Pages:
Author

Topic: Ultimate Bitcoin Privacy - Discussion - page 3. (Read 1658 times)

legendary
Activity: 3948
Merit: 3191
Leave no FUD unchallenged
April 03, 2023, 06:15:09 AM
#48
Even though I don't believe I have anything to worry about, I'd still prefer to add more signers to the multi-sig so I don't have full control anymore. This would make it safer for everyone, I really do not like the fact that users have to trust me. For now this is the only option though, and I will not take any steps in this direction unless I am 100% sure it's done in a safe way. The community would also have to agree with the plan before I set it in motion
The way you are trying to involve individuals from the community  and keep talking about community in the main operations with the multi signature addresses and things, I wonder what the three letter agency will feel about it when they will target your project. If you become bigger then today or tomorrow they will come after you and the people with you working in the managerial level holding the keys.

If they get the false sense of understanding that the mixer is running by bitcointalk community then immediately they will come after bitcointalk and destroy it.

I'd suggest when selecting trusted members of the community to act as additional signers, those members reside in regions that:

a) aren't openly hostile to Bitcoin,
b) aren't aligned with US/EU interests and
c) aren't all in the same place  

That alone will make it more resilient to takedown.  It's not just about trusting the individuals, it's about what their respective governments might do.
hero member
Activity: 882
Merit: 792
Watch Bitcoin Documentary - https://t.ly/v0Nim
April 03, 2023, 05:33:07 AM
#47
Having said all of the above as far as I'm concerned I am not doing anything illegal. I don't encourage illegal activity and will never promote the service on the darknet or for any illegal purposes, I'm a simple provider of privacy services. There are no statistics regarding % of CEX funds coming from illicit sources so we can't compare to what we know about mixers, but my guess is that the number is very similar if not higher for centralized exchanges. There are bad actors in every industry, you can't just shut down all businesses of one type because of a few bad apples. If the service will start to get seriously abused by bad actors and big pressure will be put on us then I'd much rather shut down the service early and honorably than put users funds and privacy at risk, but for now I still believe there has to be a way to run everything legally.
Thank you for your responses, hope you don't mind if I ask you some deep questions:
1. Do you do something or plan to do something to prevent abuse of your service? I mean to minimize it cause nothing is totally preventable. There are people who care about their privacy and there are people who want to do illegal things, do you have a plan to make your service unlikeable for the people who do illegal things? To get rid of them. Do you think are there any measurements that you can take while keep your service functional for people who care about their privacy?
I know this question can sound strange but it's still an interesting one. More likely I mean, you may be able to get list of addresses that are known to be found in illegal activities and you may include these addresses in your blacklist to not be able to use your service.

2. I think, you understand that doesn't matter how trusted someone is on this forum, there is a chance that any signer can actually be a spy. By the way, what do you think, what's the number of signers that can make you feel safe and get rid of cooperation to steal money? Definitely 3/3 or 7/7 won't work, you need something like 2/3 or 5/7 at least. I think this is a huge challenge.
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
April 03, 2023, 03:40:47 AM
#46
So, as far as I've understood (without giving much emphasis on the details), whirlwind is a mixer that knows the input, but doesn't know the output (i.e., I send 0.01 BTC, but they don't know which 0.01 BTC output I will spend). Is that correct?

I have some questions:
  • First of all, what's your setup, as NotATether said? ChipMixer was proved to have poor setup, and even if your service isn't prone to failure due to centralization, your absence would lead to the corruption of the service (at least now that it's brand new).
  • How do you plan to select anonymous trustworthy members?
  • Who grants us that the authorities will not try to shut down the federation? AFAIK, from what I've read, the trustworthy members will only protect the users in case whirlwind is shutdown, and it protects their privacy using blinded certificates, but it doesn't grant that the service will continue being online after whirlwind (the user) disappears.

