. Please see:

C. How do you make money?
Answer: We wipe the custodian every so often. This means that all the funds that are still present in the custodian at that moment in time, we claim for ourselves, and the signing keys will be regenerated. This has some significant advantages:
I. We can run our services at cost. II. We are disincentivized to exit-scam. III. Other users are disincentivized to exploit our software (and more likely to report it for a share of future profits), as there'll be less funds present than if we weren't to rollover given that over time there will be a set percentage of users who will forget about their wallet, not care, or are otherwise unable to access it.

In your mixing wallet, you can see exactly when the wipe is scheduled for your custodian (https://mixer.blindmixer.com/, once logged in head over to "FAQ"), and we also mention it above (see: Rollover Date)

You're right, though I think we can partly attribute it to people thinking of us being a "wallet" wallet, which is not really the case. Poor marketing from our side but it should become extremely clear that we're not at all a wallet in the traditional sense of the word, and more of an intermediary. say like a giftcard (provider). Those expire.. well sometimes at least  Undecided

Also it would become very attractive for us to exit-scam as it is just a given that there's funds that will be left by some % of users. Perhaps if we offer the community a share in this it might become more acceptable? (the rollover profits that is)

It's also great to have these kind of cut-off points so that when a breach happens, there's not years worth of deposits lost, but instead it is contained for some period. As once we're breached, an attacker could sign for any voucher, basically invalidating all outstanding ones.

We also have a small section on the site:
https://blindmixer.com/business-model/

Let me know what your thoughts are after reading this.


Alternatively say we would never exit-scam (obviously not our intention), would you rather pay a fixed fee of ~ 1% in return for a "promise" that we so long as bitcoin exists guarantee your funds?

That would also be misleading:
A. We cannot promise anything forever.
B. We cannot promise someone does not somehow exploit our software.
C. We cannot promise we do not get seized.

Now the latter two points we cannot promise in the current environment either, but they would be much more harmful if executed in a setting where we wouldn't wipe.
jr. member
Activity: 95
Merit: 9
Devil's Advocate
October 15, 2021, 11:33:47 AM
#12
Following is taken from your portal @ https://blindmixer.com/fees
Quote
Since we are not collecting profit from these fees, our business model is based in locking in the bitcoin deposited in the system and not withdrawn for 12-24 months.

WTF does this mean?

You'll take my Bitcoin, if I don't touch it for a year? Roll Eyes
copper member
Activity: 29
Merit: 28
October 09, 2021, 03:37:07 PM
#11
Quote
it follows that you can also use the same lightning invoices to internally pay other blindmixer users.
Can I not make Lightning Payment to anywhere?
Yes you can! With the same privacy as an on-chain withdrawal.

But you still need advertising, don't you?

We do, but we are largely just a bunch of hobbyists. As a result the marketing budget for this project is rather tight. Perhaps in the future this might change.

As I said, within the bounds of what is possible for us financially we're willing to do anything to ensure adoption.

Currently that would be kind of limited to committing to sharing future profits with the community, which is admittedly a bit cheap, especially if we were to use that as some kind of currency to pay people in given the uncertainty of the success of our product.

Hence the hesitation.

legendary
Activity: 2464
Merit: 3878
Hire Bitcointalk Camp. Manager @ r7promotions.com
October 09, 2021, 10:51:13 AM
#10
Now aside from that we also offer lightning, so say you want to buy something at Bitrefill every so often, you can use our wallet to instantly buy products with barely any transaction fees.
When I am using your wallet, I am actually sending the coins from a mixer all the time. Fair enough.

so perhaps all users who "sign up" (= leave a comment) for it are automatically eligible, much like a giveaway.
But you still need advertising, don't you?
copper member
Activity: 29
Merit: 28
October 09, 2021, 08:46:53 AM
#9
I see you are a wallet and a mixer. Let's dive into the wallet part later. Give me reasons why would I use your mixer when I already have a proven and reputed service in my reach. It's a question from a customer's point of view. I am sure who use mixers they already are with some services, what is your key offering for the users to move to you?

