Cryptocurrency and Blockchain Analysis

Cryptocurrency is a digital currency, and it comes in many forms, built upon varying Blockchain technologies. Bitcoin is the original cryptocurrency, created in 2009 by cypherpunk Satoshi Nakamoto. Since then, many new alternative cryptocurrencies have been created, popular alternatives are Litecoin, Ethereum, and Monero.

Samuel Falkon had it right when he said that “cryptocurrencies are a dream for privacy and freedom lovers because they restore transacting power back to whom it belongs — individuals who have a right to control their own money.” While cryptocurrency is a great advancement for a cypherpunk’s dream of privacy, it still comes with its own set of flaws that allow for deanonymization through Blockchain analysis and off-chain analysis.

Bitcoin is often thought to be an anonymous solution for digital transactions, but this simply is not true. Every time a transaction is made, the technical details of said transaction becomes a public record on the Blockchain. The Blockchain is a public ledger that holds a history of all transactions ever made, thus leaving the potential for analysis of said transactions.

Blockchain analysis services include:

More recently, The Bitfury Group released a whitepaper for their new Blockchain analysis algorithm with the goal of identifying the users behind digital transactions, dubbing their deanonymization solution as a “Bitcoin clustering” algorithm. Bitcoin address clustering is self-described as “a process that exposes bitcoin users by determining which addresses belong to a single user through an analysis of Blockchain data. The act of clustering groups those addresses together, enabling investigators to link them to a single entity.” (The Bitfury Group Unveils Solution For Analyzing Related Bitcoin Addresses, The Bitfury Group)

The Bitfury Group’s analysis research should not be shocking to us. They perform Blockchain analysis, just as we should expect adversaries to do. The innovative part of this algorithm is that they are also analyzing publicly available information on the web, or as they call it “off-chain tag collection” to aid their clustering algorithm. There are two tag collection approaches that The Bitfury Group takes: passive and active.

Off-chain tag collection for clustering, passive tag collection:

The passive approach includes crawling the web for publicly available information, typically on public forums and user profiles. On the clearnet, they will analyze websites such as Bitcointalk.com, Twitter and Reddit. On the darknet, they would analyze markets, forums, and services such as Silkroad, AlphaBay, and so forth. (Automatic Bitcoin Address Clustering, Bitfury)

Off-chain tag collection for clustering, active tag collection:

Bitfury describes the active approach as the “manual analysis of Bitcoin companies and data actualization procedures. The most common Bitcoin businesses companies are exchanges, marketplaces, mining pools and mixers. Some companies mostly use addresses with specific prefixes. As an address is a public key, for an unknown private key then to generate a specific address, one has to try many private keys, i.e., make some extra computational work. For example, Satoshi Bones casino uses 1change and 1bones prefixes and BTC-E exchange uses 1eEUR and 1eUSD prefixes. Addresses starting from 1MartinHafernikorn and 1Ninjaare also computationally demanding and can help to identify users.” (Automatic Bitcoin Address Clustering, Bitfury)

The Privacy Challenges of Blockchain Analysis

Bitcoin clustering comes with privacy challenges, too.

The reasons why someone desires privacy varies greatly. Many people have a cypherpunk’s view on privacy, with the belief that one should only be identified when and if they choose to be; after all, “privacy is the power to selectively reveal oneself to the world.” (A Cypherpunk's Manifesto, Eric Hughes) Other people may not want others to know how much cryptocurrency they hold for their own physical and monetary safety. Some may be hiding their transactions from a corrupt third-party such as law enforcement or a government. There is any number of reasons why someone may wish to enforce privacy enhancing practices for their digital transactions.

TrustNodes explains that “finding out spendings and habits could be quite useful for corporations, and much more worryingly, knowing who has how much could give criminals a gold mine.” (Bitfury De-Anonymises Millions of Bitcoin Transactions and Addresses, TrustNodes) In one instance, a cryptocurrency analyst was kidnapped and released only upon the payment of a $1,000,000 ransom, which was paid.

