Pages:
Author

Topic: How can tainted coins becomes hard to be recognized by centralized services - page 2. (Read 730 times)

legendary
Activity: 1876
Merit: 3139
It will be even easier to trick such services if they implement deposits via the Lightning Network. If you send an indirect payment, the receiver is not able to tell the (on-chain) origin of the coins. Since the payment could be routed through multiple nodes, the first node in the route would accept "tainted" coins and pass along "pure" coins using some other channel.
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
Are they really? I don't think so. I believe most people never use mixers which makes most coins "untainted" according to this weird definition of "taint". In fact I believe that this is the only reason why exchanges and some other centralized services can afford to ban tainted coins because they are the minority and banning them won't lose them that much business.
They aren't really considered taint, or at least the known transactions that exchanges has openly restricted so far. Exchanges only ban them as a result of a direct link between the deposit transaction and something against their ToS. Definition of taint is generally recognized as something that can be linked to certain illicit transactions but that is not what (most) exchanges actually ban. CoinJoin and gambling sites are not illegal per se, but it is against their ToS. You have a strong case against the exchange denying you service if you're able to prove that you're not involved in any activities against their ToS. Their definition of taint is different from how we define it.

The best way to remove taint is to cooperate with a miner and launder it through the transaction fees. Most blockchain analysis don't follow that trail for their taint.
legendary
Activity: 2268
Merit: 18771
Are they really?
If you look back far enough, yes. Think of every coin which has ever been mixed, ever been coinjoined, ever been stolen, ever been part of an exchange hack, ever been stolen by the malicious Electrum, ever been sent to a scam ICO, ever been used for something illegal, ever touched a darknet market, ever been gambled, ever been deposited or withdrawn from a casino, ever been handled by someone "unsavory", and on, and on, and on. Or even any clean coin which has been included with a tainted coin in any transaction.

As time goes on, this will only get worse. If you apply the whole "taint" thing consistently, then almost every coin in circulation is tainted and can't be accepted. This selective enforcement which centralized exchanges use is simply a convenient excuse for them to lock accounts and freeze coins.
legendary
Activity: 3472
Merit: 10611
almost all the bitcoins are tained already,
Are they really? I don't think so. I believe most people never use mixers which makes most coins "untainted" according to this weird definition of "taint". In fact I believe that this is the only reason why exchanges and some other centralized services can afford to ban tainted coins because they are the minority and banning them won't lose them that much business.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
If you trace any bitcoin back far enough then there is a very high likelihood it has been tainted somehow, so it is correct to say that exchanges can only look back so many transactions before assuming the bitcoin is clean enough for them to accept. What this magic number is will vary between exchanges and possibly also between the size of deposit or other factors to do with the account which is depositing it.
No coin tainted should be deemed clean again, but no coin that should pass through 12 transactions over long period of time through 5 hops as described above should be deemed as illegal transaction like you said, almost all the bitcoins are tained already, even the ones that are bought after converting monero back to Bitcoin most likely would have been tainted in the past. I see this as an effective way to send bitcoin someone think is tainted to an exchange and yet exchange do not see it as tainted because the exchanges can not seize 90% or more Bitcoin on their exchange which I believe are already tainted in some past transactions.
legendary
Activity: 2268
Merit: 18771
But splitting ownership of the private key cannot reverse tainting effects by itself, since analysis is done entirely on the addresses.
Oh, absolutely. If the coins being deposited to the shared-key-address came directly from a coinjoin, then as far as the exchange you are depositing them to is concerned the coins went from coinjoin, to an intermediate address, to the exchange, and they will absolutely still be tainted. All Mercury does is allow the coins to change ownership without a transaction - it does not obfuscate the history of the coins like a coinjoin or a mixer would do. In fact, Mercury might make things worse from a taint point of view. If there is a transaction recorded on the blockchain then at least you can point to it and say "This is where I bought the coins, and anything that came before had nothing to do with me."

I believe that if a tainted UTXO is split up through enough transactions in different blocks, then as long as none of those outputs are tainted then it will become infeasible for exchanges to scan the transaction history of all its parent UTXOs from the last N blocks when N is a little large (50, or 100).
If you trace any bitcoin back far enough then there is a very high likelihood it has been tainted somehow, so it is correct to say that exchanges can only look back so many transactions before assuming the bitcoin is clean enough for them to accept. What this magic number is will vary between exchanges and possibly also between the size of deposit or other factors to do with the account which is depositing it.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
The TL;DR is essentially the private key to a certain UTXO is split between user and Mercury, such that each party has a share but neither has full knowledge of the private key. When you want to transfer the coins to someone else, with your co-operation a new set of shares can be generated between Mercury and your recipient, without anyone revealing their current shares, but it still requires trust that Mercury will delete their original share to prevent collusion between Mercury and previous owners.