Hah. A couple things right off the bat; we are not necessarily trying to get people to "move" away from already existing services. I think we can perfectly co-exist with any (mixing) service currently out there.
Now, assuming that we have *some* liquidity (liquidity in this context = some N of people using us), I think we offer a truly unique product namely "provable privacy". Due to our usage of blind signatures we do not know what your inputs and outputs are, unlike traditional mixers. So depending on the amount of privacy you want, (and how comfortable you are with using a relatively unknown product) you can use an already existing more traditional mixer, us, or something like monero.

Now aside from that we also offer lightning, so say you want to buy something at Bitrefill every so often, you can use our wallet to instantly buy products with barely any transaction fees.
it follows that you can also use the same lightning invoices to internally pay other blindmixer users.

Now we're a "wallet" because that is the most convenient way to integrate the entire blind signature scheme. Both to generate and use (un)blinded vouchers you need to engage in some signing sessions, store some variables, that kind of stuff. As i explained above the scheme cannot exist otherwise.

We can't just give you your blinded signatures without you generating them (the challenge for it) first, which is something that's sort of similar to generating a private key in terms of confidentiality, and storing the variables you used to create the challenge as you'll need those to unblind the signature later on. So we created a "wallet" that does all of the above for you.


By the way, a lot of information on the main thread. I think you really need a good design to serve visually, it's easier for the visitors to give a quick scan before they look for details.
Right.

If you need help in it along with bitcointalk marketing (for example signature campaign), then feel free to reach out to me.
Hah. Perhaps. What we are definitely interested in is giving the community a stake in our profits, so say we give away 50% or more to people who are interested in it, for really nothing in return but some advertising.

I don't think we want to necessarily do that through a sig campaign as such promises are cheap and will probably underwhelm, so perhaps all users who "sign up" (= leave a comment) for it are automatically eligible, much like a giveaway.
Then just (real profits/2)/(amount of people who signed up). Now this will of course be auditable (by us publishing a "complete"* copy of our DB).


* Not entirely sure if we can cheat on this by deleting certain entries from the DB, perhaps that's a possibility.
legendary
Activity: 2464
Merit: 3878
Hire Bitcointalk Camp. Manager @ r7promotions.com
October 07, 2021, 01:48:35 PM
#8
I use Chipmixer when I need to mix my coins.
From my Electrum (tor enabled) I send the coins to Chipmixer, Chipmixer to another address which I consider very private to me. In the whole process, I only pay network fees, from my public wallet to Chipmixer and Chipmixer to private wallet. If I feel good, then I may send tips to Chipmixer.

I see you are a wallet and a mixer. Let's dive into the wallet part later. Give me reasons why would I use your mixer when I already have a proven and reputed service in my reach. It's a question from a customer's point of view. I am sure who use mixers they already are with some services, what is your key offering for the users to move to you?

By the way, a lot of information on the main thread. I think you really need a good design to serve visually, it's easier for the visitors to give a quick scan before they look for details. If you need help in it along with bitcointalk marketing (for example signature campaign), then feel free to reach out to me.
copper member
Activity: 29
Merit: 28
October 07, 2021, 01:23:45 PM
#7
I was not trying to prove anything, just posted information that you purchased domain recently, and I would hardly call your service new, when it's totally cloned word to word from old dead moneypot wallet website.
Is there any other mixer offering what we are offering? I'd say we are pretty new both in terms of the actual age of our product (not sure why that would matter anyway) and technical advances.

For any mixer to be functional it needs to have good liquidity and I am sure your blindmixer (including ex moneypot) never had any liquidity, but you are free to prove me wrong.
I'm not so sure what you want me to answer; moneypot was barely live (< 3 weeks) and we barely launched yesterday. It seems obvious that it will indeed take some time for people to actually use us (if indeed they will use us at all) and understand what we're about.

And yes, I'd say that you're mostly wrong. For simply mixing your funds:  You can deposit funds on-chain and withdraw them off-chain, or do a combination of both (use reverse submarine swaps**) which works as follows: you use our lightning capabilities to pay an invoice with any reverse swap provider to get your on-chain funds back.
If there is an actual interest in this we can open additional channels to facilitate these swaps.

Anyway, voila your coins should be mixed.

