Connect with us

Bitcoin

On the length of bitcoin addresses

Longer addresses will definitely inhibit the adoption of bitcoin by the public and should be high on the list of things to avoid.

Published

on

The following content was written by casascius on August 24, 2011, 05:49:20 PM in the thread On the length of bitcoin addresses. All content is owned by the author of the bitcointalk.org post. (original)


Unless someone has a specific, common use-case that I’m not familiar with, addresses are almost always communicated via copy-and-paste into email/IM, or through QR code scans.  In this case, I don’t see how it’s really relevant how long it is, probably as long as it doesn’t exceed half the length a QR code can handle (which is about 3 KB).

This is an unsafe assumption in userland.  I have personally typed out hundreds of key codes. QR codes grow larger and denser and require increasingly better reading conditions the more bytes you stuff in them and I don’t even know how to go straight from QR to my computer’s clipboard without typing.  If the potential of typing them is something “nobody” does, why were they made short to begin with?  Why ripemd160?  Why bother making sure to avoid 0/O/I/l?  Why not just have encoded the entire public key in PEM format and pass them around as blocks of base64-encoded text?  The public already thinks we’re silly for having such long addresses as it is, but it’s unavoidable because the entropy must be there for them to be secure.  Longer addresses will definitely inhibit the adoption of bitcoin by the public and should be high on the list of things to avoid.

The following content was written by Gavin Andresen on August 24, 2011, 06:04:19 PM in the thread On the length of bitcoin addresses. All content is owned by the author of the bitcointalk.org post. (original)


My worry is that we’ll schedule a blockchain split 6 months from now, and between now and then somebody implements a secure, way-cool, everybody-decides-to-use, way to use your email address as a bitcoin address.

So my receiving address is ‘gavinandresen@gmail.com‘ and suddenly all the arguing over length of the bitcoin addresses used behind the scenes was just a huge waste of time.

I’m as guilty of doing stuff like that as the next geek– I can get so focused on one little bit of a problem I don’t even realize solving a larger problem makes the whole issue go away.  Slap me upside the head if you see me going down that path…

The following content was written by casascius on August 24, 2011, 06:50:29 PM in the thread On the length of bitcoin addresses. All content is owned by the author of the bitcointalk.org post. (original)


There is pretty much already a way to do that in a de-facto sense.  Simply send the person a message with a throwaway PGP-encrypted Bitcoin private key encumbering the exact balance to be transferred, and allow them to import it.  Call it a “bitcoin cheque”.  The transaction is complete when that balance is spent to a new address generated by the recipient.  (unorthodox: If the bitcoin UI had limited ability to issue PGP keys and directly decode PGP-encrypted cheques, it would be average joe friendly for the joe who doesn’t normally use gpg, etc.).

Without a central authority to oversee that you are actually the owner of your address, and without reliance on your ability to receive or decrypt a message sent to you, there’s simply no way to make sure I don’t steal the alias “gavinandresen@gmail.com” before you get to it.  Or “btcdeposits@citibank.com” or whatever.  And if receiving such a payment depends on a registry somewhere (blockchain or otherwise), the payments you receive are now un-anonymous.  On the other hand, receiving a private key in e-mail preserves your anonymity.

The idea of “firstbits” is probably one of the cleanest address shortening ideas there is.  When expansion is based on the first occurrence in the block chain, it’s completely decentralized and deterministic.  If the client could natively expand firstbits from the database, I’m “1bowser” and that’s very user friendly.  And on the other hand, if you allow firstbits as handles to addresses already available in the blockchain, you really could have crazy long addresses anywhere they were useful, because the user would never actually have to type them.

The following content was written by casascius on August 24, 2011, 07:05:22 PM in the thread On the length of bitcoin addresses. All content is owned by the author of the bitcointalk.org post. (original)


And Gavin,

(perhaps this should be separated into a new thread called “on the separating of bitcoind from the wallet and UI”)

I have mentioned a lot of things that would be cool to have in the UI, but I also recognize how this only makes your plate more and more full.  I think what you ought to consider doing is separating the fundamentals of “bitcoind” into the daemon you maintain, and let the community write the UI and the wallet management for all the various platforms.

In other words, have bitcoind do nothing but talk on the P2P network, validate transactions, keep the local block chain copy up-to-date, generate getworks for miners, and most importantly two new RPC functions for UI’s: forward signed transactions to the network from the UI, and allow UI to query the daemon for unspent transactions given a list of addresses.

By separating the wallet, this frees you from having to worry about wallet encryption.  The only reason bitcoind would need a wallet would be to accept the proceeds of mining (and perhaps for limited purposes contemplated by developers, such as a “system wallet” when it’s a web server etc.).  The average joe user would not use the system wallet.

With this separation of functions, the UI would manage the wallet and sign transactions, and different UI’s could secure them in different ways.  Some UI apps would keep private keys on the hard drive, others might keep them offline and require the user to enter them or otherwise supply them to do a transaction (e.g. from a paper wallet, a smartcard, a flash drive, a web service, you name it).  While bitcoind would be platform neutral, you’d find UI’s written to be platform specific and written by people more comfortable with their favorite OS, so they look and feel and operate natively like other apps for the same OS.

By decreasing the size of the bitcoind codebase, you have less to oversee when it comes to deciding what patches and changes to accept.  Someone makes a UI change, you don’t need to be concerned if it introduces a new vulnerability into bitcoind.

These two RPC calls I suggested…they’d be huge! for the ability for someone to write their own UI without having to re-invent the bitcoind process from scratch in the environment of their choice.

The following content was written by 2112 on August 25, 2011, 02:48:55 AM in the thread On the length of bitcoin addresses. All content is owned by the author of the bitcointalk.org post. (original)


forward signed transactions to the network from the UI, and allow UI to query the daemon for unspent transactions given a list of addresses.
This isn’t enough. The communication between wallet-handler and block-chain&network handler will require two-way communications. Obviously wallet-handler submits various queries to the block-chain handler. But the block-chain handler needs to be able to make callbacks to all interested wallet-handlers. The callbacks can be distilled to one: the blockchain was externded by a positive or negative number of blocks. Positive extension indicates normal operation. Negative extension indicates chain reorganization. The callback could pass an array of relevant Merkle roots or some such.

The main thing about the above requirement is that JSON-RPC is not a good tool for a two way communication. Neither is XML-RPC, SOAP or some other popular candidates. This is a serious question of software architecture.

The following content was written by casascius on August 25, 2011, 05:39:11 AM in the thread On the length of bitcoin addresses. All content is owned by the author of the bitcointalk.org post. (original)



The main thing about the above requirement is that JSON-RPC is not a good tool for a two way communication. Neither is XML-RPC, SOAP or some other popular candidates. This is a serious question of software architecture.

I agree with you – but I would propose that if you want instantaneous acknowledgement of incoming blocks, just implement a subset of the existing peer-to-peer protocol, connect as though you were a peer, send the bare minimum necessary to keep the connection alive, and then watch for events of interest.  The architecture pretty much already exists.

The following content was written by kjj on August 25, 2011, 03:51:59 PM in the thread On the length of bitcoin addresses. All content is owned by the author of the bitcointalk.org post. (original)


The communication necessary between a wallet and a node is really quite simple, if you strip it down to the bare minimum, and it is very possible to do it over JSON, or whatever.

At the bare minimum, only two calls are needed.  The first one is a way for the wallet to provide an identifier (public key, address, or whatever) and have the server return all transactions related to that account.  The second is a way for the wallet to push a transaction to the node so that the node can relay it to the network.

Note that this completely sidesteps the issue of interactive reception.  The reason for that is that I consider it a matter between the node and the ecommerce software, not between the wallet and the node.  The existence of blockexplorer.com should convince you that this problem is solvable.

On the original topic of addresses, I’m all in favor of having many means of transport.  But, we should always think carefully when adding a new format.

For example, standard addresses contain redundancy so that we can detect errors when someone types them in, or does a copy and paste.  The specification for QR codes also contains ECC, so it makes no sense to encode a standard address as a string in QR.  We would be better off encoding only the address part, and leaving the check code out.

I also think that firstbits is a bit silly, because I’ve never typed an address, and I don’t think I ever will.  It also throws away the check information, which is funny because it was allegedly designed for typing addresses by hand.  But, I suppose in a way, it has a different means of verifying typing errors in that not every string is necessarily valid.  And as far as you know, no one has sent themselves a bunch of transactions that just happen to resolve to common misspellings of valid firstbits addresses.  Wink

The following content was written by casascius on August 25, 2011, 04:26:10 PM in the thread On the length of bitcoin addresses. All content is owned by the author of the bitcointalk.org post. (original)


The specification for QR codes also contains ECC, so it makes no sense to encode a standard address as a string in QR.  We would be better off encoding only the address part, and leaving the check code out.

I also think that firstbits is a bit silly, because I’ve never typed an address, and I don’t think I ever will.  It also throws away the check information, which is funny because it was allegedly designed for typing addresses by hand.  But, I suppose in a way, it has a different means of verifying typing errors in that not every string is necessarily valid.  And as far as you know, no one has sent themselves a bunch of transactions that just happen to resolve to common misspellings of valid firstbits addresses.  Wink

Just keep in mind that Bitcoin needs to be compatible with ordinary people, not just Hero Members, and the task of entering something from a QR code for the average Joe often consists of downloading an app for his iPhone and retyping the code he sees into his computer, making the typo-proof redundancy necessary again.  It also needs to be possible to exchange Bitcoins in the absence of computers (I’m talking between trusted people of course).  I consider myself well-versed in Bitcoin and yet have gotten very accustomed to transferring addresses by hand, mainly because I use paper wallets and dedicated airgapped computers for Bitcoin just so I can depend on not getting mine stolen.  I transfer bitcoins to other people in person by handing them paper wallets, especially if I believe they will be asking me to redeem them later.

If a Bitcoin address were accepted without a check code and was scanned off a QR code and handkeyed with a typo as a sending address, it would result in a permanent loss of the funds the user was trying to transfer, which is clearly an unacceptable consequence.  It also requires the introduction of a new address format, which is a burden on users to learn, a burden on developers to implement, and saving 32 bits out of a QR code doesn’t provide any practical offsetting benefit.

The following content was written by vv01f on August 25, 2011, 06:29:46 PM in the thread On the length of bitcoin addresses. All content is owned by the author of the bitcointalk.org post. (original)


If a Bitcoin address were accepted without a check code and was scanned off a QR code and handkeyed with a typo as a sending address, it would result in a permanent loss of the funds the user was trying to transfer, which is clearly an unacceptable consequence.  It also requires the introduction of a new address format, which is a burden on users to learn, a burden on developers to implement, and saving 32 bits out of a QR code doesn’t provide any practical offsetting benefit.

I have no evidence but for some reason I thought the “addresses” called hashes have some error-correction built in. I hope they do?! to e.g. handle typos.
If they really lack this, I’d appreciate that to be fixed prior to shorten them.

The following content was written by kjj on August 25, 2011, 06:31:25 PM in the thread On the length of bitcoin addresses. All content is owned by the author of the bitcointalk.org post. (original)


Just keep in mind that Bitcoin needs to be compatible with ordinary people, not just Hero Members, and the task of entering something from a QR code for the average Joe often consists of downloading an app for his iPhone and retyping the code he sees into his computer, making the typo-proof redundancy necessary again.  It also needs to be possible to exchange Bitcoins in the absence of computers (I’m talking between trusted people of course).  I consider myself well-versed in Bitcoin and yet have gotten very accustomed to transferring addresses by hand, mainly because I use paper wallets and dedicated airgapped computers for Bitcoin just so I can depend on not getting mine stolen.  I transfer bitcoins to other people in person by handing them paper wallets, especially if I believe they will be asking me to redeem them later.

If a Bitcoin address were accepted without a check code and was scanned off a QR code and handkeyed with a typo as a sending address, it would result in a permanent loss of the funds the user was trying to transfer, which is clearly an unacceptable consequence.  It also requires the introduction of a new address format, which is a burden on users to learn, a burden on developers to implement, and saving 32 bits out of a QR code doesn’t provide any practical offsetting benefit.

Ahh, I understand your point, and I agree that it is useful in that situation.  But eww.

The following content was written by casascius on August 25, 2011, 10:17:47 PM in the thread On the length of bitcoin addresses. All content is owned by the author of the bitcointalk.org post. (original)



Ahh, I understand your point, and I agree that it is useful in that situation.  But eww.

It really isn’t that bad and hones your keyboard skills.  I can type a Bitcoin address without mistakes without looking at the keyboard well over 95% of the time, a skill that I believe has improved significantly the more I’ve had to do it.  I thought of publishing optimized code to auto-correct mistakes, since with 32 bits of “check” in each address, a computer can quite reliably fix even two or three typos in an address, and included trivial capabilities for that in Casascius Bitcoin Utility.  Typing in addresses is much less unfriendly if you can do it knowing that a little mistake or two will be ignored.  But of course it would be very nice if every input that accepted bitcoin addresses could also expand firstbits, or just the 8 characters, any time the expansion is available on the blockchain.
Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Bitcoin

Increase Your Security And Privacy With Bitcoin Mixers

Have you ever wondered how bitcoin transactions can go anonymous?

Published

on

By

Have you ever wondered how bitcoin transactions can go anonymous and what tools should be considered to make bitcoin untraceable? If you have been in the crypto world, you have definitely come across the word bitcoin mixer (also called tumbler). In short, a coin mixer makes bitcoin transactions in the network more anonymous. It also makes it more difficult for companies to track these transactions. So if someone cares about the anonymity of their transactions, they will definitely use this tool.

When you make a transaction from wallet A to B, this transfer is visible to everyone on the blockchain. Plus the transaction, with the amount transferred, is attached to all of the addresses involved amount. Since that’s also public, companies and individuals can be exposed with key information such as KYC documents. Well, if anyone cares about anonymity, they should use a mixer, also called a tumbler.

How do Bitcoin mixers work?

A bitcoin mixer takes your coins from you and combines, or “mixes” them with coins taken from other users. After receiving your mixed coins by crypto mixer, it converts them into smaller units and sends them to you. Note that the total amount of bitcoin sent to your address is the same as the total amount you deposited (but read the notice below). But how do coin mixers earn revenue to stay in business?

When you deposit bitcoins to a coin mixer, some will deduct a small percentage of your deposit as a fee to pay for the mixer’s operations. Some mixers don’t do that, and instead have a button with which you can “donate” part of your deposit to the mixer to cover their operations. Bitcoin mixers earn their income this way. Usually, new tumblers charge a lower fee to attract the audience.

Like most other crypto industries, not all mixers are trustworthy, however. As a result, you should consider using well-known and reputable tumblers only.

A running list of Bitcoin mixers

chipmixer-bitcoin-mixer
Chipmixer is one of the largest tumblers

Chipmixer is one of the largest and most popular mixing services sites in the bitcoin world. You can do very fast deposits and withdrawals on this mixer, and also use different mixing methods to make your bitcoins untraceable in the blockchain network. Also, there is no registration or creating accounts here, so it’s very simple and easy, and you can talk to them privately whenever you need support.

Other well-known and frequently used mixers are:

  • Wasabi Wallet, which mixes all the coins you receive
  • Blender.io
  • MyCryptoMixer
  • cryptomixer.io
  • PrivCoin

Advantages and disadvantages of crypto mixers

hacker-using-crypto-mixer
Tumblers are also used by hackers to launder stolen bitcoin.

As you know, for every service that exists in the network, they have their own disadvantages as well as advantages. But here are some of the advantages and disadvantages of using bitcoin mixers in general.

Advantages:

  1. Exchanges and services like Chainalysis have a hard time tracing the transactions back to you.
  2. Governments cannot monitor the network to track your mixed bitcoins. It is used by some people to avoid a “$5 wrench attack” where an armed robber hits you with a wrench for access to your private keys.

Disadvantages:

  1. Not all mixers are real, some mixers will collect the deposit and run away with the bitcoins after scamming you.
  2. The commissions might be high depending on the mixer. Common rates are between 1% and 3% of the deposit. This can make a big difference if you are mixing a large amount of bitcoin.
  3. There is concern that some exchanges block the deposits of mixed bitcoins.

Finally, it should be noted that the positive points of bitcoin mixers outweigh the negative ones, and have made digital currency activists interested in it. If you are also interested in privacy, coin mixers are one of the best services for you.

Continue Reading

Bitcoin

Bitcoin 2021 Miami Conference: The biggest conference on bitcoin yet

Thousands of people worldwide flocked to Miami to attend the biggest conference on bitcoin till now.

Published

on

Thousands of people worldwide flocked to Miami to attend the biggest conference on bitcoin till now. There were people from all over the crypto industry, be it exchanges, casinos, e-commerce sites, or even social media platforms. Leaders of some of the biggest crypto businesses and famous bitcoin speakers also attended this conference to glorify bitcoin.

Especially after this pandemic situation all around the world, seeing this kind of event was just incredible. Everyone hugged each other, no masks were seen on people’s faces, and the smile and happiness of the people were omnipotent.

I’m here to tell all the haters and all the doubters that this is not a moment, this is a movement

Mr. Francis Suarez, Mayor of miami

This conference is another proof of the wide acceptance of bitcoin all around the world. Since last year, bitcoin and many other cryptocurrencies have been on a wild ride, and it has set new records.

Yes, in the last month, the bitcoin price has gone down from 64000$ to now 38000$, but it has not dampened the spirits of the people even they believe that buying the dip now is a good opportunity. There were many happy faces from all kinds of people, from students to business people, to even retired people. Institutional investors, Wall Street bankers, and a Republican from Wyoming all attended this Miami Conference.

Even the Miami mayor was there. He announced that Miami will now accept the taxes in cryptocurrencies and let people collect their salaries in cryptocurrency if they want to.

Presence of famous personalities and speakers at the event

At 9:00 am morning In Miami, already a big crowd gathered and Mr. Francis Suarez, the organizer of the event, set the tone at the beginning of the event. He said: “I’m here to tell all the haters and all the doubters that this is not a moment, this is a movement.

The crowd absolutely erupted at such a beginning of the event.

Cameron Winklevoss was there, and he wore a T-shirt with a picture of the Federal Reserve building captioned “Rage Against the Machine.” He just wanted to show how bitcoin is not controlled by any government.

He said “If you own a Bitcoin today, you will be a millionaire in the future. For sure. Congratulations” .

Later, Jack Dorsey, the well-known personality, CEO of Twitter, marked his presence. He said, “If I were not at Square or Twitter, I would be working on Bitcoin.” Also, he added, “nothing is more important in my lifetime” than to work in Bitcoin.

When the CEO of Twitter says something like this, it surely motivates all of us to believe in Bitcoin.

Bitcoiners will surely remember this day in cryptocurrency’s history as the biggest ever conference on bitcoin to date. Surely there will be many more to come, but for now, this marks the beginning of more events like this.

Continue Reading

Bitcoin

Gotcha, Darkside: How I Traced The Stolen Bitcoins

No, the FBI did not hack bitcoin

Published

on

There is lots of talk the past few hours about how the FBI seized bitcoins extorted by Darkside from Colonial Pipeline during the ransomware cyberattack they launched on the oil pipeline. Unfortunately, the news is also being dished out with a large side order of misinformation. People are starting to think that the FBI hacked bitcoin or hacked the private keys for the Darkside address. Now investors are selling like crazy causing the BTC price to slump again.

For some reason, people are also claiming that the FBI served Coinbase with a seizure warrant, even though there’s no evidence of the bitcoins being stored on Coinbase in the first place.

So while all this was going on, I decided to trace the stolen Bitcoins myself, using nothing more than my trusty tools, Blockchair and Wallet Explorer. They are both free to use, so you are able to reproduce these results as well if you want. Now on to the investigation.

Zoning in on the ransom transaction

News media was frustratingly vague about which transactions and addresses were involved in the heist, but a reference from one of these news articles, a report by Elliptic stated that 75 BTC were transferred by Colonial Pipeline to the hacker’s wallet address on May 8.

“This wallet received the 75 BTC payment (worth $4.4 million at the time of the transaction) made by Colonial Pipeline on May 8, following the crippling cyberattack on its operations – leading to widespread fuel shortages in the US.

Dr. Tom Robinson, Co-founder of Elliptic

They did not mention what was the wallet address of the hackers. But to find it, I just had to put a few pieces of information together:

  • The transaction had a 75 BTC output, and it happened on May 8
  • It’s safe to assume that Colonial Pipeline has almost no knowledge of bitcoin, so they bought the 75BTC from an exchange. Exchanges send user transactions in 1-input, 2-output format.
  • The second output would be to a change address (the remainder of the money from the input that wasn’t spent) but in this case, it would be extremely small as the input and first output are almost the same size.

Armed with this information, I opened Blockchair, headed towards the Transactions category, and then used their filters to give me only the transactions with a total output size between 74 and 76 BTC, and occurring on May 8. I knew that only 1-input and 2-input transactions were relevant. Here is the resulting Blockchair query.

There were not many transactions returned from this result, only about 30 or so. But only one of them precisely matched what I was looking for. It was transaction fc78327d4e46dac01dc313067b1ac7f274cdb3a07ea9f28f6f71473145f1b264. I was starting to get a lead.

All further investigation would be carried out at Wallet Explorer. Pasting the above transaction ID into it gave me the wallet [b68f605feedee27e], associated with address 1DToN8Q6y31TGAz75Df729Bnujk6Xg7q5X. Then the 75 BTC was transferred to wallet [9524e1e21b] of address bc1q7eqww9dmm9p48hx5yz5gcvmncu65w43wfytpsf, then to [061e93d18f]. What’s interesting about wallet [061e93d18f] is that it has received a few dozen previous transactions before this incident, and some more since then.

Hacker’s wallet, or an exchange?

Was this a software wallet which may have just received ransomware payments from others, or was it something deeper? Could it be the entry point to an exchange?

As you might know, exchanges make heavy use of deposit and withdrawal addresses. It is not uncommon to see these addresses having thousands of pages of transaction history. Also present in an exchange’s architecture are cold storage addresses – these addresses collect the balances of the deposit addresses into their own.

It could have also been a payment processor address. Many news sites have reported that Darkside was using a payment processor to collect the ransoms, and a payment processor generates a different address for each payment. Typically, these different payment addresses are then “feeded” into a main address. This is what seems to be happening here: bc1q7eqww9dmm9p48hx5yz5gcvmncu65w43wfytpsf belongs to payment processor “deposit address” wallet [9524e1e21b], and both of the addresses bc1qxu83k5qkj8kcqdqqenwzn7khcw4llfykeqwg45 and bc1qu57hnxf0c65fsdd5kewcsfeag6sljgfhz99zwt belong to the main wallet [061e93d18f]. These two addresses have split the 75 BTC into about 63.7 BTC and 11.2 BTC respectively.

11.2/75 roughly equals 0.15, so one explanation for this divide could be that profit sharing is going on here. DarkSide may have received a 15% cut of the ransomware payment (which closely aligns with previous claims that they take 25% of the cut from its affiliates), which means bc1qu57hnxf0c65fsdd5kewcsfeag6sljgfhz99zwt is a DarkSide address. While the remaining 85% of the BTC was taken by the affiliate to address bc1qxu83k5qkj8kcqdqqenwzn7khcw4llfykeqwg45.

The affiliates address contains a particular transaction 9436dbf0435b15378f309c35754a110db880fa9bb66a062160a25533bb4a212a to address 3EYkxQSUv2KcuRTnHQA8tNuG7S2pKcdNxB, part of the [123085fff6] wallet.

This is an address that begins with 3, or a P2SH address. It is not particularly simple to create a P2SH in offline wallets. Assuming the affiliate did not have advanced knowledge about bitcoin, the likely possibility is that the payment processor deposited the 63.7 BTC onto an exchange address.

For the next stage of analysis, we must inspect the receiving wallets from the [123085fff6] wallet.


Three wallets this wallet has send bitcoins to at approximately the same timeframe are [149d0ee75d], [07a4235953], and [07a4235953]. Following the trail of each of these addresses, we end up at a high-transaction volume address each time. Curiously, each of those addresses has received at least one 1-input transaction from a known Binance address. [149d0ee75d] is an obvious example of this.

So my theory is the affiliate gave his Binance deposit address to the Darkside group for payments to it. But why would the affilate do that, when it is well known that exchanges are insecure places to hold large sums of money? Could it be that the affiliate wanted to cash out some of it?

The FBI seizure

It is well-agreed on that the FBI sent a warrant to an exchange to seize the 63.7 BTC, in other words, the affiliate’s bitcoins. The above investigation suggests that Binance was the receipent of such a warrant. It would not be possible to send a warrant to independent wallet developers such as Electrum or Bitcoin Core, who have no control over their user’s money. This gives more credibility to the claim that the affiliate stored his bitcoins on an exchange.

Wallet Explorer shows that the entire balance of the [123085fff6] wallet was sent to the [fc8d1c748f] wallet on 2021-05-28 03:06:11. This wallet might have links to the FBI, but how to prove it?

The FBI has claimed multiple times in a court document that they possess the private key to the address containing the stolen bitcoins. However, it is extremely unlikely that they obtained it from Binance, or managed to retrieve the private keys to Binance’s cold storage. That is because exchanges do not make addresses for each wallet user for efficiency reasons, and they lump together everyone’s balance in cold storage such as a hardware wallet. Therefore, it is plausible to believe that the [fc8d1c748f] wallet was already owned by the FBI, and that they just demanded Binance to send the affiliate’s stolen 63.7 BTC to it.

Curiously, people have suggested that Coinbase received the FBI warrant. However, there is no blockchain evidence that shows Coinbase addresses were involved. Also interesting is that the funds in the [fc8d1c748f] wallet have moved since the court document was published two days ago. Perhaps the FBI didn’t want us to snoop on their seized bitcoins?

Unrelated to all this, it seems that almost the entire balance of the Darkside group was stolen from them on May 13 by an unknown actor, with a transaction from Darkside’s [061e93d18f] wallet to bc1q2sewgrnau4e4gvceh8ykzf8lqxawpluu0k0607 shifting more than 107 bitcoins from them.

I have created a graph of the transactions flowing between Darkside , the affiliate’s wallet on Binance, and the FBI is below, minus the theft transaction from Darkside’s wallet (full size).

But did they hack bitcoin to get them?

Of course not. Here are some reasons why hacking bitcoin is still not feasible in 2021, and probably never will be in the near future:

  • The ECDSA algorithm which mangles public and priavte keys into signatures for transactions still hasn’t witnessed a single breach. The FBI could not have hacked ECDSA.
  • Second, the fastest tools for brute forcing private keys can only find 2^60 of them in a reasonable time, well below the number of bitcoin private keys, 2^256.
  • Third, the bitcoins weren’t even seized from a private wallet, they were seized from an exchange who legally agreed to hand the bitcoins over via a transaction.

Most importantly, we now know that the stolen bitcoins were on an exchange. This proves rumors that the FBI hacked Darkside’s servers to be false. The closing of their website and servers was the result of their service provider terminating their access for law enforcement reasons, and the theft of nearly all of Darkside’s bitcoin, including the 11.2 BTC from the Colonial Pipeline ransom, was done by an unknown assailant, unrelated to the affiliate’s 63.7 BTC seized by the FBI.

Continue Reading

Trending