Cryptocurrency Privacy Part 1: Bitcoin

Many articles have been released in the years since cryptocurrency burst onto the scene, all saying, in one way or another, that Bitcoin is internet money used by drug dealers on the dark web that’s totally anonymous. There is definitely some truth to these claims. Bitcoin was, and continues to be the cryptocurrency of choice on every dark net market which has been raided by the authorities. Using Bitcoin allowed drug dealers physically located anywhere in the world to peddle their wares to prospective buyers located anywhere in the world. While it’s true that Bitcoin is “anonymous” in the sense that Bitcoin addresses are used for transactions, not actual physical identities like you’d have with a bank transaction, the truth is that these transactions can be de-anonymized by liking a person to a specific wallet address.

Once a physical identity has been linked to a Bitcoin address, it can be assumed that the person holding that wallet’s private key is in control of the funds which pass through that wallet. How can such a link be made; that’s the real question here. It all starts with a bit of forensic accounting; linking transaction amounts from one wallet to another and looking for any identifiable trends. To put this another way, you could buy and sell drugs on the dark net for a while, but, once it came time to cash out your ill gotten gains and sell those Bitcoins, you’d need to transfer them somewhere; to a person, an exchange, or some other entity. That transaction would be key in connecting a person’s wallet to their real identity.

Remember that a person’s financial activity on any federally regulated exchanges is not private information; quite the opposite, in fact. Every exchange registered to transact business in the United States is subject to some fairly strict Anti-Money Laundering (AML), Know Your Customer (KYC), and Suspicious Transaction Reporting (STR) requirements. Failure to properly provide the required information to regulatory bodies in a timely manner could lead to significant difficulties for the exchange in question, so take my word on it and assume that using an exchange is not a safe method to sell ill-gotten Bitcoin.

Let’s just say, for the example’s sake, that this person decided to sell their Bitcoins on a US regulated exchange. As that information cannot be considered private, you must assume that it is then public to governmental regulators (the exact folks who’d be hiring a forensic accountant in the first place). Since the Bitcoin wallet associated with your exchange account is already linked to your personal identity because of extremely strict KYC and AML regulations, you could now be directly linked to that wallet full of dirty Bitcoin.

Well, that example makes sense, but what other possibilities exist to link two wallets when there isn’t a direct transfer from one to another? Remember that Bitcoin is built on a blockchain, which can be thought of like a public ledger. Every transaction is public knowledge, available for the entire world to see at a moment’s notice. Let’s say you tried to move dirty Bitcoins from wallet “A”, to a brand new wallet, “B”, then on to another new wallet, “C”, before finally moving the Bitcoins into your own exchange account. This is a good thought and it might be good enough to pass muster for a first glance, but it’s going to be very easy to follow that chain of bitcoins back to you, as those newly created wallets have zero history before or after your shell transactions.

Another option exists, which could be considered reasonably anonymous; the bitcoin mixing service. A Bitcoin mixing service is a service which exists to anonymize transactions flowing through it. Using a mixer, you could send the mixer 10 BTC from a dirty address and receive 9.99 BTC from entirely different address(es) into a different wallet after waiting a random amount of time. This service, though illegal if operated in the United States due to AML and KYC regulation, is a reasonable way to maintain privacy in Bitcoin transactions, but it’s not totally foolproof. Even when using a mixing service, there are still amounts and times which can be correlated to identify a potential link between a personal identity and a wallet.

To put it bluntly, BTC was never designed with anonymity in mind; it was designed to be a decentralized digital currency which was ran by the people for the people. It was only natural that the first digital currency would be used to conduct monetary transactions between geographically distant people, markets, and other entities. Just because Bitcoin is the most popular cryptocurrency used for purchasing things from most dark net markets, that doesn’t make it completely anonymous.

Stay safe out there!

— cdchris12

Leave a Reply