Topic: How can tainted coins becomes hard to be recognized by centralized services (Read 632 times)

Yes, exactly, that is why bandits, kidnappers and many other criminals prefer Fiat in cash, it is not traceable and tainted-resistant because it can not be tainted. Like the recent hack, all the addresses have been known, will be tracked and monitored, what Fiat in cash can not give. We can even see thieves robbing banks successfully without being able to trace the money stolen. 

It's something we've seen many times in history, and who knows a little better about the history of drug cartels in Colombia and Mexico some 35 years ago, knows that drug cartels bought entire governments, including presidents - all with the help of the US dollar and one very dirty agencies from the US.

Also, today it is not strange for them to seize cryptocurrencies that they declare dirty, and then wash them through the auction process and return them to the system which will sooner or later taint those coins again. How long will it take until some genius comes up with the idea that all BTC must be cleaned, and then it will return to the system according to some new rules - your coins, our private keys...

Nothing happens because tracking cash is much more difficult than following the blockchain trail. But if Alice used PayPal, bank, WU, a CC, or some other trackable processor, the authorities could question the connected people about their relationship to Alice the drug lord.

Bitcoin is being treated differently because the state doesn't like what it doesn't see or have a way to control, and they are the ones in power, not us. That's why there is a problem with Bitcoin "taint", but there is no problem circulating physical cash that was previously involved in the drug trade, human trafficking, illegal prostitution etc. Corrupt officials also don't seem to have a problem taking a cut from "tainted" USDs.      

I was thinking more along the lines of having an exchange suspending your account or holding your funds. Not so much sanctions or criminal proceedings. Kind of like no matter how many times a stolen item changes hands, the last person holding it is the one that has to give it back to the owner. Sorry if I did not make that clear, stupid busy at work and at times it can take an hour to post 5 lines of text.

As for the switching to another exchange, here in the US they all do it to some degree if they allow conversion to fiat. BitPay, although it has other issues seems to do it the least, or at least has no complaints about them doing that. Coinbase / Gemini / Kraken seem to all have about the same number of people complaining about it.

-Dave

None. So long as you're not involved in any illicit activities, you should not be subjected to any sanctions or criminal proceedings. You are not aware of the activities and more importantly, you aren't the person involved in it. It is pure BS to be treating those Bitcoins to be tainted, because as usual, taint is a terrible concept to deny legitimate users from using Bitcoin. If anything it is more of a ploy by regulatory bodies to discourage people from using Bitcoin.

If you are using any exchanges that discriminates (so to speak) tainted coins, then I suggest you to switch to another. There can be a myriad of reasons for them to hold your coins hostage or to freeze your account, "tainted" TX is just one of them.

Here is something else to ponder. What happens when the "lord of drug" Alice sends her tainted USD to Bob then Bob to Chris, etc. And here is a better question to ask, why is bitcoin being treated differently here?

I do not think Ed should have any issue with the exchange, although it depends. It should not have any issue because the amount of Bitcoin all the way from Alice later to him can not most likely be the same.

For example if Alice receive 1 btc, it will be very unlikely 'that the 1 btc will be sent to Bob while Bob sent the same 1 btc also to Dave while Dave sent the same 1 btc to Ed'. The chances that something like this will happen is slim. Likely the btc from Alice would have been different when it reached Ed which will make the exchanges not to see it as illegal, or many of their customer's account would have been frozen or blocked.

Starting with, just in case you missed all my posting about tainted coins being BS, I think it's all BS.
BUT: I just as an interesting side thought. What would be the repercussions if you did wind up with 'tainted' coins but they were tainted after the fact so to speak.

Alice sends coins to Bob, Bob sends coins to Chris, Chris sends coins to Dave, Dave sends coins to Ed.

Everyone is good, however it comes out long after Ed has the coins that Alice was actually running a drug ring out of her living room.
Ed has had these coins for months, but that info only came out last week.
Now 4 transactions and months later Ed sends those coins to Coinbase and gets the whammy.

Since when Ed got them even if he knew the entire trail at that time he and everyone else thought Alice was legit.

In the end, there would probably be lawyers involved and such, and much money spend on them, but it is something to ponder.

