Post
Topic
Board Scam Accusations
Merits 4 from 1 user
Re: SCAM EXCHANGE: Openchange (Openchange.cash) (PARTIALLY SOLVED)
by
dragonvslinux
on 11/07/2022, 18:40:14 UTC
⭐ Merited by o_e_l_e_o (4)
the coins were only mixed with each other, not with others in any effective manner
The point of using a mixer is to break the on-chain connection between your old coins and your new coins. It can't break the on-chain connection to the origin of the actual coins.
Because you effectively end up with different coins right? Even if it doesn't break the on-chain connection with your new coins, it breaks the connection with your old coins?
Basically:
[1] hax0r sent X stolen coins to CM
[2] legit user sent Y legit coins to CM
[3] legit user got Y amount of the stolen coins from CM
[4] hax0r gets X amount of other users' coins from CM

Your confusion comes from the assuption that every mixer works like CoinJoin; whereas ChipMixer is basically an off-chain mix.

I do understand this now, that the coins the hacker ends up with is different. Still the issue with the mix was the consolidation of 11K mixed coins back together, given all these inputs come from Crypsty addresses consolidated together, even if they are new coins. Clearly some chainanlysis will easily point to the fact these are the proceeds of crime, based on numerous factors, even if these coins are different.

Quote
This is assuming it was an online mixer that was used, and that the website had 11K BTC liquidity ($5 million back then)? To me they look like simple transactions that consolidates funds.
This topic is about a 0.256BTC transaction, which has nothing to do with whatever happened 8 years earlier.

I completely agree, I was initially merely answering BlackHatCoiner's question of a connection between transactions.

Given these exact same sets of coins have been sent to all major exchanges in recent months and not frozen, instead passed onto other users and exchanges, in the case of Binance mixed together. So there is still zero reason for OpenChange to be stealing this users funds, given large amounts have already gone back into circulation without any issues it seems.

Your confusion comes from the assuption that every mixer works like CoinJoin; whereas ChipMixer is basically an off-chain mix.
Even before ChipMixer, "coinjoin" was never the standard: a user would simply get someone else's coins in return for their own. Coinjoin is the only form of mixing that leaves an on-chain trail to follow.
True; CoinJoin is actually newer than I thought. According to Bitcoin Wiki CoinJoin page, the first mention of the idea of CoinJoins was in 2013, as quoted below.

Ever since I was a wee lad I've had a dream .... a dream of being incorrectly assessed as impossibly rich by brain-dead automated analysis.  Now with your help I can be!

Here is how it works:  A lot of people mistakenly assume that when a transaction spends from multiple addresses all those addresses are owned by the same party.  This is commonly the case, but it doesn't have to be so: people can cooperate to author a transaction in a secure and trustless manner.   We can make it a lot easier for people making this mistake to discover their folly by making there be a single address that seems linked to everything.

This is initially why I thought the mixes were CoinJoin, as all the inputs going into the smaller mixes (100-300 coins roughly) all came from Crypsty addresses, as highlighted, with only 1 major output. So why it's obviously common to make the mistake that all inputs come from the same owner, in the case of 2014, this clearly wasn't the case. Probably back in 2014 these addresses were listed as Cryptsy, so the hacker was completely unaware how their transactions could be easily traced (even if the coins can't).

I remember in the past mixing was actually more commonly referred to as 'tumbling'; maybe indeed better fitting for something where you throw in coins and get completely unrelated coins of equal value back out. Instead of a CoinJoin mechanism that semantically fits more to the name of a 'mix' since you throw together your inputs with other people's UTXOs, mixing them and getting something out from that same pool.
Like, to be fully honest, ChipMixer is a pretty good name. It doesn't mix UTXOs, like CoinJoin, but it mixes / exchanges these 'chips' that have no ties to each other, instead. This requires it to be a centralized, trusted service, but offers much better on-chain guarantees.

I can see how mixing has improved over the past 8 years, that much is true. In this sense it seems that the coins were "tumbled" as you put it, by getting back exactly what you put in within the same transaction.



Anyway, I don't want to derail this thread any further as it's about OpenChange stealing a user's coins without any legitimate reason. For reference sake, whether these coins are considered stolen or not, I discovered most major exchanges have all transacted with these coins from the mixed set that the AML bot considers stolen (red dots are exchanges). This is Binance happily laundering them even, prior to sending some onto UpBit, long before the user made a transaction to OpenChange.

I reference this as OpenChange claim these coins are "tainted" or outright "stolen", but it turns out that other exchanges have absolutely no issues with these coins, or at least more than willing to be transacting with them. It seems highly likely that they are simply using the AML bot as a poor excuse to steal coins when possible. Even though confiscating these coins isn't considered legal or otherwise.