I wrote this message a little later before reading the last answers.
BC I did not see solutions and understanding (I understood everything about expansion, etc.), I still lay out it to describe my today's experience.
Maybe he will clarify something - although I confused even more now ..
I apologize for anger - but as you see from the message - I caught this bug today where you can only (although there were many extensions in these browsers).
And I thought that I found a malicious expansion. And I wanted to send it and write to Metamask developers.
And then the bug disappeared ...
My message is too long - I will not correct it so that it becomes tolerant. Forgive me for it.
Today I stumbled on this vulnerability a hundred times in a row ... And therefore was in rabies. Especially these, for you small, for me there were the latest money. On which in their own country I planned to live a month ... And now I just do not have something to buy even for children ..

--

I will now look like a fool, but okay.
I am sure and with my own eyes just observed for several hours.
And so I can say with complete confidence - it is definitely a vulnerability either in you either in your bundle with the expansion of Metamask.
I will describe chronology. Do you think I'm an idiot? Count.
For the time being, until the next user of the YokeLVeit type does not write here and will no longer lose its money.
I hope the yokelveit managed to withdraw my funds (because in his case, if he said, as there is (addresses) - the question of who is faster than his chips, which you will give him - he is either the one who got in the middle).
But we will wait for yokelveit. In the meantime, I can tell you - the matter is neither my old browser tor, nor in bad nodes.
So I'll start.
A couple of hours ago, I wrote and was going to publish the post here. Read it (repeat all actions is already optional).
And yes, I transferred this message to Google .Translate. Therefore, I hope the translations of a lot you will understand in meaning.

-- -- -- --

I found a problem.

And you will be surprised.

Metamask steals your money with chipmixer.

Everyone who has a Metamask extension in any of the browser.

Check.

Go to the white site chipmixer.com

Create a session.

You must be extruded.

On the session page and the 1st step, where you are invited to send a deposit, press one of the 2nd session recovery links: https://chipmixer.com/session/restore/#your_session ("Restore Your Session" Top or "Link" DOWN).

Voila, the page reboots, no cappip, the deposit address is different.

Checked 4 Bruery (Chrome, Firefox, Torbrowser Last Version, Torbrowser Older Version)

In the first 4th browsers, Metamask was supplied today. Latest versions.

10.1.1 Chrome From 22.09.2021. 10.1.0 Firefox, Tor Browser Last Version FROM 25.09.2021, 10.1.0 Tor Browser Older Version From 16.09.2021

In V2 & V3 Onion, everything is in order when Metamask is enabled. He steals money only on the white site chipmixer.com.

No torus-browsers and nodes here - I repeat, I tested the Chrome, Firefox browsers, the latest versions on the normal 64-bit system. As well as the latest version of the browser toruster.

Everything happens on chipmixer.com!

The criterion of fakes is the absence of caps, if you click Restore Your Session from above or link below.

ATTENTION - when you turn off or remove Metamask - the old infected version remains hanging on the Chipmixer.com website, if you do not change the IP.

Those. If the Tor Browser is enough to disable the Metamask extension and create a new chain. That in ordinary browsers I had to change IP - and only then chipmixer.com began to issue a version where, when you click on the above references, a pinch was requested and the address for the deposit remained the same.

I noticed this on the last Firefox 92.0.1 dated 09/23/2021 and Chrome 94.0.4606.61. Even after the disconnection, and after removing the extension, Metamask could not achieve in any way so that Chipmixer.com did not change the deposit address without cape (a hundred times restarted browsers and opened both ordinary and private windows).

But I ripped and re-installed the Internet selection. Got a new IP. Chipmixer.com began to issue one deposit address again. This is a completely different computer, where all the latest versions. 64 bits. Etc.

Guard!!!!! Explain to me what is happening ? If I am right - immediately raise the wave and contact Metamask (I, too, but I need confirmation from Chipmixer).

If I stepped and the address for the deposit is issued all the time different and without capping at one session when you press the recovery links of the session - then explain why?

I have stolen money - I am in the network for 30 years and programming the same 30 years. I'm not lamers green. And the point is not in my old 32-bit browser and not my left extensions ...

