Update whitelist.yaml (bitmixlist.org)#1823
Conversation
add bitmixlist.org
📝 WalkthroughWalkthroughThis PR adds ChangesWhitelist Update
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@whitelist.yaml`:
- Line 34: Add a justification block immediately above the whitelist entry for
"bitmixlist.org" in whitelist.yaml that explains why this informational
directory (not an operator) should be allowed, include a clear scanner rationale
listing the exact detection signals that caused repeated flags (e.g., keywords,
heuristics, telemetry sources), note whether prior removal was due to the same
signals and when, and explicitly state which Phantom protections the whitelist
bypasses (e.g., URL blocking, content scanning, policy enforcement) plus a short
risk assessment explaining why bypassing those protections is acceptable for
this domain given its mixer-adjacent but informational nature; ensure this text
references the domain "bitmixlist.org" so reviewers can easily correlate the
rationale with the whitelist entry.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
| - url: revoke.cash | ||
| - url: nftplus.io No newline at end of file | ||
| - url: nftplus.io | ||
| - url: bitmixlist.org No newline at end of file |
There was a problem hiding this comment.
🧩 Analysis chain
🌐 Web query:
What is bitmixlist.org and what content does it host?
💡 Result:
BitMixList.org is a directory and informational resource focused on Bitcoin privacy services and tools [1][2]. Launched in 2023 by a known Bitcointalk user, the site was created as a repository for information on privacy services—specifically cryptocurrency mixers—following the decision by the Bitcointalk forum to restrict mixer-related discussions [3][4]. The site hosts the following content: Directories of Privacy Services: It maintains lists of Bitcoin and altcoin mixers, exchanges, P2P markets, and other privacy-focused tools [1][5]. The directory aims to help users identify reputable services while explicitly warning users against using the site for money laundering and emphasizing that it does not endorse the services listed [1][6]. Educational and Technical Resources: The site provides content on the mechanics of mixer privacy, on-chain anonymization, and information regarding the history of Bitcoin mixers [3][7]. It also includes technical guides or tables mapping various privacy rails (such as CoinJoin, stealth addresses, and atomic swaps) to their respective capabilities and use cases [7]. AML and Monitoring Tools: The site features an AML (Anti-Money Laundering) score checker, which allows users to check the status of cryptocurrency transactions [5][2]. Global Crackdown Index: It hosts a collection of stories and reports regarding coordinated government actions, arrests, and infrastructure seizures targeting Bitcoin privacy services [6]. Operational Details: The site emphasizes a privacy-first approach, stating that it does not collect IP addresses or use cookies [2]. It operates primarily through the canonical domain bitmixlist.org and provides emergency mirrors to maintain accessibility during potential service interruptions or DDoS attacks [1][2].
Citations:
- 1: https://bitmixlist.org/
- 2: https://bitcointalk.org/index.php?topic=5477452.0
- 3: https://notatether.com/miscellaneous/a-special-announcement-bitmixlist/
- 4: https://bitlist.co/service/bitmixlist
- 5: https://kycnot.me/service/bitmixlist
- 6: https://bitmixlist.org/crackdown.html
- 7: https://bitmixlist.org/mixer-privacy.html
🌐 Web query:
Are there any security advisories or threat intelligence reports for bitmixlist.org?