Very interesting implementation, I hope it goes well.
legendary
Activity: 2268
Merit: 18711
April 03, 2023, 03:12:57 AM
#45
If we didn't have the Notes then I agree, Fast mode would have the same disadvantages as any other mixer. But since outputs from Notes and Fast look exactly the same there is no way for any outside observer to know which mode you used. So Fast mode is as secure as the Notes from a privacy set standpoint. I would still recommend using Notes regardless because they offer the end-user full control over the process.
That's a good point, and one I did not consider. For an external observer using blockchain analysis, then a fast mix appears identical to someone using notes. They can see the deposit being made, but since they don't know if the user is using fast or notes, they are unable to reach any conclusions about the time frame of when the withdrawal will be made or how much will be withdrawn. Both fast and notes users benefit from being in the larger anonymity set provided by the other type of user, and having the different process help to obfuscate what is happening.
member
Activity: 119
Merit: 38
Yo! Member
April 03, 2023, 02:04:22 AM
#44
Even though I don't believe I have anything to worry about, I'd still prefer to add more signers to the multi-sig so I don't have full control anymore. This would make it safer for everyone, I really do not like the fact that users have to trust me. For now this is the only option though, and I will not take any steps in this direction unless I am 100% sure it's done in a safe way. The community would also have to agree with the plan before I set it in motion
The way you are trying to involve individuals from the community  and keep talking about community in the main operations with the multi signature addresses and things, I wonder what the three letter agency will feel about it when they will target your project. If you become bigger then today or tomorrow they will come after you and the people with you working in the managerial level holding the keys.

If they get the false sense of understanding that the mixer is running by bitcointalk community then immediately they will come after bitcointalk and destroy it.
copper member
Activity: 112
Merit: 338
April 02, 2023, 07:48:50 PM
#43
I remember reading that report thoroughly at the time it was shared. I agree that the structure that ChipMixer used, and the similar structure that Whirlwind is now using, meant that they can't be broken in the same way as traditional mixers exactly for the reasons whirlwindmoney has given above. By allowing users to deposit different amounts to different addresses at different times, to combine and split these amounts freely, to do so over any period of time desired, and then to withdraw any amount of coins from their vouchers/notes, it becomes impossible to track inputs and outputs in the same way this report does. Of course users can still make mistakes such as combining mixed and unmixed UTXOs, but the service itself is not at fault in such cases.

My feeling would be that the fast option would potentially be breakable in the same way that every other mixer is, but notes would not be breakable in the same way that ChipMixer wasn't.

And of course if things get as far as blinded certificates, then it becomes provably impossible to link deposits and withdrawals via blockchain analysis, since certificate issuing, trading, spending, and redeeming, all happens off chain and Whirlpool are blinded to the individual certificates.
If we didn't have the Notes then I agree, Fast mode would have the same disadvantages as any other mixer. But since outputs from Notes and Fast look exactly the same there is no way for any outside observer to know which mode you used. So Fast mode is as secure as the Notes from a privacy set standpoint. I would still recommend using Notes regardless because they offer the end-user full control over the process.

I'll ask again: If you have access to the backup where the seeds of all signers are stored, finally total control comes down to you. Did I understand correctly? If I didn't, please enlighten me cause seems I didn't get it then.
Yes you understood correctly, I have total control. I explained in previous messages that the multi-sig's purpose is to protect against external attackers, not against myself.

Considering the recent situation with Chipmixer, I think this is definitely a valid question.

Rather than asking a few questions about user privacy, I will ask another kind of question.

What preventative measures have you taken to protect yourself from arrest and federal government seizure of website assets (i.e: how do you plan to avoid Cipmixer's fate)?
It sure is a valid question and I understand the concern, I'll share my view on this issue. As I said since before I even launched the service, I am hoping for the best while preparing for the worst.

I could give more technical details about our security, but all I will say for now is that we took the most extreme security precautions possible. Our "hot wallet" is a 3/3 multi-sig with one of the signers being a physical server, so funds are safe. The infrastructure looks like a mini blockchain (with only 3 validators or signers which are all run by us for now), so even if the frontend or backend servers would get hacked, no funds could be stolen since faking guarantee letters using the backend server doesen't do anything as the signers would also have to verify. It's complicated, but like I said before if I'll find willing trusted members to run signers with us I am willing to do it.

Having said all of the above as far as I'm concerned I am not doing anything illegal. I don't encourage illegal activity and will never promote the service on the darknet or for any illegal purposes, I'm a simple provider of privacy services. There are no statistics regarding % of CEX funds coming from illicit sources so we can't compare to what we know about mixers, but my guess is that the number is very similar if not higher for centralized exchanges. There are bad actors in every industry, you can't just shut down all businesses of one type because of a few bad apples. If the service will start to get seriously abused by bad actors and big pressure will be put on us then I'd much rather shut down the service early and honorably than put users funds and privacy at risk, but for now I still believe there has to be a way to run everything legally. This is not because I don't believe Bitcoin is fungible or anything of this sort, but regardless if the service gets seized or sanctioned, the end result is the same as in it can't really be used anymore, so everyone loses. Having great security is a must, but relying on this by itself doesen't generate any value for the long term. I'd much rather try to find a way in which everyone is happy, or at the very least not too unhappy, while users enjoy full privacy. This is what they pay for and nothing less is acceptable
I also want to emphasize that I have not commited any crimes while creating Whirlwind, for example identity theft.

Even though I don't believe I have anything to worry about, I'd still prefer to add more signers to the multi-sig so I don't have full control anymore. This would make it safer for everyone, I really do not like the fact that users have to trust me. For now this is the only option though, and I will not take any steps in this direction unless I am 100% sure it's done in a safe way. The community would also have to agree with the plan before I set it in motion
legendary
Activity: 2534
Merit: 1713
Top Crypto Casino
April 02, 2023, 03:50:41 PM
#42
Considering the recent situation with Chipmixer, I think this is definitely a valid question.

Rather than asking a few questions about user privacy, I will ask another kind of question.

What preventative measures have you taken to protect yourself from arrest and federal government seizure of website assets (i.e: how do you plan to avoid Cipmixer's fate)?
hero member
Activity: 882
Merit: 792
Watch Bitcoin Documentary - https://t.ly/v0Nim
April 02, 2023, 01:38:00 PM
#41
I'm here for any questions if something is unclear
I'll ask again: If you have access to the backup where the seeds of all signers are stored, finally total control comes down to you. Did I understand correctly? If I didn't, please enlighten me cause seems I didn't get it then.

Rather than asking a few questions about user privacy, I will ask another kind of question.

What preventative measures have you taken to protect yourself from arrest and federal government seizure of website assets (i.e: how do you plan to avoid Cipmixer's fate)?
That's kinda strange question, if he says that he does in order to save himself from the claws of government, would it make sense in terms of security?
By the way, another question that I have, is, why does someone want to create a mixer when this happened to chipmixer? Or why does any of them want to continue to operate? When you enter the ocean, you enter the food chain.
legendary
Activity: 1022
Merit: 1341
April 02, 2023, 01:21:53 PM
#40
Everyone has the right to rush to fill the big gap left by Chipmixer, but on the other hand, it has become very difficult for any mixer to gain the trust of the community because of this incident, which showed that the mixer was keeping user data.
If I would not be mistaken Chipmixer was the biggest Mixing company in the community, until it demised and presently whirlwindmoney has taken over that Chipmixer's position in the community. Well you can't give an inductive reasoning on whirlwindmoney and Chipmixer, I am not saying that you should trust them but where (the root of launching) the mixer is entirely different from Chipmixer therefore they have different operations and managers.


I, as many here, do not know how blind certificates work completely, but what I do know is that it has become very difficult to trust any third-party services. I personally do not trust that any third-party service fully maintains privacy.

You need to decentralize the service almost completely to gain trust.
Really this is my first time of hearing this blind certificate, if the transactions are anonymity to the public then they can make the whole system anonymous to every users for fair transactions. In any system trust is the most important thing to keep. I will want whirlwindmoney to be transparent in all their dealings with their customers and both in the community and in the site.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
April 02, 2023, 09:30:39 AM
#39
Rather than asking a few questions about user privacy, I will ask another kind of question.

What preventative measures have you taken to protect yourself from arrest and federal government seizure of website assets (i.e: how do you plan to avoid Cipmixer's fate)?
legendary
Activity: 2268
Merit: 18711
April 02, 2023, 08:15:25 AM
#38
I remember reading that report thoroughly at the time it was shared. I agree that the structure that ChipMixer used, and the similar structure that Whirlwind is now using, meant that they can't be broken in the same way as traditional mixers exactly for the reasons whirlwindmoney has given above. By allowing users to deposit different amounts to different addresses at different times, to combine and split these amounts freely, to do so over any period of time desired, and then to withdraw any amount of coins from their vouchers/notes, it becomes impossible to track inputs and outputs in the same way this report does. Of course users can still make mistakes such as combining mixed and unmixed UTXOs, but the service itself is not at fault in such cases.

My feeling would be that the fast option would potentially be breakable in the same way that every other mixer is, but notes would not be breakable in the same way that ChipMixer wasn't.

