Bitcoin's blockchain provides inalterable evidence, stored on thousands of computers, of every Bitcoin transaction that's ever taken place. Many of the transactions recorded on that distributed ledger are crimes: Billions of dollars in stolen funds, contraband deals, and paid ransoms sitting in plain sight, yet obscured by unidentifiable Bitcoin addresses and, in many cases, tangles of money laundering.
But a group of Cambridge cybersecurity researchers now argues that one can still distinguish those contraband coins from the legitimate ones that surround them, not with any new technical or forensic technique, but simply by looking at the blockchain[1] differently—specifically, looking at it more like an early 19th century English judge.
In a paper[2] published last week, the Cambridge team argues for a new way of tracing “tainted” coins in the blockchain, particularly ones that have been stolen or extorted from victims and then sent through a series of transactions to hide their ill-gotten origin. Rather than try to offer any new detective tricks to identify the source of a Bitcoin transaction hiding behind a pseudonymous address, their idea instead redefines what constitutes a dirty bitcoin. Based on a legal precedent from an 1816 British court decision, they posit that the first coin that leaves a Bitcoin address should be considered the same coin as the first one that went into it, carrying with it all of that coin's criminal history. And if that coin was once stolen from someone, he or she may be allowed to claim it back even after it has passed through multiple addresses.
'One unlucky person is going to end up holding the stolen bitcoin.'
Ross Anderson, Cambridge University
The Cambridge researchers have gone so far as to code a proof-of-concept software tool, which they plan to release later this