Well, sure, but i think that the point is that that's impossible. Let's suppose an auditor checks Chipmixer's infrastructure- and then gives "the green light"; Chipmixer could, if they wanted to, simply change some of the source code. Any of the current mixers could.
This is true unless we implement off-chain cryptography ie. blinded bearer certs. If we do - you can prove unlinkability without checking our code.
Or they may be scared of being linked with "money laundering". There are still some people that using https or VPN is "hacking".
We have contacted nullius about developing Chaumian bank.