142 comments

[ 3.0 ms ] story [ 198 ms ] thread
I wondered about this. Yes, you may have stolen some bitcoin from people but you can't do anything with it. It's all traceable through the blockchain.

You can't buy anything directly with it because as soon as you receive the goods the police will force the person who provided the goods to you to give away your details.\

You can't take it out into your bank account because that will also identify you.

So - a bitcoin mixer would seem your best bet, but even then it just makes it "more difficult" to trace. Not sure I'd want to risk many years in prison on that.

So basically the anonymity it provides is being a simple alias instead on full name in the eyes of authorities?

How does one stay anonymous without being perceived as a threat by authorities is the million bitcoin question

>How does one stay anonymous without being perceived as a threat by authorities is the million bitcoin question

It shouldn't matter if you're perceived as a threat by authorities if you're anonymous. Bitcoin's biggest selling point is that it's supposed to render governments and law enforcement impotent to interfere with transactions, regardless of their legality.

(comment deleted)
just buy Monero using Bitcoin and then buy Bitcoin again using the Monero.
First of all, it's not really traceable. You can sell them on LocalBitcoins, and an outside observer will never know - all you see is coins moving from A to B.

Second of all, you can mix them with other coins, which instantly crushes all hopes of traceability.

Example: Imagine you have wallets A (clean) and B (stolen) with 1 BTC each. You put them both into wallet C, and then you split it again equally into X and Y. Where is the stolen money now?

And then there are altcoin exchanges.

The holder of C could potentially be prosecuted for receiving stolen property, under AML laws, or as a co-conspirator in the original theft.
If you replace bitcoin with cash, by your logic I'd be arrested for selling a thief an apple if he paid for it with stolen cash.

That's the distinction. Is it money or is it a fenced good?

If I'm receiving currency (be it real money or bitcoin), I'm not going to think about where it came from. It's fungible.

Unless he's reaching into a giant purple spattered bag that says "bank vault" and the name of a bank you know was robbed.
Then you will be asked to cooperate and reveal the identity of the thief. If you don't, then yes you are in "potential" trouble.
I see no issue with cooperating. If they want to see my security footage then let them get a subpoena. If they want to see the IP logs and customer data for a potential money launderer, it's the same bar.
Physical dollars each have a unique serial number - aren't these sometimes used to track criminals as they spend stolen funds? Or is that just a Hollywood exaggeration?
I think it's only useful if you know which serial numbers were stolen, for example if you give specific range of serial numbers as a ransom payment.
When I worked as a bank teller briefly, we had this planned out. There was a stack of bills (usually 10s, but it was kind of random) that we were only to give out if we were actively being robbed. They were indistinguishable from regular currency to avoid suspicion, but the serial numbers were recorded for tracking purposes.

This was in a small town bank, and I'm sure that larger banks have more sophisticated policies. I'm curious to know if ATMs have any similar features.

> by your logic I'd be arrested for selling a thief an apple if he paid for it with stolen cash.

Yes, this can happen. Especially for higher valued items

Unfortunately, under the US drug laws, this is allowed. You're a drug dealer and rent an apartment? The landlord could now be at risk, regardless of whether they know how you make money to pay them. It's how the Feds have compelled completely law abiding citizens to work with law enforcement and/or threaten to take everything.
> I'd be arrested for selling a thief an apple if he paid for it with stolen cash

Welcome to anti-money laundering law. KYC regulations basically mean, for anyone handling large volumes of money, it's the vendor's business, and liability, to know where customers' money comes from.

But C is just some address the thief used. You see, you can create a million of them a minute for free, and then move the stolen and clean money between them in a randomized way, making it indistinguishable from real transactions. All you see on the blockchain is money moving between addresses.

Exchanges do know the identities of a small fraction of all addresses, that's true. But if someone wants to remain anonymous, and has a relatively small amount (in relation to exchange's liquidity), it becomes trivial to hide the money.

Something like MtGox amounts are much much more complicated to clean in their entirety, that I agree with.

Where does the clean money come from?
"Clean" in this case only means not this stolen money. It can be some other stolen money. Or it can be borrowed money.

The bitcoin tumbler is a service that does the mixing, and as long as it has more than one customer, it can do the mixing.

I really gotta wonder what sort of protection this actually provides.

