By Published on

What is a "bitcoin mixer" and what is a "cryptocurrency tumbler"?

First things first: a cryptocurrency mixer is the same thing as a tumbler, and the same as a blender.

Now that that's out of the way, like with most things in the blockchain space, there are two types of mixers: centralized and decentralized.

Centralized Mixers

Centralized mixers are privately owned services which follow this procedure:

  • you send cryptocurrency to an address specified by the service
  • the service takes a fee from your deposit, usually 1-3%
  • you specify how much you want to withdraw (X) and during what period (T)
  • the service is then programmed to send transactions out for random amounts (x < X) such that x1 + x2 + ... xn <= X, in random intervals (t < T) such that t1 + t2 + ... + tn <= T. In other words, it'll split the withdraw amount and send out small amounts over random periods of time, so that final output doesn't match original input.

When coupled with other people's inputs, this makes it very, very difficult to trace who's hiding which amount.

There are two main problems with centralized mixers:

  1. You're sending money to someone you probably don't know. They can run away with it and there's nothing you can do about it.
  2. They're probably keeping logs. Not only for debugging purposes, but for actually nefarious ones. Governments and blockchain analysis companies like ours pay fortunes for such logs, and just like your emails and personal information is for sale by conferences, your mixing history can be extremely valuable because a week of mixing logs can take two weeks off of an auditing job. There's no way for any of them to prove that they're not keeping logs - if it's centralized and under someone's control, you're at their mercy. What's more, in most cases it's not even necessary to access their logs or servers to deanonimyze bitcoin addresses.

The longest running Bitcoin mixer is Bitcoin Fog, and you'll need Tor to use it.

Decentralized Mixers

Decentralized mixers are available on more advanced blockchain platforms, like those which support smart contracts. Ethereum is a prime example.

A decentralized mixer is an automatic one which lives on the blockchain. It has no master, apart from the one who withdraws the fee built into it (and in 99% of the cases, that's the whole extent of his power). There are naïve implementations where the transactions aren't exactly mixed in a fully transparent way as described in the Centralized Mixers section above, but new solutions like Mobius have popped up recently where anonymization is implemented to a truly impressive degree.

The whitepaper is available here, but in a nutshell, Mobius uses ring signatures - sending transactions by signing them with a multitude of private keys instead of a single key, so that an observer can detect that someone from a group sent a transaction, but not which one of the group's members.

There are two main problems with decentralized mixers:

  1. They are technically difficult to use. The instructions for using Mobius even in a proof of concept form (and it makes no sense to use anything else right now) are a convoluted nightmare that seems like PhD material to most non-technical users.
  2. There needs to be enough users to make it viable. If there are too few users, or if the mixer is too seldom used, then the transactions can be easily traced through either pure observation or the process of elimination.

Conclusion

It's true: mixers are every digital forensics firm's worst nightmare. They really do slow us down.

So, if transaction anonymity is important to you, use a decentralized mixer regularly. You'll throw even us off your trail.