Anyone swiping through the tech news on their tablet this week may have been startled by an unsavory story. Child pornography (CP) is permanently encoded in the bitcoin blockchain accoriding to mainstream media reports, making anyone who downloads the blockchain guilty of accessing CP. Not only is this old news, but it’s fake news. Understanding why calls for taking a quick dip into bitcoin’s code.

Bitcoin’s Boogeyman Returns

No one can really recall what bitcoin was branded as first: a tool of terrorists, drug dealers, or child pornographers. All that can be said for certain is all three canards have been trotted out regularly over the years. Only last week in the U.S. Senate, Representative Brad Sherman expressed hope that a cryptocurrency panel would reconvene immediately after there had been a terrorist attack funded by crypto. But that was last week; this week it’s all about pornography of the worst kind. CP is the topic du jour thanks to a new research paper. Its abstract explains:

Blockchains…irrevocably record arbitrary data, ranging from short messages to pictures. This does not come without risk for users as each participant has to locally replicate the complete blockchain, particularly including potentially harmful content…Our analysis shows that certain content, e.g., illegal pornography, can render the mere possession of a blockchain illegal…our analysis reveals more than 1600 files on the blockchain, over 99% of which are texts or images. Among these files there is clearly objectionable content such as links to child pornography, which is distributed to all Bitcoin participants.

This all sounds pretty damning, and given some of the alarmist headlines the paper has generated, you would have thought the FBI van was speeding its way to every address known to operate a full bitcoin node. But that’s not quite how the real story goes.

Old News Is Old

The CP on the blockchain story isn’t news and it isn’t new either. In fact, it was first dragged up in 2013, and has been revived, six years on, purely because a new paper has given the claims an air of legitimacy. News outlets were quick to jump on the story again, which was then widely shared by attention trolls such as Brianna Wu. The false hypothesis comes from the fact that it’s possible to encode information in the blockchain. That was how Satoshi famously hid his message in the genesis block: “The Times 03/Jan/2009 Chancellor on brink of second bailout for banks”. Anyone inspecting the blockchain won’t find those words however. Instead they’ll find the following hash: 000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26. That is the block’s coinbase parameter (nothing to do with Coinbase the company), written in hex.

A research paper published in July 2017 titled Data Insertion in Bitcoin’s Blockchain explores this topic in more detail and explains how the coinbase data “is arbitrary and can be up to 100 bytes in size”. Only miners have the ability to insert data in this manner, and it’s typically used to signal mining support for proposed protocol changes. There are five other ways in which data can be encoded on the bitcoin blockchain, and it is the OP_RETURN option that is at the center of the child pornography story. The 2017 research paper explains that “this method is appropriate for inserting small amounts of data (or transaction metadata), but it is not suitable for large quantities of data.”

80 bytes is all that OP_RETURN can store, and what’s more that information is subject to deletion. That’s because bitcoin nodes are capable of pruning “provably unspendable” UTXOs for efficiency, which include OP_RETURN data. Anyone wishing to use the bitcoin blockchain to seek out child pornography would need to perform the following convoluted process:

Download the entire bitcoin blockchain and sift through 251 million transactions to find the 1.4% that contain some kind of arbitrary data encoded in them. Ensure that the version of the blockchain you were using had been subject to no pruning that might have removed OP_RETURN data. Extract any web links that might be concealed in the data using some sort of steganography. Type the links into your browser until you eventually found a website that was still accessible.

To assert that the bitcoin blockchain contains child pornography is disingenuous, and is no more meaningful than saying that the internet contains CP. You could live to 100 and never encounter CP on the web, because that’s not how the web works. And that’s not how the blockchain works either.

Don’t Believe the Headlines

Asserting that there is child pornography on the blockchain would be like strolling through the U.S. Capitol Building, dropping a scrap of paper containing a deep web address, and then claiming that the American government is storing obscene content. As respected bitcoin commenter Nic Carter wrote: “Any journalist writing about arbitrary content injection into the Bitcoin blockchain should be extremely careful to detail to what extent that content exists, is extractable, viewable, etc. A text string which is a URL link to a [website displaying a thing] is not [the thing itself]. That is an extremely bad interpretation. Do not conflate the two. If you are willing to claim that “the blockchain contains X” you should be able to prove that you can extract X.”

Steganography and blockchain data insertion are fascinating topics that deserve scrutiny and further study. But to assert that the blockchain contains child pornography is misleading to the point of falsehood. It’s possible to encode a hidden link inside any database, including Facebook, Twitter, and Wikipedia. The act of doing so proves nothing other than the fascination some people have for concealing messages in messages – and that’s been happening since 1499.