Pages:
Author

Topic: Help me to understand bitcoin mixing (Read 611 times)

legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
September 27, 2019, 11:02:47 AM
#25
Mixing the way the term is used, seems to me to be a misnomer, as the funds or coins aren't actually mixed but they are instead swapped or exchanged with a different set of coins coming from different inputs or transactions.

CoinJoin seems to be one of those things that fit the word itself, mixing, as it combines or joins all the inputs in one transaction, in a way that does not rely trust on anything but the system or protocol.

Centralized mixers can also do this, without disconnecting, but combining all the coins into one. This happens when coins you deposit on a site or exchange has some cold storage address, then withdrawals come from that address. Sometimes the address itself consolidates inputs into a giant coin. That way, any taint from any coin is "mixed" with everyone else, which might not a good thing if any other entity refuses to accept your coins coming from such a source.

On chain games like the old satoshi dice, while not really mixing, could give amateur chainalysers a headache too, but nothing that computers can eventually figure out. Just play a game with 100% chance to win, you only lose the house edge, which you can think of as the mixing fee.
copper member
Activity: 322
Merit: 0
September 26, 2019, 01:22:49 AM
#24
Okay this "virgin bitcoins" thing is new for me. I like the name :-P
Quote
According to Dave Jevans, the CEO of CipherTrace, virgin Bitcoins are essentially BTC tokens that do not have a transaction (TX) record associated with them.
the way he described it sounds like reward coins in coinbase transactions
as we know new generated coins don't have input in its transactions
but the latter definition confuses me, how can we say it virgin if it was "sanitized" Undecided

Quote
However, what is interesting is the fact that criminal Bitcoin can be sanitized by local governments by them selling such commodities after making a clear note of their past transactional history. The best example of this is when the United States Marshals Service held a sealed bid auction back in 2018 for a total of 3,813 Bitcoins (estimated to be worth $51.5 million at the time).

Nobody can be sure that their bitcoins have a clean history of transactions. Virgin Bitcoins have zero history of transactions. That is why the demand in them is big because there is zero risks that the Virgin Bitcoins have a bad history. Financial Action Task Force against money laundering (FATF) tighten the control, obliging crypto exchanges to comply with AML procedures. More tighten is the control more demand in Virgin Bitcoins.
legendary
Activity: 2268
Merit: 16328
Fully fledged Merit Cycler - Golden Feather 22-23
July 31, 2019, 02:24:17 PM
#23

TLDR : looks like CoinJoin method which used by Wasabi is the most difficult to track, at least when the AMA happen & assuming the user wasn't lying.

This is plausible, as Wasabi is a decentralised solution, where you actually do not connect to any centralised server. Coinjoin via Samourai wallet instead imply connecting to their (Samurai) own servers, with inherent loss of privacy and point of failure for bad actors (g-men in this case) to spoil.


hero member
Activity: 1232
Merit: 738
Mixing reinvented for your privacy | chipmixer.com
July 31, 2019, 02:18:44 PM
#22
Okay this "virgin bitcoins" thing is new for me. I like the name :-P
Quote
According to Dave Jevans, the CEO of CipherTrace, virgin Bitcoins are essentially BTC tokens that do not have a transaction (TX) record associated with them.
the way he described it sounds like reward coins in coinbase transactions
as we know new generated coins don't have input in its transactions
but the latter definition confuses me, how can we say it virgin if it was "sanitized" Undecided

Quote
However, what is interesting is the fact that criminal Bitcoin can be sanitized by local governments by them selling such commodities after making a clear note of their past transactional history. The best example of this is when the United States Marshals Service held a sealed bid auction back in 2018 for a total of 3,813 Bitcoins (estimated to be worth $51.5 million at the time).
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
July 31, 2019, 12:16:40 PM
#21
Chainalysis admitted this? Which mixers?

I'm operating under the assumption that mixing algorithms not broken today might be broken in the future. This could be used retroactively to de-anonymize transactions.

