Bitcoin, why do I love thee?

I'm still working on a bunch of analysis software to follow coin trails through the bitcoin ecosystem. I have downstream tracking pretty much sorted but upstream tracking (where did these coins come from) is more complex using the understanding I currently have. But a thought occurred to me... Why am I doing this project?
There are two reasons

1) There are people out there who are happy to abuse the bitcoin ecosystem - to steal and to cheat ordinary people of their savings. They think bitcoin offers a smokescreen that will hide their dodgy dealings and antisocial activities. The neat thing is that they are probably very wrong... bitcoin provides data analysts with a complete, unabridged and utterly fascinating history of every single transaction, ever. It's truly Big Data - a vast dataset and a big challenge. But Big Data is cool now. Look at what search engines and social media do with their millions and customers... The tools to unravel the bitcoin block chain are possible and will emerge over the next few years and this kind of fraud will become a thing of the past. The big difference between the virtual world of bitcoin and the world we are used to is that with bitcoin, the evidence is locked forever in the blockchain by a method that is "computationally impractical" to reverse (to use the words of Satoshi Nakamoto). It will never fade or degrade. The tools of the near future will look back at the early history of the blockchain and the truth will emerge - sure as eggs.

2) (but probably should be 1!) Bitcoin is a powerful force for change and potentially that's change for good: Just a few points:

• Bitcoin can connect people with people, anywhere and everywhere and can let them trade, without banks, without currency conversions, without huge fees (just tiny ones) without barriers (without taxes too potentially). It empowers people to do their thing, trade on their own terms and connect person to person. It does what currency should do - it oils the wheels of human commercial endeavour.
• If people connect with people across the world it can unite us - regardless of our governments, politics, religion, whatever. People are just people - we're all the same and the more we connect, the more we realise that.
• Bitcoin its technologically amazing. It is a thing of wonder and beauty. Its peer-to-peer centre-less technical architecture mirrors the peer-to-peer social architecture it promotes. And the way it establishes and records an irrevocable and unchangeable truth is a true innovation. I was reading about Merkle Trees today (every block chain block stores its transactions in one) and apparently they are believed to be resistant to attack even by quantum computers (which themselves are largely a theoretical notion (as I understand it!!)). This is technology of a new kind. 

All in all, I love this bitcoin stuff - I really do... I'm new to the field but its definitely got me. I wish I'd discovered it early and made some money mining a lot of coins - but don't we all I guess.

Is Bitcoin a gift from the gods?

The BBC produced this report in 2013...

http://www.bbc.co.uk/news/business-22366064

People kind of took the "alien technology" thing and ran with it:

http://www.examiner.com/article/wake-up-bit-coin-is-an-alien-invasion

A little paranoid! But all the same it's an interesting thought. Look at the evidence. Nobody knows the true identity of the bitcoin creator, Satoshi Nakamoto (generally believed to be a pseudonym although, as widely discussed, Newsweek found and proudly paraded before us a protesting Satoshi Nakamoto from LA, who denied everything and clearly couldn't have written the Bitcoin White Paper); he appears on a forum, introduces his creation then fades away. His creation is a work of brilliance - profoundly innovative. Efforts to analyse the language of the White Paper SEEM to point to a suspect, but I tend to side with people who say it is reads more like the work of several authors. To me, the voice seems to wobble slightly - maybe the work of multiple authors working and discussing the text together. But equally it COULD be the work of a very good but not quite perfect auto-generation/translation...

If we were/are being observed by extraterrestrial beings, the internet would give them a remarkably powerful new way of observing our world and even influencing our culture. And if we are Not Alone, why wouldn't we expect to be of interest to our fellow citizens of the galaxy. I doubt it would be hard for them to engineer a gateway onto the internet. Flying up to a communications satellite and plugging something in would be a neat way - but a software hack would probably be just as easy! Just think of the massive entertainment that would be for an interested other-world civilisation! A lot more fun than watching us through a big telescope or flying down drones.

If bitcoin were an alien introduction, I'd suspect they meant it as a gift to the people of earth. Maybe they are thinking we need a bit less national government on this planet of ours and more freedom for people to trade creatively with like-minded others around the world. I would second that emotion...

MtGox and Instawallet

In my last post I included a trace of the MtGox coin flows immediately after their Nov 2011 parade if 500k bitcoins. At the centre of the drawing there is clear "hub" for a lot of flow. The same hub showed up even better in some of the traces I did today. It turns out that that is Instawallet, which folded on 2013 after breaches in security. I'm wondering, is there a close relationship between MtGox and Instawallet. More particularly was it the security issues at Instwallet that somehow caused the funding crisis at MtGox? Does anyone have more info on this?

MtGox Bitcoin Trace

Today I have done the first useful processing of the "transaction trace" I produced from the big MtGox show-of-bitcoins in December 2011. After the "show" the bitcoins were reportedly routed away out of sight in interesting ways (see my last-but-one post). I wanted to do some processing to confirm this.

So, I took my big trace file (around 70mb of csv and still running when I stopped the program), then ran it through a python script to select only transactions above 100 coins (just to get the data volume under control). That yielded a Gephi-compatible ASCII edge file with around 30k edges defined. I put that into Gephi and tried some layout options.  Found Force Atlas 2 was the only layout manager that produced interesting results in less than a couple of hours. But HOW interesting!!!

