**Note: This is the first in a series of blog about deanonymization of blockchain. As we are coming closer to CBDC debut and crypto regulations are being finalized around the world, K.Y.C is vital for the growth of the industry and thus, I hope to be able to debunk the belief of being anonymous by using blockchain technology products so regulators can have suitable laws to oversee, not to restrict or to outright ban.***
Deanonymization of Bitcoin refers to the process of tracing a transaction to the real-world identity of a user. Despite the common belief that Bitcoin, or cryptocurrency in general, provides the anonymous feature that people are craving for after a series of privacy breach from both big cooperation and government in recent years, this is false. Bitcoin can onlyl provide pseudonymous, which means it is possible to trace back to you, or at least narrow down to a certain smaller list of users. Therefore, due to that pseudonymous nature of Bitcoin, various methods have been developed to deanonymize users and uncover their identity. However, the task remains challenging due to the decentralized structure of the Bitcoin network, the use of anonymization techniques by users, and technical limitations in the analysis of Bitcoin transactions (Meiklejohn et al., 2013).
Decentralized Nature of Bitcoin
But first, let's start from one of the reason why Bitcoin roses to fame. The decentralized structure of Bitcoin makes it more difficult to track and analyze transactions compared to traditional financial systems. Unlike traditional financial systems, where a central authority such as a bank holds information about users and their transactions, in the case of Bitcoin, all transactions are recorded on a public ledger called the blockchain (Ron & Shamir, 2013). This makes it more difficult for authorities to monitor and track the flow of bitcoins and identify the users behind the transactions. The decentralized nature of Bitcoin also means that there is no central repository of information about users and their transactions, making it more difficult to gather data for analysis (Meiklejohn et al., 2013).
Anonymization Techniques
Bitcoin users can employ various anonymization techniques to conceal their identity and increase additional layers of defense against "Big Brother" tracking, such as using mixing services, tumbling coins, and changing addresses. These techniques make it more difficult for chain analysis and other methods of deanonymization to be effective as they can break the link between a user's transactions and their identity (Androulaki et al., 2013).
For instance, mixing services can be easily understand as a model basically receives coins from multiple sources, mixed them up, then return with the same amount of coins from the mixed bag back. The usual custodial model requires a lot of trust as mixing party can just steal all the funds. Hence, non-custodial was born and it adds a clause that in a certain amount of time, defined by senders, depositors can withdraw the fund. Depositors proved their identity by cryptographic techniques, like cluding ring signatures, verifiable suffles or threshold signatures.
Chain Analysis
One of the most common methods of deanonymizing Bitcoin users is chain analysis, which involves tracing the flow of bitcoins between users and analyzing patterns of transactions. This method utilizes techniques such as clustering and heuristics to identify groups of addresses that are likely controlled by the same user (Koshy et al., 2014). The data collected can then be compared to public information to determine the real-world identity of the user.
Moreover, people tend to use the same address over and over, since creating a brand new address for every activities on the blockchain is a hassle and inconvenient. This dramatically reduces the anonymity of users. By applying a various of clustering techniques with a huge and well labelled dataset, Hao Hua Sun Yin et al. was able to accurately determine if an address being used for illegal with an accuracy of 80.42% in 2019.
From there, one of the ways that Bitcoin can be traced back to its users is through link analysis. This technique involves tracing the flow of bitcoins from one address to another and using other data, such as IP addresses and wallet information, to determine the identity of the user behind the transaction. Researchers have found that link analysis can be effective in de-anonymizing Bitcoin users, even when anonymization techniques are employed (Androulaki, Karame, Roeschlin, Scherer, & Capkun, 2012).
Technical Limitations
However, with that being said, technical limitations can also pose challenges in deanonymizing Bitcoin users. For example, IP address analysis can be unreliable as IP addresses can be easily masked or altered. Wallet analysis may not always be effective in determining the identity of a user as they may store their bitcoins in multiple wallets or mix their coins with those of other users (Reid & Harrigan, 2013).
Conclusion
In conclusion, while progress has been made in the area of deanonymizing Bitcoin users, the task remains challenging due to the pseudonymity and decentralization of Bitcoin, as well as the use of anonymization techniques and technical limitations. However, as more research and development is conducted in this area and the progress of applying Machine Learning algorithms along with other profiling techniques, it is likely that new methods for deanonymizing Bitcoin users will emerge. It is important for Bitcoin users to be aware of these methods and to take steps to protect their privacy and anonymity, such as using anonymous wallets and employing anonymization techniques (Meiklejohn et al., 2013).
References:
Meiklejohn, S., Pomarole, M., Jordan, G., Levchenko, K., McCoy, D., Voelker, G. M., & Savage, S. (2013). A Fistful of Bitcoins: Characterizing Payments Among Men with No Names. In Proceedings of the 2013 Conference on Internet Measurement Conference (pp. 127-140).
Koshy, P., Koshy, D., & McDaniel, P. (2014). An Analysis of Anonymity in the Bitcoin System. In Security and Privacy in Communications Networks (pp. 197-223). Springer Berlin Heidelberg.
Ron, D., & Shamir, A. (2013). Quantitative Analysis of the Full Bitcoin Transaction Graph. In Financial Cryptography and Data Security (pp. 6-24). Springer Berlin Heidelberg.
Meiklejohn, S., Pomarole, M., Jordan, G., Levchenko, K., McCoy, D., Voelker, G. M., & Savage, S. (2013). Deanonymisation of clients in Bitcoin P2P network. In Proceedings of the 2013 IEEE Symposium on Security and Privacy (pp. 397-411).
Reid, F., & Harrigan, M. (2013). An Analysis of Anonymity in the Bitcoin System. In Security and Privacy in Social Networks (pp. 197-223). Springer Berlin Heidelberg.
Androulaki, E., Karame, G. O., Roeschlin, M., Scherer, T., & Capkun, S. (2012). Evaluating User Privacy in Bitcoin. In Financial Cryptography and Data Security (pp. 34-51). Springer Berlin Heidelberg.
H. H. Sun Yin, K. Langenheldt, M. Harlev, R. R. Mukkamala, and R. Vatrapu, “Regulating cryptocurrencies: A supervised machine learning approach to de-anonymizing the bitcoin blockchain,” Journal of Management Information Systems, vol. 36, no. 1, pp. 37–73, 2019.
Comments