** see sites such as boltz.exchange

You can check how much our lightning capabilities are before depositing, so you can roughly estimate how much you can mix in a single session. Now of course we need to loop those funds back in sooner or later to get our outbound liquidity back. A smart observer might take notice of that though I presume that observing that relationship is a very hard problem given that this is actually unlinked + we can vary amounts + we can vary timing (and you can vary swap providers + the aforementioned)

For even less dependence on our outbound liquidity you can also swap in with provider A (so you generate a lightning invoice with us, pass it to provider A and pay him on-chain), then reverse swap out using provider B. (or A). That wouldn't require us to have any liquidity at all. Now if you're the only user doing this it might at some point become apparent, but given that there's at least one other user also doing this you should be fine.

Now you'll probably say that you don't need us to do this, which is true. you can also just pay an invoice at reverse swap provider B using swap provider A, assuming that they won't communicate with each other about your swaps. That assumption is probably fine if you're not under too much scrutiny.

Or you know, open a channel yourself, loop the initial balance out, and use that to swap.

Maybe, but I would argue that risk is much higher using your website that is still in beta, than some proven mixers that exist for years.
I get your reasoning, though personally I don't think it is at all fair to 1-1 compare us to other mixers given that we offer (or so we think) a radically new and different product. We are not just distinguishable by some formula "the amount of time not exit scammed * mixed * spent on the community" (=reputation) (like any other centralized mixer) else we obviously wouldn't have launched this service. There wouldn't be much way for us to compete.

Fearful of what? Surely not about some dead blind project... Roll Eyes
I said or at least very obviously meant (given the context of the sentence) that I think in general (and with blindmixer) it's good to be fearful of the intentions of new services so not so sure why you're trying to zing me over an argument I never made.


I don't think many people will want to use a wallet that takes all their money every few months! Even though you announce it up front, this will likely end in terrible disappointment for some of your customers.
You're right, though I think we can partly attribute it to people thinking of us being a "wallet" wallet, which is not really the case. Poor marketing from our side but it should become extremely clear that we're not at all a wallet in the traditional sense of the word, and more of an intermediary. say like a giftcard (provider). Those expire.. well sometimes at least  Undecided

Also it would become very attractive for us to exit-scam as it is just a given that there's funds that will be left by some % of users. Perhaps if we offer the community a share in this it might become more acceptable? (the rollover profits that is)

It's also great to have these kind of cut-off points so that when a breach happens, there's not years worth of deposits lost, but instead it is contained for some period. As once we're breached, an attacker could sign for any voucher, basically invalidating all outstanding ones.

I was hoping for an easy implementation of "theymos' Blinded Bearer Certificates".
I think this is exactly what we are, plus additional features. You have the client component which is the wallet (which can be loaded into Electron (works on most OS!), or any browser with storage capabilities), and then you have the custodian, aka "server".

Note that the wallet is completely open-source, you can build it yourself if you'd like. Not sure if the build is deterministic though.

I see that the scheme described by theymos also has a pretty decent flaw: repudiation. there's no way to check if the server is acting honestly, as that requires additional signatures to everything (and or some tricks to deriving the signing address), which is exactly what we did.

For example in his basic implementation the server can spend party C's unblinded vouchers as soon as it becomes aware of it and it can never be cryptographically proven by party C that they didn't initiate the transfer.

I think it's very hard to simplify it further without diminishing UX and security. It's impossible to do this without Javascript/some storage capacity, so really, how could we make it more accessible and more "traditional-mixer"-yy? I get it, most people want just a landing page without JS that's accessible through the tor browser, but this is just not possible / secure.


This would be the bare minimum scheme:
I. say we do the above (noJS, noIDB) and you deposit. the deposit address is already generated server-side without some form of acknowledgement (so you lose honest communications, at least in blindmixer's implementation), as asking for an ack needs some random key E that you'll need to generate, and a signature you need to store (in case the custodian refuses to credit you).
**

II. Now you have a claim to some C bitcoin in certs that is unbounded so it does not require any sort of key E, so the custodian can steal your certs the moment he becomes aware of them Tongue, by simply saying "Oh, someone else already claimed these".

