Topic: Blockchain Analytics is More of an Art Than Science - page 4. (Read 1359 times)

The state should be able to to monitor everything . These data should be encrypted and only be viewable in crime cases . Courts and no one else should provide the keys to be able to decrypt the data . These are things that we will see in the future if blockchains stop being used only as a economic instrument . Bitcoin is a timestamp machine and has many more uses than we have ever imagined .

That's your right , just don't act as a cry baby in case things go the bad way .

Well, that's another possibility because they can sometimes attack their own software and may act as hackers to find the flaws that hackers could find with hacking tools. Sometimes they also might run bug bounty programs and pay hackers to find those bugs in their software.



I agree with you and most of the closed-source software are packed with obfuscation techniques by keeping security in mind while sometimes they use those techniques to prevent open-source software developers from copying of the source-code. Those closed-source people aren't generous at all and they don't want open-source developers to view the code and make something similar and allow everyone to use it and contribute to it freely. Such software could contain many vulnerabilities and when a hacker finds those vulnerabilities then he/she may do anything with the systems of the users that are running those software on their systems. I strongly agree with you that the software which has cryptography should always be developed with complete transparency so that any developer could had improvements into it.

If all the people from the public don't care about your financial activity, it doesn't mean that a sub-group of people, which are specialized to analyzing financial activities, don't care either. They are caring more than anyone else.

It is evidently possible for the public to de-anonymize a large part of your Bitcoin financial activity. If you think that just by utilizing coin control you can protect yourself from firms which are funded by millions of dollars with the single scope of de-anonymizing as much blockchain activity as possible, then you're gravely mistaken. Even random people on this forum do it. You can't efficiently nor effectively gain privacy by coin control, you need at some point to enter a large pool of coins, which will make it hard for the observer to tell which is which afterwards (as in coinjoin).

So mixing is good, because it lets us define the limit of who's allowed to scrutinize our Bitcoin activity.

Then we fundamentally disagree. The state does not have the right to constantly monitor its entire population "just in case".

Because that is an impossible fantasy. Any and all data collected under already existing surveillance programs is used by the government for literally any purpose they want, including being sold to third parties and shared with foreign governments, and there is nothing you can do about it.

Show me evidence that mass surveillance has prevented a single terrorist attack. There is none.

And I, and many others, don't want random blockchain analysis companies, centralized exchanges, governments, and so forth, spying on all our bitcoin transactions, holdings, addresses, and wallets. And so we use privacy enhancing tools.

 Criminals no , idiots for using a tumbler/mixer by providing exit liquidity to criminals yes .


Because first of all the public gives a shit about your financial activity , same as mine . Because it's difficult (not impossible) for the public to connect me with all my accounts and aliases as i respect my privacy . Because i am not a target for the public ( probably you too ) . And many many other things .


Were they customers of that "service" if they were paying ? Does blockchain provide a proof of economic activity ? Was that proof another nail in their coffin ?


I'm glad we're on the same side about those scumbags .
As for the constant surveillance , i'm on the side who believes that cameras should be anywhere . The problem is that there's still no framework for these data to be handled "only" by authorities just in cases that a crime is committed .
Imagine a world where you would know that if you commit a crime you are almost 100% busted . Would you commit that crime ?
https://www.youtube.com/watch?v=BlT5SdLeXtM


Not a stupid argument , just an argument that doesn't fit your narratives . Believe me , there are people that know many / most / all of the things you mention about me . You are not in my circle that has the right to know detailed info .That's what privacy is . You share things that you want with those you want .  On the other hand anonymity tries to hide anything from anyone . I like privacy , i dislike anonymity .

Those quotes from "Government Experts" are absolutely damning. This whole thing is a clown show. I'll pull another few quotes for interest:

So even Chainalysis admit that the vast majority of mixer user is entirely legitimate and from regular users who just want to protect their privacy.

