We think that the graphing, and analysis, that we did, shows its substantially easier to trace these things than we'd have a priori thought possible.
Then you had thought wrong and that is YOUR problem and not the problem of Bitcoin.
What do you mean 'the problem of Bitcoin'?
I mean, the technology itself doesn't care, that's the technology.
But the users may care.
Look what it says on the Wikileaks site:
"Bitcoin is a secure and anonymous digital currency. Bitcoins cannot be easily tracked back to you, and are safer and faster alternative to other donation methods. You can send BTC to the following address:"
Do you think those sentences are true? I think they are quite misleading. But there they are.
I think this is very clear evidence that something is going wrong, with the Bitcoin community's understanding of the limits of anonymity in Bitcoin.
Imagine its 5 years time, and Bitcoin is very widely adopted; and that I live in a really repressive regime, and had made a substantial donation to wikileaks.
The secret police come to my door - I'm confused, because I thought it was anonymous. I donated from an address I'd never previously used. I didn't realise that, a year later, when a piece of change (say) from that donation was also used in my weekly online grocery shop, with some other currency from my public 'donate to my blog' address, then I had inadvertently published, irrevocably, on the open Internet, that I previously made a donation to wikileaks. Now I'm talking to the secret police, I'm wondering what it means for Bitcoin to be 'a secure and anonymous digital currency.' and I'm a little confused, because it actually turned out to be very easy for the Bitcoins to be tracked back to me.
Like, we could say 'its not the problem of bitcoin' - but I think the technology, as its used in the real world, does sort of have a problem, if scenarios like that arise.
Don't get me wrong, Bitcoin is a really cool system.
But it *does* have a real problem, when a substantial subset of its users think its anonymous, but it isn't.
When we looked, we could identify many users, by their user names here, who donated to wikileaks. Maybe they are happy for that to be in the open- but maybe some of them aren't. This could be a very real problem for some of them. Does the Bitcoin community care? I think they should.
There were campaigns on this forum to get various organisations to accept Bitcoin donations.
So where's the campaign to correct that wikileaks page?
Bitcoin members always stated the nature of Bitcoin and how under certain circumstances the transactions could be linked to the person. There is absolutely nothing new on what you are saying. It had all been said by the Bitcoin community already.
There are differing levels of technical sophistication in the Bitcoin community.
Some people - the more technical people - state that Bitcoin provides no guarantee of anonymity.
We do acknowledge that in our paper.
But I think the Bitcoin community are doing a very bad job of disseminating that information.
And I think the reason for this is clear:
Its really easy to say that 'Bitcoin is not anonymous, all the transactions are there in the blockchain'. But all it means is that someone
said that.
Users will wonder 'Ok, so the information is there - but surely you can't actually follow transactions around the place?' - there are many threads on this forum where users are wondering exactly what can be done in practice.
Until our analysis, I had seen no one actually try and follow these things, or apply network analysis to it.
I mean, I saw the response to the 'allinvain' alleged theft - and the whole thread is there, and I've read it all - where they tried trace the Bitcoin flows - but they didn't have good tools, and they didn't get very far.
If you want, you can dig out the addresses they got to, and see where they are on the SVG we have - I've done that.
Its completely understandable, because they hadn't got purpose built tools.
But we actually built the tools, and had a go, and found you could follow Bitcoins much further.
And I think, as a (very casual) user of Bitcoin, that that is an important piece of information, and is well worth knowing.
You only have to see the reaction on the forums about your original blog post. The reaction was: so what? this was alredy known.
Yeah, but that's always easy to say.
Before doing this research, I had read up what was out there in the community, and the message I got was that the most technical users were saying 'Look, dont count on anonymity, you probably dont have it' and were saying that it might be possible to do network analysis. But there were loads of people wondering how much anonymity you had in practice, and whether it was really possible to make sense of the transaction history.
And I honestly didn't know which to believe, because I could find no examples of where people had traced flows through the network.
We didn't know whether we'd find clusters of nodes, and we were totally taken by surprise by how much information the account linking revealed.
So, actually going and trying to do some network analysis, told us a lot we didn't know - that these problems were real, in practice, as well as in theory.
We had to build a fair few tools, and tweak them, before we could properly see the structure in the network - it wasn't trivial.
I mean, if I'm wrong, send me a link to similar existing analysis. (as opposed to a stated opinion, correct though it might be).
And that's just from the point of view of the most technical users - there are reams of less technical users out there, confused about the anonymity.
A lot of people read our blog - hopefully that will result in these people not thinking bitcoin is inherently anonymous, when it really isnt.
Do you want me to dig up examples of the differing opinions that are out there?
There's the wikileaks 'donate' page I mentioned.
There's loads of stuff on these forums.
There's blogs (by really very technically sophisticated people) like this:
http://www.forbes.com/sites/timothylee/2011/07/14/advanced-bitcoin-anonymity/and really, what they say isn't really wrong, though I'd expect them to be surprised by how much can be uncovered.
There's some good posts around by users such as jgarzik which I would say maybe even slightly over estimate the network analysis that is conducted on Bitcoin - but he's certainly making the point, many times, that it shouldn't be labelled as anonymous.
But there's lots of other users that disagree with that view, or aren't as technical as the core dev team.
And I think there's an extent to which these are just opinions - educated, though they may be - until someone goes and tries to do that kind of analysis.
So I think contribute a lot by having a go at doing an analysis towards the type jgarzik mentions, and actually seeing how well we get on.
The problem is that you are claiming the Bitcoin community was saying the contrary and its very dishonest from your part.
Well, I've shown examples of the differing confused opinions that are out there - I guess it depends what you mean by 'community'.
Is whoever wrote that wikileaks page part of the community? (I dont like constantly picking on wikileaks here - but they are an organisation that is supposed to be all about protecting anonymity, so I guess its ok to hold them to a high standard).
As to the claim that I'm being dishonest - look, I'm a research student, I've no axe to grind here, I've no short financial position on Bitcoin; we're really interested in the currency, and chose to spend time on this, as opposed to other possible projects, because its interesting. We're doing our best to publish our work out in the open, blog about it, engage with people in forums. There's a sentence or two in the paper, and on the blogs, where we acknowledge that the technical users know anonymity was never designed in, and I think we do a good job of addressing the subtleties of the definition of 'anonymity' in the comments.
So, like, its really obvious there's nothing dishonest here.
And the biggest problem is that I went to your blog post to point exactly this to you in a nice and educated way, but you keep going around with the same dishonest claims, so you are clearly doing it on purpose. If you are acting on good faith you should stop your claims that the Bitcoin community has publicited anything different. What you are saying is nothing special or new. It was well known.
I've tried to address these concerns above.
I guess we can agree to differ on what exactly 'the Bitcoin community' thinks. You think they know exactly what the limits of anonymity are (i.e. its not anonymous). I think there's a lot of confusion out there, and uncertainty over how anonymous it is in practice.
Now I think my position is well supported by simply googling 'bitcoin anonymous' and seeing all the articles that call it anonymous - but look, at the end of the day, as long as people don't think its obscuring their tracks, when its not, we are both happy, right?
And our research adds an actual attempt to investigate and quantify this, rather than just make unsubstantiated - though educated - claims. Depending on how much of a scientist one is, the attempt to actually try it has a greater or lessor merit - I put a lot of stock in that sort of thing.
We aren't in the business of exposing thefts, so we didn't go down that road as far as we could.
Why not? If you really can prove it as you claim why not do it?
Dealt with this in my previous post.
Thanks for the feedback, btw - appreciate you taking the time to disagree with me, even if I don't agree with your disagreement
