Topic: This is circulating among net-sec specialists... (Read 3094 times)

I meant mining brand new coins, plus whatever transaction fees are there. You don't attempt to pay yourself your own transaction fees, not unless you have lots of hash power.

Brand new coins are clean. Attempting to trace where they came from is going to be difficult, if not impossible as the block could have been relayed by anyone. Or good luck to whoever is tracking where new blocks come from.

Now, if you're part of a mining pool, that's another story. Still possible to be mostly anonymous, as most pools don't ask for any real info. They just want your workers and hash power and take 1% to 2% as pool fee.

Exactly, it is not even difficult to do and just not doing it in public (making people aware of the fact that it can be done) does NOT mean in any way that it won't be done in private. Proper blockchain analysis tools would for example have shown pirateat40s scams much earlier or even prevented them.

Bitcoin is not anonymous (even though a lot of people act like it is) and this is increasingly becoming a problem. As said, unless there are proper tools out there that demonstrate to anyone how easily their payment to Wikileaks can be has been traced (this has been done YEARS ago!) there won't be much incentive to make Bitcoin more secure against deanonymisation.

Even ignoring the case that 2 TXINs does not 100% mean that 1 person owns both addresses, just looking at clusters like "Bitstamp customers" or "MtGox customers" will probably have much more data inherent than some people might expect.

Thanks for the link by the way, I took another look at neo4j because of it. Unfortunately there still seems to be no real way for time-coded data in there (I found https://github.com/ccattuto/neo4j-dynagraph/wiki/Representing-time-dependent-graphs-in-Neo4j which maybe even has been used in this project...) which is a pity - a lot of data is strongly time dependent.

Yes, that's the bottom line. It's a very much needed double-edged sword.

That's why I post this. I found it rather strange that it wasn't even mentioned here.

There other should be more of this one and bluemeanie1's; in the open source space.

Every day I get more of a feeling a lot is being done on the private side, outside of the public eye.

In this context, "bring bitcoin forward" sounds like a euphemism for activities of questionable ethics, like building software tools that would help repressive regimes crack down on dissidents.

As far as I can tell, the willingness of tech people to turn a blind eye to the ways in which their work is used is subsiding a bit.

On the other hand, blockchain analysis tools are the only way to objectively measure, and thus a prerequisite for improving, privacy techniques such as CoinJoin.

You can just model mined coins having coinbase + fee transactions as inputs, they are as traceable as anything else. If you want to launder coins by paying them to yourself as fees, this will NOT work.

Pirateat40s "GPUMAX"(was it called like that? Anyways, you could buy mining power at pools on the spot for BTC) scheme however seems to have been in quite some demand, and people paid a premium in BTC over mining costs.

"Information from trades" might also mean that someone doing a deposit of 10 BTC at an exchange can NOT do a sell transaction that sold 20 BTC. On the other hand the fiat part of exchanges is not as easily auditable, also exchanges rarely even report if their ticks are from sells or buys.

It looks like a quite interesting concept though, similar to what I had in mind even. As nobody here seems to be too eager to actually work on things that would bring Bitcoin forward (blockchain analysis for example) and rather either cirklejerks about prices in USD or wants to keep the illusion up that mixers even work (even CoinJoin depends upon the fact that YOU don't screw up at any point in time later AND that at least one other person you mixed with does never screw up - also you'll probably only be able to do very few transactions after mixing) I moved on to other fields...

Look, an italian doing something great. Glad to read it.

Crypto only exchanges don't ask for your info. Exchanges that do fiat only need your info if you plan to do fiat deposits or withdrawals. Most crypto casinos also don't ask for any info.

At the risk of losing your coins, you can figure out a simple strategy to mix your coins by going through those.

Or mine your own coins. All mined coins are clean.

I would assume that all major exchanges, or at least the ones that want to stay that way are doing so. Remember, these guys interface with the banking system. Most are trying to comply with AML/KYC, etc. Privacy is dead. Plan accordingly.

https://bitcointalksearch.org/topic/mt-gox-thinks-its-the-fed-freezes-acc-based-on-tainted-coins-unlocked-now-73385

https://bitcointalksearch.org/topic/the-problem-of-stolen-coins-67016

I don't know, I wouldn't be so quick to assume that.

It seems to me more like they are able to identify addresses that belong to certain exchanges, and then map the btc coming in with the ones later coming out, or something of the such...

What steps can be taken with BTC and future currencies to stay one step ahead and protect anonymity?

I see nobody has keyed in on the most troubling part of this paper. It's not that entities are performing analytics. It's this:


Just to make sure this point isn't lost, I'm going to emphasize it a bit:

One or more of the major exchanges is handing over what should be considered private customer data to third parties.

the linking can definitely get tenuous, per your comments.

in most cases, someone is going to make a mistake and at least one of those links is going to be legitimate. being able to filter out the legit linkings from the coincidental ones seems like a tough problem.

Well.. think of it as a way of drastically reducing the possibilities.. it's easier from there on..

Anyway, also consider the latest Sheep scam has proven coin mixing is not the ultimate end-all solution for anonymity. Certain conditions have to be met for it work as intended and that is not always possible.

Mixers. Coin Join. Shared wallets.

Eventually, you need proof. "Likely" and "probably" won't cut it. "In the same transaction" is also not proof since it can be proven that different addresses from different owners can sign the same transaction (which is what Coin Join is supposed to be doing.)

I wrote a quick Bitcoin Block Chain Graph DB importer(uses Neo4j).  You can do most data mining operations with this basic data set.

https://github.com/BlueMeanie/bitcoingraphdb

-bm

That's not a  bad haul considering ....... and it could well be worth a lot more this time next year presuming the FBI doesn't seize it somehow.

Looks like most people are not too keen on paying ransoms

Wow they show a wallet with $6m in BTC held by the CryptoLocker ransomware group.

No doubt about that.

Here's the underlying thesis:
http://miki.it/thesis

And the presentation:
http://miki.it/pdf/BitIodine_presentation.pdf