III. How would you claim this? You still need to engage in a signing session for some of the servers public keys BS[10$, 25$, 50$]. that requires some nonce and some operations using that nonce. (that's just the unavoidable nature of the scheme) So should we in this case just display the nonces so you can copy them in a third-party tool to compute the challenge, copy that back to receive your blinded vouchers, which you can then copy and unblind using the same third-party tool to finally claim your funds?

It's not user-friendly at all, especially if you're not that technical.

But hey, what if instead of this third party tool, you use our "tool" which we call a "wallet"?

Above is explained a bit uglier than I would've liked, TLDR: Not sure how to simplify our implementation further.



I really want to simplify using us as much as possible. I'll look into if it's possible to load parts of the wallet's DB in memory so it can be used with the tor browser, though it's probably a lot of effort (not worth it really).
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
October 07, 2021, 11:07:42 AM
#6
I don't think many people will want to use a wallet that takes all their money every few months! Even though you announce it up front, this will likely end in terrible disappointment for some of your customers.

The fact that your wallet/mixer doesn't work in Tor browser isn't encouraging. There's much more to browser identification than just a new IP address, and Tor browser is much easier than booting up a different VPN.

From your fees section:
Image loading...
It looks vaguely familiar, did this overview come from Moneypot? What does "eco" and "free" mean here?
You're comparing your fees to "Any Wallet", but use ridiculously high fees to compare with. My wallet doesn't have a receive fee, and my last send fee was 111 sat. No decent wallet charges 49368 sat for a transaction.



I was hoping for an easy implementation of "theymos' Blinded Bearer Certificates".
legendary
Activity: 2212
Merit: 7064
October 04, 2021, 05:51:51 AM
#5
Not sure what this is supposed to prove either. Yes, we are a new service. You should treat us with caution as you would do with any other centralized entity. What, you wanted us to own this domain for several years? What exactly would that prove? I'm thoroughly confused.
I was not trying to prove anything, just posted information that you purchased domain recently, and I would hardly call your service new, when it's totally cloned word to word from old dead moneypot wallet website.
For any mixer to be functional it needs to have good liquidity and I am sure your blindmixer (including ex moneypot) never had any liquidity, but you are free to prove me wrong.
I could be only one using the wallet and since there is nobody else sending coins, I would always receive my coins back, in case custodian decides to scam me, than I end up with nothing.

The custodian can also run off with your funds at any point, indeed, as any other centralized mixer can. I think we are making this very clear in the OP, no?
Maybe, but I would argue that risk is much higher using your website that is still in beta, than some proven mixers that exist for years.

(Okay, apart from gangsters... I guess you could call us gangsters given the lack of rep we have Tongue. We fully recognize it's good to be fearful.)
Fearful of what? Surely not about some dead blind project... Roll Eyes
I didn't know what better term to use for custodians than gambling gangster, and that is nothing personal against your service, and I didn't know how better to describe when someone can break the deal whenever he wants.
copper member
Activity: 29
Merit: 28
October 03, 2021, 05:17:50 PM
#4
I really don't see any real advantage of using your wallet compared to centralized exchange, and we can argue that it's much bigger chance of you getting hacked and customers losing money.
Depositing to some centralized service like blindmixer just to save on fees is so stupid and could cost you much more down the line.
It's not the primary goal of blindmixer, but it's an additional benefit: Of course, the main reason to use blindmixer is to mix your coins.
Quote
and we can argue that it's much bigger chance of you getting hacked and customers losing money.
No one is arguing against this. I stated this risk in the OP multiple times.

Quote
I really don't see any real advantage of using your wallet compared to centralized exchange,
I don't see any centralized exchanges offering provable- privacy/nologs on your in- and outputs? We're not at all comparable, not in the slightest? Sorry if this is your main takeaway from this thread i'm honestly confused if it's us who worded it poorly or if you just do not at all understand the purpose of this service.


Quote
This is nothing special to blindmixer, many lightning wallets are custodial and they don't require from users to set up own nodes, but that is much less secure and users have no control over coins.
Again, this is not the main focus of blindmixer. Of course there are other more secure lightning wallets out there. that's not at all the point. Should I rephrase it to read less enthusiastically and more like a footnote? It's just an addition that's easy for people to use who aren't too familiar with lightning. Ideal for beginners who would like to enjoy privacy without too much hassle. I myself thought it seemed pretty neat for a mixer to have that property?