-Dave

This reminded me of when I started to use Bitcoin, I was paying 120000 satoshi for each transactions at the time if I want to convert Bitcoin to Fiat for spendings, I did that like four or five times before I knew about Litecoin which its fee is so low. I had no option because the transaction fee on exchanges are very high and I even did not know the difference between wallet and exchanges at the time. But, now, it is not hard at all to make use of low fee for Bitcoin transaction. I can easily now Ricochet on my own with several Bitcoin addresses using several low fees in a way the coin will not be seen tainted.

There are also withdrawals from centralized exchanges and gambling platforms which always overpay and target quick confirmations. People tend to overpay the mining fees if they are using crypto to purchase goods or services and they have to pay a fixed coin amount within 10-15 minutes, otherwise the total sums will change.

I actually started a thread about people paying high fees when not needed. https://bitcointalksearch.org/topic/who-is-paying-very-very-large-fees-when-not-needed-and-why-5346270

Many of them were from exchanges that pay a flat amount per withdraw.
Others looked like they were just poorly programmed fee estimators.

The other side of it is that if the exchange addresses are known, the people looking for "taint" should know what they are.
But, since most of those services are probably going to be crap, the info they give will be crap too.

-Dave

For every real tainted transaction paying a higher fee there are hundreds of "clean" transactions paying the same high fees. I can think of many cases where the transaction ends up having an unreasonably high fee, the most common one is probably day traders wanting to get their coins to exchanges as fast as possible and try to be ahead of any possible fee spike. Another common one is those using a broken fee estimation mechanism or a third party fee estimator that is malicious and is suggesting them absurdly higher fees.

I don't agree with that hypothesis at all. Rapidly moving the stolen coins does nothing to obscure the transaction trail. The only transaction which may need to have a high fee (depending on how the coins are being stolen), is the very first one which moves the coins from the owner to the thief's wallet, but even then, a low fee with RBF disabled will almost always result in the same outcome. For every transaction after that, including any designed to "obscure the transaction trail", it is completely irrelevant what fee is paid. It doesn't matter if I move the stolen coins in the next block or I move them next week - the exact same publicly viewable trail exists on the blockchain for all to see.

They go on to make a number of other flawed assumptions in the following paragraphs:

I could spend a coin tomorrow with an enormous transaction trail, or I could spend a coin in a year with zero transaction trail. Time to spend a coin does not equate to number of transactions.

Again, this is not accurate. If I steal some coins from you and send them to a brand new wallet, they could sit there for 10 years and you might never be able to trace them to me. Conversely, if I steal some coins from you and try to send them to an exchange tomorrow, then the exchange could link those coins to my identity. Time to spend a coin does not equate to chance of being detected.

Well, that depends on who you ask. Every blockchain analysis company or software and every exchange or other centralized services will have their own methods for determining what is "clean" and what isn't. The only way you can be absolutely sure that a coin is untainted is if it came directly from block reward of an empty block. That way you know it is brand new, never been used before, and doesn't include any fees which could have come from tainted coins. If the block reward does include fees, then chances are at least one of those transactions was tainted and so theoretically the entire block reward would be tainted too, although no one considers this the case. Some places will consider any coin which has come from a major centralized exchange to be clean, and some will only look back a set number of transactions so any coin which hasn't been tainted in the last 5/10/20/whatever transactions would be clean.

This is part of the problem. It is a completely arbitrary classification, so much so as to be nearly meaningless, and yet it seems to becoming ingrained.

I am curius what are examples of coins that are untainted?

Because there is no record of the transaction or any previous transactions. Even if someone uses the serial number(s) to try and track the movements of a bill or bills, only in cases of bank robberies or similar are the serial numbers of the stolen bills known. Even if a bank registers that it gives me specific bill, and then registers a week later that you deposit that same bill, it has no way of knowing if we traded directly with each other of if there were 100 intermediaries. This is not the case for bitcoin.

Aside from the scam risk, I have no issues accepting bitcoin from anywhere or anyone, since all bitcoin I receive is either mixed or coinjoined, and I do not use* any services or merchants which have ever suggested having a problem receiving mixed/coinjoined bitcoin.

Logically, everything should be clean as soon as it makes any single transaction, since you have no way of knowing if the funds have changed hands at that point and it is unethical to potentially punish an innocent party for something that the coins they bought honestly were involved in before they bought them.

