Dug Campbell

Bitcoin & Anonymity

As I hinted at yesterday, the big news of today was undoubtedly the launch by Coinbase of the first licensed Bitcoin Exchange in the US, whilst the Winklevoss twins were left trailing in the wake of the Coinbase juggernaut despite announcing the support of an unnamed US bank for their Gemini Exchange.

This marks a major inflection point on the road to acceptance of Bitcoin by those within the established financial industry. But the battle is still far from over within the Bitcoin ecosystem between those who are pushing towards mainstream acceptance at any costs and those for whom anything short of the wholesale destruction of the existing financial system is ideologically unacceptable.

So as the question of toeing the line versus ignoring the line comes to the fore again, I thought it was worth revisiting a particular area that often provokes vehement responses from both sides – that of anonymity. A week or so ago, Adam Ludwin of Chain wrote the best blog post I’ve read recently on the topic so I thought it might be useful to summarise the key points here.

Don’t Confuse Anonymity & Privacy

An anonymous transaction is where no-one knows who you are. A private transaction is where no-one knows what you purchased (or for how much). To put that in context, you can have:

  • Private and anonymous (barter)
  • Private but not anonymous (museum donation)
  • Not private and not anonymous (credit card)
  • Anonymous but not private (Bitcoin)

So Bitcoin’s Anonymous?

In theory, yes. In reality, no.

It’s pseudonymous. The blockchain itself is a record of every single transaction that ever takes place. It simply contains thousands of random-looking strings (actually the hash of your public key) which is used as your identifier. No names.

But if you buy bitcoins via any form of public exchange, you’ll be asked to leave identification documentation so that the Exchange doesn’t fall foul of money laundering regulations. Your identity is then linked to your transactions from that point on.

You could avoid this by buying bitcoins face to face, receiving them in exchange for a good or service you provide or as a mining reward. But (as explained below) this still doesn’t prevent your identity being associated with those bitcoins (addresses) in the future.

How is Anonymity Breached?

There are two ways that this tends to happen:-

  • someone analyses the blockchain and uncovers transactions that are likely to be controlled by one party before connecting these with a real identity; and/or
  • someone analyses a relevant IP address in a transaction and is able to uncover a real identity.

A. Transaction Graph Analysis

Bitcoin’s big advantage is the public nature of the ledger of every transaction that ever takes place. But when it comes to anonymity, that’s also its weakness.

If someone knows you’ve used a particular bitcoin address, they can simply go online to check the blockchain and clearly see every transaction coming in and going out of that particular address. What’s more, they can trace the history of each one. Definitely not private. As a result, you should only ever use each address once. And if you receive change in a transaction, that change should also be returned to a new address (this generally happens automatically these days).

Because addresses are free to use and unlimited, there’s no excuse not to do this. But even if you do, your identity is not secure. There are still ways of analysing the blockchain which, after all, remains open to anyone to inspect at all times. And these analysis techniques are becoming increasingly powerful as they enable someone to bundle likely activity together by association before they uncovering a ‘real world’ identity.

There’s three main ways this analysis can be done:-

  1. Any transaction with more than one input must be controlled by the same person. By this I mean if you buy something for 4 BTC and you only have 2 BTC and 3 BTC, you have to send the full 5 BTC (two outputs) to the recipient. Analysts can then look into the history of either of those input addresses if they have been used previously and connect further transactions with the same person.
  2. If just one output address has not been used before, it’s highly likely to be the change address (i.e controlled by the sender).
  3. If there are two outputs to two different addresses, with one being a ‘whole’ number (i.e. either 2 BTC or an amount of BTC that is the equivalent to a round number of pounds, dollars or whatever), it’s likely the output of the uneven number of Bitcoins is the change going back to the sender.

Mixers & Tumblers

You may have heard of services that work to obscure the origin of your bitcoins. You send them your bitcoins, they swap them for different bitcoins (with different transaction histories) and return them to you (after deduction of a fee, of course). However, whilst in demand by those who want to use bitcoins for illegal ends as well (as those simply concerned with ensuring privacy for legitimate means), these services have certain limitations:-

  1. When you give them 100% control of your bitcoins, you have to trust them to not simply steal them.
  2. Analysis can identify addresses controlled by mixing services – so you could highlight your transaction as being potential illegal.
  3. It’s hard to swap very large sums of money unless someone else is doing the same.
  4. Some services are easier for investigators to unravel than others.
  5. If they are operating legally, the authorities or hackers can access the records of all transactions that the service is required to keep.
  6. You might receive bitcoins that have a tainted, illegal history – try explaining to the authorities how you came to control bitcoins that were received as payment in a kidnapping, for example.

Linking Transactions with a Real World Identity

After investigating on the block chain, someone can then investigate further in the ‘real’ world. Obvious ways of linking identities with addresses include:-

  1. People who place addresses on their websites/business cards/forum signatures
  2. Retail outlets that use a fixed address (perhaps on a QR code next to the till)

Once you know one address, you can investigate further. If I say that I bought something yesterday using bitcoins and you can find out the merchant’s address, you just need to filter those results for a likely transaction that involved a payment from me. If you knew what I bought (and therefore the likely value) together with the date or time of day, that may not take long at all. Similarly, it’s not too hard for me to use that information to tell where someone has physically been by simply compiling a trail of his or her transactions.

B. IP Adress Anonymity

To simplify, the first computer (node) that broadcasts a transaction to the network is likely to be in the location that the transaction originated. It gets easier to identify if multiple transactions are relayed from the same IP address. If you use TOR, you may be able to minimise the risks but you then have to protect your identity in many other ways.

Remember: Anonymity today does NOT mean anonymous tomorrow

The press continue to warn about anonymous bitcoins that facilitate crime. The reality couldn’t be further from the truth. Bitcoin enjoys significantly less anonymity than cash which surely must remain the token of choice for illegal activities for the near future.

The key takeaway here is that whilst your transactions may not be linked to you directly today, there is every possibility that they may be in the future. It only takes one disclosure of identity in some way at some point in the coming years (by either you or somebody else) and all of your linked transactions would be identifiable – even if they were twenty years old.

We’re in the early days at the moment and it’s clear that there’s a battle for power going on here. And for many who have no illegal intent whatsoever, the lack of privacy available at present could be problematic. That’s the reason that so many people around the world are working hard on developing increased privacy (check out Darkcoin, Darkwallet, stealthcoin, CoinJoin and Zerocoin for starters).

The big question now, as the financial industry starts to wake up to the potential, is whether Bitcoin’s code itself will be developed in order to protect privacy – or to facilitate regulation. For many people, they’ll continue to develop alternatives until they finally create a digital currency that can be just as anonymous and private as hard cash.