Quote
Quote
Help! I have to trust blindmixer and/ or the custodian operator blindly?
Unfortunately, yes...
https://blindmixer.com/faq

That means that custodian can change dates, make wipes whenever he wants, so it's more like you are keeping coins with some gambling gangster and you need to trust him.
The custodian can also run off with your funds at any point, indeed, as any other centralized mixer can. I think we are making this very clear in the OP, no?

Quote
Help! I have to trust blindmixer and/ or the custodian operator blindly?
Unfortunately, yes...
Though this is worded a bit poorly because indeed, you need to trust us blindly as a collective to not run off with your funds, but you can also prove that we are acting dishonestly in most if not all cases. For example say we sneakily changed the wipedate: if you go to your config (https://mixer.blindmixer.com) you will see both a hashed version of your config + signature + original acknowledged wipedate that is signed using the public key mentioned in the OP (after the #)
Quote
You can even receive your own coins back, that is unacceptable if we are taking about mixer, so this word should be removed from your service, it's just a centralized gambling wallet.
I don't think you quite understand what we are offering and that the implications of that (real privacy) are exactly what can result in such a scenario. Precisely because we do not know which coins belong to you is the reason you can get them back.

Quote
that is unacceptable if we are taking about mixer,
I think you also fundamentally misunderstand what it means to "mix" your coins, or at least our definitions must differ significantly.

Really what (we think) it means to "mix" your coins (on-chain) is to create an uncertainty for any third party (or us) to conclusively say which inputs/outputs belong to you. This is partly explained in our FAQ:

Quote from: blindmixer.com/faq
Though perhaps we need to further redefine what unlinkability means. If we speak of something being unlinked as there being a statistical improbability of A (provably) being related to B, then of course it would seem highly unlikely that an on-chain input that has been reused a large number of times (but has not been unlinked in the literal sense of the word) for example: (A -> B -> C -> D -> E -> F), would necessarily trace back to you.

For example: Imagine input A with 50 BTC. It becomes aggregated input B with 100 BTC, and so on. Input C with 40 BTC. Input D with 200 BTC. Input E with 100 BTC. Now you withdraw 20 BTC, call it F. As long as you don't withdraw the exact same amount (or a close division of it), despite a linked chain, it does not at all imply that A is necessarily related to F. Not to an observer, and not to us. thus plausible deniability is achieved, and with that privacy.

Now we don't control this: How long until and what amounts you withdraw is entirely up to you, and largely with that your privacy.

^^An easier example is if we were to take 100 different inputs of amounts varying 0.01 - 1 btc of which some number belong to you, pile them all up. Now withdraw 0.1 BTC. Now what would the probability be that someone correctly guesses which inputs originally belonged to you? There's still a linked chain, in a sense you're getting your own inputs back.

So sorry, I will not allow you to portray us as a centralized* "no different than an exchange" "gambling" "gangster" "wallet", when really, we're a centralized mixer with provable privacy (you do not need to trust us not to keep any logs, unlike all other centralized mixers) and proveable honest communications.

(Okay, apart from gangsters... I guess you could call us gangsters given the lack of rep we have Tongue. We fully recognize it's good to be fearful.)

*In that regard we are absolutely no different than the service you are promoting, except with us you know that A. we don't can't (reasonably) keep logs. and B. we cannot dupe any individual user without it being provable. And of course we offer some additional features which we think are nice, but you seem to disagree. Unfortunate..

Quote
That means that custodian can change dates, make wipes whenever he wants, so it's more like you are keeping coins with some gambling gangster and you need to trust him.
No one is forcing you to keep your coins with us. You can withdraw immediately after depositing. Just like any other centralized mixer there is indeed a risk we could exit-scam.

