Week 2 & 8 - Cryptocurrency Flashcards
Define Cryptocurrency
Cryptocurrency is a digital asset that represents value.
it is decentralised, bypassing traditional financial institutions
What is the blockchain?
The blockchain is an electronic database, also called a DISTRIBUTED LEDGER
Desscribe the key features of the blockchain or distributed ledger technology (DLT)
- It is IMMUTABLE - each iteration (block) must contain the previous info. Validated records are irriversible cannot be changed.
- It is DISTRIBUTED. All network participants have a copy
- It is UNANIMOUS. All participants agree to the validity of each record.
- It is SECURE. All records are individually encrypted
- It is ANONYMOUS. No ‘true’ identities known.
- It is PROGRAMMABLE
Bitcoin - because the system is decentralised, there is no central authority to accept / reject transactions, so who does this?
The community do this.
Bitcoin needs Validators & Miners.
Validators - process the transactions submitted to the network & prepare for the miners (check they have followed the rules). Get no reward
Miners - collect the validated transactions into ‘bundles’ (approx 2700 transactions). Solves a computational puzzle (for ‘proof of work’ & verification). Adds this ‘bundle’ of transactions to the blockchain as a new block. Requires a lot of computational power. Get paid a fee.
The fastest bitcoin transaction time is about 10 minutes - a new block is added to the blockchain approx every 10 minutes (miners process the transactions who paid the highest fee first, so if you pay a higher fee your transaction will be quicker).
How does the concept of ‘proof of work’ verify the new block creation?
- A random number (nonce) is added to each bundle of transactions (approx 2700) & a SHA256 hash function applied.
- The miner has to work out what the random number is
- once solved other miners check their solution using the hash value.
- the block is then verified and the network can acknowledge that work so the block is added to the chain
A block is only valid if it has proof of work.
Summarise the Blockchain ‘Construction’
So each block is a ‘bundle’ of transactions (approx 2700) combined with proof or work.
To order the blocks the SHA256 hash value for the previous block is included in each new block.
This means that editing or mutating previous blocks is impossible (making it IMMUTABLE). Because to do so they would need to solve the SHA-256 hash function for that block AND all the blocks after it (there are approx over 800,000 blocks already on the chain
Summarise the key features of Bitcoin transactions
- Transaction hashes are the IDs that allow us to quiery more info on platforms like www.blockchain.com.
- UNSPENT TRANSACTION OUTPUT (UTxO). Basically ‘change’ from a transaction like ‘real’ coins. This is new spendable amount & can be sent back to a different address than the input transaction. It is how Bitcoin maintains the balance of addresses linked to users.
- INPUTS. What I send i.e what I INPUT into the system. A transaction input.
- OUTPUTS. What the recipient recieves i.e. what the system OUTPUTS
These can be confusing because bitcoin users send INPUTS & recieve OUTPUTS. Think of it like inputs into the system and then the system outputs the money to the recipient.
Example (ignoring fees) I have 1 BTC.
I want to pay Lee 0.75 BTC.
My 1 BTC is the Input.
The 0.75 BTC to Lee is the output
The 0.25 BTC left is the unspent transaction output.
Where can you view the blockchain and transactions?
www.blockchain.com
What are Bitcoin Heuristics?
Bitcoin heuristics are techniques or rules of thumb (‘assumptions’) used to analyse patterns in transactions and addresses. Used to try to deanonymise the transactions or identify illicit activity.
It groups inputs into clusters.
Assumes peer to peer transactions.
Assumes the smallest output value is change from the input (belongs to same user - but it might not be - could be another person recieving a payment)
Crypto Crime & Investigation - How criminals evade blockchain analytics
- Multi-signature Transactions (CoinJoins). Users can come together to pool their bitcoin in a single transaction. Think of it like a group of friends at a restaurant table. To pay the bill they all put their money in a pot on the table and mix it up. The restaurant has no idea which money came from where. Need to use services to do this for us - very tricky to do without.
- Monero Bridge. Convert your Bitcoin to Monero then back to Bitcoin to obfuscate origin and destination of BTC. The bridge uses a smart contract (not an exchange). The smart contracts are publically available but extremely difficult to analyse.
- Mixing. Not used by sophisticated criminals anymore (tend to use monero bridge now). Takes many users BTC then mixes them through layering multiple transactions & sends them back to original user.
Chip mixer used to be popular but got taken now - slightly differnt in that users would submit BTC to be mixed. Chip mixer would mingle all BTC and return ‘chips’ back to user. each chip represented a certain value (e.g. 0.01 BTC or 0.2 BTC) - Can use intergrated tools and wallets like Samouri and wasabi and whirlpool.
- Multi input and change addresses are needed to stop algorithms from flagging them
Blockchain Analytics as an investigation tool
Blockchain analystics used to identify wallets, then sieze them and subpoena them.
Remember Blockchains are public.
There is extensive research in academia & industry in order to navigate and cluster transactions. Using heuristics and machine learning
There are companies with products for LE and financial crime analysts.
Products used to trace stolen or criminal funds, create diagrams for court / present evidence
e.g CHAINALYSIS (most popular), CIPHERTRACE (mastercard), ELLIPTIC, TRM, CRYSTAL LITE (free).
Remember with Bitcoin heuristics there are assumptions:
- assumes that the smallest output transaction is the change and belongs to original sender.
- assumes peer to peer transactions
Seizing Cryptocurrency
CRYPTO CAN BE SEIZED AND RETURNED TO VICTIMS THROUGH THE COURT
- Asset Reality www.assetreality.com helps build legal cases to seize crypto at exchanges
- Seize crypto at exchanges because the exchange is actually the custodian at the point you have sent your currency to an exchange.
- Exchanges are required to have KYC info. Gives avenue to obtain info.
- Can subppoena exchanges to extract documentation & freeze the assets
But of course some exchanges will totally ignore this
Investigator Notes
- Try to find seed phrases during searches.
- criminals make mistakes
- they need to rely on mixing and coinjoin services
- use clever interrogation - think about casual references to slow mixing services may get them to drop guard and name services they use
- postal tracking (Tor IP)