en
Back to the list

Why KYC Doesn’t Protect From Fraud, And How Your Wallets Сan Be Deanonymized

13 September 2018 13:58, UTC
Ricardo MARTINEZ

One of the most exciting aspects of Bitcoin as a decentralized, trustless and censorship-resistant sound money is the fact that you can control your own wealth without any third party intermediaries interfering with your finances. Nobody can freeze your account, they can’t stop you from sending or receiving a payment, and your funds are completely non-confiscatable. These characteristics make Bitcoin extremely attractive to users, who value financial freedom.

Deanonymity appears to become a business model

Bitcoin is not anonymous contrary to popular belief. Some of the earliest adopters of the digital currency were dark web users. They began to use Bitcoin for a variety of morally dubious purchases, such as illicit drug sales, counterfeit documents, and credit card fraud. They believed that Bitcoin was anonymous, but Bitcoin has a globally distributed ledger that records every single transaction ever conducted using Bitcoin. This has allowed data scientists and investigators to watch Bitcoin wallet addresses for suspicious activity. If a suspicious transaction takes place, they can follow the movement of the funds across the network and begin to link addresses to a common owner or even deanonymize users who try to convert the funds to a fiat currency. When they try to cash out, they most often need to provide a form of photo ID. This has led to many offenders being apprehended because of poor operational security (opsec).

Several blockchain analysis firms have been founded to create tools for financial markets and law enforcement. They develop software that allows investigators to analyze transactions and huge amounts of network data in real time. It allows investigators to keep tabs on suspicious wallets and also to keep track of ‘tainted funds’ or funds that may have been involved in suspicious activities. Blockchain investigators focus on blockchain analysis and network analysis to try to piece together the relationships between different wallets, exchanges, and the dark web. Blockchain analysis is now a multi-billion dollar industry.

Is AML/KYC just a decoy for the crypto industry?

Another part of the effort to control cryptocurrencies is for regulators to require that cryptocurrency startups are fully compliant with regulatory demands, and full enforcement of AML/KYC (Anti-Money Laundering/Know Your Customer) laws. AML/KYC laws are totally ineffective, and useless for stopping crime and terrorism financing. Criminals and terrorists simply use the existing offshore banking infrastructure to game the system by funneling cash through tax haven jurisdictions with minimal reporting requirements.

AML/KYC makes financial services more costly and is focused on creating a useless paper trail rather than actually preventing crime. It makes life inconvenient for the law-abiding citizens who must provide an intrusive level of personal information or be denied access to financial services. Simply put, AML/KYC has a much larger social cost by raising the barrier to entry to the global financial system, creating billions of unbanked people shut out of participating in the global economy. Meanwhile, large centralized databases with millions of customers personal data stored insecurely has led to massive data breaches on an epidemic level. This has led to an exponential increase in identity theft. AML/KYC is a way for the powers that be to control you and your actions through your finances and to track and monitor all your purchasing. It has little to do with crime prevention despite what its supporters claim.

The battle for privacy proceeds with new ideas of protection upcoming

Bitcoin users value their financial privacy, as is a fundamental human right. There are millions of perfectly legitimate reasons for wanting to safeguard your financial privacy. Several significant advances have been made in this field recently.

Several wallets have begun incorporating privacy features which will destroy the basic assumptions that chain analysis is based on. Such wallets, for example, incorporate P2P (peer-to-peer) coin mixing services designed to obfuscate the true ownership of Bitcoin. One also implements an option to receive Bitcoin from anyone without them even having to know your address. It also incorporates a feature which adds several extra hops to each transaction to make it harder to track and deanonymize users. All of these wallet advancements attack the heuristics that blockchain analysts use to make their analysis. By attacking the methods they use, their analysis becomes unreliable and worthless.

On a protocol level, several major privacy improvements currently in development as well. MAST (Merkelized Abstract Syntax Trees), is a new way to write smart contracts that will increase privacy by hiding the parts of smart contracts that have not been executed, thereby providing less info about a public address. There’s also a protocol-level improvement that will obscure the IP address of the sender of a Bitcoin transaction. Among that, Schnorr signatures are another new advance in privacy. They will replace the current digital signature scheme employed by Bitcoin and increase privacy by masking the details of multi-signature transactions. Schnorr signatures also pave the way forward for “scriptless scripts” for smart contracts. Yet another privacy improvement allows transaction amounts to be kept confidential, making chain analysis much more difficult, it is “short non-interactive zero-knowledge proofs that require no trusted setup”. Sidechains will also allow for more privacy by creating side blockchains linked to the BTC blockchain. This will also create a variety of benefits like issuing tokenized assets and smart contracts. The Lightning Network second layer payments will make blockchain analysis a lot more difficult also by having encrypted P2P payment channels routed over tor, which will only be batch settled on the Bitcoin blockchain.

So much for the tracking and de-anonymizing

All of these advancements in privacy are making Bitcoin much better at protecting the intimate data of the users who transact in BTC. Blockchain analysis is doomed, as the basic assumptions and heuristics used by blockchain analysis software are under attack and will not be a reliable way to track funds, wallets and deanonymize users anymore. This has to scare the daylights out of the rent-seeking parasite class that want to track and monitor every single purchase and deanonymize everybody. They have already failed, and they will not be missed. Good riddance to their debt-based fiat system of financial exploitation and control. Bitcoin is destroying the existing system and replacing it with an Austrian school sound money.