This application was developped using the following free software:
* Ruby 2.3.1
* Rails 5.1.1
* btcruby, the awesome Bitcoin ruby library developped by Oleg Andreev and Ryan Smith.
Getting Started with Tumblebit
This application deviates from the original white paper in that it uses AES256 instead of ChaCha20 (128-bit) to encrypt tumbler's ECDSA signatures.
AES require an IV which is random and unpredictable, or at least unique for each message encrypted with a given key.
Of course, if each key is only ever used to encrypt a single message, one can get away with using a fixed IV.
This random IV ensures that each message encrypts differently, such that seeing multiple messages encrypted with the same key doesn't give the attacker any more information than just seeing a single long message.
In particular, it ensures that encrypting the same message twice yields two completely different ciphertexts, which is necessary in order for the encryption scheme to be semantically secure.
In any case, the IV never needs to be kept secret — if it did, it would be a key, not an IV.(source: Ilmari Karonen on Cryptography Stackexchange)