One thing the exercise showed was that I still have too much data. It pretty much overwhelms Gephi - which is the most powerful tool I know of for this kind of stuff. Reducing the data without loosing valuable info will need some though. But here are a couple of Gephi pics to illustrate things I found.

First off, the above image shows Gephi Force Atlas 2 beginning to untravel the structure of a reduced set of data - this one was transaction size limited to 4000 coins (only transactions over 4000 coins). It looks like a big can of worms (and maybe indeed that's what it is). Remember you're watching over a couple of million Euros worth of bitcoin moving there. The ribbons appear to be chains of transactions with one input and one output. It looks like coins were transferred through a really large numbers of addresses in a linear fashion without being dispersed much.

Now, above is the really interesting one. This is one, detached part of the full graph view. It shows the period immediately after the coins leave the main MtGox address. This time the transaction threshold is set at 1000 coins to show up more fine detail. The trace starts at the small toasting fork feature, off the right hand branch (angled at about 4 o' clock). Just as described by the previous author, they get bucket-chained along for quite a while, then they are split repeatedly smaller and smaller, giving the tree structure. This matches the previous investigation. They seem to get split down below my transaction size threshold and disappear from the trace, only to show up later in the huge ribbon structure. There is also a big recirculating loop structure (upper left) with bigger arrows indicating multiple transactions. Is that a tumbler?
There's a lot more to be investigated here, clearly, but I'm at the limits of the techniques I know right now and I need some fresh ideas to deal with these massive data sets. Still, I'm pleased with these initial results.

The game is a foot

Well, I tried to run my trace. Something isn't quite working. First problem - I couldn't verify what the ref'd blog post said about the coin movement from the quoted gox address to the point where "interesting things" happened. In fact the vast trace I produced (70mb when I stopped it) showed no outputs on the  trail from MtGox greater than 100 coins (I'm expecting to see around 400k coins flowing). So... I just looked upstream from the "interesting things" transaction using bitcoin info and found a really interesting flow through what looks like an obfuscater, leading back to a MtGox wallet. The flow starts with this transaction:

31066fbaa7dbfcbde6f7053d5f825c39d0dc3eeafb1fdc9acef4b146e422bf1

from the MtGox address 1LNWw6yCxkUmkhArb2Nf2MPw6vG7u5WG7q to address 1Cj5kAeGK5CQSubY1Bk6HbGdweq15eJtH9. I'm not sure why my app couldn't find this path. Anyway, I'll rerun the trace from there and see where I get to. Could be the obfuscater defeated the trace (a bit worrying!)  Latest: Okay - I just did a trace through the latter address. It took half an hour or so. This address was a useful filter as it only has one transaction in and one out... effectively a throw-away address used just the once to pass the big coin trail through. Most of the key addresses on this trail have similar - suggesting this was part of the movement plan. The trace runs to around 1m transactions so it will take a little work to extract the useful info. I may post it raw on google docs for others to play around with it. Watch this space tomorrow.

Tracing stolen bitcoins wherever they go

I have been working on an application to trace "lost or stolen" bitcoin. I now have a C++ app that will read the entire blockchain and trace transactions from a specified account triggered by a specified date (e.g. the date of the theft). What's powerful about it is that no matter how long and complex the trails, the program can follow them forever and produce a "connected graph" output you can then visualize with a suitable tool. I'll probably start with Gephi - although its certainty not perfect for this task it'll do something with the data and give me a visualisation. I'm hoping to use it on MtGox tonight and should be able to produce a complete trail that shows where all the bitcoin they "demonstrated control of" back in late 2011 ended up. I'm following up this post by a guy who's tried to do this manually but gave up because of the complexity of the way the coins were subsequently split down into smaller and smaller addresses. Hopefully this app will do the whole job. If anyone's interested in following up other coin disappearances let me know and I can run my app (maybe for a small coin donation!).

I'm interested to know if anyone's tried this. Also to know if there are ways of people preventing this kind of trace. I gather a "splitter"or "tumbler" could be used to try to prevent it but not sure how they work... Any thoughts gratefully received.

In writing the code for this I finally (I think!) grasped the way the blockchain and transactions are structured. I did struggle quite a bit to get my head around it, and earlier versions of the code produced traces with anomalies caused by transaction "corner cases". I learned the hard way that bitcoin transactions are more complex and a lot more powerful than I imagined. The fact that each transaction can have multiple inputs (i.e. lumps of bitcoin value assigned into the sending wallet) and multiple outputs (i.e. lumps of bitcoin value) assigned out from the sending wallet to other wallets (and also "change" returned to the sending wallet) was the big issue. This means that a perfect trace of a given coin is impossible as the transaction effectively creates new output bitcoin that is a mix of all the inputs (which were themselves outputs of earlier transactions). It is both beautiful and complex! Effectively my trace should be able to tell you "of the original transaction from address a, value x, y% of the value ended up at address b, having been diluted through mixing with other transactions by z%".

Just a quick question. My understanding, having studied a bit and done this coding, is that contrary to what many people think, bitcoins don't have their own unique identity... There is just bitcoin value that moves between addresses via transactions, mixing in with other bitcoin value as it goes? It would be good to hear others thoughts on this as I want to make sure I got it right. I heard a quote that the first ten times you think you understand bitcoin, you don't understand bitcoin. I think I am somewhere about the 4-5 times mark at the mo.

BTW I found Petri Net notation (or something very much based on it) useful for analyzing the different bitcoin transaction types my code needs to understand.