---

*I appreciate this may not always be the case, though, and is my biggest concern regarding the fungibility of bitcoin. As soon as merchants start refusing my coins and demanding that I use "clean" bitcoin, then I will stop using bitcoin.

Just like almost all paper money has traces of cocaine (and poop). But it's just not much of a problem that banknotes are literally tainted, and hasn't stopped people from accepting them.
And even though I think this isn't much of a problem for Bitcoin, I wouldn't want to get someone's "unwanted" Bitcoin, even if they pay a 10% premium. Apart from the risk of getting scammed, it might cause legal problems later on. Why else would someone pay 10% more?

---

---

Hypothetical: say all Bitcoins in existence are coinjoined in one large transaction at the same time. Does that mean all Bitcoins get tainted? Or does it "reset" all taint since there is no difference anymore?

I'm really not so sure. It's still not entirely clear why they stopped their transaction filtering, since what they are doing is not at all prevented by Taproot, but they successfully managed to do it for several weeks. Perhaps this was them simply testing the waters. With governments around the world scrambling to control bitcoin in any way they can, I think we will see more of this kind of behavior, not less.

They do the same with coinjoins. Tainted inputs + clean inputs = all tainted outputs. Why not do the same with blocks? Tainted fees + clean block reward = tainted output.

The whole "taint" thing doesn't make any sense at the moment, but that doesn't stop them. Centralized exchanges only care about their profits, and that means they must toe the line the government sets for them, regardless of whether or not it makes any sense.

I completely agree, which is why I think we need to address this with privacy improvements before it becomes too late.

Good point. But again, OPAC blocks by Marathon was an experiment that backfired catastrophically so I don't expect people to start openly following that route.

If we were to define coins that way, then we're going to label even the new coins as being tainted (albeit to different extent). Block rewards are considered as a single unit as the fees. It would just be ridiculous to assume that the miners were intentionally laundering the Bitcoins as well. If exchanges were to also label taint on newly mined coins, then it wouldn't make sense at all. If we get to a point where a majority proportion of the coins are "tainted", then Bitcoin is just not fungible anymore or everyone would just give up on the concept.

For the time being. Nothing stopping them from saying the mining fees from any block which is not "OFAC compliant" (or whatever other nonsense pools like Marathon were using before they capitulated) is tainted. We definitely have not seen the last of these kind of "clean" blocks being mined, and the consequences that come with them.

Again, for the time being. There is zero chance that big blockchain analysis companies are not already working on de-anonymizing Lightning transactions. And exchanges can either simply refuse to implement Lightning, or only allow Lightning deposits if you also provide an associated proof of funds documents or some other horrendous invasion of your privacy.

It will be even easier to trick such services if they implement deposits via the Lightning Network. If you send an indirect payment, the receiver is not able to tell the (on-chain) origin of the coins. Since the payment could be routed through multiple nodes, the first node in the route would accept "tainted" coins and pass along "pure" coins using some other channel.

They aren't really considered taint, or at least the known transactions that exchanges has openly restricted so far. Exchanges only ban them as a result of a direct link between the deposit transaction and something against their ToS. Definition of taint is generally recognized as something that can be linked to certain illicit transactions but that is not what (most) exchanges actually ban. CoinJoin and gambling sites are not illegal per se, but it is against their ToS. You have a strong case against the exchange denying you service if you're able to prove that you're not involved in any activities against their ToS. Their definition of taint is different from how we define it.

The best way to remove taint is to cooperate with a miner and launder it through the transaction fees. Most blockchain analysis don't follow that trail for their taint.

If you look back far enough, yes. Think of every coin which has ever been mixed, ever been coinjoined, ever been stolen, ever been part of an exchange hack, ever been stolen by the malicious Electrum, ever been sent to a scam ICO, ever been used for something illegal, ever touched a darknet market, ever been gambled, ever been deposited or withdrawn from a casino, ever been handled by someone "unsavory", and on, and on, and on. Or even any clean coin which has been included with a tainted coin in any transaction.