I detected this garbage exclusion and time tests using this garbage ....

Let's deal with !!!

Yes, chipmixer.com does not always give a capping when creating a session and even during recovery (here it is always) - but the deposit address changes with Metamask - fact.

And yes, probably, your money is stolen - you must definitely press Restore Your Session or Link that I did - I began to change the address, and then I just gave me the coins from which the money was stolen. I have never done this before (and why, if it is enough to refresh the page). And Metamask I have a hundred years and is constantly updated.

But this time I accidentally clicked (and more than once - because the changed address found me by surprise, I immediately revealed) - and as a result, my private key with chipmixer.com was stolen!

Check! I am waiting for a reaction from chipmixer.com developers and from the community.

Maybe I am a fool .. then pull, what am I wrong.

After all, I checked a million times without Metamask - you do not change the address when clicking on 2 links, what I described !!

You ask me about security when I higher proved that it's not about my security - but the fact that there is a vulnerability and someone (Metamask, Chipmixer or someone in the middle) steals other people if:

a. We use white site chipmixer.com
b. In the browser extension costs Metamask
v. We were inappropriately pressed one of the references Restore Your Session or Link (to restore the session)

-- -- --

After I checked tens and tens of times and watched this bug, I decided to test, and what would happen if you press not reference - but simply copy the Recovery Recovery link to the browser with the metamask turned on.

I changed the IP address, removed Cookies chipmixer.com (which I did not (!), When I tested and wrote that an angry message).

And now I can not achieve the playback of the bug: - ((

Now it doesn't matter which browser is whether Metamask or not - I'm fine. Constantly when clicking on the links there is a pin and the address one.

Good both in my new white browsers and the newest browser torus on another computer, and in my old one that you blame !!! I also can't repeat the bug with him. These are different PCs.
 
In short, I am upset, because Already weakly understand what is happening. I began to suspect a bunch of old sessions or cookies standing on white chipmixer.com (because I used to open your site by all mentioned browsers) and Metamask caused a similar vulnerability (but I can not explain why the bug is not reproduced on the newest browser torus - therefore This option must disappear).

Therefore, it is obvious to me that the vulnerability was fixed either Metamask, or you (because I also excluded the nodes).

So you can consider me an idiot. But I think you will understand the text that I do not even Kevin Mitnik, but I understand a little in the technique. There was a time when I was professionally caught vulnerability and sent to developers (and also dealt with opposite activities as you understood).

And I will immediately say - I'm not trying to slander anyone (and it makes no sense to blame, because I have no evidence and support).

Yesterday I thought that someone intervened in the middle and stole my money. And according to my posts you can see that I ask for help to figure out who stole my money in my fault.

Now I am obvious that my guilt is no. You have an obvious somewhere floating vulnerability, which is either found under certain circumstances (when someone and steals chips). Or which was a limited period of time and you have already corrected it (but I said I won't blame you).

Therefore, yes, consider me an idiot and that I felt it.

And I will hope that YokerVeit will come here and finally will write what happened to his money (and I hope he managed to bring them the first attacked in the middle, even though it will put me in the full position of the idiot).

And most importantly, even if he brought (because he is waiting for the issuance of chips - then the question is only who will be ahead of the write-off of funds - he or a rogue) - confirmed that he also changed the addresses. And the main thing - confirmed that he had definitely not an old joy-free browser, but normal and modern.

I Lovig Bug on the old Browser torus (and screenshots thus dropped yesterday, but who cares about, because the browser is old), on the new Browser and Chrome and Mozile, but did not do screenshots, because I was already going to publish that post and did not think that I could not catch the bug again (I repeat, I did this dozens of times within an hour).

Because I am alone and I have no evidence (if only YokeLVeit does not turn on and will not confirm at least that his browsers were in order (and we have one time interval and we are unfamiliar)) - I will look less like a fool.

And if he gets reset chips - my words will be confirmed.

But yes, he registered here, like me, to describe the problem. And maybe generally no longer return here (especially if I got my money in preservation).