Of course not, but few people who claim work at Chainalysis mentioned mixer/CoinJoin give them hard time. Check :
https://www.reddit.com/r/Bitcoin/comments/c4so58/i_am_a_current_or_former_employee_of_chainalysis/
https://www.reddit.com/r/WasabiWallet/comments/c4vhlk/lets_talk_about_chainalysis/
https://news.bitcoin.com/chainalysis-whistleblower-shares-company-secrets-in-explosive-ama/

TLDR : looks like CoinJoin method which used by Wasabi is the most difficult to track, at least when the AMA happen & assuming the user wasn't lying.
legendary
Activity: 2464
Merit: 3878
Hire Bitcointalk Camp. Manager @ r7promotions.com
July 31, 2019, 04:43:06 AM
#20
That's the thing about taint. You can't eliminate it, you can only exchange it for someone else's. This is why there is a market for "virgin" bitcoins.
Okay this "virgin bitcoins" thing is new for me. I like the name :-P

I'm operating under the assumption that mixing algorithms not broken today might be broken in the future. This could be used retroactively to de-anonymize transactions.
Since you can not hide from an open ledger, today or tomorrow the algorithms will be broken which leads me this question that will we see someday that mixers are gone/useless?

Word of caution:
Chatting on the Italian Telegram channel with some representative from a well known Bitcoin Exchange, he told us they usually track back funds coming into their exchange a "few steps back" and they flag them if such funds appear to come from mixing/coinjoin addresses.

They have quite sophisticated algorithm to do so, and didn't disclose what "a few step backs" means (in term of hops/time between transactions or a mix of the two). Also didn't disclose exactely how they recognise those kind of transactions, even if some kind of approach based on number of input(outputs can be an easy guess).

For the moment those flags bear no action (most of times), but regulators want every exchange to be technologically ready to act in case any rule would be enacted.

Not sure if this is a good or bad news for users but it surely is a good step from the exchanges. They are protecting their business.
legendary
Activity: 1666
Merit: 1196
STOP SNITCHIN'
July 30, 2019, 07:37:29 PM
#19
The trace was broken from my coins but now I have new trace with the user who sent the coins from the exchange to address x.

Here is a risk: If this user has some shady record then my coins are now carrying that bad reputation.

That's the thing about taint. You can't eliminate it, you can only exchange it for someone else's. This is why there is a market for "virgin" bitcoins.

Chainalysis has been doing it for years, even though they couldn't de-anonymize some mixers/CoinJoin method.

Chainalysis admitted this? Which mixers?

I'm operating under the assumption that mixing algorithms not broken today might be broken in the future. This could be used retroactively to de-anonymize transactions.
copper member
Activity: 2940
Merit: 4101
Top Crypto Casino
July 30, 2019, 06:04:37 PM
#18
Quote
He suggested in the videor that you could do 12 internal transactions inside your own wallet to fool those exchanges that say your coins are tainted because they were mixed.

Actually you or I get it wrong

The 12 "hops" (internal TXs) he suggested to add was for someone (or an entity) with significant resources and budget (that very few have I believe, even govts)
For exchanges or blockchain analysts (or anything with similar resources), he said 3 or 4 was enough (I'm not sure the exact # but it was pretty low)


Quote
That's a nice video.
Too nice? He deleted the video, I wanted to check something but the video isn't here
legendary
Activity: 2352
Merit: 6089
bitcoindata.science
July 30, 2019, 04:47:50 PM
#17
The video you're talking was about Coinjoin, he was talking about tainted coins and explained how people can avoid the problem by adding "hops". To make it short, you need to make 12 new transactions (less can be enough (3-4) to fool newbie/medium blockchain analysts) similar to what "Ricochet" from Samourai wallet does.

Thanks. It was really that video. I thought it was, but I wasn't sure. That's a nice video. in this case the 12 transactions and tainted coins could fool some exchange or whatever.