As time goes on, this will only get worse. If you apply the whole "taint" thing consistently, then almost every coin in circulation is tainted and can't be accepted. This selective enforcement which centralized exchanges use is simply a convenient excuse for them to lock accounts and freeze coins.

Are they really? I don't think so. I believe most people never use mixers which makes most coins "untainted" according to this weird definition of "taint". In fact I believe that this is the only reason why exchanges and some other centralized services can afford to ban tainted coins because they are the minority and banning them won't lose them that much business.

No coin tainted should be deemed clean again, but no coin that should pass through 12 transactions over long period of time through 5 hops as described above should be deemed as illegal transaction like you said, almost all the bitcoins are tained already, even the ones that are bought after converting monero back to Bitcoin most likely would have been tainted in the past. I see this as an effective way to send bitcoin someone think is tainted to an exchange and yet exchange do not see it as tainted because the exchanges can not seize 90% or more Bitcoin on their exchange which I believe are already tainted in some past transactions.

Oh, absolutely. If the coins being deposited to the shared-key-address came directly from a coinjoin, then as far as the exchange you are depositing them to is concerned the coins went from coinjoin, to an intermediate address, to the exchange, and they will absolutely still be tainted. All Mercury does is allow the coins to change ownership without a transaction - it does not obfuscate the history of the coins like a coinjoin or a mixer would do. In fact, Mercury might make things worse from a taint point of view. If there is a transaction recorded on the blockchain then at least you can point to it and say "This is where I bought the coins, and anything that came before had nothing to do with me."

If you trace any bitcoin back far enough then there is a very high likelihood it has been tainted somehow, so it is correct to say that exchanges can only look back so many transactions before assuming the bitcoin is clean enough for them to accept. What this magic number is will vary between exchanges and possibly also between the size of deposit or other factors to do with the account which is depositing it.

But splitting ownership of the private key cannot reverse tainting effects by itself, since analysis is done entirely on the addresses.

I believe that if a tainted UTXO is split up through enough transactions in different blocks, then as long as none of those outputs are tainted then it will become infeasible for exchanges to scan the transaction history of all its parent UTXOs from the last N blocks when N is a little large (50, or 100). Scanning that far back for all deposits (of which many happen in a short timespan) will take too long to finish on time.

I am still testing that Mercury wallet project and so far I lost small amount of testnet Bitcoin because there was a lot of bugs not allowing me to recover wallet funds.
They fixed a lot of things including recovering funds in last few versions, they also fixed javascript errors that was showing each time you open a wallet.
Website is redesigned and they added dark them for wallet, so I encourage everyone to test how Mercury wallet is working if you have testnet BTC.
Latest version is 0.2.27:
https://github.com/layer2tech/mercury-wallet/releases

I created topic for discussion and feedaback in forum few months ago:
https://bitcointalksearch.org/topic/mercury-wallet-mercury-layer-privacy-for-bitcoin-5334221

dkbit98 put me on to a project called Mercury Wallet (https://mercurywallet.com/), which aims to do this using statechains. You can read more about how it works in their FAQ on the previous link, and on their documentation at this link - https://docs.mercurywallet.com/docs/. The TL;DR is essentially the private key to a certain UTXO is split between user and Mercury, such that each party has a share but neither has full knowledge of the private key. When you want to transfer the coins to someone else, with your co-operation a new set of shares can be generated between Mercury and your recipient, without anyone revealing their current shares, but it still requires trust that Mercury will delete their original share to prevent collusion between Mercury and previous owners.

It's a very interesting concept, but it is not fully decentralized and it appears to still be in beta. I've been keeping an eye on its development but I've not tested it out myself as of yet.

I found this quote for how  Samourai Wallet Ricochet transactions work. Overall, it is unfortunate to see that few people focus on privacy and try to make Bitcoin harder to track.
There are already many mixing services, but the reason you are mixing determines which one is suitable.
They all try to break the link between the sender and the receiver, and unfortunately, they all fail if they are analyzed well.
The only way is to change the owner of the private key, but I can't find any site that offers this service in a decentralized way.

The point is to provide "plausible deniability". For example if a grocery store has some marked bills from a bank robbery in their cash register they can plausibly deny being involved in the robbery since they are just receiving the cash.
Even with one "hop" you can claim that you never mixed your coins or used a gambling site and claim you received the coins for any other reason.

