Network analysis deflates Bitcoin’s anonymity myth

Charting transactions from an alleged theft

Some readers may remember that some time ago I wrote a post about Bitcoin, an interesting online payment experiment in the shape of a cryptographic currency. My conclusion was that the currency was probably illegal in the U.S. and Europe, and left it at that. At the time Bitcoin’s star was on the rise, there was a lot of hype surrounding the currency, lots of press, and even some minor interest from regulators and policy-makers. The intervening months however have not been kind to Bitcoin, with several scandals ranging from large thefts of coins from unencrypted purses, the major exchange being hacked, the second largest exchange losing a large chunk of its coins, and one of the major online purses simply disappearing into the ether (or more likely, those involved are now enjoying some cocktails by the Caribbean). Similarly, the talk of trojans, market manipulation and outright fraud seems to continue to plague the currency, with the latest scandal being that one of the most public figures in the BTC community may very well be involved in fraudulent practices.

All throughout these problems, the community has seemed to have held faith. There is a core of believers that fervently think that Bitcoin is the future. These range from hard-core libertarians to techno-geeks, with a few day traders and speculators still trying to profit from the large swings in value experienced since June. A big aspect of the faith held by the technically-minded people in the crypto-currency is precisely its security features, Bitcoin has been touted as a very secure and anonymous method of transferring value from one computer to the other. The currency works by allocating a public cryptographic key to arbitrary units of value held in a proprietary non-proprietary client. Because they are public, the keys can be inspected by everyone, but a private key is needed to make the transaction. These units of value are held in “wallets”, small .dat files hosted in the computer. This setup serves two purposes, as long as the keys are secure, only the wallet’s owner will be able to transfer the bitcoins to make a payment. Similarly, the keys make the transactions anonymous.

Or so most people thought. As with many things online, the theory is often defeated by a combination of greed, laziness, ignorance, and simple intermediary failure. Bitcoin’s cryptography is very strong, so a hacking attack would not be able to break the security. But a hacker doesn’t need to defeat the SHA-256 cryptographic hash in order to remove bitcoins from the wallet, a simple $5 dollar wrench would suffice. Practice has been bearing this out, the Bitcoin client does not encrypt the wallet.dat file itself, which leaves the currency vulnerable. Similarly, hackers have been targeting the exchanges, the places where people pay in real money to buy bitcoins. And finally, all of the encryption in the world won’t protect you against fraudsters and scam artists.

So we were left with anonymity as the biggest selling point for Bitcoin. This was made evident after a Wired article informed college students everywhere of the existence of Silk Road, a site where they could buy drugs using bitcoins. Bitcoin’s value exploded, usage shot up, and mining rigs went up, driving the price of top-end GPUs through the roof. The idea is that because the currency is encrypted, there is no manner to trace any given transaction to individual users. But there is a new paper from Fergal Reid and Martin Harrigan of University College Dublin that claims that Bitcoin’s much-touted anonymity is seriously flawed. They used network analysis to trace transactions down a chain of distribution, and discovered that by treating transactions as a links in a network, and sender and recipients were vertices, they could get a very good idea of who was doing what. Moreover, they claim that this information can be easily cross-referenced with information in public spaces and intermediaries, so anonymity would be seriously compromised. They explain:

“There is no user directory for the Bitcoin system. However, we can attempt to build a partial user directory associating Bitcoin users (and their known public-keys) with off-network information. If we can make sufficient associations and combine them with the network structures above, a potentially serious threat to anonymity emerges. Many organizations and services such as on-line stores that accept Bitcoinis, exchanges, laundry services and mixers have access to identifying information regarding their users, e.g. e-mail addresses, shipping addresses, credit card and bank account details, IP addresses, etc. If any of this information was publicly available, or accessible by, say, law enforcement agencies, then the identities of users involved in related transactions may also be at risk.”

As a case study, they used a highly-publicised theft of 25,000 BTCs (with a value at the time of theft of approximately $500,000 USD). They were able to follow the involved transactions using their network tools, and charted these with high level of accuracy. Then the authors conclude that:

“Using an appropriate network representation, it is possible to map many users to public-keys. This is performed using a passive analysis only. Active analyses, where an interested party can potentially deploy marked Bitcoins and collaborating users can discover even more information. We also believe that large centralized services such as the exchanges and wallet Using an appropriate network representation, it is possible to map many users to public-keys. This is performed using a passive analysis only. Active analyses, where an interested party can potentially deploy marked Bitcoins and collaborating users can discover even more information. We also believe that large centralized services such as the exchanges and wallet.”

This is extremely interesting, because it is something that I envisaged when writing my forthcoming book on network theory. One of the chapters deals specifically with cybercrime, where I believe that network tools like social network analysis could have a large impact. Examples such as the above are precisely the type of uses that law enforcement could emply to tackle high-tech online crime.

