Pages:
Author

Topic: I taint rich! (Raw txn fun and disrupting 'taint' analysis; >51kBTC linked!) (Read 22842 times)

newbie
Activity: 15
Merit: 0
Personally, I feel comfortable working with IQ Option: a great trading platform with a variety of instruments allows me to trade effectively.
legendary
Activity: 994
Merit: 1035
Here is an implementation of a variation of this fungibility technique created by Samourai for people to review.

https://twitter.com/SamouraiWallet/status/1078604277726224384

https://oxt.me/transaction/546458c3470428bddada07f70676acb3646d8c1bc2ab3ab74204f8059a6fc3a7

Alice pays Bob 0.0005 BTC

              0.0005  (B)
(A) 0.002  =
              0.0015  (A)

Bob contributes 0.0011

(A) 0.002     0.0016  (B)
           =
(B) 0.0011    0.0015  (A)

Alice pays miner's fee

(A) 0.002     0.0016   (B)
           =
(B) 0.0011    0.001496 (A)

https://gist.github.com/LaurentMT/e758767ca4038ac40aaf



legendary
Activity: 1008
Merit: 1001
Let the chips fall where they may.
I anybody still doing this manually?

Or is everybody using automated tools now?

One thing that gives me pause is that I don't want the machine doing coin arithmetic to have network access.

Would be great if I don't have to download the whole block-chain as well.
sr. member
Activity: 406
Merit: 250
How to launder

Part 1: Sell for cash on localbitcoins
Part 2: Buy with cash on localbitcoins

(not from the same guy obviously)

Smiley


How about using your BTC's to buy LTC's on BTC-E (we'll call it BTC-E #1 account).

Then send various amounts of  LTC's at different intervals to another BTC-E account (we'll call it BTC-E #2 account) and then once they arrive use those LTC's to purchase BTC's on BTC-E #2 account.

You can of course send the LTC's to multiple BTC-E accounts and then use the LTC's in these various accounts to repurchase BTC's.

How does that idea fly?
legendary
Activity: 1862
Merit: 1114
WalletScrutiny.com
Who would willingly participate in a CoinJoin transaction if they already have clean coins?  Naturally the inputs to these CoinJoins are going to be *very* red.  Participating would be a bad idea unless you've got some extremely dirty coins.  These coin mixers will be full of the filthiest of filthy coins.

I don't see much of an advantage to mixing around red coins - you still get back red coins.  So you might go from having 100% DPR coins, to having new coins that are 30% DPR, 30% inputs.io hack, 30% CryptoLocker, and 10% clean from whichever fool decided to donate their clean coins to the sea of red.

This scheme only seems to obscure the history by mixing transactions, but it doesn't reduce the red tarnish for the average participant.

It's the same arguments over and over again. If DPR-Coins are worth less than others, how can a merchant possibly accept coins? We need fungibility and it should be enforced by default.

Because people freak out about getting "dirty" coins, mixing has to be a default feature of the wallet that fulfills another purpose and thus only "accidentally" mixes. Reducing dust would help the miners once pruning is in place. Merging my dust outputs would reveal shared ownership, so this should be done in a transaction that involves other's dust or not so dust outputs. Once Clients mix by default, there will not be anything wrong with owning "the wrong coins". It's sad it was not in the default client since ever.
member
Activity: 118
Merit: 10
Who would willingly participate in a CoinJoin transaction if they already have clean coins?  Naturally the inputs to these CoinJoins are going to be *very* red.  Participating would be a bad idea unless you've got some extremely dirty coins.  These coin mixers will be full of the filthiest of filthy coins.

I don't see much of an advantage to mixing around red coins - you still get back red coins.  So you might go from having 100% DPR coins, to having new coins that are 30% DPR, 30% inputs.io hack, 30% CryptoLocker, and 10% clean from whichever fool decided to donate their clean coins to the sea of red.