In this case, I hope for the conscience of developers that they will write here - how it ended with his situation and take into account that even if he receives money, about his situation with the change of addresses (which he may have described them - although I'm not sure, t. To. It is not important for him)

In the meantime, I can only say - I am a normal person, no one is accused, a programmer, a hundred times before that, who used your service - I lost my money. And after catching this bug on a normal car and browsers, including the newest torus. My guilt in idiochemium using the old version of the Thor is not. Yes, I obviously got a vulnerability, hacking and theft. But certainly not because of the old browser. BC Neither I, nor you still can't understand why. I dare to say - your mixer at least contains, perhaps extremely rarely found, vulnerability.

Well, yes - is it necessary to explain that when I caught a bug - I began to check your version - and in turn turn off / enable extensions - while 100% did not understand that he is due to Metamask. After I began to test another computer, OS and the latest versions of white browsers and the latest version of the browser, also gradually shutting down / including all extensions to 0.

In other words, I wrote that an angry message that is already irrelevant, just as I am sure of 100%. And I repeat, I am a programmer and how the debugging and tests are made - I'm familiar to me.

Well - I will periodically try to catch a bug again (although if it was eliminated - it is meaningless). In the meantime, yes, consider me further an idiot and suggest that I did not confuse Bech32 with Segwit or Legacy (DROMIECHIKITO, thanks for trying to help, but you are not at the address).

--

https://blockchair.com/bitcoin/transaction/2f777ed06e5c2a626243ac8e81b0a4540a77250ec36a1eda6dbb6c5b5709fbd5 - my transaction to chipmixer.com

https://blockchair.com/bitcoin/transaction/28665ad2665bbbc71b7aa5618d0178418393e43cc9ca31d9e781526a896d0922 - translation of attacking in the middle with 201 satoshi for vbyte

--

I do not advise anyone to use the data mixer and, probably, I will go to Komodo | Pivx | Dash | Monero | zcash | etc. And I described the reason. If someone thinks I invented it. I'm sorry.

And you, developers, in fact, actually understand me - because You know that in programming sometimes incredible wonders occur. In the form of such floating bugs.

It is a pity that in my case it concerns the money that I lost because of your service (since now for some reason, on my old stinking, a snap-on browser is all good - mysticism, is not true ..)

Dear users, be attentive! Using this mixer in clearnet, one day you can lose all the money! Just because it works through the Web ... And Web is such.

And in general - maybe attacked in the middle just noticed my numerous tests and was hidden for a while, as if vulnerabilities were not ... who knows. Maybe we never know.

I will now look like a fool, but okay.
I am sure and with my own eyes just observed for several hours.
And so I can say with complete confidence - it is definitely a vulnerability either in you either in your bundle with the expansion of Metamask.
I will describe chronology. Do you think I'm an idiot? Count.
For the time being, until the next user of the YokeLVeit type does not write here and will no longer lose its money.
I hope the yokelveit managed to withdraw my funds (because in his case, if he said, as there is (addresses) - the question of who is faster than his chips, which you will give him - he is either the one who got in the middle).
But we will wait for yokelveit. In the meantime, I can tell you - the matter is neither my old browser tor, nor in bad nodes.
So I'll start.
A couple of hours ago, I wrote and was going to publish the post here. Read it (repeat all actions is already optional).
And yes, I transferred this message to Google .Translate. Therefore, I hope the translations of a lot you will understand in meaning.

-- -- -- --

I found a problem.

And you will be surprised.

Metamask steals your money with chipmixer.

Everyone who has a Metamask extension in any of the browser.

Check.

Go to the white site chipmixer.com

Create a session.

You must be extruded.

On the session page and the 1st step, where you are invited to send a deposit, press one of the 2nd session recovery links: https://chipmixer.com/session/restore/ biyour_session ("Restore Your Session" Top or "Link" DOWN).

Voila, the page reboots, no cappip, the deposit address is different.

Checked 4 Bruery (Chrome, Firefox, Torbrowser Last Version, Torbrowser Older Version)

In the first 4th browsers, Metamask was supplied today. Latest versions.

10.1.1 Chrome From 22.09.2021. 10.1.0 Firefox, Tor Browser Last Version FROM 25.09.2021, 10.1.0 Tor Browser Older Version From 16.09.2021

In V2 & V3 Onion, everything is in order when Metamask is enabled. He steals money only on the white site chipmixer.com.