The problem here is the number of people who mix their coins. It is a small percentage of the exchange users so the exchange can easily target those few while the majority of the remaining users remain unaffected.

As long as we don't know for sure how those exchanges and chain analysis companies working with them track transactions and based on what the flag addresses as suspicious, we can't tell how much "ricochet" is going to be effective.
In fact, it can even be counterproductive as it may raise suspicions if the ricochet transactions have been made in a short span of time.
However, I doubt exchanges will suspend all accounts that can be linked to tainted coins unless the deposited amount is really big or one of its addresses is directly involved in illegal activities.

An example here: https://twitter.com/bittlecat/status/1207621591820951552. They resolved it by returning the funds and here is their official response: https://www.binance.com/en/blog/414733786553217024/CZ-on-Regulations-Exchanges--Privacy. To a larger extent, Coinbase has always been known to block accounts that were sending to/from gambling site, that is much more common. Also, another example here: https://twitter.com/McHodled/status/1222172084610027523. Examples are non exhaustive.

I've never been banned while using ChipMixer on Binance, not saying that it is immune just that CoinJoins are a lot more obvious.

Exchanges (and governments) want to track their users and don't like it when their users attempts to evade it.

Has anyone here who uses gambling platforms, mixers, CoinJoins, etc., had their coins confiscated or blocked by a centralized exchange? What did they say and how was the issue resolved? I am trying to find out how widespread of a problem it is because I have never experienced it myself. Of course, you have to use centralized exchanges to get in those kind of problems. I am saying that to stop people from replaying they never had those problems because they use DEXs. 

Using another coin like XMR is for improving your privacy not removing taint because when you change that coin back to bitcoin you don't know what kind of "coin" you are receiving, it may have more taint than your original "coins".

BTW I don't see anything special in "ricochet" to force you to use a certain wallet that has it. You can do it on your own using a custom variable interval. You just have to waste some precious satoshis on fees.

Depends on how you're making use of it. If there are certain heuristics that can identify the correct traits (round outputs, 1 to 1 transactions), then there is little to no taint being removed as there is still a fairly high certainty that people would assume that both addresses are linked in some way. Though obviously you're still able to tell the exchange that you do not control those addresses in the chain, I wouldn't bet on it.

You can replicate whatever Samourai does yourself; send your coins through multiple hops, adding a change address for each, different time intervals, fees, etc. Basically just making it seem as if each of the transactions were sent by different people in different wallets. Benefit of Samourai is that it's done automatically and thus prevents user's incompetence from ruining their privacy.

So, most exchanges will and should give the benefit of doubt to their user. Unless proven by a direct link, there is no basis for an exchange to assume that the transaction path was initiated by the same person. There is a reason why (or at least what I've seen) that exchanges only take action with direct CoinJoin transactions or transactions from gambling sites.

There is also one of the theymos posts which address the the use of Monero as a means of mixing method which can be used. You are very right because this will be a more comfortable method that can be used to mix Bitcoin effectively. But I am finding out if it is possible to make use of Bitcoin directly without converting it to any other coin.


Will the exchange know that I am sending the coin to myself after the use of different addresses? I do not have problem with the electrum server in this regard, but you are right because it will be perfectly better on Bitcoin core, but which I do not have. Or, which other wallet other than Bitcoin core that I can manually do it safely? With what I checked online, the fee for ricochet on Samourai wallet is truly 0.002 btc, which is too high for me when I can have the time to go ten hops on noncustododial wallet with just 0.0005 btc or lower in fee when mempool is non congested. Samourai wallet will be good for high Bitcoin amount because the fee needed is too high.

There was a similar discussion here about tainted coins, i will quote my answer:


Basically, the whole concepted of tainted coins makes no sense, as basically all coins already have been in a mixer/casino. So you can "ricochet" them until they are clean.



I have always read positive feedbacks about samourai. I think it is a good option.

I think 12 ricochet is too much. Personally, I have send coins from a casinos to my wallet and then straight to binance (1 ricochet) without any problem. This might become a problem in the future, but it isn't now.

You can just make a few ones, and Antonopoulos suggested in his video. That doesn't really increase your privacy.