He suggested in the videor that you could do 12 internal transactions inside your own wallet to fool those exchanges that say your coins are tainted because they were mixed.

But a deeper investigation on someone tracking you wouldn't work. Someone from government looking for someone avoiding taxes for example... They could look at the mixing and try to find your original addresses leading to an exchange with kyc for example.
legendary
Activity: 2268
Merit: 16328
Fully fledged Merit Cycler - Golden Feather 22-23
July 30, 2019, 03:36:26 PM
#16
Most exchange which don't require KYC/AML at all are either scam or shady, unless you're talking about DEX.

Word of caution:
Chatting on the Italian Telegram channel with some representative from a well known Bitcoin Exchange, he told us they usually track back funds coming into their exchange a "few steps back" and they flag them if such funds appear to come from mixing/coinjoin addresses.

They have quite sophisticated algorithm to do so, and didn't disclose what "a few step backs" means (in term of hops/time between transactions or a mix of the two). Also didn't disclose exactely how they recognise those kind of transactions, even if some kind of approach based on number of input(outputs can be an easy guess).

For the moment those flags bear no action (most of times), but regulators want every exchange to be technologically ready to act in case any rule would be enacted.

Not surprising, few mixers and CoinJoin method such as ChipMixer's chip and Wasabi's fixed output amount are extremely easy to detect. Anyone who learn programming could write script to detect method i've mentioned.

Chainalysis has been doing it for years, even though they couldn't de-anonymize some mixers/CoinJoin method.

Exactly.
What I meant is: don't think you are sure because you want trough a CoinJoin or a similar technique.
Privacy hunters (regulators) are only a step behind, or at par, with most advanced privacy advocates (users). If you are the average user, then you are not using state of the art techniques and you can easily caught off guard. You think you are safe, while you are not.
copper member
Activity: 2940
Merit: 4101
Top Crypto Casino
July 30, 2019, 03:06:46 PM
#15
Now there is no easy way for someone to know where your address A coins went to, since you sent them to a mixer which address may or not be known, and another random address from the mixer (B) sent to Address B.

I hope you understand this.


I once saw antonopoulos explaining that even using a mixer your coins can be tracked back to you, so a mixer would be pseudo anonymous.
Any thoughts on this? Probably even mixers can be traced back to sender if someone spend a lot of time?

He said in a video, I will look for it later.

The video you're talking was about Coinjoin, he was talking about tainted coins and explained how people can avoid the problem by adding "hops". To make it short, you need to make 12 new transactions (less can be enough (3-4) to fool newbie/medium blockchain analysts) similar to what "Ricochet" from Samourai wallet does.
copper member
Activity: 2296
Merit: 4460
Join the world-leading crypto sportsbook NOW!
July 30, 2019, 11:32:30 AM
#14
I think mixing should be looked at as if it comes in degrees and scales.  The more resources available to the people from whom you're trying to hide the more you have to obfuscate your movements.  If we're talking about simple privacy a coinjoin wallet or a mixing service should be fine.  If you're trying to hide from law enforcement then you should definitely not rely on either, but use a combination of several mixing methods.

The most robust solution is also likely to be the most expensive; ie keep the funds moving, constantly changing amounts, and use anonymous coins like monero or grin to add obfuscation.  Theymos put together a pretty good article about mixing methods here.

What you do with the funds at the end of the day is also critical.  If a LEO is trying to track a dark wallet that started out with one bitcoin, then it was traded for monero through an anonymous exchange, the monero was transferred to two or three wallets, traded back to bitcoin, then sent nearly one bitcoin (minus transaction fees) to a clean wallet the LEO might suspect the wallets are connected, and only needs to confirm the connection.  If the funds were split up over several wallets with varying amounts through out the process that will add to the obfuscation.
legendary
Activity: 1946
Merit: 1427
July 30, 2019, 10:28:37 AM
#13
Here is a risk: If this user has some shady record then my coins are now carrying that bad reputation.

