BitterTea (OP)
|
|
June 02, 2011, 12:46:23 AM |
|
Rather than jacking the press hits thread, I thought I'd start a discussion here. As Jeff said, he emailed some journalists and "corrected" their idea that Bitcoin is anonymous. I think he may have gone too far in the other direction. Jeff Garzik, a member of the Bitcoin core development team, says in an email that bitcoin is not as anonymous as the denizens of Silk Road would like to believe. He explains that because all Bitcoin transactions are recorded in a public log, though the identities of all the parties are anonymous, law enforcement could use sophisticated network analysis techniques to parse the transaction flow and track down individual Bitcoin users.
"Attempting major illicit transactions with bitcoin, given existing statistical analysis techniques deployed in the field by law enforcement, is pretty damned dumb," he says. I agree that it is important for people to understand that all Bitcoin transactions are recorded in a publicly available log. However, his statement seems to imply that it is trivial to link a transaction to an identity. I believe that this is just about as incorrect as saying that Bitcoin is completely anonymous. For instance, Silk Road has a built in coin mixer. When you add coins to your account, they are sent through a bunch of dummy transactions, split up and recombined with the coins of other people. This would make it much more difficult to associate a specific sale with a Bitcoin transaction and individual identity. Another precaution that can be taken from the buyer's point of view is to only spend virgin coinbase transactions. These have no history so cannot be traced via information leakage (associating a previous address with your identity accidentally or purposefully). These can be obtained by mining yourself, or via "proxy mining", where a miner creates the coinbase transaction for a public key whose private key you control. If the proper precautions are taken, I believe that nothing short of seizure of the hard drive containing the wallet can prove the link between a transaction and an identity. Further, once the transaction is complete, the used private keys can be removed from the wallet, negating even this risk. Any thoughts?
|
|
|
|
mewantsbitcoins
|
|
June 02, 2011, 12:57:20 AM |
|
Oh, yea - you just keep on talking to journalists. Soon they will be writing that the moon is made of cheese
|
|
|
|
xf2_org
Member
Offline
Activity: 98
Merit: 13
|
|
June 02, 2011, 01:18:08 AM |
|
As noted here, serious anonymity takes a lot of work, and is darned near impossible if you are making a "noticeable" impact on the network, with your activity. Analagous to side channel attacks, users can give themselves away in a variety of ways that are not directly related to bitcoin's cryptographic strength. Most of the articles posted a [heavily] edited reply of what I sent. The full version of the correction email, as reproduced by The Atlantic, clearly highlights the wiki Anonymity page, which covers all this in quite a bit of detail.
|
|
|
|
BitterTea (OP)
|
|
June 02, 2011, 01:21:33 AM |
|
As noted here, serious anonymity takes a lot of work, and is darned near impossible if you are making a "noticeable" impact on the network, with your activity. Analagous to side channel attacks, users can give themselves away in a variety of ways that are not directly related to bitcoin's cryptographic strength. Most of the articles posted a [heavily] edited reply of what I sent. The full version of the correction email, as reproduced by The Atlantic, clearly highlights the wiki Anonymity page, which covers all this in quite a bit of detail. Thanks for the reply. I see that they simplified the matter on both sides. Does your comment regarding deposits apply if you can generate a new address to deposit into each time?
|
|
|
|
bleedkira
Member
Offline
Activity: 83
Merit: 10
|
|
June 02, 2011, 01:24:47 AM |
|
With an effective coin tumbler (SR's isn't perfect from what I have read) it's possible to prove unlinkability. Yes, they can prove your coins went into the mixer, but not that they were used for a specific transaction.
|
|
|
|
goatpig
Legendary
Offline
Activity: 3780
Merit: 1375
Armory Developer
|
|
June 02, 2011, 01:25:34 AM |
|
I think the main protection layer for SilkRoad is Tor. If I was a cop and wanted to catch people using a known illegal service over Bitcoin, I'd get a list of the addresses used to deposit funds on that service from the block chain, then I'd listen on the network for a node to emit a transaction using those addresses. Pretty sure I'd catch a lot of people like this if it wasn't for the Tor layer.
|
|
|
|
BitterTea (OP)
|
|
June 02, 2011, 01:29:58 AM |
|
I think the main protection layer for SilkRoad is Tor. If I was a cop and wanted to catch people using a known illegal service over Bitcoin, I'd get a list of the addresses used to deposit funds on that service from the block chain, then I'd listen on the network for a node to emit a transaction using those addresses. Pretty sure I'd catch a lot of people like this if it wasn't for the Tor layer.