But splitting ownership of the private key cannot reverse tainting effects by itself, since analysis is done entirely on the addresses.

I believe that if a tainted UTXO is split up through enough transactions in different blocks, then as long as none of those outputs are tainted then it will become infeasible for exchanges to scan the transaction history of all its parent UTXOs from the last N blocks when N is a little large (50, or 100). Scanning that far back for all deposits (of which many happen in a short timespan) will take too long to finish on time.
legendary
Activity: 2212
Merit: 7064
...
I am still testing that Mercury wallet project and so far I lost small amount of testnet Bitcoin because there was a lot of bugs not allowing me to recover wallet funds.
They fixed a lot of things including recovering funds in last few versions, they also fixed javascript errors that was showing each time you open a wallet.
Website is redesigned and they added dark them for wallet, so I encourage everyone to test how Mercury wallet is working if you have testnet BTC.
Latest version is 0.2.27:
https://github.com/layer2tech/mercury-wallet/releases

I created topic for discussion and feedaback in forum few months ago:
https://bitcointalksearch.org/topic/mercury-wallet-mercury-layer-privacy-for-bitcoin-5334221
legendary
Activity: 2268
Merit: 18771
The only way is to change the owner of the private key, but I can't find any site that offers this service in a decentralized way.
dkbit98 put me on to a project called Mercury Wallet (https://mercurywallet.com/), which aims to do this using statechains. You can read more about how it works in their FAQ on the previous link, and on their documentation at this link - https://docs.mercurywallet.com/docs/. The TL;DR is essentially the private key to a certain UTXO is split between user and Mercury, such that each party has a share but neither has full knowledge of the private key. When you want to transfer the coins to someone else, with your co-operation a new set of shares can be generated between Mercury and your recipient, without anyone revealing their current shares, but it still requires trust that Mercury will delete their original share to prevent collusion between Mercury and previous owners.

It's a very interesting concept, but it is not fully decentralized and it appears to still be in beta. I've been keeping an eye on its development but I've not tested it out myself as of yet.
legendary
Activity: 2702
Merit: 4002

I found this quote for how  Samourai Wallet Ricochet transactions work. Overall, it is unfortunate to see that few people focus on privacy and try to make Bitcoin harder to track.
There are already many mixing services, but the reason you are mixing determines which one is suitable.
They all try to break the link between the sender and the receiver, and unfortunately, they all fail if they are analyzed well.
The only way is to change the owner of the private key, but I can't find any site that offers this service in a decentralized way.
legendary
Activity: 3472
Merit: 10611
As long as we don't know for sure how those exchanges and chain analysis companies working with them track transactions and based on what the flag addresses as suspicious, we can't tell how much "ricochet" is going to be effective.
In fact, it can even be counterproductive as it may raise suspicions if the ricochet transactions have been made in a short span of time.
The point is to provide "plausible deniability". For example if a grocery store has some marked bills from a bank robbery in their cash register they can plausibly deny being involved in the robbery since they are just receiving the cash.
Even with one "hop" you can claim that you never mixed your coins or used a gambling site and claim you received the coins for any other reason.

Quote
However, I doubt exchanges will suspend all accounts that can be linked to tainted coins unless the deposited amount is really big or one of its addresses is directly involved in illegal activities.
The problem here is the number of people who mix their coins. It is a small percentage of the exchange users so the exchange can easily target those few while the majority of the remaining users remain unaffected.
legendary
Activity: 2744
Merit: 3097
Top Crypto Casino
As long as we don't know for sure how those exchanges and chain analysis companies working with them track transactions and based on what the flag addresses as suspicious, we can't tell how much "ricochet" is going to be effective.
In fact, it can even be counterproductive as it may raise suspicions if the ricochet transactions have been made in a short span of time.
However, I doubt exchanges will suspend all accounts that can be linked to tainted coins unless the deposited amount is really big or one of its addresses is directly involved in illegal activities.
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
Has anyone here who uses gambling platforms, mixers, CoinJoins, etc., had their coins confiscated or blocked by a centralized exchange? What did they say and how was the issue resolved? I am trying to find out how widespread of a problem it is because I have never experienced it myself. Of course, you have to use centralized exchanges to get in those kind of problems. I am saying that to stop people from replaying they never had those problems because they use DEXs.  
An example here: https://twitter.com/bittlecat/status/1207621591820951552. They resolved it by returning the funds and here is their official response: https://www.binance.com/en/blog/414733786553217024/CZ-on-Regulations-Exchanges--Privacy. To a larger extent, Coinbase has always been known to block accounts that were sending to/from gambling site, that is much more common. Also, another example here: https://twitter.com/McHodled/status/1222172084610027523. Examples are non exhaustive.