Lmfao. "Here's my evidence." "Can you explain it to us?" "No, I have no idea what any of this means. But I'm certain it's enough to put people in jail, even though I don't understand it at all!"

In what other trial could one party say "We have evidence that the defendant is guilty, but none of you are actually allowed to see that evidence. We will however give you a document that confirms we have evidence that the defendant is guilty. Totally trust us, bro."

What a fucking sham.

Forensics (which is probably the more accurate term in this instance) is what practitioners might argue is anyway more of an art, grounded in science. I might say many others who use scientific bases to guide findings and discoveries think the same.

I've a partner working in (traditional) compliance and you can always teach the frontliners and KYC about the science, but the nuance and depth of analysis is really hard to land at -- blockchain or Bitcoin transaction behaviour actually simplifies some of that nuance (there us, for example, no possibility to fake, double spend, or retroactively change, unlike in traditional transaction trails).

Let's not forget that Chainalysis whistleblowing in the past certainly points to at least a degree of uncertainty in their own methods -- this was years ago. And they're at that basic frontline level banks have right now -- knowing some rules, some parameters, and not knowing enough how to recognise and exclude the (many) false positives that are easy to create.

Advanced forensics rely on matching digital fingerprints -- not merely dusting for fingerprints, which is what Chainalysis does.

(great discussion by the way, compared to what we're used to read here, thanks guys)

I'm coming with some stuff

The Department of Justice admits blockchain forensics to be “highly imperfect”, @ https://www.justice.gov/media/1169626/dl?inline
and precisely including Chainalysis in the report.

Bloomberg cites partial facts, dismissing concerns regarding Chainalysis accuracy in the ongoing Bitcoin Fog trial as a "smear campaign."
A smear campaign? I'm not a Bloomberg's reader but I wonder if they call this too smear propaganda when it's about Trump

And again
@ https://storage.courtlistener.com/recap/gov.uscourts.dcd.232431/gov.uscourts.dcd.232431.164.0_1.pdf

This is just the best response to this argument. Whenever someone asserts that they have nothing to hide, I politely request permission to access their phone. Surprisingly, this approach even works with my relatives. The temporary awkwardness that ensues clearly illustrates my point that we all have things to hide.

From the article you linked:
No, and I obviously have nothing against people committing non-victimless crimes going to prison. Especially not in cases such as this. These individuals can rot in hell. However, that still doesn't give the state the right to constantly surveil all its citizens.

No offense meant, but "nothing to fear, nothing to hide" is a monumentally stupid argument. If you truly have nothing to hide, I'm sure you'll have no issue whatsoever sharing with me your real name, address, phone number, email address, bank statements, all your bitcoin addresses, all your WhatsApp/Telegram/Signal/etc. conversations, your internet browsing history, and the login details for all your social media accounts. I just want to have a good look around and publicly post anything I find interesting. After all, you've got nothing to hide, right!?

If you treat everyone guilty until proven otherwise, then definitely, some of the times they won't be innocent. The question you need to answer yourself is if it's worth to live under a regime that is discriminating against everyone who is trying to have some privacy, for the sake of seizing criminals.

It's easy to pinpoint that chain analysis is good when the criminals are ignorant. However, how many documented cases exist in which criminals who mixed their coins were apprehended? What happens if a criminal mixes their coins? Are new owners criminals now? Of course not.

I'm neither hiding an illegal activity by encrypting messages, but I do have something to hide; the message. Freedom of using cryptography can be exploited by criminals as well, but it is nonetheless a crucial, respecting part of our Internet world now more.

Why are you finding it so difficult to accept the fact that I may not want to reveal my financial activity to literally the public?

If chain analysis is a scam how do you explain cases like https://www.justice.gov/opa/pr/south-korean-national-and-hundreds-others-charged-worldwide-takedown-largest-darknet-child ? Those who got charged do you think were innocent and the deep bad state just decided to flip a coin and charge random people ?
I agree that someone can't be 100% certain all the time but there were cases that chain analysis led to child porn rings , especially in cases where the users were ignorant about how blockchains work .

