Topic: Blockchain Analytics is More of an Art Than Science - page 5. (Read 1359 times)

Lol.

They first refused to allow Laurent Salat to audit the code, simultaneously claiming that he was not a qualified expert, but then also claiming that he would steal their source code for OXT, which he runs. Amazing that he is both unqualified and too qualified at the same time.

Now they claim that a literal Bitcoin Core contributor is unqualified? The same people who as we saw earlier in this thread don't understand the different between legacy and segwit addresses and don't even understand the difference between bits and bytes are in no place to pass judgement on anyone, least of all a Bitcoin contributor. They are absolutely desperate that no one sees their code, and learns just how unscientific and deeply flawed it is.

Blockchain analysis is a scam.

Howdy people

The story continues. Let's have more fun about Chainalysis

CHAINALYSIS DENOUNCES BITCOIN CORE CONTRIBUTOR AS “UNQUALIFIED”

Chainalysis attempts to render Bitcoin Core contributor Bryan Bishop as “unqualified” to audit Chainalysis’ source code as the surveillance firm’s own experts stumble cluelessly around the blockchain.

With the justice case US vs. Sterlingov (the mixer Bitcoin Fog), since their software is not accurate, the defense requested the Chainalysis’ source code to be audited.
They don't like this idea! Guess why? It's going to put their business at risk.

So their point is to say Bishop is not qualified. Bishop, who
- is a Bitcoin Core contributor,
- has participated in discussions on
. elliptic curve cryptography,
. ECDSA signature schemes,
. Schnorr signature schemes,
. BLS signature schemes,
. signature aggregation schemes,
. post-quantum cryptography,
. quantum mining,
. scrypt password hashing""

it's like saying your dentist isn't qualified to treat your toothache.


Yes LOL

Extreme bio hacker


https://www.courtlistener.com/docket/59988850/185/united-states-v-sterlingov/

As with everything else they do - they guess. Their guesses may or may not be accurate, depending on the service used to mix the coins. There are good mixers and bad mixers, Chainalysis have demixed Wasabi coinjoins in the past (which is how the DAO Ethereum hacker was identified), people can leak data via external methods such as browser fingerprints or IP addresses, and so on. Chainalysis are never going to willingly reveal their methods, because then they become easier to defend against.

But as we've seen in this thread the government don't seem to care about accuracy at all, and only care about being given "data" which fits their preconceived conclusions.

It would be interesting to know how Chainalysis acquire accurate data that has gone through Mixer services? I can understand that data mining can be very accurate, if they were only dealing with unscrambled inputs and outputs from the Blockchain, but what happens after those tokens go through a Mixer service?

Yes, it is possible to mine through data that were recovered after a Mixer service were shutdown... and if they kept logs, but what happens if you push it through active Mixer services that does not keep any logs? 

Not exist in the first place!

They obviously aren't going to say no to governments because governments are their biggest customer. They exist precisely for governments, so they can present made up findings filled with inaccuracies as the "evidence" the government wants to prosecute individuals they've decided they want to prosecute, regardless of any actual guilt or wrongdoing.

What should really happen is that blockchain analysis companies go bust and disappear. If we all stopped using centralized exchanges and used bitcoin properly peer to peer as it was designed, that removes a big chunk of their cash flow. And now we need to fight back in courts and prove as we've seen above that their entire analyses are so flawed that no one should take them seriously for any purpose, certainly not for a criminal trial.

The point we want to achieve is for everyone to realize blockchain analysis is provably nonsense.

So what are we proposing the victims do should they experience hackings and scammings? Scoff it off and just move on? What if it's massive amounts of money we're talking about, like money that could pay off a mortgage or something, do we still tell them to man up and move on since "they're more likely to spend more money looking for the hacker and the money that was stolen from them rather than just moving on and working to earn that money back? Isn't that a little defeatist and at best even promotive of the heinous acts these hackers do on the daily?