This is my understanding.
Yep. If the user before you used a "weird" exchange where he or someone else traded in stolen funds, or a gambling site, there's a chance, especially if you yourself are using a US exchange such as Poloniex(?), (by the way, how do you use poloniex without submitting your ID?) that they might start asking questions.

This is what happened with the test I did with the mixing service. I sent them my coins. They already had their coins withdrawn (say to address x) from the exchanges (Binance, Poloniex), they send me the coins from address x to my given address. In this process they make some money from the fees they charge.
If the user who you traded with used Poloniex, he's on the hook, law enforcement will know exactly who he is, and he can always link YOU to the funds. If LE wants to, they can find you(r funds). So i guess if you just want to have a bit more privacy, you could do this, but there's many flaws attached.

Also unverified binance accounts can only do 2BTC a day, so setting up a serious mixing service would be difficult. Not to mention that i don't think this is something binance will necessarily be very appreciative of, (perhaps it is even in breach of their TOS to use accounts solely for onchain transactions? especially if they're from weird sources such as "unregistered" gambling sites et al (Binance ToU 13.0))
legendary
Activity: 3542
Merit: 1352
Cashback 15%
July 30, 2019, 08:28:31 AM
#12
I once saw antonopoulos explaining that even using a mixer your coins can be tracked back to you, so a mixer would be pseudo anonymous.
Any thoughts on this? Probably even mixers can be traced back to sender if someone spend a lot of time?

Mixers aren't magical systems that poofs transactions and completely separates point A from point B, so Antonopoulos is right on his statement. The mere fact that technology like Ciphertrace has already exists proves that even the most complicated and diluted trail of transactions can be uncovered with sufficient time and ample amount of engineering and tweaking the system. Now I'm not saying that mixers aren't safe anymore due to Ciphertrace, but the possibility of uncovering the tracks of transactions mixers are obfuscating is already present and can possibly pose a problem should law enforcement decides to employ their service.
legendary
Activity: 2268
Merit: 16328
Fully fledged Merit Cycler - Golden Feather 22-23
July 30, 2019, 07:27:33 AM
#11
Word of caution:
Chatting on the Italian Telegram channel with some representative from a well known Bitcoin Exchange, he told us they usually track back funds coming into their exchange a "few steps back" and they flag them if such funds appear to come from mixing/coinjoin addresses.

They have quite sophisticated algorithm to do so, and didn't disclose what "a few step backs" means (in term of hops/time between transactions or a mix of the two). Also didn't disclose exactely how they recognise those kind of transactions, even if some kind of approach based on number of input(outputs can be an easy guess).

For the moment those flags bear no action (most of times), but regulators want every exchange to be technologically ready to act in case any rule would be enacted.
hero member
Activity: 1232
Merit: 738
Mixing reinvented for your privacy | chipmixer.com
July 30, 2019, 07:13:11 AM
#10
I really do not see the use a mixing service. I can do it by my own (if this is mixing) :-P
yes, you can do it yourself by sending to non-kyc exchange and withdrawing back to a new unused address
or you can just use a wallet that has a built-in coinjoin transaction feature Cool

imo, the best mixer would be the one that uses fresh minted coins (coinbase)
that is literally what can be called new clean coin and no possible connection (on blockchain) to your old coin
legendary
Activity: 2464
Merit: 3878
Hire Bitcointalk Camp. Manager @ r7promotions.com
July 30, 2019, 06:37:24 AM
#9
Mixers don’t store logs (or at least don’t claim to). So you’re the only one that know the origin and final destination of the funds.
I would say some do. Bestmixer was a mixing service that was shut down by the authority and they claimed that they have all the customers data and stuffs.

