Law Enforcement and Cryptocurrencies (Part 3)

Before turning to the known methods for tracking Bitcoin and other cryptocurrencies, I want to close out our review of law enforcement statements with a few more posts regarding prior testimony. Today I will look at the 2013 testimony by Acting Assistant Attorney General Mythili Raman.

First, like the testimony from FINCEN Director Calvery that we will look at tomorrow, AAG Raman notes that the U.S. authorities have been dealing with virtual currency issues since WebMoney and e-Gold in the 1990s, but that new cryptocurrencies present new threats:

The concept of virtual currencies is not new to the Department and, indeed, the Department has investigated and prosecuted the illicit use of virtual currencies since the late 1990s, when criminals first began using systems such as WebMoney and e-Gold to conduct their business. Over the last 15 years, however, virtual currencies have evolved and diversified significantly, challenging the Department to adapt our capabilities to deal with new systems and threats.

. . .

“Virtual currency” is a medium of exchange circulated over a network, typically the Internet, which is not backed by a government. These systems can be both centralized and decentralized.

Early centralized models, where the currency is controlled by a single private entity, have expanded and now encompass a wide range of business concepts. Some centralized virtual currencies take the form of digital precious metals, such as e-Gold and Pecunix, where users exchange digital currency units ostensibly backed by gold bullion or other precious metals. Others exist within popular online games or virtual worlds, such as Farmville, Second Life, or World of Warcraft. Still others are online payment systems such as WebMoney and Liberty Reserve, which are available generally outside of specific online communities and denominate users’ accounts in virtual currency rather than U.S. Dollars, Euros, or some other national currency. Decentralized systems such as Bitcoin, which have no centralized administrating authority and instead operate as peer-to-peer transaction networks, entered the scene relatively recently but are growing rapidly. A network of sites and services, including exchangers who buy and sell virtual currencies in exchange for national currencies or other mediums of value, have developed around virtual currency systems, as well.

He emphasized the use of Tor to conceal transactions:

And, indeed, some of the criminal activity occurs through online black markets, many of which operate as Tor hidden services. Tor hidden services are sites accessible only through Tor, an anonymizing network that masks users’ Internet traffic by routing it through a series of volunteer servers, called “nodes,” across the globe. Online black markets capitalize on Tor’s anonymizing features to offer a wide selection of illicit goods and services, ranging from pornographic images of children to dangerous narcotics to stolen credit card information.

Recent articles suggest that illegal Tor marketplaces and sites have decreased, though I have not seen a comprehensive study on the matter. Also, it is not yet clear where the traffic has moved.

AAG Raman emphasized the Government’s view that money exchanges (like Coinbase, Gemini, etc.) are bound by existing Government regulations on financial services companies. This provides a hook for prosecuting them even if they cannot be linked to money laundering or other illegal activity:

The Department relies on money services business, money transmission, and anti-money laundering statutes to curtail this sort of unlawful activity. Many virtual currency systems, exchangers, and related services operate as money transmitters, which are part of a larger class of institutions called money services businesses. Money transmitters are required under 31 U.S.C. § 5330 to register with the Financial Crimes Enforcement Network (FinCEN). Most states also require money transmitters to obtain a state license in order to conduct business in the state. Any money transmitter that fails to register with FinCEN or to obtain the requisite state licensing may be subject to criminal prosecution under 18 U.S.C. § 1960. Additionally, the general money laundering and spending statutes, 18 U.S.C. §§ 1956 and 1957, cover financial transactions involving virtual currencies. Finally, where virtual currencies are used in furtherance of underlying criminal activity, the Department can rely on traditional criminal statutes proscribing that activity, such as narcotics, cybercrime, child exploitation, and firearms laws.

AAG Raman also correctly emphasized the difficulties in attacking Bitcoin and similar cryptocurrencies due to the lack of a central authority:

Among the most significant challenges the Department faces in dealing with virtual currency is the difficulty in obtaining customer records. Because decentralized systems lack any sort of administering authority to collect user information or receive legal process, investigators must rely on information collected by other sources, such as exchangers. Even if the target used a centralized system or exchanger, however, accurate customer records may still be difficult to obtain, or may not exist at all. . . .

A final challenge arises from the link between virtual currency and encryption. Decentralized virtual currencies typically rely on an encryption algorithm, rather than a central authority, to administer the currency. These encryption-based currencies, also known as cryptocurrencies, lack a central administering authority that might otherwise possess valuable evidence. In addition, users of these currencies often encrypt their digital wallets, complicating our efforts to seize and forfeit criminal proceeds.

Law Enforcement and Cryptocurrencies (Part 2)

In his recent testimony, DHS Assistant Director of Homeland Security Investigative Programs Matthew Allen addressed the effort to reduce illicit fentanyl distribution. He noted that criminal organizations have increased their use of virtual currencies and DHS has begun using blockchain analysis to track payments:

In targeting virtual currency transactions of heroin and illicit fentanyl, ICE uses blockchain analysis to track transactions between criminal parties. Blockchain is a digital ledger in which transactions made in bitcoin or another cryptocurrency are recorded chronologically and publically. ICE has seen a substantial increase in cases in which private parties are acting as money service businesses to exchange digital currencies into fiat currency to enjoy the illicit proceeds of narcotics smuggling. The IFPCU also utilizes resources provided by the Treasury Executive Office for Asset Forfeiture’s Third-Party Money Laundering Initiative to support complex financial investigations. ICE’s Bulk Cash Smuggling Center also supports investigations through counter money laundering efforts that target TCOs that supply heroin and fentanyl.

The sources, brokers, and U.S. distributors of heroin and illicit fentanyl often communicate via dark web marketplaces, internet chat rooms, Peer to Peer applications, emails, skype, or other means of electronic communication. ICE’s Cyber Division further exploits these methods of communication in furtherance of field initiated criminal investigations. Moving forward, ICE’s Cyber Division will focus on exploiting the digital footprints left by the criminal parties. These exploitations will provide additional investigative avenues and exponentially increase targetable data points.

Perhaps unsurprisingly, Mr. Allen did not provide additional information about the “blockchain analysis” methods being used by Homeland Security. Over the next week, we will look at analysis methods recognized by blockchain programmers and the academic community.

Law Enforcement and Cryptocurrencies (Part 1)

Coindesk recently pointed to congressional testimony given by Matthew Allen, an assistant director at the Department of Homeland Security, on cryptocurrency use in drug transactions.

As early as 2013, DHS informed Congress that is was monitoring the use of “virtual currency” by “transnational organized criminals.” DHS noted that cryptocurrency exchanges used to support illegal activity may constitute money laundering and violate banking regulations:

[T]he transfer of virtual currency arguably does constitute a transfer of “funds” within the meaning of Sections 1956 and 1960 of Title 18 of the United States Code (U.S.C.). As a result, if criminals are using a virtual currency system to promote criminal activities, to disguise or conceal the source of their illicitly derived proceeds, or to evade federal or state reporting requirements, they may be prosecuted for money laundering.

Similarly, the failure of a virtual currency exchanger or administrator to register with the Treasury Department’s Financial Crimes Enforcement Network (FinCEN) or the act of engaging in the transfer of criminally derived proceeds on behalf of the public, constitutes a violation of 18 U.S.C. §§ 1960 and 1956, respectively.

Homeland Security also explained that they were pursuing multiple avenues to limit criminal use of virtual currencies:

ICE has, therefore, strategically deployed a multi-prong investigative strategy designed to target illicit virtual currency platforms, currency exchangers, and underground black markets such as “carding,” illegal drugs, illegal firearms, and child pornography forums.

But the examples cited seem to involve traditional investigation with some side element involving virtual currency, rather than analysis of virtual currency transactions themselves to aid an investigation:

During the course of the [Silk Road] investigation, ICE special agents identified bitcoins used by buyers and sellers to complete their transactions on the Silk Road site. The bitcoins, worth an estimated $3.6 million, were located in Silk Road’s operating account and ultimately seized by the FBI.

. . . .

In May 2013, through an interagency taskforce led by ICE in Baltimore, Maryland, three U.S. bank accounts associated with what was then the world’s largest bitcoin exchanger, Japan-based Mt.Gox, which was moving approximately $60 million per month into a number of Internet-based hidden black markets operating on the Tor network, including Silk Road, were seized for violations of 18 U.S.C. § 1960, operating a money service business in the United States without a license.

The 2013 testimony therefore provided little information about the DHS / U.S. Government techniques in pursuing criminals through cryptocurrency transactions, though it suggested an increased focus on the issue. Tomorrow I’ll address Mr. Allen’s more recent testimony.

What is Ethereum? (Part 5)

I have previously suggested some uses (or, rather, some unwise uses) for Ethereum. In his original whitepaper, Vitalik suggests some better uses:

Financial derivatives and Stable-Value Currencies

Financial derivatives are the most common application of a “smart contract”, and one of the simplest to implement in code. . . . The simplest way to do this is through a “data feed” contract maintained by a specific party (eg. NASDAQ) designed so that that party has the ability to update the contract as needed, and providing an interface that allows other contracts to send a message to that contract and get back a response that provides the price.

. . . .

Identity and Reputation Systems

The earliest alternative cryptocurrency of all, Namecoin, attempted to use a Bitcoin-like blockchain to provide a name registration system, where users can register their names in a public database alongside other data.

. . . .

Decentralized File Storage

. . . .

Ethereum contracts can allow for the development of a decentralized file storage ecosystem, where individual users can earn small quantities of money by renting out their own hard drives and unused space can be used to further drive down the costs of file storage.

. . . .

Decentralized Autonomous Organizations

The general concept of a “decentralized organization” is that of a virtual entity that has a certain set of members or shareholders which, perhaps with a 67% majority, have the right to spend the entity’s funds and modify its code. The members would collectively decide on how the organization should allocate its funds.

What is Ethereum? (Part 4)

So now we’ve discussed what Ethereum can do. Let’s discuss a bit more about how it does it. The next fundamental concept to understand is gas, which ensures that there is a cost to transactions. In a normal computer, the goal is to make transactions costless. That goal will never be reached, but that has always been the asymptote suggested by Moore’s Law: get as fast and as cheap as possible.

But in a blockchain, every transaction is computationally expensive, because every transaction involves every node on the network. Bitcoin has transaction fees. Essentially, this is a Bitcoin fee attached by a sender to a transaction. If a miner includes the sender’s transaction in their next block, the miner is free to keep the fee. This encourages miners to include the transaction is the next block. By the same token, it discourages network flooding in two ways: (1) It discourages meaningless transactions because each has a fee attached. (2) Particularly as the network fills, it discourages senders from trying to duck the transaction fee because then miners simply won’t include their transaction in the next block.

Ethereum, on the other hand, has gas. This pays both for messages sent and for computational steps taken by contracts. Every line of code that gets run costs gas. If an operation runs out of gas, it gets reverted, but the gas never gets returned. That prevents infinite loops.

In the whitepaper, Vitalik explains Ethereum’s state transition with an emphasis on gas:

  1. Check that the transaction is valid and well formed.
  2. Check that the transaction sender has at least 2000 * 0.001 = 2 ether. If it is, then subtract 2 ether from the sender’s account.
  3. Initialize gas = 2000; assuming the transaction is 170 bytes long and the byte-fee is 5, subtract 850 so that there is 1150 gas left.
  4. Subtract 10 more ether from the sender’s account, and add it to the contract’s account.
  5. Run the code. In this case, this is simple: it checks if the contract’s storage at index 2 is used, notices that it is not, and so it sets the storage at index 2 to the value CHARLIE. Suppose this takes 187 gas, so the remaining amount of gas is 1150 – 187 = 963
  6. Add 963 * 0.001 = 0.963 ether back to the sender’s account, and return the resulting state.


Convictions in Bitcoin Exchange Trial

From Coindesk:

Two individuals connected to the now-defunct bitcoin exchange Coin.max have been convicted following a trial in New York.

A Manhattan jury sided with the prosecution in convicting operator Yuri Lebedev and Pastor Trevon Gross. Both Lebedev and Gross had been charged with bribery and conspiracy charges, while Lebedev was also tried on bank fraud and wire fraud charges.

Head over there or to the Reuters story for more.


What is Ethereum? (Part 3)

In the last post, we saw that Ethereum passes messages (which may contain transactions) among accounts (which may be either individual wallets or smart contracts.) Next we need to discuss smart contracts. What is a smart contract?

Well, essentially, it’s anything you want it to be. Ethereum is Turing complete, which means that it is mathematically proven to be capable of performing any other calculation that another computer can perform. If you wanted (and if you had enough gas), you could build Facebook or Twitter or Windows or Global Thermonuclear War using Ethereum.

That’s not to say any of those applications would be wise or practical (except for the last one, which is obviously an awesome idea.) It is important to remember that any transaction on the Ethereum blockchain is processed by all the nodes, which means the system is extremely slow for large, complex tasks. Of course, it comes with massive benefits, namely global certainty and verifiability.

Let’s give a few examples:

  • Should you run Facebook on Ethereum? Probably not. But what if you just want additional evidence that someone is who they claim? An Ethereum app could show with absolute certainty that someone created an identity-verification account on a certain date. It can show with absolute certainty what pieces of verification they have provided, such as verifying their e-mail, confirming their ownership of a LinkedIn, Facebook, or Twitter account, etc. And depending on how much you trust those verification methods and the credentials to which they link, you can trust the person.
  • Should you run Bittorrent over Ethereum? No. But maybe you want a reliable, un-Pirate Bayable source of Bittorrent seeds. Ethereum can provide that.
  • Should you build an accounting system on Ethereum? No. But maybe you want to provide proof that your accounting documents were created when you claim and have always contained what you claim. (In other words, you haven’t cooked the books.) Ethereum can provide that.