Quote
Domain registered recently:
Quote
Domain Name: BLINDMIXER.COM
Registry Domain ID: 2637908424_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.namesilo.com
Registrar URL: http://www.namesilo.com
Updated Date: 2021-09-25T15:40:46Z
Creation Date: 2021-08-31T21:19:47Z
Registry Expiry Date: 2022-08-31T21:19:47Z
Registrar: NameSilo, LLC
Not sure what this is supposed to prove either. Yes, we are a new service. You should treat us with caution as you would do with any other centralized entity. What, you wanted us to own this domain for several years? What exactly would that prove? I'm thoroughly confused.

Sorry if this post came off as harsh, not at all my intention. Just trying to clear up as much confusion as possible. And so yes, I fully understand that it might feel risky for people to entrust us with their funds. That's completely understandable and we also would've rather seen it differently, though the very nature of this scheme requires at the very least us to have custody over your funds.

Again, we fully acknowledge that there might be future exploits/hacks, and that we as of yet don't have any sort of respected presence in the community, and with that the perceived and real risk of depositing funds with us. Don't think we're at all sugarcoating it.

We also understand that there's not much reason for the community to support such a new project as us when there's no real monetary reward for doing so, so we'll think about that as well.
legendary
Activity: 2212
Merit: 7064
October 03, 2021, 12:23:25 PM
#3
I really don't see any real advantage of using your wallet compared to centralized exchange, and we can argue that it's much bigger chance of you getting hacked and customers losing money.
Depositing to some centralized service like blindmixer just to save on fees is so stupid and could cost you much more down the line.

blindmixer brings lightning to the average Joe. No longer will you be required to set up your own node, or use a separate wallet for your lightning transactions. blindmixer allows you to pay and generate invoices from the comfort of the same wallet.
This is nothing special to blindmixer, many lightning wallets are custodial and they don't require from users to set up own nodes, but that is much less secure and users have no control over coins.

Quote
Help! I have to trust blindmixer and/ or the custodian operator blindly?
Unfortunately, yes...
https://blindmixer.com/faq

That means that custodian can change dates, make wipes whenever he wants, so it's more like you are keeping coins with some gambling gangster and you need to trust him.
You can even receive your own coins back, that is unacceptable if we are taking about mixer, so this word should be removed from your service, it's just a centralized gambling wallet.

Domain registered recently:
Quote
Domain Name: BLINDMIXER.COM
Registry Domain ID: 2637908424_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.namesilo.com
Registrar URL: http://www.namesilo.com
Updated Date: 2021-09-25T15:40:46Z
Creation Date: 2021-08-31T21:19:47Z
Registry Expiry Date: 2022-08-31T21:19:47Z
Registrar: NameSilo, LLC


copper member
Activity: 34
Merit: 2
October 03, 2021, 08:23:17 AM
#2
I took the blinmixer domain in a telegram to avoid the tricks of scammers in the future.
If you need it, I'll give it to you, if not, I'll just borrow it on an inactive account.

I looked at the source codes of the wallets and it seemed to me that everything was pretty clean and simple. I hope you will succeed.

Good luck.
copper member
Activity: 29
Merit: 28
October 03, 2021, 07:57:22 AM
#1
Hello all.

This thread will serve as the ANN thread for blindmixer.com

For those who think the layout and content seems familiar: you're right. We are a rebranded version of the moneypot software, however we are a completely seperate entity. Moneypot is discontinued as far as we are aware.

blindmixer.com - Next-gen mixer | Chaumian Bank | Lightning | Blinded-Sig |



In short: blindmixer works both as a mixer and a wallet, but should really only be used as a  wallet to facilitate the former, given that blindmixer is fully centralized. blindmixer uses blind signatures to ensure that your inputs and outputs are cryptographically unlinked. Even we do not know which inputs originally belonged to you when you withdraw!* No other centralized mixer does anything close to this currently!



