Bitcoin blockchain provides unalterable proof, stored on thousands of computers, of every Bitcoin transaction that has ever taken place. Many of the transactions recorded on this register are crimes: billions of dollars in stolen funds, smuggling contracts and paid ransoms sitting in plain sight, still obscured by unidentifiable Bitcoin addresses and, in many cases, money-laundering tangles.
But a group of researchers on computer security in Cambridge now argues that you can still distinguish those smuggled coins from the legitimate ones that surround them, not with new technical or forensic techniques, but simply looking at the blockchain in a different way, in particular, looking more like an English judge of the early nineteenth century.
In an article published last week, the Cambridge team is fighting for a new way of tracking down the "contaminated" coins in the blockchain, especially those that have been stolen or extracted from the victims and then sent through a series of transactions to hide the their maltreated origin. Rather than trying to offer new investigative tricks to identify the source of a Bitcoin transaction hidden behind a pseudonym, their idea redefines what constitutes a dirty bitcoin instead. Based on a previous legal by a decision of the British court of 1816, they state that the first coin that leaves a Bitcoin address should be considered the same coin as the first one that entered it, bringing with it all the criminal history of that coin. And if once this coin was stolen from someone, it could be authorized to claim it even after passing multiple addresses.
"An unfortunate person will end up holding the stolen bitcoin."
Ross Anderson, University of Cambridge
The Cambridge researchers have come to the point of codifying a proof-of-concept software tool, which they plan to release by the end of the year, able to scan the blockchain and, starting from known cases of Bitcoin theft. , theoretically identify the same contaminated coins, even if they have been around the blockchain for years.
"The software we publish will let you know if your favorite bitcoin was ever owned by Ross Ulbricht or Mt. Gox," says Ross Anderson, the Cambridge computer science professor who leads the research group, referring to the convicted administrator for the Silk Road Bitcoin drug market and the first major bitcoin exchange. Gox, which failed in 2014 after being robbed of 850,000 bitcoins. "What we are providing is software that is much better than anything that went before tracing the stolen properties that occur as a cryptocurrency, or if you wish, the drug money or the proceeds of money laundering."
Define dirty money
In theory, tracing bitcoins was very simple: the public record of the blockchain allows anyone to follow the traces of coins from one address to another when they are spent or stolen, even if not always to identify who controls such addresses. But this track becomes much more difficult when Bitcoin users put their coins through a "mix" or "laundry" service – sometimes in the form of an unregulated exchange – that mixes many people's coins to a single address, and then he returns them to confuse anyone trying to trace their path. In other cases, users group their transactions through a process called Coinjoin which gives every viewer and recipient a denial of where their money is finished or ended.
For companies like Chainanalyis, Coinfirm and Ciphertrace that offer to track stolen or "contaminated" coins and that generally do not publish their own methodology, they leave limited options. They can handle any coin that comes out of a mix that includes contaminated coins as completely "dirty" or more reasonably, on average the dirtiness of all the resulting coins; put a stolen coin in a mix address with nine legitimate ones, and they are all 10 percent contaminated. Some scholars have defined this as the "haircut" method.
But Anderson claims that the haircut pattern quickly leads to huge parts of being blockchain a bit contaminated, without clear answers on how to treat an infinitely dirty coin. Often the fraction can be so small as to be rounded, leading to artificial increases in the total recorded "spot".
But when Anderson mentioned this issue in January to David Fox, a law professor at the Edinburgh Law School, Fox pointed out that British law already provides a solution: an 1816 precedent known as the Clayton House, which dealt with who was to be repaid by the law. remaining funds of a bankrupt financial company. The answer, according to the presiding judge, is that whoever puts their money in the spotlight should first take it off. The first-in-first-out-or FIFO rule became the norm under British law to identify who the money is in confusing assets, whether to settle debts or claim stolen assets.
Coins to mix
So Anderson and his team of researchers began to consider what would be the rule applied to the Bitcoin blockchain. He shuffled a dirty and clean nine coin into a laundry address or an exchange, and all 10 coins that came out would be defined in the same order they came in, even if that order was just a millisecond difference in in which the transaction was written before the blockchain. If the first bitcoin in the mix was stolen, the first to exit the mix would be considered the same coin, and therefore still stolen. "It allows us to see through the vast majority of the algorithms that people use to try to mix and obscure the origins of bitcoin transactions," says Anderson.
And this does not make bitcoin laundries turn into reverse lottery systems, where an arbitrarily chosen person ends up with a stolen coin that could be claimed by a victim of a theft? Anderson argues that the principle has worked for centuries as part of British law. And if innocent users end up having their coins claimed as stolen property, they will soon learn to stay away from Bitcoin's laundries and shady exchanges. "An unfortunate person will end up holding the stolen bitcoin," says Anderson. "If you are not the person who came in with the stolen bitcoin, in the first place, you will never play that game."
When the researchers tried their FIFO analysis on Bitcoin's actual blockchain, they found that in massive theft, such as the 2012 robbery that took 46,553 bitcoins from the cloud provider Linode, or the 2014 theft of 896 bitcoins from part of Bitcoin "bank" Flexcoin, could create much clearer answers on where they ended up those coins stolen compared to the method of haircut. Using the FIFO method, they connected the linode radius to contaminated bitcoin fractions at about 372,000 addresses, compared to 2.7 million bitcoins contaminated with the cutting method. (The last issue would mean that a single theft spotted nearly 5 people of the entire blockchain, the researchers point out.) For the Flexcoin attack, they tracked fractions of the stolen coins to only 18,000 accounts, compared to 1.4 million using the hair cutting system.
Responsibility at a cost
For the Cambridge researchers' technique to be put into practice, of course, it should be adopted by people who actually set the rules on what constitutes a contaminated bitcoin government in the world, or at least, Bitcoin exchanges or banks try to avoid handling dirty money. But simply by publishing the results of their FIFO blockchain, as they intend to do by the end of the year, researchers could influence the way that powerful intermediaries determine which currencies they consider to be contaminated.
If their system were adopted, it would have a price, says Sarah Meiklejohn, professor of cryptography and security at the University College of London. "It basically destroys all privacy solutions for Bitcoin," says simply Meiklejohn. After all, innocent users sometimes put their bitcoins even in laundries to keep their legal but sensitive transactions private. "The default level of anonymity in Bitcoin is not very high, and there are legitimate reasons for people wanting to make it higher, it's not a good thing for everyone not to be anonymised."
"In practice it destroys all privacy solutions for Bitcoin."
Sarah Meiklejohn, University College of London
Even the legal basis for FIFO, particularly in the United States, is not as simple as the Cambridge researchers describe, says University of Texas law professor Andrew Kull. In some cases, the judges use instead proportional tracing – the haircut approach in which all mixed accounts contain a proportional amount of contaminated resources – or a technique called "Jessel & # 39; s Bag", which takes money from guilty parties before the innocent ones.
And the way in which the traceability of property works in practice can depend on a myriad of factors such as the status of a particular state, the decisions of a judge and whether the good is defined as money or commodity, which is not a simple question in the case of Bitcoin. FIFO is "just a convention, it has no internal logic", emphasizes Kull. "It's arbitrary, but it's as good as anything else between two people who are innocent."
As arbitrary as it may be, the FIFO has hundreds of years of legal history behind it, say the Cambridge researchers. And given how powerful a mechanism can be to separate mixed bitcoins, it might just be a matter of time before someone applies that precedent to try and claim their stolen stock.
"Some people will sue Bitcoin's regulated trade and say," You received stolen goods and they were mine, kindly compensate me, "says Anderson." When the first case of this type hits a court old enough to set a precedent, it will be of enormous importance for the whole world of cryptocurrency ".