How Coinomize keeps your mix safe.

Any custodial Bitcoin mixer asks the user to trust an operator for a short window. That trust is not abstract — it can be measured by the practices and proofs the operator publishes, and by whether those proofs survive after the transaction is done. Coinomize publishes three things that, taken together, make the trust window as small and verifiable as it can reasonably be in a pooled service.

The letter of guarantee

Before any BTC moves, Coinomize generates a plain-text document and signs it with its long-published PGP key. The document lists the deposit address shown to you, every output address you entered, the fee, and the configured delay. You download it and keep it locally. The deposit address is unique to your session, so the letter is unmistakably yours.

If a withdrawal ever failed to arrive on schedule, the letter is the artefact you would post publicly. It cannot be denied or rewritten — the signature is over the exact text — and it ties the operator to a specific commitment that thousands of past users have received in the same format. Reputation in this space is built letter by letter, and broken the same way.

User-controlled log retention

When you start a mix, you pick how long the link between deposit and withdrawal is kept on the server. The range is 1 hour to 7 days. The default is 24 hours, which gives support enough time to resolve normal issues; the minimum is for users who want the operator itself to forget the connection as fast as possible.

Once the chosen window elapses, the database records that linked your deposit to your output are removed. From that point onward, even a compromise of the Coinomize servers cannot reveal which output addresses were paired with which deposits in the past — there is simply nothing left to read. Log retention is a real, configurable variable here, not a marketing phrase.

PGP key and verification

The Coinomize public PGP key is published on the main site, the onion mirror, and several archive snapshots that have been online since the service launched. Use the version published before your transaction — a key swapped at the last minute is a textbook attack. Verifying the letter of guarantee yourself takes about thirty seconds with gpg --verify against the saved letter.

Onion mirror

A Tor v3 onion address mirrors the clearnet site. The certificate and the PGP-signed key fingerprint are identical on both. For users whose threat model includes their ISP, public Wi-Fi, or a hostile local network, the onion is the safer path — the request never exits the Tor network until it reaches the Coinomize servers.

What Coinomize cannot do

Coinomize cannot protect a user from their own counterparties. If the wallet you withdraw to is later linked to your identity through a KYC exchange, a careless transfer, or chain-analysis on later transactions, the privacy of the mix erodes downstream. The mixer breaks the link between the old wallet and the new one; what you do with the new wallet is your discipline, not the operator's.

Coinomize also cannot guarantee your operational security. Browser plug-ins, screen-recording malware, and clipboard hijackers operate above the mixer's layer. Use a clean OS or live system for sensitive mixes if your threat model warrants it. The Coinomize guide includes the basic hygiene checklist.

A note on history

Coinomize has been running under the same brand since 2019. That continuity matters for two reasons. First, a long-lived reserve has accumulated enough deposit variety to make probabilistic linking by chain-analysis genuinely difficult. Second, an operator who has issued signed letters of guarantee for years has a public record of fulfilling them — which is harder to fake than a polished landing page.