No torus-browsers and nodes here - I repeat, I tested the Chrome, Firefox browsers, the latest versions on the normal 64-bit system. As well as the latest version of the browser toruster.

Everything happens on chipmixer.com!

The criterion of fakes is the absence of caps, if you click Restore Your Session from above or link below.

ATTENTION - when you turn off or remove Metamask - the old infected version remains hanging on the Chipmixer.com website, if you do not change the IP.

Those. If the Tor Browser is enough to disable the Metamask extension and create a new chain. That in ordinary browsers I had to change IP - and only then chipmixer.com began to issue a version where, when you click on the above references, a pinch was requested and the address for the deposit remained the same.

I noticed this on the last Firefox 92.0.1 dated 09/23/2021 and Chrome 94.0.4606.61. Even after the disconnection, and after removing the extension, Metamask could not achieve in any way so that Chipmixer.com did not change the deposit address without cape (a hundred times restarted browsers and opened both ordinary and private windows).

But I ripped and re-installed the Internet selection. Got a new IP. Chipmixer.com began to issue one deposit address again. This is a completely different computer, where all the latest versions. 64 bits. Etc.

Guard!!!!! Explain to me what is happening ? If I am right - immediately raise the wave and contact Metamask (I, too, but I need confirmation from Chipmixer).

If I stepped and the address for the deposit is issued all the time different and without capping at one session when you press the recovery links of the session - then explain why?

I have stolen money - I am in the network for 30 years and programming the same 30 years. I'm not lamers green. And the point is not in my old 32-bit browser and not my left extensions ...

I detected this garbage exclusion and time tests using this garbage ....

Let's deal with !!!

Yes, chipmixer.com does not always give a capping when creating a session and even during recovery (here it is always) - but the deposit address changes with Metamask - fact.

And yes, probably, your money is stolen - you must definitely press Restore Your Session or Link that I did - I began to change the address, and then I just gave me the coins from which the money was stolen. I have never done this before (and why, if it is enough to refresh the page). And Metamask I have a hundred years and is constantly updated.

But this time I accidentally clicked (and more than once - because the changed address found me by surprise, I immediately revealed) - and as a result, my private key with chipmixer.com was stolen!

Check! I am waiting for a reaction from chipmixer.com developers and from the community.

Maybe I am a fool .. then pull, what am I wrong.

After all, I checked a million times without Metamask - you do not change the address when clicking on 2 links, what I described !!

You ask me about security when I higher proved that it's not about my security - but the fact that there is a vulnerability and someone (Metamask, Chipmixer or someone in the middle) steals other people if:

a. We use white site chipmixer.com
b. In the browser extension costs Metamask
v. We were inappropriately pressed one of the references Restore Your Session or Link (to restore the session)

-- -- -- --

After I checked tens and tens of times and watched this bug, I decided to test, and what would happen if you press not reference - but simply copy the Recovery Recovery link to the browser with the metamask turned on.

I changed the IP address, removed Cookies chipmixer.com (which I did not (!), When I tested and wrote that an angry message).

And now I can not achieve the playback of the bug: - ((

Now it doesn't matter which browser is whether Metamask or not - I'm fine. Constantly when clicking on the links there is a pin and the address one.

Good both in my new white browsers and the newest browser torus on another computer, and in my old one that you blame !!! I also can't repeat the bug with him. These are different PCs.
 
In short, I am upset, because Already weakly understand what is happening. I began to suspect a bunch of old sessions or cookies standing on white chipmixer.com (because I used to open your site by all mentioned browsers) and Metamask caused a similar vulnerability (but I can not explain why the bug is not reproduced on the newest browser torus - therefore This option must disappear).

Therefore, it is obvious to me that the vulnerability was fixed either Metamask, or you (because I also excluded the nodes).

So you can consider me an idiot. But I think you will understand the text that I do not even Kevin Mitnik, but I understand a little in the technique. There was a time when I was professionally caught vulnerability and sent to developers (and also dealt with opposite activities as you understood).

And I will immediately say - I'm not trying to slander anyone (and it makes no sense to blame, because I have no evidence and support).