I've never been banned while using ChipMixer on Binance, not saying that it is immune just that CoinJoins are a lot more obvious.

Exchanges (and governments) want to track their users and don't like it when their users attempts to evade it.
legendary
Activity: 2730
Merit: 7065
Has anyone here who uses gambling platforms, mixers, CoinJoins, etc., had their coins confiscated or blocked by a centralized exchange? What did they say and how was the issue resolved? I am trying to find out how widespread of a problem it is because I have never experienced it myself. Of course, you have to use centralized exchanges to get in those kind of problems. I am saying that to stop people from replaying they never had those problems because they use DEXs. 
legendary
Activity: 3472
Merit: 10611
There is also one of the theymos posts which address the the use of Monero as a means of mixing method which can be used. You are very right because this will be a more comfortable method that can be used to mix Bitcoin effectively. But I am finding out if it is possible to make use of Bitcoin directly without converting it to any other coin.
Using another coin like XMR is for improving your privacy not removing taint because when you change that coin back to bitcoin you don't know what kind of "coin" you are receiving, it may have more taint than your original "coins".

BTW I don't see anything special in "ricochet" to force you to use a certain wallet that has it. You can do it on your own using a custom variable interval. You just have to waste some precious satoshis on fees.
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
Will the exchange know that I am sending the coin to myself after the use of different addresses?
Depends on how you're making use of it. If there are certain heuristics that can identify the correct traits (round outputs, 1 to 1 transactions), then there is little to no taint being removed as there is still a fairly high certainty that people would assume that both addresses are linked in some way. Though obviously you're still able to tell the exchange that you do not control those addresses in the chain, I wouldn't bet on it.

Or, which other wallet other than Bitcoin core that I can manually do it safely? With what I checked online, the fee for ricochet on Samourai wallet is truly 0.002 btc, which is too high for me when I can have the time to go ten hops on noncustododial wallet with just 0.0005 btc or lower in fee when mempool is non congested. Samourai wallet will be good for high Bitcoin amount because the fee needed is too high.
You can replicate whatever Samourai does yourself; send your coins through multiple hops, adding a change address for each, different time intervals, fees, etc. Basically just making it seem as if each of the transactions were sent by different people in different wallets. Benefit of Samourai is that it's done automatically and thus prevents user's incompetence from ruining their privacy.

So, most exchanges will and should give the benefit of doubt to their user. Unless proven by a direct link, there is no basis for an exchange to assume that the transaction path was initiated by the same person. There is a reason why (or at least what I've seen) that exchanges only take action with direct CoinJoin transactions or transactions from gambling sites.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
<...>
There is also one of the theymos posts which address the the use of Monero as a means of mixing method which can be used. You are very right because this will be a more comfortable method that can be used to mix Bitcoin effectively. But I am finding out if it is possible to make use of Bitcoin directly without converting it to any other coin.

Electrum should definitely not be used; the server will know that you're just sending your funds to yourself, unless you assume multiple identities for each transfer.

Will the exchange know that I am sending the coin to myself after the use of different addresses? I do not have problem with the electrum server in this regard, but you are right because it will be perfectly better on Bitcoin core, but which I do not have. Or, which other wallet other than Bitcoin core that I can manually do it safely? With what I checked online, the fee for ricochet on Samourai wallet is truly 0.002 btc, which is too high for me when I can have the time to go ten hops on noncustododial wallet with just 0.0005 btc or lower in fee when mempool is non congested. Samourai wallet will be good for high Bitcoin amount because the fee needed is too high.
legendary
Activity: 2352
Merit: 6089
bitcoindata.science
The last bitcoin transaction I made required only $0.3 worth of bitcoin as transaction fee, and the coin was confirmed less than 2 minutes after I broadcasted the transaction (I know the estimated confirmation time is 10 minutes in average, so please do not quote this because it is what actually happened). Although, the mempool was not congested at all, which is a great opportunity that ricochet can be done with low fee. Although, I may not have to use Samourai wallet for it as I can simply send my Bitcoin from one address to another address until I am pleased, which can be done on electrum.