As for the mixers , it's sad to see many people here claim that mixers is a tool to protect privacy , that kind of users that have nothing illegal to hide are just providing exit liquidity to criminals . As a proverb says "when you pee in the sea you will find it in the salt" .

Or, they themselves could attack their own software if there's a benefit. They won't reveal you the manner which they discriminate coins, so why wouldn't they? It can go completely unnoticed.

This is so true. In fact, it's been noticed that many times developers who write closed-source software do follow the "security-through-obscurity" principle. People try obfuscation techniques believing that provides security, in stuff like web apps and steganography. Believing that closed-source is more secure than open-source, besides debunked, is a sign of utter arrogance; believing that no one can contribute to the security of your project as much as you've already done is excessive self-esteem. Windows is tangible evidence that this is bad practice.

Everything that includes cryptography should be developed transparently.

Yes, you're right they simply don't care because they won't be affected if some innocent person's life get destroyed because of someone else's criminal mindset. They have become so cold that only money matters for them and if they get money then everything is okay for them. The governments give free hand to banks and the banks can do whatever they want to do with those trillions of dollars that they launder. The banks have been following those practices for centuries and the politicians have been supporting them. The real culprit in the system are those politicians who sell their souls for the money and they use malpractices to fix all of the written documentation and clear all of the records of the banks that laundered the money. When those records are cleared the banks get courage to do more money laundering activites.

The centralized system is full of corrupt people and when a corrupt person come in power then he/she does everything to fill his/her pockets. I also agree that the ones who go against surveillance activities of the government always face a worst ending. They really don't want that open source code which can fail their surveillance activities because such software can reduce their control over population and anyone who make it can be harmful for them. They will do everything to control the population and they are very successful in their wrong motives. That time isn't far when everyone's life will be controlled by the so called governmental bodies, and the worst thing is that if we even do something to help others to be released form that control then that could be a deadly step for our lives. A laymen isn't anything for them and if a person is not known in social media then they can do whatever they want with that person. I believe that's one of the reasons why Satoshi left the Bitcoin after giving it to public because he knew that if he continue to post on this forum or somewhere else then those governmental authorities will find a way to trace him and could make many charges against him because the created a financial system like Bitcoin.



Very true! The open source code is available to everyone and anyone can improve it if they find flaws in it. On the other hand the organizations that doesn't open their source code will limit it to few people who may not be able to find all flaws of the code and the hackers or the malicious entities may find those flaws in the code by using their techniques and as a result the users and their privacy get compromised. Most of the time the closed source applications are full of vulnerabilities and when a hacker finds those vulnerabilities then he/she can take advantage of it and steal data of millions of users. The open source code isn't much vulnerable by nature because almost everyone can fix the vulnerabilities in the code and they can also improve the security of it by contributing their share on it.

As someone mentioned earlier they can bake the desired outcome what the client (GOVT) is looking for really. The govt literally has unlimited resources and can bury an innocent person.

What if someone hasn't a single nefarious intent  but just pumps 1-2 K through a mixer just natural geek curiosity and put it back in their wallet and the whole wallet get's seized or your coins marked? Many people just want to be anon with no criminal intent. If your hiding you must be doing something wrong right?

Sure. There will always be a government owned blockchain analysis company trying to spy on you. But if you cut off a huge amount of the data they get fed from the likes of centralized exchanges providing your KYC data and wallet addresses, payment processors like BitPay sharing details of your spending habits, closed source wallets which depend on their own servers sharing your wallet addresses, and so on, their bullshit "analyses" would be even more provably bullshit.

If some random account showed up to this forum and said "Hey, I've figured out a way to track bitcoin transactions, send me any address and 100,000 sats and I'll tell you who owns it!" while refusing to provide any technical details or let anyone see their code, they would rightly be called a scammer and rapidly be tagged with a newbie warning flag. But somehow if you show up to the US government and say the same thing they give you a multi-million dollar contract.

This and the part where they won't endorse code auditing reminds somewhat of the open-source / closed-source debate around security (AKA, "Security through obscurity"). That certain developers choose to not reveal the source code for security reasons, which is completely debunked, as most of the times cyber attacks don't happen after thorough research on the code, but on techniques that are source-independent. On the other hand, open source code greatly improves security, as it sets no limit as to who can be a contributor.

Chain analysis companies are getting funded with millions of dollars from the US government, so it isn't just Wasabi's and centralized exchanges' fault here. But, sure, if half of the Bitcoin userbase stopped using Binance and switched to self-custody, they'd start panicking.

They don't forget - they simply don't care.

The government don't care in the slightest when banks launder literally trillions of dollars. They get a completely meaningless token fine and that's it. No arrests, no criminal charges, no seizures, no shutdowns, and allowed to continue to launder more money in the future. This is all fine because the banks bribe our politicians and freely hand over all your data to the government when they want it. But when a piece of open source code allows the average person to maintain some semblance of privacy against the government's various mass surveillance programs, then all hell breaks loose and they absolutely must prosecute someone. They don't actually care if the people they prosecute are actually guilty, as long as the set an example to the rest of us that you should be good little citizens and never step out of line. This is not about preventing money laundering in the slightest - if it was, they would clamp down on the banks which do it constantly. It's about surveilling and controlling the populace.

Absolutely. We already have dozens of blockchain analysis companies out there. My point was that if everyone who used bitcoin stopped using things like centralized exchanges or wallets like Wasabi or Trezor which all directly fund these blockchain analysis companies, then that would cut off a large part of their funding and many would cease to exist (not to mention making general blockchain analysis much more difficult since you would no longer have KYC linked addresses and such).

It's pretty damning just how desperate Chainalysis are to not let anyone who even remotely understands bitcoin view their code.

But these aren't very realistic outcomes in real life. If Chainalysis were to fold tomorrow, you can bet there'd be at least a handful of similar entities vying for their old contracts & market share.


The code should absolutely be auditable... I agree with the overall sentiment in this thread that its ridiculous to put someone behind bars for what is potentially a very long time without thorough "due process." If Sterlingov was indeed just a user of Bitcoin Fog then it would be an egregious miscarriage of justice to sentence him based on potentially faulty analysis.

I agree with you and truly those companies can track a lot of things that we can't even imagine. They have internal links with many of the centralized bodies and large companies also provide details to them because they may get incentivize later on when cases are solved. Most of the Centralized exchanges willingly share data of the customers with them when any of the hacked coins are transferred into the wallets of those exchanges. That's also a way for them to gather data about the criminals who have committed the crime.

But, I still believe that sometimes the innocent ones can be caught due to the fraud of someone else. The criminals can sell those coins privately to the victims and some less-knowledgeable victims can purchase those coins for cheaper and send them their exchange's hot wallet address to receive to coins. Although those victims are innocent but those companies don't really care much about their innocence and action against them to show off their tracing skills. They may

Those type of companies are known for link building with other companies and thus centralized exchanges and all those other companies willingly provide information about customers and users to the companies like Chainalysis. I may be wrong but I think that governmental agencies also help those companies privately because those type of tracing companies can help to find the criminals and later on those agencies may seize the stolen coins from the victims.

Well, we really don't know their methods in details and they will never share their research details in public, and that's why I also believe that their data gathering can go wrong sometimes and innocent people may face wrong allegations because of the wrong practices of the companies like that. Sometimes they are so concerned about data mining that they forget that innocent people can also face tough times because of the mastermind criminals. Some criminals take ID card and other details of the innocent people and may register face accounts on their name and complete the KYC verification of the sites. In that case they will consider the victim as responsible for the crime not the mastermind criminals who used those innocents victims details to save himself from the crime that he has done.