In another instance, a pseudonymous user on a Bitcoin forum claims that he was being wrongfully prosecuted for money laundering while acting as an unofficial Bitcoin exchange, by using services such as LocalBitcoins. As cases like these become more and more common, we can imagine why it is important that we have privacy for our digital transactions, only being exposed as the owner responsible for said transactions when we choose to be exposed.

We should not view Blockchain analysis as an end-game blow on the privacy of digital transactions. There are anonymization techniques that can still be used, including:

Traditional send mixers (eg. Cryptocurrency tumbler)

Shared coin joiners (eg. CoinJoin)

Use Monero (XMR), it is said to have better privacy implementations. Some prefer to “anonymize” their transactions by converting BTC -> XMR -> BTC. You will need to do additional research if you consider this route.

We will take a look at traditional send mixers next.

Mitigating Blockchain Analysis by Mixing Cryptocurrency

Cryptocurrency mixing is the process of exchange a balance for a close-to-equal balance in return, from a different source. Better put by Bitblender, “it is the process of obscuring where your coins came from, which in turn makes your digital trail much harder to follow.”

Most cryptocurrency mixing solutions only support Bitcoin currently, but hopefully the cypherpunks of crypto-land start changing this. As the Cypherpunk’s manifesto says, “we must defend our own privacy if we expect to have any. We must come together and create systems which allow anonymous transactions to take place.” It is our own responsibility as “the people” to design privacy enhancing systems that support more technologies, this way we are not limited to a single proprietary solution (eg. Bitcoin).

When seeking a mixing service, there are a few questions that you may have:

Do I use a darknet or clearnet mixing service?

How do I know who to trust?

Could I use a DIY method?

Depending on what your goals are, you can either use a darknet or clearnet solution. Typically darknet service providers follow short data retention policies, often not holding your data for any longer than 7 days, and they are much less likely to provide your information to a third-party upon request, especially since they often are not subject to being subpoenaed. Clearnet providers have similar data retention policies, but are much more likely to comply with third-parties, such as law enforcement.

It is hard to know who to trust your cryptocurrency with, especially on the darknet. The solution for this is to find a publicly reputable service provider with a good, clean track record of mixing cryptocurrency. You will want to watch out for one-stop-shops that setup, market themselves, scam their customers, and disappear the next day. Search around, ask around, and find the best solution based upon your own research.

It is typically advised that you don’t use a DIY mixing method, especially if you do not have a deep technical understanding of cryptocurrency and Blockchain analysis.

Cryptocurrency Mixing Service Providers

When seeking a mixing service provider, we should be looking for a few things:

Data retention policy – less logging is better, preferably none

Trustworthiness – service provider has a good reputation in public forums, be wary of pop-up scam operations

Cryptocurrency support – does this provider support my desired cryptocurrency? Most only support Bitcoin

Service fee – the fee for service usage, random is better (1-3% is standard)

Delay – the length of time that you delay a transaction from occurring, this helps privacy

Darknet or clearnet – darknet providers are generally preferred since the operator is maintaining personal anonymity

Note: To view .onion domains, you must use the Tor network. You can download the Tor Browser here. Provider Tor Support Logging Policy Max Time Delay "Trusted" Crypto Supported Minimum Fee Minimum Deposit Link PrivCoin Yes 24 hours, deleted 24 hours Unsure BTC, BCH, ETH, LTC Manually set 0.8 - 3.8% 0.01 BTC http://tr5ods7ncr6eznny.onion/ Bitcoin Blender Yes 10 days, deleted 24 hours Yes BTC Randomized 1-3% 0.01 BTC http://bitblendervrfkzr.onion/ Crypto Mixer Yes No logs 12 hours pre-set Unsure BTC Randomized 1-3% 0.001 BTC http://cryptomixns23scr.onion/ Bitcoin Fog Yes 7 days, deleted 96 hours Unsure BTC Randomized 1-3% 0.035 BTC http://foggedd3mc4dr2o2.onion Sources: