legendary
Activity: 3584
Merit: 5248
https://merel.mobi => buy facemasks with BTC/LTC
I've created a concept for somebody several years ago.
In it's essense, a "classical" bitcoin mixer isn't all that hard to understand... Just generate a mixing session where a user submits the address where he wants to receive clean coins, present him with a deposit address, monitor said address for unspent outputs funding said address, calculate how much clean coins the customer is entitled to receive and then create a transaction using a wisely chosen set of unspent outputs.
The real "magic" is chosing the correct set of unspent outputs. You can do so by seperating the "receiving" wallet and the "sending" wallet, maybe even on seperate machines, maybe even by deriving "receiving" addresses from an xpub, so you cannot spend the incoming unspent outputs, maybe by using things like exchanges or services with hot wallets, maybe by coinjoining, maybe by using other mixers, maybe by just tumbling your coins. You'll defenately need some knowledge to make sure your customer will stay happy, if he receives coins from his previous mix, he probably won't like your service.
On top of this, you need bulletproof hosting, DDos protection, a hardened (multi)server setup, darknet presence, anonymous tld registration,....
You'll also need to think about things like a letter of guarantee, output tuning, fee rate estimation, randomisation of the type of unspent output,...
Defenately not an easy task. With the current crypto climate, i wouldn't dare of writing up a mixing service anymore. To much heat to bring to yourself... Also, you'll need a pretty competent lawyer, mixing might be legal in some countrys and illegal in others...
My proof of concept many years ago was made up of a 3 server setup: a frontend sending PGP encrypted messages to the database and a backend hosting both receiving (watch-only) and sending (hot) wallet. Every server had his own keypair, all packages sent between any of the servers was always encrypted. The data in the database was also encrypted. The disks of the servers were encrypted. No logs whatsoever. The frontend was just a gui where the session was created, everything was stored in the db. The frontend had 2 network interfaces: an internal and an external. The database only had 1 internal interface on the same vlan as the external and backend server (the db could not be reached over the internet, it was patched using a fourth repo server that was turned off by defauld, had 2 network interfaces and was only started so the db server could be patched). The backend also had 2 interfaces: one on the internal vlan, one external interface. All 3 servers had a different OS/distro (freeBSD, centOS and debian), and each server was bulletproofed pretty well. The backend contained all code, everything was written in python, the wallets were connected over tor, and the peers were carefully selected.
And even then, it was ONLY a proof of concept i made for a thirth party, it was never brought into production. If it would have been brought into production, i would have had to bring in a second trusted dev to review my code, and move everything over to a bulletproof hosting facility. But this wasn't the initial setup anyway, it was not what my client had in mind to begin with, so we never did that.
If it's just a way for you to learn about the ecosystem: why not... If you're serious: honestly, i wouldn't touch your mixer with a ten foot pole after seeing you came onto bitcointalk and asked for a tutorial on how to create a mixer... Doing something like this correctly requires an above-average amount of knowledge about the bitcoin protocol, the bitcoin community, the scripting language you'll be using and proper system administration knowledge... It's not like you'll ever find a step by step tutorial that teaches you how to setup a good mixer.