Apart from provable privacy we offer some additional unique features, most of which we can offer because we are a centralized entity:

  • blindmixer utilizes in-house coin selection algorithms, allowing us to not only batch transactions at scale, but we are also able to make the smartest* choices when selecting inputs.
  • blindmixer brings lightning to the average Joe. No longer will you be required to set up your own node, or use a separate wallet for your lightning transactions. blindmixer allows you to pay and generate invoices from the comfort of the same wallet.
  • blindmixer is provably-honest. We will be unable to get away with duping any single person.**
  • blindmixer offers their service at cost. Apart from very limited anti-dusting fees, all of blindmixer's services are ran at cost. There are no hidden fees.***
  • blindmixer allows instant and free transfers between users.
* In comparison to the standard core selections.
** Every action both by the user and the custodian that involves funds requires a cryptographic signature, thus proving the intent of both parties at all times. Example: the user signs a claim-request (claim-request: request for (blinded) coins) for a hookin (on-chain deposit) with the public key of the address the hookin was made on.
*** blindmixer wipes the custodian at set intervals. This is both to make
A. money,
B. exit scamming less lucrative,
C. exploiting vulnerabilities less profitable.





What are the drawbacks?!

  • blindmixer is still a custodial and centralized mixer. Through malice, error, or other causes, your funds* could potentially disappear at any given time, without you being at fault. *Your funds as in the collective of all of the users of a custodian. we previously explained it would be impossible for us to dupe a single user without it being proveable!
  • blindmixer is a complex object. there may be unspotted vulnerabilities in the code which can cause a loss of funds, especially in the first few iterations. Be wary that any funds you deposit can be lost at any time, as we are too. There may be trivial exploits in the custodian code that allow for a complete draining of the custodian, such as a missed signature check.
In what scenario would I use this mixer?

We think blindmixer is to be fully appreciated when used as your day-to-day wallet. Used correctly, a transaction costs as little as a regular input. And that's not even mentioning the ease with which you can use our lightning services to pay for any service or everyday goods, all while retaining full privacy.



FAQ:
 Why should I trust you with my bitcoins?
   - You should not. Everyone needs to assess the risk they're willing to take with their coins, and we hope we offer enough to make it worth it for you to take that risk. There is no compelling argument we can make as to why we are worthy of safe-guarding your coins, because really, we aren't.

For more frequently asked questions, you can visit our FAQ



How exactly does blindmixer work?

In technical terms: blindmixer takes the bitcoin you deposited, and returns to you a claim to a set of coins equal to the deposited amount. Only you have the keys to those coins, and you use them each time you want to make a transaction. Due to how blindmixer works, we do not know your coins, nor the keys. We only know whether or not they are valid, and whether you are the actual owner of them.

For more detailed information, please check out: Overview



How to use:

Step 1.
Visit mixer.blindmixer.com

Step 2. Choose a custodian.

Step 2.1
Choose both a password and a name. Save your password and mnemonic phrase!

Step 3. Deposit bitcoin through either lightning or a normal transaction.

Step 4. Start mixing!



Electron
blindmixer also offers an electron shell, should users be interested in using that. We think it could be of benefit to both your privacy and security.

For more information, please visit Releases




Source code

For those interested in the source code, our github repositories are publicly accessible. You are welcome to contribute or point out bugs.

For those who spot critical security vulnerabilities; please PM us here on bitcointalk or send an email to our support. No monetary compensation is guaranteed, though it is highly appreciated!

blndmxr-mixing-wallet
blndmxr-lib
blndmxr-wallet-electron
blndmxr-custodian



If you still feel uncomfortable, get a feel for the wallet by using our testnet custodian:

(UPDATED: 2022-06-1)
Code:
https://mainnet.blindmixer.com/#pubmp1qd3ahjyuxu5jv7ekvwdz6asjmud0mcvhu8qtml6ju36fck5av4l9x7lkrf0

Code:
http://testnet.blindmixer.com/#pubmp1qf98kxatpw43mqjft6j72dps5wn66yzp47k3zm0yn4skhedv32x5sphklj2

Rollover date of both custodians:
Code:
2022-01-01T04:00:00.000Z


Our pgp key:
Code:
1CE3A7D242752B9470F6585F91233C865A2CAC09
Code:
curl https://keybase.io/jameslemarkven/pgp_keys.asc | gpg --import

Latest wallet file as of 2022-28-04
Code:
https://mixer.blindmixer.com/main.3b3a02afbe328e2366eb.js#7fWgpIBtNrbSUMNkB1aVSA9bWnRyEqw0NogHk7V4FaY=