Yesterday I thought that someone intervened in the middle and stole my money. And according to my posts you can see that I ask for help to figure out who stole my money in my fault.

Now I am obvious that my guilt is no. You have an obvious somewhere floating vulnerability, which is either found under certain circumstances (when someone and steals chips). Or which was a limited period of time and you have already corrected it (but I said I won't blame you).

Therefore, yes, consider me an idiot and that I felt it.

And I will hope that YokerVeit will come here and finally will write what happened to his money (and I hope he managed to bring them the first attacked in the middle, even though it will put me in the full position of the idiot).

And most importantly, even if he brought (because he is waiting for the issuance of chips - then the question is only who will be ahead of the write-off of funds - he or a rogue) - confirmed that he also changed the addresses. And the main thing - confirmed that he had definitely not an old joy-free browser, but normal and modern.

I Lovig Bug on the old Browser torus (and screenshots thus dropped yesterday, but who cares about, because the browser is old), on the new Browser and Chrome and Mozile, but did not do screenshots, because I was already going to publish that post and did not think that I could not catch the bug again (I repeat, I did this dozens of times within an hour).

Because I am alone and I have no evidence (if only YokeLVeit does not turn on and will not confirm at least that his browsers were in order (and we have one time interval and we are unfamiliar)) - I will look less like a fool.

And if he gets reset chips - my words will be confirmed.

But yes, he registered here, like me, to describe the problem. And maybe generally no longer return here (especially if I got my money in preservation).

In this case, I hope for the conscience of developers that they will write here - how it ended with his situation and take into account that even if he receives money, about his situation with the change of addresses (which he may have described them - although I'm not sure, t. To. It is not important for him)

In the meantime, I can only say - I am a normal person, no one is accused, a programmer, a hundred times before that, who used your service - I lost my money. And after catching this bug on a normal car and browsers, including the newest torus. My guilt in idiochemium using the old version of the Thor is not. Yes, I obviously got a vulnerability, hacking and theft. But certainly not because of the old browser. BC Neither I, nor you still can't understand why. I dare to say - your mixer at least contains, perhaps extremely rarely found, vulnerability.

Well, yes - is it necessary to explain that when I caught a bug - I began to check your version - and in turn turn off / enable extensions - while 100% did not understand that he is due to Metamask. After I began to test another computer, OS and the latest versions of white browsers and the latest version of the browser, also gradually shutting down / including all extensions to 0.

In other words, I wrote that an angry message that is already irrelevant, just as I am sure of 100%. And I repeat, I am a programmer and how the debugging and tests are made - I'm familiar to me.

Well - I will periodically try to catch a bug again (although if it was eliminated - it is meaningless). In the meantime, yes, consider me further an idiot and suggest that I did not confuse Bech32 with Segwit or Legacy (DROMIECHIKITO, thanks for trying to help, but you are not at the address).

--

https://blockchair.com/bitcoin/transaction/2f777ed06e5c2a626243ac8e81b0a4540a77250ec36a1eda6dbb6c5b5709fbd5 - my transaction to chipmixer.com

https://blockchair.com/bitcoin/transaction/28665ad2665bbbc71b7aa5618d0178418393e43cc9ca31d9e781526a896d0922 - Translation of attacking in the middle with 201 satoshi for vbyte

--

I do not advise anyone to use the data mixer and, probably, I will go to Komodo | Pivx | Dash | Monero | zcash | etc. And I described the reason. If someone thinks I invented it. I'm sorry.

And you, developers, in fact, actually understand me - because You know that in programming sometimes incredible wonders occur. In the form of such floating bugs.

It is a pity that in my case it concerns the money that I lost because of your service (since now for some reason, on my old stinking, a snap-on browser is all good - mysticism, is not true ..)

Dear users, be attentive! Using this mixer, one day you can lose all the money! Just because it works through the Web ... And Web is such.

And in general - maybe attacked in the middle just noticed my numerous tests and was hidden for a while, as if vulnerabilities were not ... who knows. Maybe we never know.

I used VPN after torus. In particular from Hotspot Shield. Especially in order for malicious weekends to do anything ... At least I once studied that it is so safe (but the output torch is unsafe). I do not remember that I have broken the connection.