There was a similar discussion here about tainted coins, i will quote my answer:

There is a discussion about "tainted coins". There is a very informative video from Antonopoulos where he explains about it:
https://www.youtube.com/watch?v=BILcJ3WtdLQ

He is basic saying that some exchanges might want to see the X past transactions of your address, to see if those coins have been through a mixer/casino.

The problem is that if exchanges look back all transactions, they will find all that almost all coins have been sometime inside a mixer service or a casino. So all coins would be tainted.

Then the solution for the exchanges is look about 4-5 transactions. So you could easily bypass this check, just making a few transactions inside your own wallet, to address you already control. You could just send them at 1 sat/byte (minimum fee) as you are transferring coins to yourself you have no hurry.

Basically, the whole concepted of tainted coins makes no sense, as basically all coins already have been in a mixer/casino. So you can "ricochet" them until they are clean.


Quote
My questions
* Since I have been on this forum, I have never heard of Samourai wallet before (although I have known the wallet since a year or two ago), is the wallet not recommendable? Or is there any vulnerability seen in the wallet that makes people to abstain from using it?

* Is Samourai wallet advisable to be used for the Ricochet? If the wallet is not recommended, that gives the answer already

* how many hops is best for Ricochet? Because I can even use my electrum wallet to manually do it and increase the hops, that is, sending it from one address to another with low fee until I am satisfied.

I have always read positive feedbacks about samourai. I think it is a good option.

I think 12 ricochet is too much. Personally, I have send coins from a casinos to my wallet and then straight to binance (1 ricochet) without any problem. This might become a problem in the future, but it isn't now.

You can just make a few ones, and Antonopoulos suggested in his video. That doesn't really increase your privacy.

You have also to be alert not to mix different addresses in the same transaction while ricocheting, because this will  reduce your privacy (linking different addresses together)
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
Although, the mempool was not congested at all, which is a great opportunity that ricochet can be done with low fee. Although, I may not have to use Samourai wallet for it as I can simply send my Bitcoin from one address to another address until I am pleased, which can be done on electrum.
AFAIK, Samourai actually charges a fee for that feature as well. I think 0.002BTC per ricochet?

* Since I have been on this forum, I have never heard of Samourai wallet before (although I have known the wallet since a year or two ago), is the wallet not recommendable? Or is there any vulnerability seen in the wallet that makes people to abstain from using it?
No vulnerability, or at least any important one that I am aware of.

First of all, "taint" is a concept that isn't always accurately interpreted. Taint often has different measurements across various exchanges or blockchain analysis companies and it is impossible to tell how they actually determine the taint. Using historical data will not always be accurate. Samurai's method introduces the hops which can help the user provide plausible deniability by claiming that they were not directly involved in said illegal activities. Exchanges has often disregarded taint due to its inaccuracy but rather take actions solely based on the transaction that is sent to their exchange, be it a CoinJoin sent directly or from a gambling site. In this respect, having multiple hops will help.

It is not a guarantee for the service that you're using to assume that the coins are clean just because they've been through multiple hops. There can be tell tale signs, eg. having the hops within a short period of time, 1 to 1 transaction, etc. It is far better for the user to be using a service like that if they don't know what they're trying to achieve here. Electrum should definitely not be used; the server will know that you're just sending your funds to yourself, unless you assume multiple identities for each transfer.
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
The problem is that different services have different standards, some of which are known others which are for 'internal knowledge only'
Coinbase is well known to not like coins coming from gambling sites. But they really don't care about coins coming from other "known" exchanges.
Just moving your coins to Binance or Coinex or a few others and moving them to Coinbase has been shown to be enough to make them not care.

For privacy in general (depending on the amount but figure under $10,000) I have posted a few times what is more or less a simple way to bury beyond the last transfer to you.
BTC -> XMR at one exchange XMR -> BTC another exchange back to you you.
If you want a bit more clouding.
BTC->XMR then XMR -> Another bit coin say LTC then LTC -> BTC to you. And if anyone even cares it's "I was owed money, he paid with LTC I only use BTC so I exchanged it"

There are a lot of well know exchanges with good reputation and lack of KYC on small amounts (once again under $10K at a time) that there should be no read flags.

Disposable email address and coffee shop Wi-Fi should take care of the rest.

-Dave
Pages:
Jump to: