How policy and regulation impact the crypto world – and the other way around By Nikhilesh De Managing Editor, Global Policy & Regulation May 4, 2021 If you were forwarded this newsletter and would like to receive it, sign up here.
Hey folks,
Welcome to State of Crypto, a CoinDesk newsletter looking at the intersection of cryptocurrency and government. I’m your host, Nikhilesh De. You’re probably here because you signed up, but in case you're not a fan, you can unsubscribe here.
Last week, U.S. Internal Revenue Service Criminal Investigations (IRS-CI) agents arrested the alleged operator behind crypto mixing service Bitcoin Fog. An attached “Statement of Facts” helpfully explains how the feds tracked the operator down, but raises new questions about how exactly they uncovered this information.
—Nik
Tracking you An IRS-CI agent said he identified the alleged operator of crypto mixing service Bitcoin Fog using data from various exchanges the U.S. took down and blockchain analysis.(NeONBRAND/Unsplash, modified via PhotoMosh) The narrative Last week, U.S. officials arrested Roman Sterlingov on allegations he operated Bitcoin Fog, a service designed to obscure bitcoin transactions so external parties and blockchain analysis could not tell who sent any given transaction, a process commonly referred to as mixing. The feds charged the Russian-Swedish dual citizen with unlicensed money transmission and money laundering. An affidavit unsealed alongside the executed arrest warrant detailed how law enforcement officials gathered information to indict Sterlingov. Why it matters The affidavit, filed by IRS-CI Agent Devon Beckett, details how his agency tied Sterlingov to Bitcoin Fog, but the information he cites stems from years-old data the U.S. government apparently has about users on the now-defunct BTC-e, Mt. Gox and Liberty Reserve platforms. No, this was not primarily achieved by blockchain analysis. Instead, it appears that federal agents compared email addresses on the centralized platforms to identify Sterlingov before securing an indictment.
Not only does this action reinforce the idea that crypto exchange users give up much of their privacy when signing up, but it emphasizes the feds might hold onto that data for years. Breaking it down Bitcoin Fog launched in 2011 and was allegedly a money launderer for various darknet platforms taken down by federal officials over the years, including Silk Road, Silk Road 2.0, AlphaBay, Agora and Evolution Market.
A Department of Justice press release even called Bitcoin Fog the “longest-running bitcoin money-laundering service on the darknet,” Interestingly, the affidavit initially seems to give the impression blockchain analysis was a part of the investigation into the site’s operator.
“While the identity of a Bitcoin address owner is generally anonymous (unless the owner opts to make the information publicly available), law enforcement can often identify the owner of a particular Bitcoin address by analyzing the blockchain,” Beckett wrote.
The blockchain analysis seems to have been used only to confirm Bitcoin Fog’s volume over the past 10 years (1.2 million BTC), and to prove that it was mixing the bitcoin sent through it (more on that later). The rest of the investigation – meaning the part that actually tied Sterlingov to the site he allegedly ran – may have just depended on user databases connected to Mt. Gox, Liberty Reserve, BTC-e and Google.
Taylor Monahan, the founder and CEO of Ethereum wallet manager MyCrypto, tweeted, “As far as I can tell, the tracing of on-chain BTC transactions played ~zero part in tracking down/confirming Bitcoin Fog's alleged operator's” identity.
The IRS sent a subpoena to Google, but it’s a lot less clear where it got the email address and wallet information for the other platforms.
The affidavit says: “Analysis of bitcoin transactions, financial records, Internet service provider records, e-mail records and additional investigative information, identifies ROMAN STERLINGOV as the principal operator of BITCOIN FOG.”
It cites bitcoin sent from a Mt. Gox account (opened in Sterlingov’s name) to a second Mt. Gox account. The bitcoin went through a few other exchanges before eventually landing at a Liberty Reserve account, which was then used to pay for the bitcoinfog.com domain. Monahan questions where this information was recorded.
Under the Privacy Act of 1974 (h/t Andrew Hinkes), a federal agency cannot provide records to another agency without the permission of any individual mentioned in those records. (It’s unclear whether this happened here.)
According to a Department of Justice webpage, there are a few possible exceptions, though none appear to apply to this case at first glance.
It may have taken the U.S. 10 years to arrest Sterlingov just because federal agents needed to verify information stored on BTC-e before affirmatively tying him to Bitcoin Fog, Monahan said.
The other detail that stood out to me concerns the whole bitcoin mixer aspect. U.S. law enforcement officials have publicly stated their opposition to mixers before, with one last year calling their use “a crime.” And while it seems like it's too early to be reading tea leaves, I wonder if we’ll see more prosecutions against the operators of mixers in the future.
Beckett wrote that an undercover IRS agent successfully sent some small portion of bitcoin from one wallet to another, but “investigators were unable to directly trace any direct link between” the two wallets. This is how the IRS agent proved the mixer was being used to obfuscate transfers, as well as verify that the platform was not conducting any know-your-customer checks.
A message from Mandala Introducing Mandala Exchange, Powered by Binance Cloud.
The first ever privately owned Binance Cloud cryptocurrency exchange. With shared Binance liquidity and security, trade over 900+ pairs with confidence on Mandala Exchange. Take advantage of the largest liquidity pools in the world. Lock $MDX and trade with fees as low as .05%. With shared wallet architecture, trade DeFi cheaper on Mandala and transfer to Binance to stake for free! Sign up today and start saving on trades instantly.
The Biden Bunch Changing of the guard Key: (nom.) = nominee, (rum.) = rumored, (act.) = acting, (inc.) = incumbent (no replacement anticipated) The Securities and Exchange Commission has appointed Wharton School Professor Jessica Wachter as its chief economist and the director of the Division of Economic and Risk Analysis. Professor Wachter has also taught a course on crypto (h/t Andrew Hinkes).
We’re still waiting to see who U.S. President Joseph Biden will nominate to head the Commodity Futures Trading Commission and Office of the Comptroller of the Currency. Consumer Finance Protection Bureau Director-Nominee Rohit Chopra is also still waiting for his confirmation vote.
A message from INATBA The global trade association INATBA (the International Association for Trusted Blockchain Applications) is the bridge between public and private entities in the blockchain ecosystem. Join our 170+ member base today to network with peers, attend industry-leading events, author cutting-edge reports and contribute to the development of regulations through engagement with governments and international organizations.
Elsewhere
Unlocked 101 at Consensus by CoinDesk 2021 The countdown is on to Consensus by CoinDesk, our virtual big-tent event this May.
For those who need a primer or to brush up on the fundamentals, we're hosting Unlocked 101, a free educational series designed to give you the tools you need to navigate crypto.
Sessions run May 4–20, covering the basics of Bitcoin, DeFi, scams and hacks and the NFT boom.
Outside CoinDesk
Today's Tweet
If you’ve got thoughts or questions on what I should discuss next week, or any other feedback you’d like to share, feel free to email me at nik@coindesk.com or find me on Twitter @nikhileshde.
You can also join the group conversation on Telegram.
May the 4th be with you!
ATTENTION: Scammers have been sending fraudulent emails with links to sites disguised to look like coindesk.com. If you are in doubt about a link, type https://www.coindesk.com directly into your browser; do not copy and paste. Remember, if something seems too good to be true, it probably is.
Copyright © 2021 CoinDesk, All rights reserved.
250 Park Avenue South New York, NY 10003, USA You can manage your preferences here or unsubscribe from all CoinDesk email. |