💡 Result:
Yes—though I did not find any “formal” government/CSIRT security advisory specifically naming bitmixlist.org, I did find threat- and abuse-adjacent security material associated with the site. 1) Threat intelligence / security reporting artifacts tied to BitMixList - BitMixList maintains a “Full list of all known scam mixers (updated June 2025)” published as a GitHub gist and referenced as “Used on Bitmixlist.org,” which is essentially threat-intel style community reporting (scam/exit-scam indicators) rather than a CVE advisory. [1] - The Bitcointalk announcement thread for BitMixList also contains reports/discussion of a “100% confirmed exit scam” mixer being delisted, indicating ongoing hostile-service tracking and remediation via the directory/AML-checking ecosystem. [2] 2) Domain-level monitoring evidence (not a formal advisory) - urlscan.io has a current domain page for bitmixlist.org and indicates the domain has been observed in its scanning system, but urlscan.io is not an advisory source and the page shown is a snapshot/telemetry rather than an authoritative security bulletin. [3] 3) Site self-descriptions related to security posture (not external advisories) - BitMixList’s own terms include claims about not listing illegal services or scams, and a mechanism for reporting services. This is a self-stated policy rather than a third-party threat report. [4] Conclusion - No clear, authoritative security advisory (e.g., vendor/CSIRT/government advisory naming bitmixlist.org) surfaced in the sources I found. - However, there is community “threat intelligence” in the form of scam-mixer lists and delisting discussions that are explicitly tied to BitMixList (GitHub gist used on the site; Bitcointalk thread discussions). [1][2] If you want, tell me what “authoritative” you require (e.g., CERT/CSIRT, MITRE, major AV vendors, or law-enforcement bulletins). I can narrow the search to those exact feeds/brands.
Citations:
- 1: https://gist.github.com/ZenulAbidin/511d531980c44051cfafd11b2e3c9dda
- 2: https://bitcointalk.org/index.php?topic=5477452.0
- 3: https://urlscan.io/domain/bitmixlist.org
- 4: https://bitmixlist.org/terms-and-conditions.html
🏁 Script executed:
#!/bin/bash
# Check if there are documented security reviews or discussions about this domain in the repository
# Search for any prior mentions or discussions of bitmixlist
rg -i 'bitmixlist' --type md -C 5
# Search for any security review process documentation
rg -i 'security.*(review|process|approval)' --type md -C 3
# Check git history for previous whitelist/removal of this domain
git log --all --grep='bitmixlist' --onelineRepository: phantom/blocklist
Length of output: 91
Request justification + scanner rationale before whitelisting bitmixlist.org (whitelist.yaml line 34)
bitmixlist.orgpresents itself as a Bitcoin privacy-services directory/informational site that lists mixers/privacy tools and includes warnings about illicit use; that’s not the same as the domain directly operating a mixing service.- No authoritative CSIRT/government-style security advisory or CVE specifically for
bitmixlist.orgwas found; the main “threat” material is community scam/exit-scam style reporting plus third-party domain telemetry. - Still required: explain why the automated scanner repeatedly flags this domain (detection criteria/what signals it matches) and whether prior removal was due to the same issue.
- Also confirm the whitelist’s exact effect in Phantom’s security system (what protection is bypassed) for
bitmixlist.org, and document why allowing it is safe given its mixer-adjacent context.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@whitelist.yaml` at line 34, Add a justification block immediately above the
whitelist entry for "bitmixlist.org" in whitelist.yaml that explains why this
informational directory (not an operator) should be allowed, include a clear
scanner rationale listing the exact detection signals that caused repeated flags
(e.g., keywords, heuristics, telemetry sources), note whether prior removal was
due to the same signals and when, and explicitly state which Phantom protections
the whitelist bypasses (e.g., URL blocking, content scanning, policy
enforcement) plus a short risk assessment explaining why bypassing those
protections is acceptable for this domain given its mixer-adjacent but
informational nature; ensure this text references the domain "bitmixlist.org" so
reviewers can easily correlate the rationale with the whitelist entry.
ZenulAbidin
changed the title
1 participant
I previously contacted Phantom support by email about a Phantom block/warning affecting this domain, and I was told the issue was fixed. The warning has now returned.
Domain:
https://bitmixlist.org
Issue:
Phantom is again blocking or warning users when visiting/interacting with the site.
Given that we do not provide any Web3 or Solana capabilities on our website, it doesn't make sense for the automated scanner to continue flagging it. As I understand this is probably a bug, I have made a patch that adds it to the whitelist so that the issue is resolved.
Summary by CodeRabbit