Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Service Announcements
Merits 9 from 4 users
Re: [ANN] ChipMixer.com - Bitcoin mixer / Bitcoin tumbler - mixing reinvented
by
RHavar
on 11/09/2019, 04:46:49 UTC
⭐ Merited by TryNinja (3) ,AdolfinWolf (3) ,LoyceV (2) ,LeGaulois (1)
@ChipMixer have you looked into trying to provide guarantees you're not logging?


I am probably not the target audience, but I am deeply skeptical of mixers.  It would seem to me to be negligent of intelligence-agencies to not be running their own mixing services. And as none of the mixers provide any guarantees of not-logging, it seems kind of impossible for a user to know which are honeypots and which aren't.

One feasible way (AFAICT) of proving you aren't logging would be making-public the program that runs on the server. That program would not log (which people can check by looking at the source code) and it would generate a "communication key". Which would be an asymmetric encryption key that can be used to securely talk to the program. Then on your website you make a little light js client which serializes/deserializes encrypted messages from server-side program.

So now the only thing you need to do, is prove the "communication key" was generated by the program. If we know the communication key was generated by the program, then we know anything encrypted to that key can only be read by the program, and we know that program does not log. Now the cool thing is we can use Intel's SGX and remote attestation to actually prove this key was generated by this particular program.

I think put together would give users pretty strong assurances that your service is doing what it claims.


Anyway, food for thought.