A team of researchers from UK university Cambridge have found a way to track stolen bitcoins even after they’re laundered, giving law enforcement an entirely new and powerful way to track the proceeds of cryptocurrency crime for the first time. The algorithm, called Taintchain, is based on a 19th century UK law, which established the first in, first out (FIFO) principle, upon which many cryptocurrency launderings seem to operate.
Although Bitcoin, like many other cryptocurrencies, is pseudonymous instead of anonymous, this does not help much in tracking stolen funds - only in identifying the owner of the address which holds the funds after they have already been tracked down. Although the blockchain is a transparent ledger where every transaction can be seen and traced, the units themselves (bitcoins and satoshis) are impossible to track as they have no serial numbers or other individual identifiers.
The usual way of hiding the tracks of stolen bitcoins is by laundering: putting, for example, four stolen bitcoins and six clean ones in a single wallet. Then, the malicious actors split up the 10 bitcoins and transfer them to a large number of other accounts, making it impossible to tell which ones are clean and which ones are not.
Tendrils of crime: visualizing the diffusion of stolen bitcoin:
Source: Tendrils of Crime: Visualizing the Diffusion of Stolen Bitcoins
The research team, made up of Ross Anderson, Ilia Shumailov, and Mansoor Ahmed came up with a system that is based on the FIFO principle, which stipulates that when funds are divided from an account (like when a bank or other financial institution collapses), the first person to have paid in is the first person to be paid out.
The new Taintchain algorithm applies this principle to bitcoin wallets: if the first bitcoins paid into the wallet are stolen, then the first ones paid out are considered stolen too. Although malicious actors use several different patterns that are supposed to hide the funds, the algorithm is immune to them due to observing the FIFO principle. Of course, that insight immediately suggests a way for malicious actors to hide their activity from Taintchain analysis by randomizing the way they pay out from wallets.
Meanwhile, the darknet markets are still thriving, in spite of the law enforcement’s best efforts. Although some markets get closed down, others pop up all over the place. However, according to a report by blockchain analysis company Chainalysis , “Darknet market activity is relatively price inelastic; that is, you don’t see a drop in this type of activity when cryptocurrency prices fall. In fact, in 2018, darknet market activity and overall market performance had an inverse relationship.”