Bitcoin is not an anonymous payment network. However, in practice, many people forget about this – even those who attach great importance to their own privacy.
The online Bitcoin Magazine described a study conducted at the University of Qatar that reminds us that bitcoin itself is not private. In fact, it can even deanize users seeking privacy on Tor’s anonymous network. This phenomenon represents a clear vulnerability or potential leak of personal information regarding people who take active measures to maintain their confidentiality on the Internet.
“In a real experiment, we were able to connect many Twitter users and the BitcoinTalk forum with various hidden services, including WikiLeaks, Silk Road and The Pirate Bay,” the authors of the study “Deanonymizing Tor Hidden Services Users Using Bitcoin Transaction Analysis” write. “Our results [allow] to make one immediate conclusion: Bitcoin addresses should always be considered compromised, as they can be used to deanonymize users.”
Each bitcoin transaction is available at any time to any user on the public blockchain. Identification data is not directly accessible, but their connection with bitcoin addresses can be established. Thus, a set of transactions from the same, and sometimes several bitcoin addresses can be considered as a trace of breadcrumbs. Most people are well aware of this, but they may not understand that in combination with Tor, the apparent anonymity of bitcoin means that the Tor user who publishes the bitcoin address effectively compromises his own anonymity.
“At the moment, it’s quite a trivial task for companies analyzing the blockchain and certain law enforcement agencies to connect [cryptocurrency] transactions with specific wallets, and with the help of these wallets go to a specific exchange,” says Caleb, an independent cryptocurrency and darknet market researcher.
According to Caleb, many darknet buyers could be arrested if law enforcement decides to devote time and resources to their searches. It becomes much easier to do this if Bitcoin users post their addresses on social networks.
Research indicates that Tor users’s deanization is “mainly due to Bitcoin’s lack of operational retrospective security.” Since historical information about transactions is always available through the blockchain, the analyst can associate the user’s bitcoin address or several addresses with addresses common to the pages of the Tor service, anywhere on the Internet, most often in social networks where there can be data identifying one and the same same user. Bitcoin addresses are constantly available breadcrumbs that one day can provide user identification. Bitcoin users must keep this in mind.