Verify the checksum using
Code:
shasum -b -a 256 main.3b3a02afbe328e2366eb.js | awk '{ print $1 }' | xxd -r -p | base64

(UPDATED: 2022-28-04)
Or verify using the signature on our website (note: you can't directly copy this, please see https://blindmixer.com/releases)
Code:
-----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQQc46fSQnUrlHD2WF+RIzyGWiysCQUCYmrw5QAKCRCRIzyGWiys CZnQAQCPuuLObmXHMy4KdmbjuuD2k2iZ3BJVMUoiadY3+5AhZwD8CojLdCnRaB3N AdZklGxOpLN1+cmMnVz8qyfrJGnoNQY= =bafc -----END PGP SIGNATURE-----
Once downloaded:
Code:
gpg --verify blindmixer_wallet_url_v1.0.0_sig.asc main.3b3a02afbe328e2366eb.js



Commonly asked questions:

A. You use cloudflare, isn't that bad for my privacy?
Answer: Only if you weren't using blindmixer properly to begin with. If you do not use a different ip between asking for a withdrawal and asking for acknowledgement of a deposit, we will most likely be able to link your in- and outputs together. As we see the custodian as the primary attacker, preventing this secondary attack vector on your privacy does not interest us greatly.

Why?

Because we do not want you to require any *blind* trust* in us in the first place. Removing cloudflare would probably have the opposite effect: users will more often than if we didn't remove cloudflare trust us to not log their ips, which is bad given that we CAN log it, undetectably. It's a good rule of thumb to expect that anything that can be logged will be logged. And so removing cloudflare does nothing to prevent us from logging your ips, but instead give some users a false sense of security, especially those who do not assume that the custodian is "evil", which is something you should always do. And so removing this vector while leaving the primary attack vector in place (us) does not make a whole lot of sense given the benefits of cloudflare.

*Again, some level of trust is required, but where trust is required, you can verify that we are acting honestly, until we are not in which case it will become apparent and proveable. This is not the case for logging ips, as you will never be able to prove or disprove this, so you should never trust us not to log it.

Keeping cloudflare in that regard might actually promote privacy, or at least make users more acutely aware of the lack thereof.

B. You speak of tor so much, yet blindmixer does not work in the tor browser?
Answer: Indeed. the tor browser does not give us (as far as we are aware) sufficient access to instances such as indexeddb, which are required to properly store data related to your coins such as signatures. The very nature of the tor browser (amnesiac) does not make it a prime candidate to be used in combination with blindmixer, as you'll have to restore your coins each time you close your browser. (both takes a long time and can easily deanonymize your inputs/outputs)
It will also not work without javascript, as we do all the signing to ensure fair communications client-side. You can however use any of our electron builds, or route traffic through tor on your regular browser.

C. How do you make money?
Answer: We wipe the custodian every so often. This means that all the funds that are still present in the custodian at that moment in time, we claim for ourselves, and the signing keys will be regenerated. This has some significant advantages:
I. We can run our services at cost. II. We are disincentivized to exit-scam. III. Other users are disincentivized to exploit our software (and more likely to report it for a share of future profits), as there'll be less funds present than if we weren't to rollover given that over time there will be a set percentage of users who will forget about their wallet, not care, or are otherwise unable to access it.

In your mixing wallet, you can see exactly when the wipe is scheduled for your custodian (https://mixer.blindmixer.com/, once logged in head over to "FAQ"), and we also mention it above (see: Rollover Date)

(UPDATED: 2022-06-1)
C. How do you make money?
Answer: We decay unclaimed coins every single month. In short: Every 4 weeks all outstanding giftcards will have their value reduced by 0.01 (1%) with respect to their original value. There is a 1 month grace period before any decay is applied so that you will always have at least 4 weeks to spend your funds without any additional fees.


Currently known issues:

  • Custodian can dupe people who try to recover their lightning invoices by telling them they don't exist or don't belong to the claimant. However if you have a locally stored copy of the invoice this will be trivial to prove, so in general it would not be in our interest to claim this as we don't know whether you have a copy or not. (thus making it possible to prove the custodian is acting dishonestly)


Please ask us any and all questions you might have! We're just as curious as you! Try us and let us know what you think!
Jump to: