{"id":10686,"date":"2022-03-15T12:00:00","date_gmt":"2022-03-15T12:00:00","guid":{"rendered":"http:\/\/ci029c2543d008272a"},"modified":"2022-03-15T12:00:00","modified_gmt":"2022-03-15T12:00:00","slug":"watching-chainalysis-bitcoin-surveillance","status":"publish","type":"post","link":"https:\/\/bitcoinmagazine.com\/industry-events\/watching-chainalysis-bitcoin-surveillance","title":{"rendered":"Chainalysis: Watching Those Who Are Watching Us"},"content":{"rendered":"<div id=\"bsf_rt_marker\"><\/div><p>Blockchain analysis firm Chainalysis recently held the one-day \u201c<a href=\"https:\/\/go.chainalysis.com\/links-london-2022-livestream.html\" target=\"_blank\" rel=\"noopener\">Chainalysis Links<\/a>\u201d conference with a variety of speakers, from former members of MI6, the police force, financial institutions and the United Kingdom\u2019s HM Treasury to internal Chainalysis speakers and moderators.<\/p>\n<p>The conference did not offer a lot of details on Chainalysis\u2019 products or methods for surveilling activity on blockchains like Bitcoin\u2019s, but it offered a high-level look at the context, uses and potential future of its various services and products, giving Bitcoiners a glimpse into those who are watching them.<\/p>\n<h2>The Chainalysis Business<\/h2>\n<p>As one aspect of its business, Chainalysis provides market data on some insightful metrics measuring Bitcoin activity. This included information on cryptocurrency-based <a href=\"https:\/\/twitter.com\/FedorovMykhailo\/status\/1497642156076511233?s=20&amp;t=gyp8qYhWfqQBabWHtTz17A\" target=\"_blank\" rel=\"noopener\">hacks<\/a>, information on the use of Bitcoin for <a href=\"https:\/\/bitcoinmagazine.com\/culture\/darknet-markets-cant-live-with-or-without-bitcoin\">child pornography<\/a>, Bitcoin <a href=\"https:\/\/bitcoinmagazine.com\/culture\/chainalysis-global-crypto-adoption-index\">adoption metrics<\/a> and its uses in <a href=\"https:\/\/bitcoinmagazine.com\/markets\/a-summary-of-bitcoins-massive-first-quarter\">criminal activity<\/a>.<\/p>\n<p>Another service Chainalysis offers is aiding companies in complying with government recommendations <a href=\"https:\/\/bitcoinmagazine.com\/culture\/leaked-chainalysis-roadmap-angers-bitcoin-community-1430255443\">via a service<\/a> that does real-time analysis of blockchains. <\/p>\n<p>A third area is in transaction tracking and investigation, with a tool called <a href=\"https:\/\/bitcoinmagazine.com\/culture\/new-know-your-transaction-tool-enables-enhanced-blockchain-investigation\">KYT<\/a> and a tool called Reactor, which are both used for investigations on Bitcoin and other blockchains.<\/p>\n<p>In case you\u2019re wondering what these platforms look like, here are a couple screens from the public website:<\/p>\n<figure><img decoding=\"async\" src=\"https:\/\/bitcoinmagazine.com\/wp-content\/uploads\/2024\/11\/chainalysis-platform-1.png\" title=\"\"><\/figure>\n<figure><img decoding=\"async\" src=\"https:\/\/bitcoinmagazine.com\/wp-content\/uploads\/2024\/11\/chainalysis-platform-2.png\" title=\"\"><\/figure>\n<p>As a sidenote on the Chainalysis business, <a href=\"https:\/\/bitcoinmagazine.com\/business\/chainalysis-adds-bitcoin-to-balance-sheet\">it recently purchased and put bitcoin<\/a> on its balance sheet. But, as <em>Bitcoin Magazine<\/em>\u2019s Namcios wrote, \u201cthe company doesn\u2019t align very well to the true Bitcoin ethos as its business model is based on <a href=\"https:\/\/www.reddit.com\/r\/CryptoCurrency\/comments\/pstfsq\/chainalysis_has_logged_your_ip_address_if_you\/\" target=\"_blank\" rel=\"noopener\">surveillance<\/a>, allowing its customers to obtain information on bitcoin transactions for discrimination purposes.\u201d<\/p>\n<h2>Definitions And Client Considerations<\/h2>\n<p>Given Chainalysis\u2019 business lines and its ability to disrupt the pseudonymity Bitcoin is meant to provide, I went to the conference with questions about three main areas:<\/p>\n<ol>\n<li>What is the Chainalysis definition of \u201ccrime\u201d? Within crime, how does it define categories like terrorism, illegal products and subverting democracy?<\/li>\n<li>What customers does it sell its investigative platform to, and who won\u2019t it sell to or work with?<\/li>\n<li>How do its products work in detail?<\/li>\n<\/ol>\n<p>With regards to the first question, an answer provided to a chat question during the conference stated that Chainalysis\u2019 role is to produce a tool to be used in investigations. The firm is not a law enforcement agency. <\/p>\n<p>Secondly, when asked if Chainalysis has criteria for entities it will not sell its products to, it responded that the criterion is \u201cusually\u201d whether or not the country or other client is sanctioned.<\/p>\n<p>I reached out to Chainalysis to get a confirmation statement about these conference chat responses, but did not hear back from them.<\/p>\n<p>During the conference, various people talked about use cases for the investigative platforms KYT and Reactor. These included:<\/p>\n<ul>\n<li>MI6 investigations of those suspected of subverting democracy or child abuse<\/li>\n<li>A specific U.K. investigation around firearms bought on the darknet<\/li>\n<li>An investigation of stolen cryptocurrency laundered via debit card use<\/li>\n<\/ul>\n<p>The conference did not get into much specific or under-the-hood details about any products.<\/p>\n<p>But the above use cases raise questions about the use of Chainalysis tools and tactics in the hands of \u201cbad actors,\u201d where the target of the investigation could very well be considered the \u201cgood guy.\u201d To mirror the stated use cases with more complicated bad guy\/good guy scenarios:<\/p>\n<ul>\n<li>What if the investigator is a dictator and the target is someone opposing that dictator?<\/li>\n<li>What if this is an investigation by a dictator or authoritarian regime purging or rounding up minorities, and they are looking to defend themselves by purchasing arms or other banned security mechanisms?<\/li>\n<li>What if the bad actor country or leader was using the financial tracking against an oppressed person or group of people to determine where and what they purchase?<\/li>\n<\/ul>\n<p>All of these cases could also occur for smaller entities, like an organization or an individual.<\/p>\n<h2>Can Chainalysis Be Hacked?<\/h2>\n<p>One main tactic that Chainalysis is used for is tracking ransomware payments and money movement. Below is a Chainalysis Reactor graph showing the money laundering process for five of Evil Corp\u2019s ransomware strains (yes, that\u2019s the listed company name).<\/p>\n<figure><img decoding=\"async\" src=\"https:\/\/bitcoinmagazine.com\/wp-content\/uploads\/2024\/11\/chainalysis-reactor-graph.png\" title=\"\"><\/figure>\n<p>(Per the image above, you can also look at some info of how the <a href=\"https:\/\/bitcoinmagazine.com\/business\/fbi-seizes-bitcoin-from-colonial-pipeline-hack\">Colonial Pipeline ransomware payment was tracked<\/a>.)<\/p>\n<p>If Chainalysis tools are sometimes used to track down ransomware companies\u2019 money, these companies may be motivated to attack the platform. If you think about all of the information that is being aggregated for subjectively good or bad purposes, what happens if Chainalysis is hacked?<\/p>\n<p>In that case, the information it obtains could be ransomed. That would affect <em>everyone\u2019s<\/em> privacy.<\/p>\n<h2>Chainalysis Products, Use Of Dust And Behavioral Alerts<\/h2>\n<p>One of the questions that has come up around Chainalysis is whether its products use Bitcoin dust (microscopic transactions below the minimum limit) to correlate recipient addresses. <a href=\"https:\/\/blog.lopp.net\/history-bitcoin-transaction-dust-spam-storms\/\" target=\"_blank\" rel=\"noopener\">Jameson Lopp wrote recently<\/a> that he believes that Chainalysis does not use dust in this way, based partly on its below statement and the cost benefits of doing so, <a href=\"https:\/\/blog.lopp.net\/history-bitcoin-transaction-dust-spam-storms\/\" target=\"_blank\" rel=\"noopener\">per a <em>CoinDesk<\/em> article<\/a>:<\/p>\n<p>\u201cCoinDesk reached out to Chainalysis and CipherTrace to ask if they use dust in their analytics. Both companies denied using this technique, though Chainalysis Manager of Investigation Justin Maile added that dusting is \u2018more often [used] by investigators\u2019 to trace illicit funds. Maile continued that exchanges may use dusting to trace stolen funds following a hack.\u201d<\/p>\n<p>Chainalysis also has webinars about its \u201cBehavioral Alerts\u201d service, and how you can set them up.<\/p>\n<figure><img decoding=\"async\" src=\"https:\/\/bitcoinmagazine.com\/wp-content\/uploads\/2024\/11\/chainalysis-behavioral-alert.png\" title=\"\"><\/figure>\n<p>In the webinar, the presenter noted that most illicit actors are aware of the standard behavioral alerts, and make their transactions with thresholds and timing to avoid those alerts. <\/p>\n<p>But how many typical blockchain users know what rules will put them on the alert list? <\/p>\n<p>There seems to be a non-zero possibility of good or benign actors getting caught in this analysis. Colin Harper wrote about this issue (with regards to mixing specifically) in a previous <em>Bitcoin Magazine<\/em> article, <a href=\"http:\/\/bitcoinmagazine.com\/culture\/the-bitcoin-mixing-case-at-the-center-of-the-fight-for-transaction-privacy\">\u201cThe Bitcoin Mixing Case At The Center Of The Fight For Transaction Privacy\u201d<\/a>:<\/p>\n<p>\u201cHonest, privacy-savvy Bitcoin users should have nothing to worry about legally, so long as they have nothing to hide, Jesse Spiro, head of policy at Chainalysis, told <em>Bitcoin Magazine<\/em>\u2026 But Spiro\u2019s comment betrays the consequence of this surveillance: Honest users can get caught in the crossfire.\u201d<\/p>\n<h2>Future Directions: Automation Of Flags And False Positives<\/h2>\n<p>If you\u2019ve ever encountered a positive-outcome vending machine malfunction, you\u2019ve come upon the upside of an error and automation of that error \u2014 the machine continues to dispense snacks for free. (Yes, I know, Bitcoiners don\u2019t eat that stuff).<\/p>\n<p>As another example, anyone with a credit card has seen the number of false positives with regards to fraud. When you automate anything, if the methodology is imperfect, you can then automate errors at a more efficient and faster rate.<\/p>\n<p>To make the platform more efficient and able to handle a higher number of smaller cases, many sessions talked about automating the data analysis and flagging of issues.<\/p>\n<p>For false positives with a bank or credit card, the issue is a minor inconvenience. However, being falsely flagged for nefarious activity within other systems can put you under the wheels of that system and it can be difficult to prove innocence and extricate oneself. The systems mentioned included organizations such as the U.S. Internal Revenue Service, police and international crime units and banking systems worldwide.<\/p>\n<p>It was noted during the conference that input from more data systems are going to be sourced, aggregated and otherwise used within the Chainalysis platform. It is yet to be seen what that will mean for generating false positives around what the platform deems to be \u201ccriminal\u201d activity using platforms like Bitcoin.<\/p>\n<h2>Chainalysis, Privacy And Censorship-Resistance<\/h2>\n<p><a href=\"https:\/\/bitcoinmagazine.com\/business\/ciphertrace-partners-maltese-regulators-manage-risk-financial-crimes\">In 2019<\/a>, Chainalysis made a <a href=\"https:\/\/blog.chainalysis.com\/reports\/service-level-data\/\" target=\"_blank\" rel=\"noopener\">public statement<\/a> of its privacy policy in response to public scrutiny around the privacy implications of deanonymizing blockchain transactions. If you don\u2019t have financial privacy, you are not censorship resistant. Bitcoin is <em>not<\/em> censorship-resistant without privacy.<\/p>\n<p>This is at the heart of the concern around the Chainalysis tools and its ability to do financial surveillance.<\/p>\n<p>Chainalysis provides useful metrics that counteract false narratives. These include data on how much cryptocurrency is really used for \u201ccriminal\u201d activities and data about cryptocurrency adoption by country and demographics.<\/p>\n<p>However, the Chainalysis investigative analysis tools that are used against what most would view as \u201cbad actors\u201d can also easily be used against anyone. Its tools could also be used to suppress rights and freedoms where certain or arbitrary laws do not enable those rights and freedoms.<\/p>\n<p>As world entropy increases, the greater good would be served if Chainalysis were to develop protocols regarding who it will sell their products to and what its definition of \u201ccrime\u201d is in order to reduce the likelihood that they cause harm unintentionally.<\/p>\n<p>Chainalysis may be enabling others to surveil the blockchains for nefarious actors. But privacy experts and Bitcoin plebs should also be watching and surveilling Chainalysis for similarly bad actors and actions.<\/p>\n<p><em>This is a guest post by Heidi Porter. Opinions expressed are entirely their own and do not necessarily reflect those of BTC Inc or <\/em>Bitcoin Magazine<em>.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A recent event by blockchain surveillance firm Chainalysis explained how its tools are used and raised questions about whether they should be.<\/p>\n","protected":false},"author":2815,"featured_media":10691,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[30],"tags":[2129,857,422,582,73,72],"class_list":{"0":"post-10686","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-industry-events","8":"tag-blockchain-surveillance","9":"tag-chainalysis","10":"tag-feature","11":"tag-freedom","12":"tag-privacy","13":"tag-surveillance"},"author_data":{"id":2815,"name":"Heidi Porter","nicename":"heidi-porter","avatar_url":"https:\/\/bitcoinmagazine.com\/wp-content\/uploads\/2025\/01\/unnamed-2-96x96.png"},"featured_image_url":"https:\/\/bitcoinmagazine.com\/wp-content\/uploads\/2024\/11\/dtrh-surveillance.png","_links":{"self":[{"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/posts\/10686","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/users\/2815"}],"replies":[{"embeddable":true,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/comments?post=10686"}],"version-history":[{"count":0,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/posts\/10686\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/media\/10691"}],"wp:attachment":[{"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/media?parent=10686"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/categories?post=10686"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/tags?post=10686"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}