One thing about Bitcoin is true. Maybe some libertarians are finally finding out why we have strong regulation of financial markets.

10 comments to Network analysis deflates Bitcoin’s anonymity myth

  • Have you read the paper? I think it is a lot weaker then repeatedly stated by commentators. Bitcoin is not actually anonymous by itself. But, you can use it, by its built in features, in a very hard to track way. Note that the current transactions are not, in most cases, anon as the users do not really care. Despite this and that the resolving of the purported theft would have made the authors highly regarded they could not really prove anything or reveal the identity/IP of any user. Also even if you can identify the money you may not prove "where" they are or who controls them.

    Also, your hang up on legal or not is backwards; One do not need to care if Bitcoin is a currency, a legal currency or legal tender, or what, if one do not intend to do any business with the state or government as long as your counter party is happy. In many countries it is perfectly fine to exchange things, i.e. barter. Bitcoin is nothing more than a valuable good for bartering. Who cares, and what can you do? In fact bartering is already regulated and it is no problem what so ever to follow that regulation and there is no need for any new regulation.

    • Hi,

      I did read the paper and some of the exchanges in the BTC forum involving the authors. I found it to be quite good, as my main interest is the methodology used. This is an academic paper, so there is no reason whatsoever for the authors to identify allinvain, they discuss the ethical implications in the introduction. From what I understand from the information not disclosed in the paper, they have gone further and have even managed to identify several forum members with their methods, but have decided not to disclose the data.

      As for the legal article, I am actually less interested in this angle since I wrote the blog post, as it seems to be that there is no longer any interest from regulators on Bitcoin. At the moment Bitcoin is nothing more than an unregulated speculative vehicle, and all of the problems experienced are acting as their own regulatory valve. If BTC survives, it may require some regulatory oversight, and its legal status will have to be defined one way or the other.

      However, I completely disagree with you that this is barter, which has its own legal definition. Whenever BTC is used as a method of payment, it works like a currency.

      • > This is an academic paper, so there is no reason whatsoever for the authors to identify allinvain, they discuss the ethical implications in the introduction. From what I understand from the information not disclosed in the paper, they have gone further and have even managed to identify several forum members with their methods, but have decided not to disclose the data.

        This is a bit disingenuous. They *couldn't* identify allinvain; they were asked this on their blog post (http://anonymity-in-bitcoin.blogspot.com/2011/07/bitcoin-is-not-anonymous.html). I also asked whether they could track transactions into/out of the existing exchanges (which are not even specialized coinmixes), and they couldn't do that either. The forum members you point to were ones who had already linked their pseudonyms to specific transactions/addresses.

        Some de-anonymization.

  • "The currency works by allocating a public cryptographic key to arbitrary units of value held in a proprietary client."

    What's meant by "proprietary" here?

    • Good point, the meaning was that it is "proprietary" in the sense that it is a stand-alone client, but it can be confused with it being proprietary in the open source vs closed software sense, I should know better :)

  • Erik

    Until someone actually connects a name or identity with those fun colorful lines, Bitcoin is anonymous. The report amounts to them concluding what was already known, that transactions can be traced from account to account… the more important question (and the one that they failed to answer) is whether accounts can be traced to the owners of the accounts.

    It seems pretty clear that if someone takes a few minor precautions, Bitcoin is relatively anonymous, but not "automatically" anonymous.

    Also to clarify, you mention wallet encryption – this is high priority and will be available with the next client release.

  • Dan

    I thought it was always the idea that the money can be traced. The anonymity part is determining who controls the money at what point. How can you tell the difference between one person juggling money through 1000 accounts and that person spending money into the marketplace.

    It's only traceable if you control a point of transaction with a criminal. Otherwise you can never be certain of the difference between a criminal paying money to an honest person or a criminal just sending money to themselves.

  • j

    It's good to know about.

    There is still the advantage of being efficient and cash-like but more decentralised and inflation discipline.

    It's flaws are linked to the flaws of the internet.

  • pjb1

    Uh, I'll be impressed with the "broken anonymity" argument when those guys who stole the 25k BTCs are sitting in jail. Until then the argument is just froth. As to your introductory slams, those sorts of things happen with other currencies too, not to mention gold. That seems to prove bitcoin really is a currency. I'm certainly not going to refrain from using it, because some of it was stolen from somebody. In fact I'd be suspicious if it were so perfect that there was no theft and fraud using it.

    • Why would the police pursue someone for theft of bits in a computer? The argument that many proponents make in favour of BTC is that it is unregulated. That is a double-edged sword, as with non-regulation comes non-enforcement.

      Libertarian utopia

Leave a Reply