In short, I generally confused and I'm afraid to visit anything, where there are private data on the web page ...

Let's like this - I have a browser tor, I will renew it and it is the latest version.

If I want them to visit the clearing site - how can I do it safely? With the main output tor (there is 10% of the weekend infected nodes, how I heard) or after the main output tor + VPN?

Sorry, not in the topic .. But I lost money. And as in just mind, go to your mixer and on any online wallets - the same coinb.in - already without a concept ...

In short, I apparently I wrote such a porridge that no one would understand me ... Google Transley is extremely poorly translating technical terms (

Fucking, yes, there are 80% of extensions that I designated - worth Access Your Data for All Websites

And what does it mean - that anyone can view any of my open tab (and therefore read the private key from the mixer)?

So I do not understand, I still have no more extensions - but users of their dozens and hundreds.

And if you use your mixer and indeed any bitcoin web wallet (they are all polled directly on the page show the private key if you export it or want to see)

It turns out a bunch of companies and the offices (extension owners) can steal bitcoins at any time ...

I understand correctly or not? At all, I do not understand at these moments (expansion, browsers).

So, I can be a fool or already stupid ...

Why, when I click a link to restore the session (there are 2 on page 1 step)

Does it give me a new Bitcoin address for the deposit every time?

https://cherichen.art/chip.png

https://cherichen.art/chip1.png

Tor Browser 9.5.4 (Based on Mozilla Firefox 68.12.0ESR) (32-bit)

I have a hundred years old. For months through this mixer changed, there were no problems.

After the output nodes stands VPN - as an extension in the browser - HOXX VPN, Setup VPN, Hotspot Shield VPN

Changed through the white site chipmixer.com (in my old tor browser the onion v3 is not supported, only v2)

In addition to expansion: Adblock Plus, Blockchair. Cookie Quick Manager, Free Adroid Online Emulator APKONLINE, HTTP Header Live, Https Everywhere, Metamask, Noscript, Google Translate, Webrtc Leak Shield

They stood and stand (did not add anything) months, if not years. The browser itself also does not update for certain reasons.

I do not understand who could steal ...

He gave you chips or still wait or at what stage do you have?

We have a common thing - this is what he gave different addresses in one session, but I seem to do not stole money yet, and you just wait for step 2?

Screeching than it will end. Keep up.

I understand that if if the privatory key hung up - it was hardly a chipmixer himself (he would simply not return chips). But it is strange that approximately at the same time we had the same problem with you and the mixer issued different addresses of deposits for the session ... I would write a post here even earlier than you or about the same time (but it took the time to pay bitcohythol for the possibility Leave posts from vnove and torch).

Do you still have them, different addresses on your session, or not?

Sorry for my English..

Chipmiker (or someone intervened) stole my money!

Absolutely similar situation and around the same time!

There were 2 confirmations when the chipmixer instead of my chips began to issue different deposit addresses when updating the page!

As a result, he still gave me a button to the 2nd step, having passed on which I found that my chips were resettled from a private key around the same time (+- a minute) a transaction was carried out all the amount with the commission in 201 Satoshi for bytes!

In rabies, I have already written the 5th letter to the support service for this watch.

yokelveit, what is your situation?

At the time of the post, you received different addresses of the deposit for the session already after 10 confirmations (I am 2 and I have a small amount) and you have 2.5 bitcoins (I will not be surprised that it just needed more time to spend it) ...

About the fake. It was the site chipmixer.com

I used it for this one hundred times before and everything was OK.

I can distinguish a programmer and fake. Each time, start mixing, I thoroughly twisted the domain and the Lets Encrypt certificate.

At first I went on the domain from the bookmarks. Then he read it with his eyes and twisted either. Then from the URL once again copied and twisted with the recorded in his notebook. Then I analyzed the layout design, climbed into the code and looked, about the same code as the mixer always or not (I know HTML, JS, CSS, AJAX, ETC).

I am sure of 100%, which was on the original white site of the chipmixer.com

Nevertheless, the first time hundreds of times a mixer (or someone who intervened not for my fault) stole my money ...

Support is so silent.

Help me someone !!!