How do you get the list of addresses used to deposit funds on that service, if every deposit is to a new address?
|
|
|
|
joan
Jr. Member
Offline
Activity: 56
Merit: 1
|
|
June 02, 2011, 01:36:53 AM |
|
For instance, Silk Road has a built in coin mixer. When you add coins to your account, they are sent through a bunch of dummy transactions, split up and recombined with the coins of other people. This would make it much more difficult to associate a specific sale with a Bitcoin transaction and individual identity.
On the other hand if I'm buying stuff in undercover mode, I now have access to addresses of many other clients by tracing where my coins went and then backtracking.
|
|
|
|
BitterTea (OP)
|
|
June 02, 2011, 01:59:57 AM |
|
For instance, Silk Road has a built in coin mixer. When you add coins to your account, they are sent through a bunch of dummy transactions, split up and recombined with the coins of other people. This would make it much more difficult to associate a specific sale with a Bitcoin transaction and individual identity.
On the other hand if I'm buying stuff in undercover mode, I now have access to addresses of many other clients by tracing where my coins went and then backtracking. With a properly implemented mixer, it would be difficult or impossible to tell which transactions are within the mixer and which are not.
|
|
|
|
xf2_org
Member
Offline
Activity: 98
Merit: 13
|
|
June 02, 2011, 02:05:15 AM |
|
As noted here, serious anonymity takes a lot of work, and is darned near impossible if you are making a "noticeable" impact on the network, with your activity. Analagous to side channel attacks, users can give themselves away in a variety of ways that are not directly related to bitcoin's cryptographic strength. Most of the articles posted a [heavily] edited reply of what I sent. The full version of the correction email, as reproduced by The Atlantic, clearly highlights the wiki Anonymity page, which covers all this in quite a bit of detail. Thanks for the reply. I see that they simplified the matter on both sides. Does your comment regarding deposits apply if you can generate a new address to deposit into each time? If Silk Road accepts deposits, then they are acting as a concentrator, no matter how the coins are mixed. The only way to get around that is to use a mixing service with flows far larger than Silk Road's flows, to disappear into the noise. The flow is also largely unidirectional, as I presume that the set of buyers and set of sellers is pretty distinct. Undercover agents will inevitably make buys, observing the flow of coins. So that makes for a fairly recognizable pattern, when observed over weeks and months. Of course, it's just a pattern with no context, unless you have a successful side channel attack or other information ("his Tor connection pulsed, and a TX with SilkRoadHeatIndex > 2.0 appeared on the network").
|
|
|
|
bleedkira
Member
Offline
Activity: 83
Merit: 10
|
|
June 02, 2011, 02:37:17 AM |
|
Out of curiosity, is there a mixer other than SR? Cointumbler magically vanished a while back.
|
|
|
|
Ricochet
|
|
June 02, 2011, 03:45:20 AM |
|
I've heard it said that enough coins flow in and out of MtGox and MyBitcoin that they can effectively act as manual tumblers by nature. I don't know how true this is however.
|
|
|
|
BitterTea (OP)
|
|
June 02, 2011, 03:54:36 AM |
|
What might be interesting is if Silk Road offered its coin tumbling service to the public. This would provider a greater number of coins for use in the mixing process, as well as diluting the association with illegal goods and services.
Hell, perhaps it could even be accessed via a completely separate hidden service or web site with no apparent connection to Silk Road, though I'm undecided on the ethical consequences of doing so...
|
|
|
|
MicroBalrog
Newbie
Offline
Activity: 10
Merit: 0
|
|
June 02, 2011, 07:05:11 AM |
|
The problem with anonymity is that a lot of people misunderstand its use.
Anonymity measures are not, primarily, designed to protect you from law enforcement who are already interested in pursuing you personally. They are designed to protect you from engaging this interest in the first place.