Quote
If you just use an exchange, they know and 100% save (and will even provide to any government that asks) everything from the input and output of your “mixing”. IPs, KYC (if any), addresses that deposited and withdrawals. It is WAY worst than just sending Address A —> Address B, because you are putting a middleware that actually tracks you.
I never said that I will send the coin to an exchange registered using my ID.

This is what happened with the test I did with the mixing service. I sent them my coins. They already had their coins withdrawn (say to address x) from the exchanges (Binance, Poloniex), they send me the coins from address x to my given address. In this process they make some money from the fees they charge.

The trace was broken from my coins but now I have new trace with the user who sent the coins from the exchange to address x. I do not know who is the user but those exchanges will think that I am that user but originally I am someone else.

Here is a risk: If this user has some shady record then my coins are now carrying that bad reputation.

This is my understanding.
legendary
Activity: 2758
Merit: 6830
July 30, 2019, 06:26:35 AM
#8
Yeah I know this:
A -> Mixer
Mixer -> B

I was taking about any magic behind the mixing process. If this is very easy like sending the coins in an exchange or gambling site and then send the coins to point B then why would anyone bother to use a mixing service and pay extra fees. The one I was testing took 5% fees with a 0.00015BTC flat fee.

This also concerns the point bones261 bought on the table.

Mixers don’t store logs (or at least don’t claim to). So you’re the only one that know the origin and final destination of the funds.

If you just use an exchange, they know and 100% save (and will even provide to any government that asks) everything from the input and output of your “mixing”. IPs, KYC (if any), addresses that deposited and withdrawals. It is WAY worst than just sending Address A —> Address B, because you are putting a middleware that actually tracks you.

Quote
This is what I was looking for. So someone (even you and me like average joe) receive the coins and then they send some coins to an temporary address1 from an exchange, then temporary address2 and if require do some more complexity before to send the coins to the final destination.

I really do not see the use a mixing service. I can do it by my own (if this is mixing) :-P
I’m sure there are ways of doing this. But like I said, exchange logs could make this useless.
legendary
Activity: 2464
Merit: 3878
Hire Bitcointalk Camp. Manager @ r7promotions.com
July 30, 2019, 05:57:21 AM
#7
It breaks the connection between the address 1 (input) and the address 2 (output). It’s as simple as that.

If you use an address that is known as yours to buy groceries, everyone can see that you are the one that sent it and to who you sent it.

Without a mixer:

Address A —> Address B.

With a mixer:

Address A —> Mixer A.
Mixer B —> Address B.

Now there is no easy way for someone to know where your address A coins went to, since you sent them to a mixer which address may or not be known, and another random address from the mixer (B) sent to Address B.

I hope you understand this.
Yeah I know this:
A -> Mixer
Mixer -> B

I was taking about any magic behind the mixing process. If this is very easy like sending the coins in an exchange or gambling site and then send the coins to point B then why would anyone bother to use a mixing service and pay extra fees. The one I was testing took 5% fees with a 0.00015BTC flat fee.

This also concerns the point bones261 bought on the table.

  An authority could issue a subpoena to both poloniex and binance to get the mixer's account activity with them both and may be able to link your transactions that way. However, if they were after you in particular, it would probably be easier for them to confiscate your personal electronic devices, and gather what is going on from there.


Obviously. Mixers aren’t magical websites.
This is what I was looking for. So someone (even you and me like average joe) receive the coins and then they send some coins to an temporary address1 from an exchange, then temporary address2 and if require do some more complexity before to send the coins to the final destination.

I really do not see the use a mixing service. I can do it by my own (if this is mixing) :-P
hero member
Activity: 1358
Merit: 851
July 29, 2019, 10:41:46 PM
#6
Probably even mixers can be traced back to sender if someone spend a lot of time?
An user claimed that most (almost all) of the mixing can be traced- https://bitcointalksearch.org/topic/breaking-mixing-services-5117328

theymos has shared a decent method for mixing here-
https://bitcointalksearch.org/topic/guide-decent-mixing-methods-5146241
Pages:
Jump to: