Blockchain transactions are recorded forever and indelibly, and that means that all the Bitcoin transactions on early Tor hidden service marketplaces like Silk Road are on permanent, public display; because many people who made these transactions later went on to link those Bitcoin wallets with their real identities, those early deals are now permanently associated with their public, identifiable selves.
In a new paper, a group of Qatari computer scientists show that they could easily trace 100 dark market accounts to real people. About 20 of those accounts had made purchases on the Silk Road, and some had gone on to divulge their legal names and addresses in other, linkable contexts.
The researchers didn't do any blockchain magic to unmask these purchasers: they just crawled dark markets for the advertised Bitcoin wallet identifiers of buyers and sellers, then search public directories to see if the wallets were listed there, too.
By merely searching for direct links between those two sets of addresses in the blockchain, they found more than 125 transactions made to those dark web sites' accounts—very likely with the intention of preserving the senders' anonymity—that they could easily link to public accounts. Among those, 46 were donations to WikiLeaks. More disturbingly, 22 were payments to the Silk Road. Though they don't reveal many personal details of those 22 individuals, the researchers say that some had publicly revealed their locations, ages, genders, email addresses, or even full names. (One user who fully identified himself was only a teenager at the time of the transactions.) And the 18 people whose Silk Road transactions were linked to Bitcoin Talk may be particularly vulnerable, since that forum has previously responded to subpoeanas demanding that it unmask a user's registration details or private messages. "You have irrefutable evidence mapping this profile to this hidden service," says Yazan Boshmaf, another of the study's authors.
The researchers point out that they used only easily spotted addresses and simple matching techniques. They didn't exploit, for instance, methods that other researchers have proposed for making less obvious connections between bitcoin addresses that identify "clusters" of addresses associated with dark web black markets. Nor could they use the means available to law enforcement to compel online services like the popular bitcoin wallet company Coinbase to cough up secret bitcoin addresses. "Our analysis shows a lower bound of what can be found," says Boshmaf. More well-resourced and motivated hunters could potentially trace even more would-be anonymous bitcoin spenders, even years later.
When A Small Leak Sinks A Great Ship: Deanonymizing Tor Hidden Service Users Through Bitcoin Transactions Analysis [Husam Al Jawaheri, Mashael Al Sabah, Yazan Boshmaf and Aimen Erbad/Arxiv]
Your Sloppy Bitcoin Drug Deals Will Haunt You For Years [Andy Greenberg/Wired]