Imagine John. John is growing weed in his house. John is doing everything properly - purchasing all of his weed-growing supplies by cash, using intermediaries and false identities. His weed is grown in a basement under his house, protected from IR seekers.
Now Joe the cop walks by John's house. If John did everything right, this house looks just like any other house on the street. Joe wouldn't even notice it's there. Perhaps even it looks slightly suspicious, but Joe is not going to break down the door in any suspicious house. Anonymity worked for John.
But if John is already the suspect in an ongoing investigation for whatever reason, Joe is going to look for the tiniest shred of evidence to use to get a warrant, or simply persuade a judge to sign one. In some countries a warrant is not needed, but the point remains: Joe comes back with a SWAT team, they tear the house apart, and find Joe's weed, or guns, or illegal political tracts. Same principle.
The person who was interviewed was right when they said Bitcoin help you little when the police have a personal angle for you. The police have far more resources than any one individual, and if they are gunning for an individual, chances are they'll get him. The point is avoiding becoming that individual in the first place.
|
|
|
|
mikegogulski
|
|
June 05, 2011, 08:41:57 PM |
|
Out of curiosity, is there a mixer other than SR? Cointumbler magically vanished a while back.
http://app.bitlaundry.com/ serves as such, depending on whether you're trying to "mix" more than the wallet has in it at any given time.
|
|
|
|
mewantsbitcoins
|
|
June 05, 2011, 08:44:53 PM |
|
Out of curiosity, is there a mixer other than SR? Cointumbler magically vanished a while back.
http://app.bitlaundry.com/ serves as such, depending on whether you're trying to "mix" more than the wallet has in it at any given time. mike, is there a way to know how much is in the wallet on that site?
|
|
|
|
Frozenlock
|
|
June 05, 2011, 11:02:43 PM |
|
As I understand it, the more BTCs in the mix, the better.
Is there an incentive to "lend" BTCs to this service, in order to guarantee a minimum?
|
|
|
|
mikegogulski
|
|
June 18, 2011, 01:14:44 AM |
|
Out of curiosity, is there a mixer other than SR? Cointumbler magically vanished a while back.
http://app.bitlaundry.com/ serves as such, depending on whether you're trying to "mix" more than the wallet has in it at any given time. mike, is there a way to know how much is in the wallet on that site? Here is my dilemma... or maybe trilemma. If I advertise a big wallet, I'm a hax0r target. If I don't advertise a nice wallet size, large transactions pass me by. If I don't advertise a nice wallet size, heck, even small transactions might pass me by. One solution: Set up a dedicated wallet for my laundries. Transmit their fees to my private wallet immediately upon clearing incoming transactions. Push the risk of being hax0red onto the respective service's users. BTW, app.bitlaundry.com is back up with some behind-the-scenes improvements.
|
|
|
|
MoonShadow
Legendary
Offline
Activity: 1708
Merit: 1010
|
|
June 18, 2011, 01:19:46 AM |
|
I've heard it said that enough coins flow in and out of MtGox and MyBitcoin that they can effectively act as manual tumblers by nature. I don't know how true this is however.
This is actually true except for the part about both MtGox and MyBitcoin keeping detailed logs about what goes where, and both being subject to the will of LEO's to some degree simply due to the fact that both are public companies with known owners.
|
"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."
- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
|
|
|
mikegogulski
|
|
June 18, 2011, 01:30:01 AM |
|
I've heard it said that enough coins flow in and out of MtGox and MyBitcoin that they can effectively act as manual tumblers by nature. I don't know how true this is however.
This is actually true except for the part about both MtGox and MyBitcoin keeping detailed logs about what goes where, and both being subject to the will of LEO's to some degree simply due to the fact that both are public companies with known owners. The bit about logging at MtGox and MyBitcoin is true, but this may be of little concern to people interested in the topic of this thread. The reporting and accounting requirements these services are subject to are based entirely around their handling of government currencies. For example, on my MtGox account right now I can withdraw a maximum of $1000 per day and $10,000 per month. To do more than that I need to show state ID. Meanwhile, I can use the MtGox API to talk to an account founded on a throwaway email address and get access to the BTC pool there. No government money transactions, no reporting or audit requirement... yet.
|
|
|
|
|