You have also to be alert not to mix different addresses in the same transaction while ricocheting, because this will  reduce your privacy (linking different addresses together)

AFAIK, Samourai actually charges a fee for that feature as well. I think 0.002BTC per ricochet?

No vulnerability, or at least any important one that I am aware of.

First of all, "taint" is a concept that isn't always accurately interpreted. Taint often has different measurements across various exchanges or blockchain analysis companies and it is impossible to tell how they actually determine the taint. Using historical data will not always be accurate. Samurai's method introduces the hops which can help the user provide plausible deniability by claiming that they were not directly involved in said illegal activities. Exchanges has often disregarded taint due to its inaccuracy but rather take actions solely based on the transaction that is sent to their exchange, be it a CoinJoin sent directly or from a gambling site. In this respect, having multiple hops will help.

It is not a guarantee for the service that you're using to assume that the coins are clean just because they've been through multiple hops. There can be tell tale signs, eg. having the hops within a short period of time, 1 to 1 transaction, etc. It is far better for the user to be using a service like that if they don't know what they're trying to achieve here. Electrum should definitely not be used; the server will know that you're just sending your funds to yourself, unless you assume multiple identities for each transfer.

The problem is that different services have different standards, some of which are known others which are for 'internal knowledge only'
Coinbase is well known to not like coins coming from gambling sites. But they really don't care about coins coming from other "known" exchanges.
Just moving your coins to Binance or Coinex or a few others and moving them to Coinbase has been shown to be enough to make them not care.

For privacy in general (depending on the amount but figure under $10,000) I have posted a few times what is more or less a simple way to bury beyond the last transfer to you.
BTC -> XMR at one exchange XMR -> BTC another exchange back to you you.
If you want a bit more clouding.
BTC->XMR then XMR -> Another bit coin say LTC then LTC -> BTC to you. And if anyone even cares it's "I was owed money, he paid with LTC I only use BTC so I exchanged it"

There are a lot of well know exchanges with good reputation and lack of KYC on small amounts (once again under $10K at a time) that there should be no read flags.

Disposable email address and coffee shop Wi-Fi should take care of the rest.

-Dave

I do not know where this topic will belong, the reason I created it here.

---

Normally, people using centralized services and exchanges can not have privacy, that is why it is better to make use of decentralized platforms all through for anything related to bitcoin transactions. But I have noticed there are some times there will be no option than to use centralized service, like a newbie friend that is asking you to send him coin into a centralized exchange account, or transferring from your noncustodial wallet to a gambling platform, or buying a product from a store that uses a generated invoice of a centralized wallet, or some other reasons that you will not have option than to send into centralized service platform.

Recently, I was reading about ricochet using some articles I found online by Samourai wallet, I read about it and it is very easy to understand, it consists of 5 hops (hop 0 to hop 4). In the hop 0, I would have to pay mining fee which is also required for the other hops fee in which the bitcoin sent will be transferred from one address to another until the hop 4 which is the destination address. I read it is about a way tainted Bitcoin can become unnoticed by centralized platforms.

The last bitcoin transaction I made required only $0.3 worth of bitcoin as transaction fee, and the coin was confirmed less than 2 minutes after I broadcasted the transaction (I know the estimated confirmation time is 10 minutes in average, so please do not quote this because it is what actually happened). Although, the mempool was not congested at all, which is a great opportunity that ricochet can be done with low fee. Although, I may not have to use Samourai wallet for it as I can simply send my Bitcoin from one address to another address until I am pleased, which can be done on electrum.

Also, someone told me that 12 hops is the best, and which I can make it more which I will prefer while fee is low. It is very certain that not all tainted coins are seized by centralized platforms, they will only look for transaction history from certain address that sent in the past.

My questions
* Since I have been on this forum, I have never heard of Samourai wallet before (although I have known the wallet since a year or two ago), is the wallet not recommendable? Or is there any vulnerability seen in the wallet that makes people to abstain from using it?

* Is Samourai wallet advisable to be used for the Ricochet? If the wallet is not recommended, that gives the answer already

* how many hops is best for Ricochet? Because I can even use my electrum wallet to manually do it and increase the hops, that is, sending it from one address to another with low fee until I am satisfied.

---

I am only learning more about privacy.