A tumbler only helps if a lot of people with legitimate BitCoins frequently mix them in, so that people with coins from a mixer have a plausible claim of innocence. If mixers are primarily used by criminals, you've only anonymized which crime you've committed, you haven't really laundered the money. If those coins touch your real-world identity, you may not be incriminated in a particular crime, but you've made yourself into a suspect in a relatively small pool of crimes.

You are correct. Tumbling is not laundering, it's only there to make the tracing close to impossible.
Amortized guilt seems a lot better to me than specific guilt. Finding a charge in there is really difficult. As is 'beyond the shadow of a doubt'.

Beyond that, you could buy legitimate bitcoin and only use it to 'legitimize' mixing pools.

Does this maybe change depending on jurisdiction?
(comment deleted)
Possibly, but only if they get caught. I imagine many of these services are run by individuals who remain anonymous to avoid prosecution in the event their service is used for money laundering.
I would like to know what is their average lifetime. AlphaBay was not exactly the same, but it was longest running market - meaning a bit above 3 years. It does not give much confidence.
But the blockchain records all movements of bitcoin, so if I have a coin's hash, I can trace it's movement in transactions from A->C->X wallets?

A mixer or exchange is the best bet, but then you're relying on a third party. A mixer may record it's transactions with people to say which coin was given out for which coin moved in.

At least this is my understanding of how the blockchain works. I may be wrong (likely!)

No, you can't. Bitcoins are fungible. There's no way to mark stolen coins.

That's why I asked - where is the stolen money, is it in X or in Y or in both?

The best we can do to reduce crime is to convince most of the exchanges not to take the stolen coins (or take them, but give them back to the real owners). But there are so many of them, and many of them are anonymous, I don't see how we can do that.

No, but you can mark the transactions right? So if I know all the bitcoins in that "bad" wallet, I can follow all transactions from that wallet and see where the coins end up?
What will that achieve? After mixing you end up with addresses that contain coins that are partially stolen, partially clean (tainted).

You could, theoretically, convince some providers of goods/services not to accept any tainted coins. It is doable, but most business owners don't care about that, as long as the money is not pure stolen (in both Bitcoin and physical world).

Consider that some money in your bank account has previously gone through being stolen, traded for drugs, guns, slaves, being laundered. Pretty much nobody but the Central Banks has clean money.

Right - now we're talking about it as if it's been mixed. I originally said that his best bet would be to use a mixer, otherwise the transactions can be traced. And by mixing he's relying on a third party.
Sure, this works if the mixing moves all coins through a single wallet.

By using a set of different wallets where the control is shared but unknown outside of the mixer, you can end up with coins that are not traceable through wallets.

A bit like you giving money to a third party, who calls up his friend, and then his friend gives the same amount of money to your friend. 'Your money' then ends up being used for something else (unrelated to you).

Fundamentally, your money must end up going to your hawala dealer's friend. However, under this system, your money can move from the dealer to his friend after it moves from his friend to your friend, violating the normal temporal order of things.
Can't you trace by amount? If I put 1.114596 bitcoins and pass them through the mixer, won't there be an account X with the same amount?
No. First of all, there are fees. Second of all, if the criminal is not an idiot, they will split the final output into randomized amounts. They can also sacrifice some coins, so they don't end up with the same exact amount.
Disclaimer: I'm not well informed about crypto-currencies. This is just to test if I'm understanding correctly.

So you are doing mixing. One of your users is a criminal, and that is apparent to you as you can trace where their coins came from. In your stash, you have 100BTC, 10 of which is the share from the criminal. He/she orders 1BTC to be transferred to a private wallet. You make a transfer to the private wallet from your stash, but you know exactly who gave the order. When the police comes to you, you will be forced to tell them who gave the order. Am I missing something? If I'm correct, then the attacker has to trust the mixer.

Most bitcoin tumblers are anonymous. You deposit the money and you specify the withdrawal addresses. The owner of the tumbler doesn't know you personally. The tumbler itself is just some code running on some anonymously rented server.

And then we have things like ZCash, which are designed to make tracing impossible.

The ill-gotten money's in both X and Y. 0.5 BTC each. Where else can it be?

