We all know about hacks, scams, password leaks and all the shit that's happening in the crypto world and we also see lots of scammers using mixers to eradicate the possibility of them being caught at all (though there are traces, but using mixer saves these scammers at the least, not intentionally).
Now, let's say that a hack happened some day at some exchange for about $300 million (or even $3 million, just e.g.), and the exchange immediately opens up about the hack. For a second, just think that the scammer keeps the coins in his wallet and doesn't move them for some time, however FBI and other major authorities are aware of this hack and they give orders to mixers that if a specific address is provided to the mixers (if they know exactly on which address the hacker has kept the coins), and they ask them to immediately report them about the same, then let me ask some questions:
1. Do mixers know where they're getting a deposit from?
2. If yes, will they co-operate here with the officials and let them know about the deposit?
3. If they do, how will they stop the scammer from moving his funds out of their mixer?
Mixers aren't registered company. How can any government be sure that mixer companies have received their email? Also, what if mixers just ignore that email and say that by the time they read their email, coins were already mixed and they couldn't do anything? This situation is a joke man. If you are a mixer, you are a mixer or otherwise you are a fraud.
By the way, I asked similar question to Whirlwind owner, his response wasn't comprehensive but I think it's still worth to quote his answer on my question:
Having said all of the above as far as I'm concerned I am not doing anything illegal. I don't encourage illegal activity and will never promote the service on the darknet or for any illegal purposes, I'm a simple provider of privacy services. There are no statistics regarding % of CEX funds coming from illicit sources so we can't compare to what we know about mixers, but my guess is that the number is very similar if not higher for centralized exchanges. There are bad actors in every industry, you can't just shut down all businesses of one type because of a few bad apples. If the service will start to get seriously abused by bad actors and big pressure will be put on us then I'd much rather shut down the service early and honorably than put users funds and privacy at risk, but for now I still believe there has to be a way to run everything legally.
Thank you for your responses, hope you don't mind if I ask you some deep questions:
1. Do you do something or plan to do something to prevent abuse of your service? I mean to minimize it cause nothing is totally preventable. There are people who care about their privacy and there are people who want to do illegal things, do you have a plan to make your service unlikeable for the people who do illegal things? To get rid of them. Do you think are there any measurements that you can take while keep your service functional for people who care about their privacy?
I know this question can sound strange but it's still an interesting one. More likely I mean, you may be able to get list of addresses that are known to be found in illegal activities and you may include these addresses in your blacklist to not be able to use your service.
1.I'm still trying to figure out if there is a way to do this, if I have any ideas I will write about them before I implement anything. Here is an idea I had, but we need the Blind Certificates in order for it to work. It would be possible to prove your funds are not coming from specific addresses without revealing which one your deposit actually is.