The idea that Bitcoin is a super-secret cryptocurrency that insures privacy has been blown out of the water. Not only are Bitcoin transactions transparent, these transactions can, in fact, be traced back to individuals.
This fact was illustrated when the US Department of Justice recovered $3.6 billion of stolen Bitcoin from the 2016 hack of the Bitfinex exchange. What that means is that the federal government now has the tools to track Bitcoin movements through the Bitcoin system and identify users moving that Bitcoin. Welcome to the world of blockchain forensics.
Catching the Bitfinex thieves was designed to impress upon all Bitcoin holders that your cryptocurrency stash is not safe from the all-seeing government eyes. Are there ways to cloak Bitcoin movements? Sure, but you need to be deeply immersed within the blockchain culture to use these tools.
Tracking Bitcoin is Not a Dog and Pony Show
First, be aware that the federal government doesn’t have top-notch sleuths to crack the Bitcoin movements. In fact, the government hires private crypto-security firms to solve these cases. And it takes a long time. The Bitfinex hack happened in 2016, and the case wasn’t cracked until 2021. That’s five years.
These private contractors worked with the federal National Cryptocurrency Enforcement Team to follow the money trail through Bitcoin’s blockchain and connected components.
As we know, all Bitcoin movement is noted and verified on Bitcoin’s indelible ledger called the blockchain. So when you buy a Bitcoin on Coinbase, Kraken or Binance, that purchase is recorded on the Bitcoin blockchain. That transaction is stored permanently on the network. The transaction is public and it can be traced. Details of that purchase might include ownership, price and the asset.
Bitcoin purchases are tracked by a digital hash signature of the seller. This signature, or ID, is a unique collection of characters that is assigned to every Bitcoin transaction. It is used to locate your Bitcoin on the blockchain. The buyer accepts the Bitcoin through a public key, which is then verified to establish a chain of ownership. The data is then entered into the blockchain ledger through verification.
In essence, blockchain holds your Bitcoin. The wallet is the key. It unlocks your bitcoin from the blockchain. With the wallet key, you can move your Bitcoin around.
Crypto Exchanges Unlock Your Privacy
More elements are needed to identify the owner of a particular Bitcoin, but the blockchain itself provides key points that enable the government to identify who owns a Bitcoin.
The next key in tracing Bitcoin ownership starts with cryptocurrency exchanges. To buy Bitcoins on exchanges, customers must submit a bunch of identity documents to the exchanges. This is required under the government’s Know Your Customer regulations. This is done for the purpose of tracking your Bitcoin purchase and sales history.
The documents you submit to exchanges will include your social security number, a copy of your drivers license, your name, your bank account number and other personal identification data that the exchange may require.
Finding Mr. Yolo and His Bitcoin
Now, let’s say that John Yolo buys one Bitcoin on the Coinbase exchange. He buys the coin and places it in his Coinbase web wallet account.
Now Mr. Yolo wants to withdraw his Bitcoin from Coinbase to his hardware wallet. He submits the request via a Bitcoin withdrawal address to Coinbase. Coinbase recognizes and okays the transfer to Mr. Yolo’s hardware wallet.
The government can now target a specific Bitcoin purchase or sale to the blockchain via the unique digital hash signature. It can go to Coinbase and ask: who bought this Bitcoin with this particular signature? Coinbase goes through its records of sales and says, Well, it was Mr. Yolo. How does Coinbase know that? Simple. Mr. Yolo submitted all the identifying data through Know Your Customer regulations.
The government now knows that Mr. Yolo bought one Bitcoin at this specific time and date and transferred that Bitcoin to his private hardware wallet.
That’s where it ends. Without the private keys, the government can’t get at the Bitcoin in the hardware wallet. But it knows who owns it.
Where Bitcoin Thieves Hide Bitcoins
Of course hackers who steal Bitcoins will engage in a number of actions to conceal the movement of the stolen Bitcoins.
In the Bitfinex incident, the hackers tried to conceal the movement of the stolen coins by dropping coins into the darknet exchange AlphaBay and then back into public exchanges.
The thieves also used Bitcoin mixers and tumblers to throw off investigators by mixing the stolen coins with legitimate coins to make tracing the coins difficult.
Blockchain forensics are advancing by securing data from seized computers and phones. Use of analytics and artificial intelligence techniques can also uncover data to find stolen Bitcoins.
All these elements that are used to trace stolen Bitcoins are still in their infancy. Most law enforcement agencies simply do not have the forensic tools and an alliance with the private sector blockchain intelligence to track Bitcoins. In addition, international cooperation among countries has not taken place yet because rules of engagement to thwart Bitcoin thieves haven’t been agreed upon. Bitcoins can easily cross borders.