Here's an approach to deter crime here: explicitly expose the implicit information about stolen coins. Wallets containing stolen coins are to be considered tainted to a specific amount of BTC. Receiving from them means your wallets gets that taint, proportionally to the amount received. The only way to un-taint a wallet is to return the stolen money.

This assumes certain infrastructure, of course.

> The ill-gotten money's in both X and Y. 0.5 BTC each.

How did you reach this conclusion?

Why not 0.1 in X and 0.9 in Y?

Why not 1 in X and 0 in Y?

> This assumes certain infrastructure, of course.

Will not happen any time soon. Just like it doesn't happen with the dollars / euros / etc.

Even if you somehow magically force this kind of filtering at the node level, people who desire freedom will move to some other cryptocurrency. Bitcoin is actually quite simple compared to more modern and more anonymous offerings.

The equal split would be a matter of convention. I think this is what people would consider fair. The amount was split evenly, so the taint is split evenly too.

Here's a more detailed proposal to show it can be done as a distributed system.

http://www.loper-os.org/?p=988

It's not about forcing nodes to do anything. It's about publishing data about what they're doing. Then people can make informed decisions. Some people won't like it, but precisely what freedom would be be trying to preserve, if they're fighting this? Freedom to foist off dirty money to people who don't want to receive it?

> The equal split would be a matter of convention.

But you see, that's not the question I asked. I asked where the stolen money actually is. And the only truthful answer you can give is "I don't know".

I agree that we could create a system to track "tainted money" and use the proportional tracking in case of merge-splits (50-50 in our example). But you will quickly run out of untainted money (besides the freshly-mined coins), because

1) everything that touches the hot wallet in any exchange will be considered tainted

2) Even if #1 were not true, every time an exchange does a withdrawal, they don't do it in 1 transaction per address, they do it in batches, where they withdraw from the hot wallet into dozens/hundreds of addresses. They do it to massively save on the transaction fees.

"I don't know" implies you needed to keep looking. But you do know, roughly, just not exactly.
Look as hard as you wish, you'll never find it. That's why it's necessary to invent criteria for finding what we're looking for here. If they don't think tracking down stolen coins is a worthwhile pursuit, they'll never be convinced, but that's the beauty of the Shitcoin proposal. There's no need to convince everyone. The people who ARE convinced just need to build the parallel system.
>I asked where the stolen money actually is.

Okay, let's go down that route. Here's where it is: nowhere. Not because it disappeared, but because it was never actually located IN a wallet. And this is true of all bitcoins! They're not really IN wallets. They're abstract entities, if they count as entities at all. The wallets are the more primary entities in the BTC platform, as I understand it. Wallets are associated with amounts of BTC.

The BTC platform has no concept of 'stolen' coins. That's why you'll need another parallel platform to deal with this issue. As a wholly hypothetical platform, we're free to propose the invention of new conventions here.

I think you have the wrong idea about what a "coin" is (I also had this misconception for a while). A "coin" has nothing to do with the hash found to mine the block. All that happens is that when a block is mined, it includes a transaction that gives the miner 25 coins (Or whatever the current bitcoin reward is). So the coins are just a number, there's nothing that separates one "coin" from another "coin". It's like handing out dollar bills without a serial number on them.

So if you move 20 coins from wallets A and B to wallet C, and then Wallet C moves those coins to wallets D and E, there's no concept of "whos" coins from A and B you moved into each wallet, it's just a count.

I'm talking more about following the transactions than the "coins". Unfortunately I've messed up my semantics along the way which doesn't help anyone.

So in this case wallets A,B,C,D, and E are all suspect, and at some point they're going to try and buy something tangible or convert to real currency from one of those wallets.

>First of all, it's not really traceable.

Or use BTC mixers.

So, basically, online money laundering? Get a legitimate side business, mix clean and stolen BTC -> profit?
Yes, kind of. Surprise, crime happens. HSBC laundered what, $670 billion dollars of Mexican cartels? How many executives ended up in prison? Didn't they pay some tiny fine and that's it?

http://www.reuters.com/article/us-hsbc-probe-idUSBRE8BA05M20...

Also mixing is not laundering. Mixing only allows you to stop the tracing. Converting these mixed coins on a large scale to something like dollars is very very hard. Most exchanges that interact with the traditional banking system do check where you got the money from. It's not like you can send $1M worth of tumbled coins to Bitstamp/Kraken/Coinbase and convert them to dollars without tons of paperwork. And it's not like you can buy a house/car/boat with these coins and expect the IRS not to show up.