This scheme only seems to obscure the history by mixing transactions, but it doesn't reduce the red tarnish for the average participant.
WiW
sr. member
Activity: 277
Merit: 250
"The public is stupid, hence the public will pay"
Almost a year later here I am, no longer a noob.

This would make the new CoInvalidation schemes quite hard to maintain, wouldn't it now... If dirty coins are merged with new coins and then redistributed, all the coins should be dirty, hence making "dirty" coins just "regular" coins. Smiley
legendary
Activity: 1202
Merit: 1015
can wallet app be created to operate that mechanism optionally?
legendary
Activity: 2324
Merit: 1125
What lawyers?

You'll need lawyers. And good ones.  Wink

Don't forget the guns and money.
Who needs money when you got BTC.

I'm hiding in Honduras
I'm a desperate man
Send lawyers, guns and money
the shit has hit the fan
legendary
Activity: 896
Merit: 1006
First 100% Liquid Stablecoin Backed by Gold
legendary
Activity: 2156
Merit: 1393
You lead and I'll watch you walk away.
Couldn't you still analyze the transactions and track down individual Bitcoin users that need questioning?

Yes, there are two stages of laundering coins.
First stage, which is obvious and talked about everywhere, is how to transform dirty coins to fresh coins. There are several technical possibilities, which all break down to get the bitcoins from one, dirty adress to a clean one. The problem is that it's easy to follow when you have 527.3381 coins going in, and 527.3381 coins shpwing up half an hour later at a totally unrelated adress.
So you split it up into several adresses, possibly over a few days. So you end up with 500 and 27.3381 coins, or with 371.51 and 155.8281 coins, or some combination more clever than that. Doing that right, your individual adresses drown in the noise of the blockchain.
Voila, you effectively have anonymous coins. Or, at least, plausibly deniable coins.

Second stage?
If, at any time, you combine some of those coins into a tx, your cover is blown.
And since all data is public, it doesn't really matter when you do that.
An attacker would follow the 527.3381 coins until something funny happens. I guess he will immediately notice when some coinjoin or laundering or tainting happens. Then he scans every tx, and creates sets of tx where the outputs sum up to the original amount. With todays hardware, databases and network analysis programs it probably doesn't matter if he ends up with 100 or a million sets of tx. Even if you "cash out" clean coins in weeks it should be possible to find it as one set among many many others.

So, you accidently combine two of those tx? Bam, he will see it as a red flare lighting up, being one of a few candidates. And I see no problem to closely follow those five "red flares" manually, just as you would track unwashed coins to begin with.

I have a problem here, with my coins. I try to always use new adresses. So I end up with more and more adresses and smaller and smaller amounts, "dust". Every transaction results in one new adress. Even worse, everything I do with one lump of bitcoins, and later with the change, is adding to the datatrail of this particular lump. If I start to eventually combine dust, the datatrail combines to much more than before.

Do I like "laundering"? Yes.
Is it any good, in theory? No. Might even give a false sense of security.
Solution? Do "laundering" with every single transaction.
How? Probably not with Bitcoin altogether. I don't think there is a possibility for such a fork.

One of the very few valid reasons for an alt-coin, now I think about it.

Ok, I learned something new while writing this post. Sometimes talking helps, even if you're just mumbling by yourself.

Ente

Thank you for the in depth explanation. That's the way I understood it as well. I read an article once where Jeff Garzik was explaining the value of open accounting where honest corporations would want their accounting to be auditable to the world and the possibility of implementing KYC scoring to cleaned coins. Also the way I understand it, government transaction analysis can be quite good. Parsing the transaction flow makes the value of mixing services more valueless the more collisions there are between addresses helping government pinpoint an individual user. So this little Zerocoin type experiment really does nothing to change that. I think fungibility is a real threat to Bitcoin adoption and was hoping this would be a solution to that problem. I've always believed the users of SR were fooling themselves. The anonymity doesn't come from Bitcoin it comes from the mail drop system.
legendary
Activity: 1974
Merit: 1029
How to launder

Part 1: Sell for cash on localbitcoins
Part 2: Buy with cash on localbitcoins

There's a chance that your buyer knows about the address. Of course it will be too late to abort the transaction but he could point to your username in localbitcoins as an owner of the stolen funds. So:

Step 0: Create account on localbitcoins using tor. Perform a couple of dummy transactions to earn a minimal rep.
sr. member
Activity: 252
Merit: 250
How to launder

Part 1: Sell for cash on localbitcoins
Part 2: Buy with cash on localbitcoins

(not from the same guy obviously)

Smiley
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
Well, don't do that kind of mixing then. When you send coins from one place to another, you combine and spend them in such a way as the total amounts do not tally. That's not that hard to do, and if a lot of people do it even with unique looking amounts, they still get lost in all of that giant dataset called the blockchain.

It's actually easy to mix a small amount of coins on your own if you have patience. Just use any of those shared wallets and/or exchanges.
legendary
Activity: 2126
Merit: 1001
Couldn't you still analyze the transactions and track down individual Bitcoin users that need questioning?

Yes, there are two stages of laundering coins.
First stage, which is obvious and talked about everywhere, is how to transform dirty coins to fresh coins. There are several technical possibilities, which all break down to get the bitcoins from one, dirty adress to a clean one. The problem is that it's easy to follow when you have 527.3381 coins going in, and 527.3381 coins shpwing up half an hour later at a totally unrelated adress.
So you split it up into several adresses, possibly over a few days. So you end up with 500 and 27.3381 coins, or with 371.51 and 155.8281 coins, or some combination more clever than that. Doing that right, your individual adresses drown in the noise of the blockchain.
Voila, you effectively have anonymous coins. Or, at least, plausibly deniable coins.

Second stage?
If, at any time, you combine some of those coins into a tx, your cover is blown.
And since all data is public, it doesn't really matter when you do that.
An attacker would follow the 527.3381 coins until something funny happens. I guess he will immediately notice when some coinjoin or laundering or tainting happens. Then he scans every tx, and creates sets of tx where the outputs sum up to the original amount. With todays hardware, databases and network analysis programs it probably doesn't matter if he ends up with 100 or a million sets of tx. Even if you "cash out" clean coins in weeks it should be possible to find it as one set among many many others.

So, you accidently combine two of those tx? Bam, he will see it as a red flare lighting up, being one of a few candidates. And I see no problem to closely follow those five "red flares" manually, just as you would track unwashed coins to begin with.

I have a problem here, with my coins. I try to always use new adresses. So I end up with more and more adresses and smaller and smaller amounts, "dust". Every transaction results in one new adress. Even worse, everything I do with one lump of bitcoins, and later with the change, is adding to the datatrail of this particular lump. If I start to eventually combine dust, the datatrail combines to much more than before.

Do I like "laundering"? Yes.
Is it any good, in theory? No. Might even give a false sense of security.
Solution? Do "laundering" with every single transaction.
How? Probably not with Bitcoin altogether. I don't think there is a possibility for such a fork.

One of the very few valid reasons for an alt-coin, now I think about it.

Ok, I learned something new while writing this post. Sometimes talking helps, even if you're just mumbling by yourself.

Ente
legendary
Activity: 2072
Merit: 1049
┴puoʎǝq ʞool┴
I dont get any of this!
Could some one fill me in?
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
What do I need the lawyers for?

Oh, I got the guns though. You guys just need to supply the coins.

Maybe I'll just make a 99% lotto game. Whatever you buy, you win back. Less the "house edge". Draws are available daily, weekly and monthly.
legendary
Activity: 3038
Merit: 1032
RIP Mommy
sr. member
Activity: 325
Merit: 250
Our highest capital is the Confidence we build.
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
Step 2 in my method is supposed to combine all the unspent inputs into one giant input. That mixes all the coins together. Coins in the same address from different inputs are not necessarily mixed yet.

It seems to me that "your method" puts all the liability on you. You won't make enough from your fees to pay to your lawyers.
What lawyers?
Pages:
Jump to: