breaking BTC privacy (Chain Analysis)

Clark Mumaw
8 min readMar 8, 2023

Dear Crypto People,

Here is the biggest thing you need to be aware of!!! You are under surveillance, in order for others like banks to try to stay legally compliant. (KYC/AML laws) But you are not being told about it. Chain analysis services like those below are likely quietly being sold to banking services to track you, your coins, or traces of links to the criminal elements. These services were surely used during the Canadian truckers protest to shut down accounts and freeze accounts. Their ability to abuse them is as likely as the criminals ability to use them.

This is my written collection of information regarding privacy on the blockchain. My apologies as much of this is unavoidably technical. Just read the parts that make sense and you will be better educated than before.

I am now convinced that none of your crypto transactions are private. I’m suspicious that all the gov’t moves have been geared towards delaying the growth and usage of crypto until they have a majority of the anonymous coin addresses identified. Here is how I think they are doing it. Yes, I’m paranoid.

But after reading Tracers in the Dark, I will never again assume crypto is private from the gov’t. It is clear that if you are targeted they will find out who you are if they want too. This all falls under the category of chain analysis. I’ve been trying to understand the techniques chain analysis uses. I know much from this my own study and the book Tracers in the Dark just confirmed it. Since private companies are already doing chain analysis and selling their services, I think it is wise to assume someone in the gov’t is doing it too. They are probably even sharing data at times or at least buying it from each other.

Here are the voluntary things people do, that reveal their crypto identity.

1. Putting your crypto receiving address on the a website that can linked you to your identity I (buyer or seller).

2. Putting your shipping address on any internet site that can link your crypto address to your identity.

3. Putting your email address on any crypto internet site or phone APP that can link you to your identity.

4. Anything you buy with cypto reveals your identity via the shipping address.

5. Any crypto exchange you have identified your self to.

If you ever slip up it is record on the web and accessible via archived web pages.

Social Network Mapping: taking out your identity through your interaction with the world around you, much like a game of clue. Only in this case you start by identifying the identity of everybody you are dealing with in real life. This way they can reveal your identity because the other people in real life know your identity. This is a reverse transaction identifier. (phone call records, buying records, banking records, social media records, email records, legal documents.)

So unless you can hide your identity from all of these, targeted efforts to identify you cannot be stopped.

Worse you can be identified by the network of people you interact with! That’s social network mapping.

Here’s how they do it. This applies to BTC

I am now convinced the entire BTC blockchain has been used to list every unique BTC address. And put into a huge database. And they have attempted to connect each one to an identity. This database is my speculation but he power to do it is not. At the start, millions of Btc addresses need identities. I suspect this database of identities and addresses has ben completed for the BTC blockchain.

How did they do this?

Phase 0 record every unique BTC address on the blockchain. Because the chain is transparent and not encrypted this is easy. However, it also create a very large file that is nearly unusable.

Phase 1 is to use multi-input clustering to reduce the list of total unique addresses by nearly 1/2, but probably more. Most BTC wallets these days create a unique coin address for you every time you make a transaction. Thus most people end up with 2–3+ different and unique addresses that all belong to just you on the BTC chain. The longer and the more active you have been, the more addresses you have. Multi-input Clustering is when two address inputs are used to send one output. This is the most common type of transaction. It is beyond the scope of this email to describe this in detail and why it reduces the list by > 50%. But this very large file is still unusable in any practical sense.

Phase 2 is to use address chains. This creates a history of each coin path from miner to wallet and wallet to wallet. It allows many more addresses/cold wallets & exchange wallets to be linked (clustered) to the same person even though you do not know the identity yet. Our database size is again reduced. Probably by more than %50.

More importantly this creates a relational database which is much faster for searches than the flat file created in phase 0. Eliminating the redundancy in the data reduces the computer research time (lookups)

from 30 seconds to fractions of second. And separating the user ID from their potentially large quantity of transactions the resulting size of the database/user-file is now a manageable size.

Phase 3 is to use cross chain and volunteered info. Cross chaining uses techniques 1–5 above to identify addresses from other coin’s block chains. In more detail, this is using other crypto currency blockchains to build similar databases to the BTC database. And using the identities from these to trace a person’s other coin holdings back to he BTC chain. So a wallet with a known identity on the Cardano chain can now be used to identify an unknown BTC address and vice versa.

Phase 4 is IP discovery: Chain Analysis deploys their own BTC full nodes. As these full nodes receive transactions information they record the IP addresses of the original broadcaster when possible. These IP’s are then used to determine a person’s geographic location. In short, any agency building an identity database deploys their own new nodes they control which are especially configured to capture new BTC transactions and the IP addresses of the computers originating BTC transactions.

And while the main purpose is to de-anonymize the information. The capture of the IP address also allows law-enforcement to locate and capture an individual criminal, if that is the goal.

So be aware that this is used for capturing a person once they are identified.

Phase 5–11 is to use the real world volunteered data on the internet to start connecting addresses to identities. Exchange data, any crypto software data (with emails), shopping data and so on and on and on. Much of it is probably collected without our knowledge. All this data is legally obtained and is legal because this data is not considered private. When this is insufficient, secret gov’t requests (subpoenas) through legal channels on commercial businesses finish filling in the missing pieces of information. Given the offshore water boarding, I would not rule out quiet hacking attempts on specially targeted individuals. While not legal, off shore hacking teams seem more than probable. Then there’s gov’t agency to gov’t agency sharing, especially between friendly countries. And there’s always the possibility of malware software on being installed on phones/laptops/cars. Malware that is not destructive just busy gathering crypto address information.

We now know that some Monero transactions/addresses are able to be identified. Zcash too. So privacy coins are not so private anymore. But these 2 are the best we have had some time. Although I would think LTC has joined this group since its latest privacy upgrade. These coins give more privacy than BTC but it is not guaranteed. Some people think TOR is an unbreakable protocol but NO. They have figured out how to breach that too.

Coin mixers such as wasabi or coinjoin are also not guaranteed privacy tools. Again they give more privacy. AND the more you use them the greater the likelihood you can be tracked and identified and exposed.

All of these privacy tools make it harder and certainly work to remain private in the general public. But that’s it, they do not work against the 3 letter agencies nor the corporate types selling chain analysis services. These tools only make the chain analysis job more difficult.

While I tend to fall on the privacy side, these tools have been used to bring down criminals including child porn rings and that is a good thing. Still much of this tech is used and will be used by banks to de-risk their liability by surveilling its users and their transactions without the user knowing.

And that is the biggest thing you need to be aware of!!! You are being surveilled in order for others like banks to stay legally compliant (KYC/AML laws). But you are not being told about it. Chain analysis services like those below are likely quietly being sold to banking services to surveil you. These services were surely used during the Canadian truckers protest to shut down accounts and freeze accounts. The ability to abuse them is as likely as the criminals ability to use them.

The only safe hiding place is to not break the law. As for privacy, it works to shield yourself from Joe and Jane. But not from those like chain analysis companies or the government.

Much of this is published in the book, Tracers in the Dark. Spending time to read it will teach you better in story form, than I can here with technical descriptions. If I can document this without actual training I’m sure there are others that have already been doing this for years. Read the book if you still need convincing. From Mt. Gox (the first btc exchange, and it’s first big hack 2010–14) to the recent Colonial pipeline ransom hack in 2022 these techniques have been used to capture the people responsible for various hacks and crimes and in some cases capture the funds too.

Unknowns: the recent BTC upgrade to Taproot in 2021 made it harder to identified the send and receiver of current transactions. I do not know how much harder. The Zcash upgrades in 2022 hardened it’s chain to protect addresses better. I do not know if or how much these upgrades are effective against tracing capabilities.

In this spy versus spy game the chain analysis side is assuredly studying the weaknesses of these upgrades to continue selling their services. Given what has been done so far to remove privacy, we should expect these new upgrades to eventually fail too.

The only untraceable money is cash. In the crypto world, privacy is proving to be a challenging, moving target. Just from the tracing perspective, it is no wonder the banks, corporations, and governments will be a virtual party place both cats and couple of their own CBDC’s which they can, by their original design, control the proprietary data and access to that data.

It has been pointed out to me that insurance companies have as much or more interest in your personal spending then do the banks… Although the banks with profit more from having additional income from additional data sales.



Clark Mumaw

ex-computer networking technician, post stroke survivor, metaphysical explorer, philosopher, interested in human psychology and spirituality