Is your argument HSBC committed a crime so everyone else should be allowed to, too?
I don't think so, I think the argument was that, if crime is possible it will probably happen. There was no moral judgement about that.
No, my point was, if you're so worried about money laundering, bitcoin should be the least of your worries. One bank laundered more in a few years than ALL of bitcoin is worth multiplied by 15.

And I doubt a significant portion of bitcoin is used for money laundering - it's mostly geeks, investors, and other early adopters holding it.

Another point was - the government generally doesn't seem to care about massive scale money laundering. I have no other explanation why nobody went to prison, and the fine was only $1.9B on $670B laundered.

>Converting these mixed coins on a large scale to something like dollars is very very hard. Most exchanges that interact with the traditional banking system do check where you got the money from. It's not like you can send $1M worth of tumbled coins to Bitstamp/Kraken/Coinbase and convert them to dollars without tons of paperwork. And it's not like you can buy a house/car/boat with these coins and expect the IRS not to show up.

This nicely explains why the Mexican cartels (in their simplicity) used US dollars and not Bitcoins ;).

But I still wonder about the paperwork, it completely escapes me.

I mean, there are mainly three "legit" ways to actually become in possession of a Bitcoin:

1) mining it

2) buying it (i.e. giving real money in exchange for it), let's say as an investment

3) accepting the Bitcoin as payment for any service, good, etc.

Why any of the above (that have more or less a proven/provable origin and thus that can justify the provenance of the Bitcoin and somehow do the appropriate paperworks) would want to use a mixer?

Or - differently put - once you Bitcoin has gone through the mixer isn't it not anymore suitable to any exchange requiring this paperwork? I.e. it becomes "unspendable" money (if not in very small quantities, small amount single operations, limited quantities of operation).

Or am I missing something?

>Why any of the above (that have more or less a proven/provable origin and thus that can justify the provenance of the Bitcoin and somehow do the appropriate paperworks) would want to use a mixer?

I haven't made any darknet purchases yet, but if I do I'd like my legally purchased Bitcoins not to be linked back to Coinbase which has a lot of identifying information on who I am.

>I haven't made any darknet purchases yet, but if I do I'd like my legally purchased Bitcoins not to be linked back to Coinbase which has a lot of identifying information on who I am.

But I wasn't hypothizing the case of buying anything on a darknet or anything "debatable" (which would be a good reason to try to strip each and every information) I was trying to understand why - excluded the use of the Bitcoin for any less than perfectly clear, transparent and legitimate operation - one would want to use a mixer.

In your case the Bitcoin (which was "legit" before) becomes somehow "tainted" by going through the mixer.

If X is roughly the size of A and Y is roughly the size of B (which you would hope if you are trying to launder coins without losing too much) then it is still very much traceable.

Even if you go further and say, split Y into Y1 and Y2 and only cash out Y1, there is still some information retained.

It is traceable as such if it is gargantuanly "on the radar." I have no idea if WannaCry ranks as "on the radar" but I would not think so, in terms of size. We're talking about $140,000.
mixing them with other coins doesnt crush all hopes of traceability. Swapping them for other coins may help hide the link, but just adding them to a wallet with other coins will taint the other coins rather than clean the stolen ones.

In your example the stolen coins are in wallet X and Y and using the blockchain we can determine exactly how much in each wallet comes from the stolen coin.

A true mixing service takes the coins into a wallet and sends you coins that are from another wallet that has never had any contact with the coins you sent in. This is what breaks the chain you can trace.

Altcoin exchanges let you clean your coins by using an altcoin as the mixer. Essentially you send BTC to an exchange, buy an altcoin, transfer altcoin to another exchange, buty bitcoin. You now have much harder to trace bitcoin.

> as soon as you receive the goods the police will force the person who provided the goods to you to give away your details

if this is true, then there shouldn't be any bad guy selling stolen credit card numbers online.

I assume they aren't being chased because there isn't enough impetus on the part of the police to do so. But something high profile like WannaCry might make the authorities do a bit more work.
They could buy Monero or some other anonymous cryptocurrency.
No exchange is going to touch BTC from these addresses. If they send the coins to an exchange, the exchange is going to contact law enforcement and they have lost their coins.
(comment deleted)
Do you know this for a fact? Do big exchanges really maintain a list of "blacklisted" addresses? Wouldn't they need to constantly be growing that list to include the destinations of any transactions originating from the blacklisted addresses?
They would probably only need to blacklist addresses from major thefts likely to have legal implications. I don't think it's a big task to keep it updated.

The big exchanges are making a lot of money, so it would seem incredibly ill-advised for exchanges not to do this - the risks are simply far too high.

(comment deleted)
Which is why they would either use a darknet exchange and/or convert the coins in small batches each time.
That protects the identity of the sender - but it doesn't protect the addresses they came from.

We know which addresses the WannaCry ransoms were paid to - whether a small or large amount is sent to an exchange, the source address would be blacklisted.

They could trivially move the coins to another address that they own.
Of course, but transactions on the Bitcoin blockchain are public - it's easy to keep tabs on where the coins are moved to.
couldn't they sit on the bitcoin for a few years and transfer it to a local currency where they didn't do any crimes.
But how do they transfer it to a local currency in a non-traceable way? The passage of time is not going to change their wallet addresses.
ask an innocent party to cash out for them.

or sell the bitcoin for another cryptocurrency

How are you going to sell it though? It's very likely that exchanges have blacklisted addresses involved in large-scale crimes, and wouldn't touch the coins. They make large sums of money through legitimate business, and don't need that kind of risk.
Because Bitcoin isn't really anonymous. It's pseudo-anonymous. You don't know who owns the wallet, but you can trace which wallets the coins are transferred two, indefinitely. (This is how Bitcoin solves the double-spending problem, which is why Bitcoin is the first e-currency to gain traction.)

Thus, everyone knows that the coins that were in this particular wallet are hot. Even if the owner "cashes out" in a few years, the buyer is holding hot coins and can't do much with them.

but they can be mixed and diluted so that the hackers can cash out and no one will realise they have the stolen coins until it is too late.
Mixers actually make it impossible to trace. What typically happens is you deposit an amount. Some amount similar to that minus a fee is then sent to the address or addresses of your choice in multiple small transactions over a period of time from seemingly unconnected addresses. It completely breaks the tractability of the history.
Yes, but I don't any mixers would touch these coins for fear of facing action by law enforcement.
A lot of mixers are automated / are designed for this exact purpose
Yes, the operation of the mixer itself is automated, but I've wager than the owners have blacklisted addresses known to be involved with massive BTC theft - it just doesn't make sense to touch them from a risk perspective.
Would that really be effective? Isn't it relatively cheap to create a new wallet?
Sorry, I don't get what you mean? Do you mean the criminals could simply move the coins to a new wallet before moving them to an exchange?

Transactions on the Bitcoin blockchain are public, so it's relatively easy to keep tabs on movements of known criminal proceeds (as the article demonstrates :)

> it's relatively easy to keep tabs on movements of known criminal proceeds

Until they've been obfuscated by a mixer... and not every mixer is going to be interested in blacklisting every set of coin from every known criminal activity. And many criminal activities are surely unknown, including many for which the sources of coins are not going to go to any extent to report. (The senders may be committing crimes that were unrelated to Bitcoin crime, and so entirely off the radar.)

I'd hazard a guess that the majority of crime committed in and around the ecosystem of Bitcoin is not even Bitcoin theft, so might never be reported.

How many times does a value have to move from one address to another address, and mix with untainted coin, before it's going to be considered too far removed from the original addresses to be palpably associated with the original crime?

There is still someone behind it, getting the fee's money. That person will have to face the police.
Only if they get caught.
Yeah I'm sure automated money laundering is perfectly fine in the eyes of the law.
I am not saying it is legal-- just harder to prosecute
"Mixing" is bitcoin speech for "money laundering" and it doesn't end well for whoever is doing the laundry, no matter how much technobabble you put on top of it.
Mixing is not laundering. Money laundering is about converting money to something that can be passed as income from legal transactions. Mixing is only about disguising where the money came from (which is something that you essentially don't have to do for physical cash)
What on earth is money laundering if not disguising the origin of lots and lots of physical cash? As always, a lot of this has its origins in drug trade.

Money laundering is disguising the origin in general, which is of course the point of mixing. It's not some kind of theoretical bitcoin boner exercise, it's intended so you can maybe at a later date withdraw some bitcoins without the party providing the cash (and the feds) immediately making the connection to the crime.

Money laundering is not about simply disguisng the origin, but about disguising the origin such that it looks like some legitimate (typically taxable) endeavor.

Bitcoin mixing disguises the origin only as far as the blockchain is concerned, you still end up with X BTC that you have no explanation for how you earned them.

Would it be more like using shell corps or something similar?

Still obfuscating the source of funds or making it harder to trace is what both Money Laundering and Privacy are about.

Sadly, politicians don't make it easy to be 'almost private' (to everyone but the government it's a secret).

> Some amount similar to that minus a fee is then sent to the address

Sounds pretty easy to connect the dots to me...

Not when there are hundreds of people using this service at once.
Not if you think about it properly. Hacker deposits 10 BTC to a mixer, except he sends it as 20 transactions of between 0.1 and 0.9 btc each transaction. These are all sent to unique addresses belonging to the mixer and are never reused.

So now the hacker has 10BTC in the mixer, he requests to be paid out to a list of 20 addresses. These addresses are sent between 0.1 and 0.9btc until the mixer has sent out 9 BTC (taking a 10% commission for the service).

None of those hacker controlled addresses have any connection with one another and they have zero connection to the original deposits made by the hacker.

There are also another 10 hackers doing exactly the same thing, so now we are looking at hundreds of transactions. So it becomes very difficult to connect the dots, also if you really could connect the dots easily I imagine that the FBI et al would really like to speak to you.

Mmm, I'm pretty sure there are ways to transfer to other cryptocurrencies so that you can move the money untraceably.
You only need some Russian or other bank willing to lose your details for a fee and you are in the clear. Heck, get a Cayman shell company and your name is never going to be on anything until the day you buy a return ticket and only use it one way, the onto a nice country with no extradition treaty.
Mixers are so 2012 though. Its 2017 and you just discovered mixers, immediately noticed the obvious potential flaw in mixers but not even the good flaws, and didn't consider every other improvement over the last HALF DECADE. Yeah Internet Explorer 7 is pretty bad too, congratulation you just got hired nowhere with that tidbit.

Okay, now according to the rules here I have to say something helpful, see below:

The primary goal is to - unlink - your transaction.

First, the mixers are primarily hidden services on TOR, but even if they aren't, you would use a mixer over TOR. Ultimately, you get different bitcoins back over time. Mixers have reputation and you hope they don't undermine that reputation this particular time. Its a slow process and pretty bad experience. The mixer's "tainted" coins are liquid and fungible enough.

Second, well mixing on the same blockchain kind of sucks. But wait how would you even know if the person trying to obfuscate and unlink is even using the same blockchain? Again, its not 2012 anymore and there are thousands of blockchains they could have been paid out in, and you wouldn't know because you are an armchair sleuth clicking across bitcoin addresses in 2017 playing detective. Such high tech chain analysis.

Third, but okay, some service is probably still keeping records of these blockchain transfers, this just delays the detective work as people wise up to cross chain movement ... maybe in 2022? Rhetorical question. Turns out, some blockchains aren't like the others, and some cryptocurrencies don't use blockchains at all.

Enter Monero. Monero does use a blockchain. Monero's blockchain does not contain:

- sender's address (or any plain text addresses for that matter)

- recipient's address (or any plain text addresses for that matter)

- transaction amounts

so now you just need a "mixer" that lets you swap your unfungible coin to a fungible coin like Monero. Hm, well since its already 2017, as you've realized, what services do that?

www.shapeshift.io - Many to many asset exchange. No accounts needed. Doesn't store funds, just a pretty GUI on a mixer. Low transaction limits.

www.xmr.to - Monero to bitcoin, bitcoin to Monero transmitter. No accounts needed. Doesn't store funds, just a pretty GUI on a mixer. Decent transaction limits.

www.changelly.com - Many to many asset exchange. No accounts actually needed. Extremely high transaction limits, but the spread just gets worse.

no accounts needed on any of those, and if they pretend you do, just use TOR and a fake email address. You'll still get your opaque coins.

Unlike most cryptocurrencies that you've never heard of, Monero has USD markets on well known exchanges and is a very active market. The project hopes its fungibility improvements make it more valuable than bitcoin-style blockchains, while the technology advances to get the scalability improvements as well, eventually.

One of the rebuttals posted here was that all of the services will blacklist the bitcoin addresses that are tainted. This is not true, even the ones that are interested in doing so just don't update that fast.

There have been several times in the past where I paid bitcoin invoices, using a mixer/exchange like xmr.to. I just put the service provider's bitcoin address as the recipient, and I sent Monero to the mixer. Why would you want everyone knowing how much you ever had in any address? I didn't want that and I opted out. You wouldn't know if a hacker that accepted bitcoin was doing the same thing.

So basically what I read from this thread is that the fraudulently acquired bitcoins will go through a mixer or tumbler in order to cover the transaction tracks. The tumbler/mixer will take a small fee for this service. Then the perpetrators will be able to cash out in a number of different ways.

In this case how will the tumbler/mixer not be punished by authorities. Since because they take a cut of the illegally acquired funds they can now become an accessory to the misdeeds.

I guess that is why bitmixer.io closed down last week.
Well, because the owners stay anonymous since they know their services are illegal. The ones I have seen are TOR hidden services.

Enter destination address, they give you an address to send stuff to, send btc, wait. That's basically all a service like this needs to do.

So there's nothing stopping a mixer service taking 50% of the incoming bitcoins, or even all of them.
Nothing except it takes a long time to build up trust as a good mixer service. If you were ever closing, you could indeed steal all coins from the final round of use.
Or maybe just an "if" statement that checks if the amount is greater than X and, if so, take the money and run.
This could be said for any capitalist business. You can't build a repeatable business around scamming. At most you can do it once or twice before word gets out...

Just because it's operators are anonymous doesn't mean the consumers operate in a limited information marketplace. Word travels quickly.

The simple fact is you can make far more money not scamming people by running a real mixing service than by scamming a couple people once. So ultimately the real services with get built and gain a reputation and a large audience.

People will get burned more often with BTC but it's a cost of doing business in black/grey markets. But that hasn't stopped billion dollar black markets from existing for the entirety of modern advanced human economies.

Do ethereum smart contracts prevent this?
huh, that's a good question. my initial reaction is that if the point of a launderer is to move the money from public party A to secret party B, you can't really mention A and B together in a public contract without defeating the purpose. and if you don't mention them, how do you enforce anything?

(the above doesn't mean i'm convinced it is impossible, just that it would be a neat trick and i'd very much like to know if anyone has given it more/sufficient thought.)

You cannot write a tumbler as a smart construct, so no.
I don't see why not. The bitcoins would just need to be converted to ETH first, which I think can be done anonymously.
The execution of all smart contracts is deterministic and publicly verifiable. It would be trivial to find out how much money was sent to each participant and why.
if I'd had a tumbler, my number one priority would be to add code to detect those coins and keep them (redirect to my wallets after the mix).

it's not like the owners will be able to complain. not even in forums to lower your cred.

the owners of the coins will complain, they will do so on forums where they can do so anonymously and the credibility/trust of the mixer is called into question. (These tend to be forums where the users are in need of bitcoin mixing services e.g darknet markets or hackign forums) These mixing operations work on trust, as long as they are trusted people will use them, one too many stories about missing coins and it will be seen as a scam and avoided.
If you were starting a rival bitcoin tumbler, would it be a good idea to disparage your competition as thieves? What evidence would you need.
Either you publicize that you stole the stolen coins, or you are now implicated in the wannacry debacle.
Aren't you implicated for laundering it regardless?
Yes, even more reason not to steal those illegitimate coins.
Then, didn't the fork give the guy a number of Bitcoin Cash coins?
With the same wallet address so it's traceable the same way on different blockchain.
They just need to write a new ransomware that forces their victims to launder their bitcoins for them /s
I was an author of one of the first papers examining bitcoin's lack of anonymity.

People understand things a lot more now, but from this thread, in my opinion people still don't 'get it'.

The traceability issue is not magically removed by mixing - at least not in steady state, once the system matures.

To see this, consider a future where a single large exchange, lets call it Xchange, has substantial market share - (maybe like Coinbase). Let's assume they are a respectable company regulated by the laws of the USA, and that law enforcement tells them they have to comply with existing laws on stolen property.

Some company Bobcorp has $10M of bitcoins stolen, and pays someone to follow the coins. If those coins ever show up in the Xchange's addresses, Bobcorp is going to call the police and file suit to recover them.

Obviously there aren't literal coins in bitcoin, but Bobcorp is going to go to court and explain their block chain analysis to the judge, and the judge is maybe going to ask Xchange where the coins come from. And that'll be an interesting court case. But it seems unlikely the judge will be persuaded by ideological arguments about how this not-really-fungible currency should be treated as if we all pretend its fungible, and will instead be asking Xchange for its KYC records about the customer that lodged the coins.

Now, here's the important bit: the above doesn't have to actually play out. All that has to happen is that Xchange starts worrying about the above playing out, and starts getting a tiny bit wary about accepting funds that come from reported thefts - starts seeing them as a tiny bit riskier, a tiny bit more likely to end up in court, than other bitcoin.

Once any non-trivial amount of entities start thinking like this, (and it seems obvious they will - I would if I was running any business; but imagine the most conservative bank who eventually reluctantly participates in the maturing ecosystem) then the 'stolen' coins instantly become worth less than obviously clean ones.

And as soon as you live in that world, what happens mixers?

Suddenly you run the risk of putting in your good clean coins, into the mixer, because you care about privacy, and getting back tainted coins, implicitly worth less.

Suddenly mixers become a lot less useful.

It seems inevitable to me that if bitcoin continues to grow that this is how things will play out. It's still a super interesting system but, like I've been saying for years, it's got a ton of downsides around anonymity and privacy, and in steady state may be the perfect Orwellian currency rather than the perfect cypherpunk one, and I don't think mixers make this go away.

So it's in everyone's interest to fight this every way possible. Coinjoin or better on the tech side, lobbying on the legal side. Otherwise you end up with a traceable currency that can retroactively be stolen.

What if someone cashes out before Bobcorp notices? At which point does Bobcorp get to file a theft notice? It can't just be an open registry since then anyone can temporarily block anyone's coins. After a court order? That could take forever. What about when they wanna seize money from Silk Road 5 or MegaUpload3? Plus you'll end up with coins dirty in one country but not another. China and Venezuela probably want to claim any coins that went through their country in some way - they're violating currency export controls no?

At least Monero provides far more fungibility.

>What if someone cashes out before Bobcorp notices?

People (exchanges etc) will be wary of accepting large transactions which have moved a lot recently from untrusted sources, whereas coins that have sat in the same wallet for a few weeks won't be discounted against as much etc.

To give some intuition advice here, think of it like how a risk management department of a financial institution would, trying to price grey risks; not like a distributed systems engineer does, trying to reason about edge cases as either Boolean correct/incorrect. ("Hmm, guess we'll have to discount fast moving coins from people we don't know" vs "If the hacker sells it fast enough the whole taint thing is unworkable and everything will be fungible again") Analogous to https://xkcd.com/538/ - regulators and financial institutions will take the $5 wrench approach!

Good comment. This is why the approach Monero uses is the way forward, you cannot tell one coin from another as the blockchain is opaque.
That is an extremely interesting point of view, thank you for sharing. Another thought: say some criminals pass their money through a mixer and like in the scenario you described, it's deemed worthless to any exchanges/payment processors because it's "dirty". Does this mean that, say they were feeling sour they couldn't book a hotel on Booking.com, could they potentially taint any public wallet address by sending tiny amounts of bitcoin from their tainted wallet to them? Can a user prevent/block coins being transferred to their account in the blockchain? If your prediction comes through, this could spell a disaster for Bitcoin because potentially every wallet could be tainted and thus all coins traced back to criminal activity.

As a side note, it's interesting to think that those "dirty" coins/wallets will be destined to circle around the black markets forever.

You've got to imagine that in a future world this priced proportionally to the level of taint; addresses are devalued proportional to the degree of taint, maybe with some premium for completely clean addresses.

I'm not saying a centralized system will enforce this, just it seems like a natural consequence that will emerge.

I imagine that these were moved to allow the holder to be able to restore the wallet in a Bitcoin Cash (BCH) wallet and acquire another bunch of coins.