As a major privacy-related Bitcoin (BTC) upgrade took another step forward, the Cryptoverse is abuzz over a paper written by a former acting director of the US Central Intelligence Agency (CIA). But besides reaching a positive conclusion for BTC, the paper also highlights privacy-related crypto vulnerabilities that remained largely overlooked: BTC can be traced, while regulators may target privacy coins next.
Per GitHub, a much-discussed Taproot activation method known as ‘Speedy Trial’ has been finally merged into Bitcoin core. Taproot is a protocol upgrade that is expected to improve Bitcoin’s privacy and flexibility, while Speedy Trial’s aim is to allow the upgrade activation attempt to fail or succeed quickly – making a difference between no mandatory activation and the guarantee that taproot would be activated.
As this was happening, many in the crypto space have been sharing what they saw as positive news for BTC, found in the paper, written by Michael Morell with two of his colleagues from Beacon Global Strategies Josh Kirshner and Thomas Schoenberger, which states that most illegal activity happens, not in crypto, but in the traditional space.
But that paper also inadvertently pointed to something much more concerning: a number of privacy-related issues.
Firstly, it noted that blockchain analysis is “a highly effective crime-fighting and intelligence gathering tool.” Blockchain forensics can be used in multiple ways by law enforcement and intelligence services, said the paper: as an investigative tool in existing cases, and in identifying unknown bad actors.
Blockchain enables massive forensic power because it captures every transaction for all to see – and these can be traced. A currently serving official at the US Commodity Futures Trading Commission (CFTC) added that it “is easier for law enforcement to trace illicit activity using Bitcoin than it is to trace cross-border illegal activity using traditional banking transactions, and far easier than cash transactions.”
Among several examples, in December 2020, cryptocurrency forensics software was able to reliably trace stolen BTC that had been passed through several coin mixers. And of course, there was the infamous Twitter hack, after which it took investigators only two weeks to locate the BTC-stealing scammers.
Josh Swihart, Senior Vice President of Growth at Electric Coin Company, responsible for strategy in support of the popular privacy coin Zcash (ZEC), said that the piece may seem to be positive for BTC and “loudly applauded by the Bitcoin and crypto community, but in fact, it is deeply concerning.”
Swihart argued that,
“[T]he argument that it’s good that the US can surveil everything is fatally flawed, and ironically, not even in the best interest of a surveillance state. If US law enforcement can trace and exploit public financial data, so can China, N Korea, Russia and even the very ransomware attackers who the report claims demand ransom in something that protects privacy. This is a massive national security issue.”
Furthermore, based on the paper’s conclusions, it wouldn’t be unreasonable to conclude that the regulators may tighten the rope around privacy coins, while governments continue to work with blockchain firms in developing ways to track these transactions.
Illicit actors are moving towards privacy coins, such as monero (XMR), in response to government scrutiny, Morell said.
Bitcoin is by far the largest cryptocurrency used in illicit flows, said the paper, but it’s due to its dominance and accessibility. Illicit activity as a percent of total transaction volume for Anonymity-Enhanced Cryptocurrencies (AECs or privacy coins), such as monero, which use built-in protocols to hide information about transactions, is “far larger” than it is for BTC.
Additionally, “mounting evidence” show that illegal markets and illicit actors, including ransomware groups, have been moving away from BTC and towards AECs.
That said, blockchain analytics firms are developing new forensic tools to counter the use of technologies that create more anonymity, often with government agencies, including Chainalysis and CipherTrace, which work on Monero-tracking tools.
Swihart argued that the lack of privacy goes against human dignity, freedom, fairness, and equal opportunity rights.
just setting up my twttr
— jack (@jack)
On the positive side, the paper found that “the broad generalizations about the use of bitcoin in illicit finance are significantly overstated.”
Government and regulatory officials’ statements reinforce that bitcoin is used “frequently” or “primarily” for illicit financial transactions, and that this usage is growing. But due in part to the difference in overall volume, most illicit activity still takes place in the traditional banking system – not via crypto. “The illicit use of cryptocurrencies in general and bitcoin in particular, as a share of total market activity, is certainly not higher than it is in the traditional banking system and is most likely less,” the paper said.
“We should support Bitcoin and protect our right to use it,” wrote Swihart, but regulators can also support security by encryption, empowering virtual asset service providers (VASPs) to reasonably comply with regulations, and using “a bevy of non-exploitative tools within transparent and human rights-protecting frameworks to combat crime.”
The paper was commissioned by the newly formed lobbying group Crypto Council for Innovation. Its founding members include Coinbase, Fidelity Digital Assets, and Square. In 2019, Coinbase faced a strong backlash due to an acquisition of a startup called Neutrino. It was founded by three former employees of Hacking Team, a controversial Italian surveillance vendor that was caught several times selling spyware to governments with dubious human rights records, such as Ethiopia, Saudi Arabia, and Sudan. In the same year, those who previously worked at Hacking Team left Coinbase.
– Cashless Payment Is Booming. So Is Financial Surveillance
– Chainalysis Valued at USD 2B as Investors See Demand For Crypto Intelligence
– If a CBDC Is an ‘Instrument of Control,’ It’ll Fail – Expert
– Europeans Warn ECB Not To Mess With Privacy in Digital Euro
– Don’t Take Your Privacy For Granted As Regulators Get Anxious About Crypto
– Bitcoin and Litecoin Move Closer to Their Privacy Improvements
– Crypto Privacy Is a Financial Tonic to Government Intervention