Evading government tracking of Bitcoins involves in-depth knowledge of how the Bitcoin infrastructure is set up and tools available to move Bitcoins from the blockchain.
On its surface, Bitcoin is seen as decentralized, digitalized and anonymous. It also carries elements of visibility, traceability and immutability.
Where the Cats and Mice Play
It’s within all of the above contrasting Bitcoin elements where Bitcoin thieves seek anonymous shelter and profitability and government entities seek traceability and accountability. It’s where the cats and mice play.
Criminals exploiting Bitcoin use a variety of measures to confuse government regulators and hide their ill-gotten profits.
Bitcoin mice can use mixing services to hide Bitcoins. Bitcoins are mixed with other Bitcoins to disguise their origin.
Open Many Wallets
By opening many wallets, Bitcoins from blacklist wallets can be moved to various Bitcoin exchanges, essentially washing the criminal taint from the Bitcoin.
Decentralized Exchanges (DEX)
These exchanges allow peer-to-peer exchanges of Bitcoins. KYC laws may be non-existent. This allows Bitcoins to be swapped or mixed, leaving no trace of the Bitcoin source.
With this, Bitcoin thieves swap Bitcoin for other cryptocurrencies. The swapped crypto is moved to another cryptocurrency exchange where it’s swapped again for Bitcoin or fiat currency. This maneuver makes it very difficult for government to trace the Bitcoin back into the blockchain.
The defendants in the Bitfinex Bitcoin theft used the above techniques and others to hide their theft. That hack attack in 2016 resulted in the theft of nearly 120,000 Bitcoins, with a dollar value of $72 million in 2016. That dollar value has increased to $4.5 billion today.
How Bitcoin Thieves Made Mistakes
The coins were deposited into a single Bitcoin wallet. The Bitcoin fortune sat in that wallet for years. With millions sitting in one wallet, moving the Bitcoins would attract attention. So it was allowed to sit and increase in value.
A year after the theft, small amounts of Bitcoin were allowed to slide into the dark web and into a cryptocurrency exchange called AlphaBay. Shortly after, government agents shut the exchange down.
Three years later, the Bitcoin mice used a transition technique called coinjoin through a privacy wallet named Wasabi Wallet. This wallet makes blockchain tracing difficult, effectively laundering the Bitcoin.
The Mice Came Out to Play and Got Caught
The mice also opened fake accounts and initiated thousands of small transactions that they felt would fly under the cat’s Bitcoin radar. The mice came out to play and started buying goodies like Playstation and paying for Uber rides. Hundreds of millions of Bitcoins converted to dollars started showing up in traditional banking accounts. Those accounts had the names of the mice.
With 80% of the Bitcoins still in the wallet, the cats began noting the large amounts of cash coming into the accounts of the mice. The anti-money laundering act and the Know Your Customer regulations made it difficult for the mice to continue depositing millions into their bank accounts.
Private companies, paid by the government, applied sophisticated blockchain tracking tools onto the Bitcoin puzzle. A tool that tracked chain hopping came into play. Chain-hopping is a technique that involves rapidly selling Bitcoin for other cryptocurrencies and then back again. In essence, the coins are moved from a Bitcoin blockchain to an Ethereum blockchain to cover and obfuscate the cryptocurrency trail.
The key that unlocked this Bitcoin case came when the cats shut down AlphaBay on the dark web. Transaction logs at AlphaBay showed the connection between activity on the dark web and the Bitcoin wallet holding tens of thousands of stolen Bitcoins.
The cats started tracing that information to bank accounts held by the mice. A search warrant uncovered the wallet addresses that led back to the original 2016 theft. In sum, the government cats caught the mice thieves with the stolen cheese.
Nobody Will Know You Own Bitcoin Unless You Tell Them
We’re not going into detail on this case because it’s been extensively covered in the Bitcoin press. Suffice it to say that the mice were indicted in federal court on Feb. 10, 2022.
In summary, Bitcoins are not completely anonymous. That doesn’t mean anyone can find out who owns a Bitcoin. To discover Bitcoin ownership, government must join with private companies in order to trace the ownership of Bitcoins. It’s a long and complicated process that can take millions of dollars and involve a great period of time.
If you own bitcoin, it’s unlikely that government will waste the time and financial resources to discover your Bitcoin ownership. The one way government will likely know that you own Bitcoin is by your annual income tax statement, where you report profits and losses from your Bitcoin dealings.
Not your neighbor, co-worker, spouse, best friend or Uncle Harry will ever know you own Bitcoins unless you tell them. They likely don’t have the money or the legal authorization to dig into your Bitcoin affairs.