And of course if things get as far as blinded certificates, then it becomes provably impossible to link deposits and withdrawals via blockchain analysis, since certificate issuing, trading, spending, and redeeming, all happens off chain and Whirlpool are blinded to the individual certificates.
copper member
Activity: 112
Merit: 338
April 01, 2023, 08:26:42 AM
#37
Since you are open to hearing opinions, I hope you will visit this link ----> Breaking Mixing Services

If there is interest in this topic, I can publish further information (source-codes, examples, ..) on this topic and attacks.
Link to my thesis (python source inside): https://www.dropbox.com/s/3yapwyfz72tvswh/BA_mixing_services.pdf?dl=0
Author: Felix Maduakor
Email: [email protected]

1 Chipmixer was the only centralized mixing service which I did not break fully. However, I did not put much work into checking this mixing service.


Contact him, and if he accepts to give a paid review, I think that this will contribute a lot to gaining trust in your mixer service (at least for some here)
I went through his report and altough I'm sure we already fixed the issues outlined by him, I will still try to get him to do a paid review for your confirmation.

Coinmixer.se (the service used as example in the report) works like most mixers on the market today, and they all have the same big issues in common:
1.Maximum delay time is limited
2.Maximum amount of output addresses is limited
3.No option to have higher outputs than inputs
4.Use of mixing codes

These issues make it possible for anyone to perform blockchain analysis with relative ease. The privacy set (number of deposits your output transaction could have originated from) which is the most important figure in my opinion, is reduced to only the transactions that were performed during the time limits imposed by the "maximum delay". And since you also know the maximum number of output transactions each deposit has, it's not that difficult to deanonymize it.

We solve all these issues by introducing the Note mechanism. Let's see how the above issues apply to Whirlwind:
1.Maximum delay time is unlimited
2.Maximum amount of output addresses is unlimited
3.Outputs can be higher than inputs (combine Notes)
4.We don't use mixing codes

Since the user has the option to deposit and withdraw whenever he likes and we don't impose a limit, blockchain analysis becomes useless. In the case of coinmixer.se it's written in the report that they had about ~1000 deposit transactions a week. If we assume we'll have the same, then the privacy set of Whirlwind will grow by 1000 every week.

After 10 weeks every output transaction could originate from any of the 10,000 deposits into Whirlwind, and this figure will only grow as time goes on. With other mixers it doesen't matter how many deposits they have in total, the privacy set doesen't increase.

The use of mixing codes by a service confirms that the privacy set is very weak and introduces other risks since it can link your transactions. If a mixer does what it's supposed to do, it shouldn't matter if you get 'your own coins' back because anyone that ever used the service could have withdrawn those coins.
legendary
Activity: 2702
Merit: 4002
April 01, 2023, 06:47:04 AM
#36
 Since you are open to hearing opinions, I hope you will visit this link ----> Breaking Mixing Services

If there is interest in this topic, I can publish further information (source-codes, examples, ..) on this topic and attacks.
Link to my thesis (python source inside): https://www.dropbox.com/s/3yapwyfz72tvswh/BA_mixing_services.pdf?dl=0
Author: Felix Maduakor
Email: [email protected]

1 Chipmixer was the only centralized mixing service which I did not break fully. However, I did not put much work into checking this mixing service.


Contact him, and if he accepts to give a paid review, I think that this will contribute a lot to gaining trust in your mixer service (at least for some here)
copper member
Activity: 112
Merit: 338
March 30, 2023, 04:22:25 PM
#35
I am coming from your response on the Ann. As I said, right now telling about multi-sig feature is a misinformation until it's implemented.
How is it misinformation if it is implemented?

At the moment, with whirlwindmoney being the sole operator of the site, then they are in control of all 3 keys in a 3-of-3 multi-sig. This provides additional security against a single server being seized or infiltrated, but it still requires complete trust from the end user that whirlwindmoney won't scam them, as it would in a normal single-sig set up.

In the future with blinded bearer certificates and the involvement of other third parties, then presumably the best option in that scenario would be to migrate to a different multi-sig. Let's say they recruit nine other people to be signers for the blinded certificates. Maybe something like a 7-of-10 multi-sig would be the best in that case, which provides a good mix of security against some of the signers being dishonest as well as redundancy against some of the signers being taken offline, seized, infiltrated, etc.
I suggest you read some of the earlier messages here to understand the purpose of the multi-sig

We will try our best to migrate to the trustless version as soon as possible, it all depends on how fast we'll be able to find the right users for the multi-sig. Until then as you said funds are safe from external actors but we could scam anytime if we wanted.
I'm here for any questions if something is unclear
member
Activity: 119
Merit: 38
Yo! Member
March 30, 2023, 03:51:38 PM
#34
3/3 is a case where three signature is required to sign a transaction. So, if one user isn't online or able to sign, then you are going to migrate to a new multi-sig with new signers and servers because you have the backup, you said that.
So, if you hold the backup for all 3 signers and you can always change the fate of situation, doesn't that mean that all you are doing by multi-sig is that you just put transparent curtains? I mean, what's the point of 3/3 multisig if you can always do whatever you want?
Currently I am all 3 "users", the point is that if you have a 2 server setup for the whole infrastructure, like in a case where we all know for a fact this is the truth, then the entire service including funds are at risk of being hacked/seized//the list goes on. I can't disclose the exact setup that we are running for obvious reasons but there are >5 servers, and all but the clearnet frontend one are not exposed. While risk still exists with our setup too, it's mitigated to a minimum. I am not trying to pretend that I don't have access to funds or anything like that, I said multiple times that unless there will be more signers besides me in the multi-sig, then users will have to trust me and it's just how it is. But at least if you assume I am honest, then you don't have to worry about much else. I don't believe you have this luxury with many other services.
I mean, if something happens to those one or two users, you can use your backup that you hold for all 3 signers, right? This means, finally the control system is still centralized and in reality, we don't get pure 3 signers service because after all, you are capable to use those keys anytime you wish and finally it comes to whether we trust personally you or not, right? Or did I misunderstood something here?
Btw I'm not saying whether you are trustworthy or not, I'm neutral here.


It sounds complicated. If I have all cosigners seed then having a multi-sig is just giving a false security. It's again down to trusting one person. On the other hand it's risky for other two cosigners as they might be blamed for any mishandling. Their reputation will be at risk.

The mentions multi sig system, is it already implemented? I think it's not yet, in the case it's giving a false information.

Nice Ann design.
We are in the trust business, if we'd lie about something like this then we have no place doing what we do. You can read more about the multi-sig setup in the other thread I started.
I am coming from your response on the Ann. As I said, right now telling about multi-sig feature is a misinformation until it's implemented.
hero member
Activity: 882
Merit: 792
Watch Bitcoin Documentary - https://t.ly/v0Nim
March 30, 2023, 03:06:43 PM
#33
3/3 is a case where three signature is required to sign a transaction. So, if one user isn't online or able to sign, then you are going to migrate to a new multi-sig with new signers and servers because you have the backup, you said that.
So, if you hold the backup for all 3 signers and you can always change the fate of situation, doesn't that mean that all you are doing by multi-sig is that you just put transparent curtains? I mean, what's the point of 3/3 multisig if you can always do whatever you want?
Currently I am all 3 "users", the point is that if you have a 2 server setup for the whole infrastructure, like in a case where we all know for a fact this is the truth, then the entire service including funds are at risk of being hacked/seized//the list goes on. I can't disclose the exact setup that we are running for obvious reasons but there are >5 servers, and all but the clearnet frontend one are not exposed. While risk still exists with our setup too, it's mitigated to a minimum. I am not trying to pretend that I don't have access to funds or anything like that, I said multiple times that unless there will be more signers besides me in the multi-sig, then users will have to trust me and it's just how it is. But at least if you assume I am honest, then you don't have to worry about much else. I don't believe you have this luxury with many other services.
I mean, if something happens to those one or two users, you can use your backup that you hold for all 3 signers, right? This means, finally the control system is still centralized and in reality, we don't get pure 3 signers service because after all, you are capable to use those keys anytime you wish and finally it comes to whether we trust personally you or not, right? Or did I misunderstood something here?
Btw I'm not saying whether you are trustworthy or not, I'm neutral here.
full member
Activity: 130
Merit: 150
March 29, 2023, 09:54:14 PM
#32
Thinking very long term here because I know in the near term challenge is just to find three separate trusted members, but it would be really neat to someday set up a system with separate groups of 3 signers and allow the user to choose which group to engage with. This would reduce the trust to place in the service for picking the three members and give us more autonomy on choosing exactly who we can trust. It would also set up a very neat system where people could essentially form their own mixer on your service. Three people join together, they each control separate certificates to form a mixing/trust cluster, and they get a portion of the mixing fee (as does Whirlwind). These people would then be super promoters of Whirlwind because they'd be promoting their own mini mixer within the Whirlwind system. They might even fund their own signature campaigns and other sort of referral programs. I worked with developing a referral program years ago and it was the single best thing the company did for acquiring new users. The company paid the users well for their referrals, and it practically 10x-ed growth.
copper member
Activity: 112
Merit: 338
March 29, 2023, 12:21:28 PM
#31
I, as many here, do not know how blind certificates work completely, but what I do know is that it has become very difficult to trust any third-party services. I personally do not trust that any third-party service fully maintains privacy.
Understandable, but that's the advantage of blind certificates. You won't need to trust that we don't keep logs, it would be impossible to log anything even if we tried. This will be provable beyond any doubt at any point since it's code, not just our words.

The blind certificates are certainly causing a lot of confusion since it's a relatively novel idea put into practice. Perhaps you all could create a graphic that would explain it clearly and in an illustrative manner? That would help a lot vs. reading paragraphs of text about it, and then it'd be easy to repost to answer this question moving forward.
Great idea, we will do that once we get some traction with the current version

3/3 is a case where three signature is required to sign a transaction. So, if one user isn't online or able to sign, then you are going to migrate to a new multi-sig with new signers and servers because you have the backup, you said that.
So, if you hold the backup for all 3 signers and you can always change the fate of situation, doesn't that mean that all you are doing by multi-sig is that you just put transparent curtains? I mean, what's the point of 3/3 multisig if you can always do whatever you want?
Currently I am all 3 "users", the point is that if you have a 2 server setup for the whole infrastructure, like in a case where we all know for a fact this is the truth, then the entire service including funds are at risk of being hacked/seized//the list goes on. I can't disclose the exact setup that we are running for obvious reasons but there are >5 servers, and all but the clearnet frontend one are not exposed. While risk still exists with our setup too, it's mitigated to a minimum. I am not trying to pretend that I don't have access to funds or anything like that, I said multiple times that unless there will be more signers besides me in the multi-sig, then users will have to trust me and it's just how it is. But at least if you assume I am honest, then you don't have to worry about much else. I don't believe you have this luxury with many other services.

After gaining trust, will the fast situation be deleted and only use notes? and what is your plans to get trust? only high-payment the signature campaign?
We will phase out the Fast mode only if we migrate to a setup with multiple signers. (I explained before it's because all signers could keep logs for Fast mode and we can't take that risk) As for trust I was planning to run a review campaign and lock a few BTC in escrow, Hhampuz is looking to find a 3rd party to hold these funds. Not much else to do besides this other than running the service reliably, time will tell

What are the criteria for selecting *reputable users,* and will the contract be for decentralization and how will you deal with legal frameworks and how to make payments? Can anyone be a reliable member if he fulfills certain conditions, or is the list central?
I have no idea right now to be perfectly honest, but I hope that after some more time and discussions about this topic here we will come up with a reliable plan that we can execute.
legendary
Activity: 2702
Merit: 4002
March 29, 2023, 07:35:03 AM
#30
After gaining trust, will the fast situation be deleted and only use notes? and what is your plans to get trust? only high-payment the signature campaign?

until we find reputable users to add to the multi-sig there really is no way around it. We will try our best to migrate to the trustless version as soon as possible, it all depends on how fast we'll be able to find the right users for the multi-sig. Until then as you said funds are safe from external actors but we could scam anytime if we wanted.
blinded bearer certificates is a new concept for me < will read about it and update.

What are the criteria for selecting *reputable users,* and will the contract be for decentralization and how will you deal with legal frameworks and how to make payments? Can anyone be a reliable member if he fulfills certain conditions, or is the list central?
hero member
Activity: 882
Merit: 792
Watch Bitcoin Documentary - https://t.ly/v0Nim
March 28, 2023, 02:28:05 PM
#29
It is a 3/3 multisig setup, 1/3 would defeat the purpose. The reasoning behind it is that if one signer will ever be seized or it stops for any reason there is no damage that can be done.
3/3 is a case where three signature is required to sign a transaction. So, if one user isn't online or able to sign, then you are going to migrate to a new multi-sig with new signers and servers because you have the backup, you said that.
So, if you hold the backup for all 3 signers and you can always change the fate of situation, doesn't that mean that all you are doing by multi-sig is that you just put transparent curtains? I mean, what's the point of 3/3 multisig if you can always do whatever you want?
Pages:
Jump to: