Trust & PGP

Every promise signed. Every log finite.

Privacy and reliability are two separate problems. A mixer can be perfectly private and still lose your coins. Mixero is built so that neither outcome is left to faith.

The letter of guarantee

Every Mixero order opens with a PGP-signed document called the letter of guarantee. It is generated the moment your session is created and shown before you send any Bitcoin. It contains the deposit address, the session identifier, a timestamp, and a signature produced with the published Mixero public key.

The point is straightforward: it removes the "your word against ours" problem custodial services prefer to leave in place. If a deposit ever fails to mix, the signed document is your proof of the obligation Mixero accepted. Save it the moment it appears on your screen and you won't need to share it again unless something requires disputing.

Save the letter before you send coins. Without it, a dispute is just a conversation. With it, the obligation is in writing and cryptographically signed.

How to verify the signature

The Mixero PGP public key is published on the support pages and on the standard key servers. The verification ritual is short:

  1. Save the signed text exactly as Mixero displayed it.
  2. Import the public Mixero PGP key into your local GPG keyring.
  3. Run gpg --verify against the signed document.
  4. Confirm the signature is good and that the key fingerprint matches the one published on the site.

This takes a minute the first time and seconds every time after. For orders of any meaningful size, it's the cheapest insurance you can buy.

The no-logs policy, in operational terms

"No logs" is a phrase used loosely, so it's worth being specific. While an order is active, Mixero holds the minimum data needed to honour it: the deposit address it generated for you, the destination addresses you supplied, the chosen fee and delay, the session identifier. That data must exist for the payout to happen.

After the guarantee window closes, all of it is purged. No analytics retention. No IP addresses tied to orders. No behavioural profiles. The class of records some services keep "for a few months" simply doesn't exist on this infrastructure once a session is finished.

What Mixero never collects

  • No email address, phone number or username.
  • No identity documents, selfies, or proof of address.
  • No source-of-funds statement, no employer details, no banking information.
  • No persistent cookies surviving beyond the immediate UI state.

The less Mixero collects, the less it can leak in the worst case and the less it can be compelled to surrender in any case. That is the philosophy, and it has been baked into every form on the site.

Transport-layer protections

The Mixero site is reachable over TLS with strong cipher suites and HSTS set to a long horizon. The same site is published as a Tor onion service, which removes the need to trust the certificate authority chain at all and gives users in restrictive networks a path to the mixer that is hard to censor.

If you visit Mixero over Tor, configure your wallet to broadcast over Tor as well. Otherwise the privacy gain on the mixer side is undone by the wallet leaking your IP at broadcast time.

Operational habits on your side

The strongest mixer on earth cannot save a user from operational mistakes upstream and downstream of the session. A few habits make a noticeable difference.

Keep deposit and destination wallets cleanly separated.

Do not pay your destination addresses from the same wallet holding the original deposit. If you consolidate those inputs later, a careful analyst can reconstruct the link Mixero just severed.

Use the maximum reasonable number of payout addresses.

Each additional destination shrinks the cluster around your funds slightly. Eight outputs is the upper limit; two is the practical minimum if unlinkability matters at all.

Add a delay, even a short one.

An instant payout is sometimes convenient, but the smallest randomised delay you can tolerate is the cheapest privacy upgrade Mixero offers. Anything from 30 minutes to several hours removes the same-block fingerprint entirely.

Disputes and the guarantee window

If something goes wrong — a payout that doesn't arrive, a confirmation that stalls — the letter of guarantee is the only artefact you need. Present the signed document through the support channel listed on the Mixero site and the case is handled within the guarantee window. After that window closes, the related data is gone — which is what makes the no-logs claim meaningful in the first place.

Walk through a session

Mixero — PGP-signed Bitcoin mixer

See the full flow

The guide walks every screen of a Mixero session, in order.

Open the guide