The mixer Helix by Grams is using a very weak method of mixing, even if it provides 0 taint to the original coins it is still easy to find the original coins.
The main problems are:
No randomized fee on deposits
No randomized delay on withdraws
In the case of Helix Light the coins are added after 2 confirms with exactly 2.5% fee and then immediately sent to the destination, this is easy and fast for the user but it is a very weak method of mixing.
Here comes an example of how to break a mixer that has these problems
Lets say that you want to mix some bitcoins, you create this transaction to Helix Light: https://blockchainbdgpzk.onion/tx/951012e00cdd4c3cca50507002ccd379b972073abf5fd5a59f38f548088facb3
The mixer receives 0.12478014 BTC and removes the 2.5% fee: 0.12478014*0.975=0.1216606365. Bitcoin only has 8 decimals, so round it up or down depending on the 9th digit, so to 0.12166064 BTC.
The mixer then sends 0.12166064 BTC to the address you specified as soon as the initial transaction has 2 confirms: https://blockchainbdgpzk.onion/tx/2e32421ba0db052c332d78912ee8073f6949b950558cade4b4d72da56b7208f6
If someone would try to follow your coins from where you bought them to their destination they would see that you sent 0.12478014 BTC somewhere, if they suspect the mixer is Helix Light then they would know exactly what to look for. They can see in what block the transaction got 2 confirms, in the example above its block #333021. They know that the transaction out from Helix Light will be included in the next 2-4 blocks, Block #333023-333025, go to block 333023: https://blockchainbdgpzk.onion/block-index/505927/ and look for 0.12166064.
The blockchain analysis can be done in three easy steps:
See 0.12478014 BTC sent to mixer: https://blockchainbdgpzk.onion/tx/951012e00cdd4c3cca50507002ccd379b972073abf5fd5a59f38f548088facb3
Calculate the value after 2.5% fee: 0.12478014*0.975=0.1216606365 = 0.12166064 (round up or down the 8th digit or just search for value with 7 digits after decimal point)
Click on the "Included In Blocks" link on the blockchain.info page of the transaction and search for 0.1216606, if it isnt there click on the "Next Block" link and search for 0.1216606 again, repeat until found.
As a fun game for you guys, this is a transaction of 0.12156064 BTC to Helix Light, can you do blockchain analysis on this and find the secret destination address following my short guide?
https://blockchainbdgpzk.onion/tx/f003b867adbcf8f97865becaceb70862df9b92679049f9f38e1e4da0aefd5134
The blockchain analyser that first finds it and posts the correct address here will receive the coins.
As you can see it is very easy to do and can even be done fast manually. FBI/DEA could easily develop a tool that would go through all coins sent to and from SR2 and other markets (now that they have the logs) and check if they can find any transactions with this pattern, and they will find the original coins easily if you used Helix Light. A tool like this would look through days of blockchain data to see if they find an exact match, say that 2.5% fee was used but it was delayed by 2 days, if there are no other transactions of exactly 0.12478014 BTC they found a match.
The same blockchain analysis technique can be used to trace the transaction backwards too, say for example that you have all the deposit and withdraw logs from SR2 and some other markets.
They see a deposit of 0.12166064 BTC going to SR2 and they want to know where it originally came from so they then calculate the 2.5% fee backwards like this: 0.12166064/0.975, and get this number: 0.12478014. Now they know that the initial transaction to Helix must have been of exactly 0.12478014 BTC and the transaction would be confirmed in 3-4 blocks before the deposit to SR2. 0.12478014 BTC is a very unique amount and they will end up finding only 1 transaction with this exact amount even if they have to look through all blocks created that day (if delay was used on Helix for example).
Grams should obviously not run a mixer, he is incompetent and is not following the best practices of bitcoin mixing, he is lying to his users saying it provides good anonymity. This mixer, as shown above, can be deanonymized by anyone. The conclusion is that it is totally worthless and that you are paying a 2.5% fee to Grams for nothing. The most expensive mixer available is the one that provides the worst anonymity. It was started after Fog and Blender which both has very good methods of mixing, i do not understand why someone would launch a mixer providing less anonymity and at the same time be more expensive.
Some users say that tumbling is not needed, but those who do use one should care enough about it to at least use a tumbler that does it correctly.
The correct way is to have a randomized fee together with a long randomized delay, in the above example of mixing 0.12478014 BTC on any of the other mixers with randomized fee you would receive any value between 1-3%. If someone sees a deposit to SR2 for 0.12166064 then a 1-3% fee random fee on the mixer means that any transaction between 0.12288953 and 0.12542334 could be the original transaction, it is still a very narrow range, but when just looking through a couple of blocks reveals many transactions matching this range. If you have to look through a day worth of blocks (random delay on the withdraw) there would be hundreds of transactions matching which means it would be impossible to make a positive match.
There are only two mixers which provide perfect anonymity of your bitcoin transactions: Bitcoin Blender and Bitcoin Fog. Stay safe!
Looks like grams has some work to do.
edit: looks like he is denying there is even a problem. Glad I never used it.