The digital currency Bitcoin has a reputation for providing privacy. But a new analysis of the public log of all bitcoin transactions suggests it could be surprisingly easy for a law enforcement agency to identify many users of the currency. Popular uses for bitcoins include illicit gambling and making purchases at an online marketplace called Silk Road, where illegal drugs are traded openly.
The new research, from a team at University of California, San Diego, comes at a time when investment in the bitcoin economy is booming (see “Bitcoin Hits the Big Time”), and as it is being scrutinized by U.S. authorities. In 2013, the U.S. Department of Homeland Security has seized a total of $5 million from Mt Gox, the largest exchange where people go to convert between bitcoins and conventional currencies. Last month, New York’s financial regulator subpoenaed 22 companies to gather information about their dealings with Bitcoin.
“The Bitcoin protocol still has huge potential for anonymity,” says Sarah Meiklejohn, who led the research project, “but the way that people are using it is not achieving anonymity at all.”
Her analysis centered on the digital trail left by bitcoin transactions, a mechanism used to provide trust in a currency that lacks the backing of a government or any other authority. Software run by users of the currency collaborates over the Internet to maintain the global ledger, called the blockchain, which records every bitcoin transaction ever made (see “What Bitcoin Is, and Why It Matters”).
The blockchain records only the unique addresses of individual bitcoin “wallets,” not anything about the people using them. However, Meiklejohn and colleagues created maps from that record that could help law enforcement find companies that hold identifying information for specific users. An agency might, for example, follow the flow of bitcoins from an illegal transaction to a bitcoin exchange and then subpoena that company. “That would not be hard to do with the current patterns of how people are using things,” says Meiklejohn.
It is difficult to invest much in bitcoin or realize gains made in the bitcoin economy, lawful or otherwise, without using an exchange. The companies behind these exchanges handle millions of dollars’ worth of trades each month giving them a clear incentive to coöperate with authorities and abide by financial regulations. Mt Gox requires a copy of government-issued photo ID and proof of address before a person can convert between conventional currencies and bitcoins.
Meiklejohn says she has discussed her research with representatives of one U.S. law enforcement agency, at their request. A paper on the work will be presented at the Internet Measurement Conference in Barcelona next month.
The researchers used two techniques to unravel the thicket of 12 million addresses and 16 million transactions in the blockchain, covering the movements of about four million bitcoins. First, a network map of all the addresses was made based on the transactions between them. Addresses clustered into tight groups suggested they belong to individual people or organizations.
That map was then enhanced by labeling addresses linked to known people or services. Some of the information needed to do that came from looking online for people or companies who had publicly shared their bitcoin addresses. The researchers also did business with nearly 100 different bitcoin companies and services to identify more addresses, buying a pile of goods from coffee to a Guy Fawkes mask.
The final map isn’t yet complete, linking only 1.8 million addresses of the 12 million as belonging to a total of 2,197 entities, but it could be powerful. “These services that we could name do represent an important slice of what’s happening,” says Meiklejohn.
The UCSD analysis suggests some easy places for law enforcement to start should they want to chase people using bitcoins for illegal transactions. For example, the researchers logged many transactions directly between Mt Gox and Silk Road, the marketplace where illegal drugs and other services are traded. That means a subpoena served on Mt Gox could immediately identify many people that had made use of Silk Road.
In theory, it might be possible to hide from such analysis using a “mixing service,” which for a fee jumbles up bitcoins from different sources. However, the services that exist are unreliable. They may never be able to launder large sums because hiding a large amount of cash, like the haul from a malware heist, would require having several similarly large amounts to mix them with.
The new research provides important evidence of how much Bitcoin’s design limits user privacy, says Ian Miers, a grad student at Johns Hopkins University who leads work on Zerocoin, a prototype system that could be built into bitcoin or a similar digital currency and would guarantee fully anonymous transactions. Miers believes the UCSD group is the first to show the power of the approach used.
Many in the Bitcoin community remain unaware of the potential for such attacks, says Miers. “Although the Bitcoin developers themselves and some of the community are highly aware that Bitcoin is at least theoretically not private, it’s not clear that the general user population is,” he says.
The UCSD study found evidence that some criminals, at least, do know Bitcoin’s privacy is limited. In late 2012, one sophisticated thief stole 3,257 bitcoins – today worth over $400,000 – by spreading malware that transferred money from users of Bitcoin without their knowledge. Almost a year later, most of the stolen coins have gone nowhere, suggesting that the person who took them is struggling to cash out without revealing himself, says Meiklejohn.