Demystifying Chainalysis, tapping your privacy is their job

Last week, a Chainalysis (previous or current) employee made a self-assertion and conducted an AMA at r/Bitcoin, revealing sensitive information about the company's blockchain forensics capabilities. Subsequently, the informant seemed to change his mind and deleted all comments. Thankfully, all the things that happen on the Internet are traceable. These comments are still kept on the Removedit.com website, giving us a unique understanding of one of the most annoying companies in the cryptocurrency field.

Blockchain

The secret of Chainalysis is made public

As a company that works closely with relevant organizations such as law enforcement agencies, government agencies, and defense contractors, Chainalysis has always kept the technology it uses. However, the company found that an anonymous employee had an AMA at Reddit on June 24 without permission. Users of r/Bitcoin asked a series of questions about Chainalysis's investigative skills, and the anonymous person was happy to answer these questions.

After 12 hours, perhaps the wine was awake, or after the management tracked the employee and put pressure on them, the comments were deleted, but the content was archived.

When asked about the company's views on BTC blending tools such as Coinjoin, Wasabi and Samourai Whirlpool, the anonymous person's answer was:

“I personally like these tools. Of course, company management doesn’t like it. These tools affect our (or their) software needs and make them useless.”

Simple precautions can invalidate blockchain analysis

In the face of well-funded and well-equipped opponents, many cryptocurrency users feel that they cannot obtain reasonable privacy protection. However, as the Chainalysis staff said in this AMA, the relevant forensic tools are not as powerful as they might be, and simple hybrid methods can defeat them.

When asked if the coin and other privacy tools would make Chainalysis helpless, the anonymous person replied:

“Even if it’s just a privacy coin, no one can handle it, but with the addition of anonymization technology, forensic tools can work.”

When commenting on the most annoying hostile tools of Chainalysis, ta boldly said that it was probably Wasabi, a privacy-oriented bitcoin wallet that uses Coinjoin technology. While acknowledging that Bitcoin hybrids are “still bad” for such investigative companies, anonymous people insist that “Wasabi is the number one enemy. There is currently no way to anonymize Wasabi, and I don’t know how the government can legally Take Wassabi down, so it is likely to continue to exist. In other words, if everyone uses Wassabi, Chainalysis will go out of business."

Although he observed that "running your own nodes and electrum servers is a good way to keep your IP tracked by Chainalysis software," he said, mobile wallets are bad for privacy. The five categories in which your bitcoin transactions are most likely to become suspicious are: "stolen funds (such as hacking incidents), from DNM, from gambling tools, from terrorist financing, and from ransomware payment addresses."

Chainalysis: Is an unethical company an innovative company that fights evil forces?

It is no exaggeration to say that Chainalysis and similar companies are controversial in the field of bitcoin. On the one hand, their software can generate useful activity reports on chain activity, including UTXOs, hodler waves and lost coins, and can also be used to track the flow of hacked funds from exchanges. On the other hand, many people think that Chainalysis violates the spirit of Bitcoin, and its software will be sold to authoritarian regimes used to monitor and persecute users of cryptocurrencies, ultimately making the financial system more inclusive, even worse than Bitcoin. Before the birth.

When asked about the most unethical things that Chanalysis has done, ta replied:

"1. Transparency. 2. Combats systems designed for anonymity, which reduces interest and market for cryptocurrencies. Forces people to use other cryptocurrency platforms that we cannot track."

“Chainalysis is definitely a good person. They are definitely on the side of the government? I personally don’t agree. I think it can be used to accurately describe the attitudes of some of them… No one in the company is worried about the arrival of our software. Personally worried that law enforcement will abuse power through our software…and then he left."

According to the anonymous source, government agencies using the Chainalysis software include the Homeland Security Investigation Bureau, the Federal Bureau of Investigation, and the US Internal Revenue Service (they seem to have the most licenses, or at least the most active because their names often appear). “In addition, the US Alcohol, Tobacco and Firearms Administration, Drug Enforcement Administration, Securities and Exchange Commission, Secret Service, CIA (via Q Tel) and most other federal law enforcement agencies are running the software.”

“Only a large police station like the New York Police Department will run this software (it’s not cheap). I know that some regional prosecutors’ offices also have software licenses, but it’s not clear. The Royal Canadian Mounted Police are also using Chainalysis software, as well as Europol and the British National Police."

There are other important details about this deleted AMA, including Chainalysis running its own Electrum node (which once accounted for 10% of all BTC nodes), and Chainalysis also discussed whether to drill the dusting attacks for tracking transactions:

“It’s been discussed a few times, but no one has ever done this. It doesn’t seem to have much practical use to do this, because if the address exists on the blockchain, it can already be tracked. If not, just pay a sum. Money, it will appear in the software, so dusting will not improve IP tracking capabilities."

The coin tool and Monroe are enough to guarantee privacy – don't use mobile wallet

The employee also explained that Chainalysis has its own database, which stores information in the field of cryptocurrency that is known or considered to be a perpetrator. Individuals are not being tracked. As for the cryptocurrency processed by the coin, " If the coinage tool is known, the relevant funds will be rated as high risk, the same level as the dark market."

At the same time, ta suggested using Monroe to protect privacy, but reiterated that it must be cautious about mobile wallets that do not contain privacy protection.

The last privacy suggestion given by the Chainalysis employee is as follows:

"What I want to say is that to avoid using mobile wallets, use Wasabi, Coinjoin and similar features, run VPN or onion routing at any time, remember that everything you view on the web is recorded."

Shortly after entering these words, Reddit user chainalysis1 deleted their account.