Just cause our current system's crap doesn't mean we can't have people who deserve it be given the access to it, sure there are false positives and all that, but at the end of the day the more we use it the more propensity for improvement. If we keep throwing crap at it without giving it a spin first, how will we get to the point that we're eager to achieve?

Blockchain analysis companies are the practice of "being guilty until proven innocent". Living under a state which can put me behind the bars because I might be involved with some activity, with absolutely no scientific evidence is totalitarian. Literally everyone in the blockchain is potentially involved in some illegal activity.

But it's just genius. They've convinced the world that it's needed. A weapon to intrude into people's liberty and having them voluntarily handing it over is just the ultimate weapon.

I think it is more about who the customer is. If we are talking about governments, they will not give you a problem to solve, they will give you what solution they want, and you to work your way back from that to find the problem they want to find. So that means it is not going to be that easy to do it, and there will be a lot of people who are not certain about it as well. I know that it is not that simple but it could be done and I think it would be a smart decision to not say no to a government.

What do you expect these companies to do, to go out there and end up saying no to government and risk their entire business? They would bankrupt in a moment as soon as government starts attacking them for not doing what they want them to do.

Going by the article, there are something's I find even offensive, where is been quoted that Elizabeth Bisbee, the head of chainalysis investigations  doesn't seem to have a great understanding of whether her company's flagship software even works.
That's an indictment already on the company, especially considering the fact it is been said that people financial privacy are been violated.
This are serious red flags. Because user's are already given a negative feedback.

There are various things that sort of work somehow but aren't fully understood by people. One of them is GPT, as far as I know. Some things are understood by the developers, but a lot is like a black box situation, there's no deep understanding on how exactly something picks up patterns that it does, how it acts based on those patterns, etc. But that's kind of okay because linguistic models are known to be faulty, it's common knowledge they should be used with caution and should not be entrusted with decision-making. Blockchain analytics is a different thing if it can be used as evidence in court or affect major decisions on official policies.
I hope that some sort of research can be conducted to assess how often it makes mistakes and what kind of mistakes. For example, fingerprints are largely accurate but not 100%, and some people have been wrongfully convicted because of that. But there's research assessing the percentage of false positive cases, which is around 0.1%. Of course, if there's a chance of mistake, even a small one, I do think that it should mean that a person can't be convicted based on that evidence alone, but if Blockchain analysis actually have a much larger margin of error or if it's impossible to estimate it, it shouldn't be allowed to be used as evidence at all.

Absolutely unbelievable some of the revelations made in this document. (https://storage.courtlistener.com/recap/gov.uscourts.dcd.232431/gov.uscourts.dcd.232431.159.1.pdf)

First look at Bisbee's report. Bear in mind that this a report from the head of investigations at Chainalysis:

This is a catalogue of incredibly basic errors. These are the kinds of questions which would be asked by newbies on this forum and would be followed by 10 replies within the hour correcting them. This is from the head of investigations, and there is no chance her report was not proof read by a handful of other people in Chainalysis too. How utterly embarrassing for Chainalysis. They have absolutely no idea about the very basics of the thing the claim to be able to track.

And then look at some of the other assumptions that they have made:

VPNs/Tor, how they hell to they work?

How very fair and unbiased. Decide their conclusion, then manipulate the data to fit it.

If your pattern of use is completely average and similar to everyone else's pattern of use, the only explanation is that you are doing it deliberately to obfuscate things, and not, you know, that you are just an average user. What a wild assumption.

An incredible collection of incompetence and ignorance. What a tragedy that so much of this space revolves around the complete hogwash that these scam merchants peddle to governments and centralized exchanges.

Concretely, how the inacuracy is with Chainalysis:

An example with the old mixer Bitcoin Fog


Now let's compare:


Hold on,


Conclusion:


https://bitcoinmagazine.com/technical/chainalysis-the-theranos-of-blockchain-forensics

So you could be thrown into court with false accusations against you. And they will say "the investigation says it's you"
Oh great finding
Imagine what a government can do if you are a target for them An example with Julian Assange

That is why when building transaction one should operate on the base they know  all his addresses. There is a nice guide ( divided into four sections ^{[1] , [2],[3] and[4]}. )which sheds light  on heuristic used by those software. Thus, knowing that heuristic one can develop his own strategy against chainanalysis' clustering technique.
::::::::::::::::::::::::::   ::::::::::::::::::::::::::::  ::::::::::::::::::::::::::::::
[1]. Understanding Bitcoin Privacy with OXT — Part 1/4
[2]. Understanding Bitcoin Privacy with OXT — Part 2/4
[3]. Understanding Bitcoin Privacy with OXT — Part 3/4
[4]. Understanding Bitcoin Privacy with OXT — Part 4/4

If people start reading the terms and conditions before signing up on something, the faster we can point out terms that we all agree isn't agreeable towards the consumers. As much as I agree that the services aren't at fault when they do something to the account because it's in their "terms and conditions", we have to also call out those services that put unfair terms and conditions just to use their service, both sides should experience some change.

business policy does not trump law.
a unregulated shady boiler room scam service could put bad terms into agreements to try to make scammed customers not chase their funds.. but a regulated exchange has to follow the regulations and cannot seize funds arbitrarily without a court order.

sometimes although no one likes regulations. its worth reading them. even if its to learn the limits of their powers and thresholds of authority

as for the unregulated scammy shady exchanges.. well the risk is on the customer obviously which is why its best in regulated and unregulated to never leave funds in an exchange eitherway for many reasons, but more so when it comes to unregulated exchanges as you have less legal protections and defenses and less methods to pursue recompense

my common rule is this: if you cant physically find someone your handing funds to, to slap them with a wet fish should they wrong you. dont hand funds to them in the first place

You are totally right; I might not be new to the cryptosphere, but I was new to the use of data and how valuable it is when I started to read about IOT. Because in IOT we value data and read how important it is to make decisions, increase sales, and send proposals to someone who is in need. It's like when your bank balance is low, and then you get to receive some messages from many lenders and other platforms that provide some type of insurance or loan that could help you out when you are broke.

The thing is, once they know you have no money or have money, they will start to advertise their services and products accordingly just to lure you into becoming their customer.

PS: Is it possible that the investigator who knows nothing is just a human error from her side while the system does have a lot of ongoing in that context? Just asking.

When a user opens an account, they enter a user agreement. If the user agreement says that the service can freeze the account and seize funds, then there's no violation of law. If the rules don't mention such cases, then the users should be able to take their money. But most of the time the rules are very detailed and cover all potential cases.

People need to read what they sign.

We can be sure of that, given that they have been working on it for at least 10 years, and this was confirmed by someone who had an insight into all that. If we look at the actual volume of their work, which included time, money and specific knowledge, then it is clear how much of a priority this issue was for them.


Guessing pays very well today, and that's why many people started to engage in this business. It is obvious that all the companies that pay for their services need some kind of justification for the purpose of disclaimer in order to fight against money laundering and of course the state's enemy number 1 - terrorism.

This is the situation when someone says "based on the collected data, we did not think that we should take any actions to prevent...", and I guess that's exactly what such companies are for.

I'm just about 100% sure the 3 letter agencies of the US government have a lot better accuracy in determining what coins belong to who and where they go.
Companies like Chainalysis are guessing at best. BUT and this is the big BUT if the companies that USE their service are happy and pay on time that is all that Chainalysis (and the others like it) care about.

It gives them the ability to tell regulators that they did their job the best they could in making sure they did not take any funds in from people or places they should not have.

That's it, over and out. Do you really think that ANY company wants to spend money on a product or service that they did not have to? It's just checking off the box that says we did what we had to do.

-Dave

the data which different transaction analysis sites produce is solely based on the credibility of the data provided to them..
for instance chain-analysis is sister companies of several dozen exchanges and services. so they share data about their customers.
this means if they have a customer on exchange A with email X and exchange B with the same email X. they can then try to find coin spend linkages

some crap analysis sites just do taint analysis without CEX/service customer data. so the results are subjective to the data they are given