Powerful AMA’ With Ex-Chainalysis Staff Turned Whistleblower Reveals Company Secrets
A current now turned former employee from the blockchain forensics company – Chainalysis has since gone rogue during a Reddit based Ask Me Anything (AMA) within the subreddit Bitcoin.
During this session, he disclosed a substantial amount of sensitive information about the company as well as the kind of capabilities it has in the way of Blockchain Forensics.
While the employee effectively became the Bitcoin / Blockchain equivalent of an Edward Snowden, the Whistleblower has since had some kind of change of heart, having taken to Reddit in order to delete these comments.
Unfortunately for them, and fortunately enough for the curious Reddit community – the Internet has a painfully long memory – these same comments are currently archived on the dedicated Reddit archive known as Removedreddit.com.
Chainalysis Has Its Sins on Full Display For The Public
The company itself operates and works in conjunction with a range of law enforcement agencies, government departments as well as defense contractors of varying levels with a ‘hand in glove' approach.
What this means is that the company operates with a high degree of secrecy in the interests of its clients, but also in the name of its proprietary technology.
It's with this in mind that the company was horrified to find that an anonymous employee was hosting a Reddit Ask Me Anything (AMA) through the Bitcoin subreddit at the beginning of this week without the company's permission.
With the beginning of the AMA, users of the subreddit wasted no time in asking a wide range of probing questions regarding Chainalysis and its blockchain forensic capabilities, with the anonymous employee proving more than willing to answer them.
It was only 12 hours after this AMA had concluded, perhaps with the benefit of very belated hindsight, or after Chainalysis' senior management managed to find and subsequently place pressure on him, the comments were since deleted. While hindsight allowed them to take down these comments, the internet is not so much of a merciful place – there is still a more than comprehensive internet archive available to anyone looking for it.
Just how probing do these questions get, for example? One of them consists of getting the company's own take on mixing tools for Bitcoin, such as Coinjoin, Wasabi and even Samourai Whirlpool. The anonymous user replied with the following:
“I personally love it. The company management hates it, of course. Things like that destroy the need for our/their software. It can make the software completely irrelevant.”
The Biggest Threat to Blockchain Forensics? Often Simple Preventative Measures
When confronted by major organizations such as big-scale and highly experienced analytics companies – there are a large number of cryptocurrency user that feel that they are completely powerless in the face of these self-anointed third party police. If there's any kind of consolation for Crypto users have, according to the AMA with Chainalysis' employee, it's that forensic tools are simply not as powerful as we play them up to be in our imaginations.
Some of the more powerful adversaries to these analytics tools are pretty simple – and they're merely obfuscation measures that can cover your tracks and ultimately thwart them. This is more than just the opinion of one rogue employee. During a conversation with another Chainalysis employee during a blockchain conference, a similar kind of opinion was expressed, which is something that blockchain news outlets can attest to.
The anonymous employee went even further, taking questions like the ability of coin mixing services and other kinds of privacy tools to make Chainalysis obsolete, the employee replied with the following:
“Even just privacy coins are more than anyone can handle right now, but throw in anonymization techniques, and forensic tracking utilities are done for. They might still have a niche purpose, but it will be small.”
The employee also provided some much-needed commentary on what has since become known as the most hated tool in the arsenal of users against Chainalysis – which is called Wasabi. Wasabi itself is a Bitcoin wallet with a special emphasis on privacy for their users that used Coinjoin.
While the anony conceded that for forensic companies, Bitcoin Mixers were ‘still bad', the users asserted further that “Wasabi is still enemy number one, in the minds of blockchain analytics firms.” Anon continues:
“There is no way to de-anonymize it, and I don’t see how the government can legally take Wassabi down, so it will probably persist. Put it this way, if everyone used Wassabi, Chainalysis would go out of business.”
The anonymous employee goes on to further observe that “running your own node and electrum server is a great way to not get your IP tracked” by intrusive analytics firms and their software such as that used by Chainalysis, he further countered with the fact that mobile wallets are essentially bad for privacy.
The whistleblower also takes the time to highlight five of the likeliest things that will get your Bitcoin transaction flagged as suspicious in the eyes of analytics firms. He put forward the following answer:
“Being stolen funds (like from a hacking type incident), coming from a dnm, coming from a mixer, coming from terrorist financing, and coming from ransomware payout addresses.”
Innovative Startup Taking the Fight to Bad Guys? Or Just a Highly Intrusive Company?
To say that the continued existence and operation of analytics companies like Chainalysis along with a wide range of others is considered controversial within the world of cryptocurrencies and Bitcoin would be a dramatic understatement. While it's easy to just leave it at that kind of conclusion, their software has proven to be useful in providing a range of comprehensive research projects along with reporting on any on-chain activities that take place. In the past these have included the matters of UTXO;s, ‘Hodler waves,' as well as a range of lost coins.
This same level of extensive research can also be used to follow the various red lines that coincide with the movement of stolen and hacked funds from various exchanges. But by contrast, there are many that argue that the likes of analytics companies such as Chainalysis go against the whole spirit of Bitcoin, and that its underlying software is being leased out to a range of regimes that are out to surveil, clamp down and subsequently persecute cryptocurrency holders and active users, meaning that the centralized financial system would become even more exclusive, with Bitcoin being prevented from democratizing the very field it was designed to influence.
When this same anonymous individual was quizzed about what the most unethical thing is that Chainalysis has been responsible for, this same employee went on to respond
“1. Transparency. 2. Defeating the purpose of a system that was designed for anonymity, thereby reducing the interest and market for crypto. And pushing people into other crypto platforms, away from what we/they are able to track.”
“[Chainalysis] definitely think they are the good guys,” the anon employee continued.
“They are definitely team government, which doesn’t sit right with me, personally. Self-righteous would be a good way to describe the attitude of some of them … Not a single person in the company has displayed any sort of concern over the ethics of our software except for one person being concerned that law enforcement would use our software and abuse their authority … He left.”
According to the same former employee, some of the wide range of government agencies that have since hired Chainalysis for their software include entities such as the HSI, Federal Bureau of Investigation (FBI) and Inland Revenue Service (IRS). When it comes to actually using the Chainalysis technology, these agencies “seem to have the most licenses, or are, at least, the most active in using our software, since their names come up constantly.”
Along with the previously mentioned government organizations, the
“ATF, DEA, SEC, Secret Service, CIA (through In Q Tel), and most of the other federal law enforcement agencies are running the software. Only really large police departments are running the software (it isn’t cheap) like NYPD. I know some district attorney offices have software licenses too, but I don’t know which ones. Oh and RCMP uses the software too. And Europol. The national police (NCA) in the UK, as well.”
Some of the other incredible gems from this since deleted Reddit AMA include the employee's previous confirmation that Chainalysis runs its own range of Electrum Nodes, at one point, Chainalysis was actually responsible for more than 10 percent of all Bitcoin Nodes along with some further discussions as to whether or not Chainalysis is responsible for dusting attacks in the interests of future tracking.
“It has been discussed a few times, but no one has ever admitted to it. It doesn’t seem like there is much utility in it, because if the address exists on the blockchain, it can already be tracked. And if it doesn’t, a single payment to it will make it appear in the software, so no need for dusting. It wouldn’t improve IP tracking capabilities.”
Advice for Users – Don't Use Mobile Wallet – For Better Privacy, Use Monero and Mixers
The anon employee also went further on to explain that Chainalysis is guilty of keeping its
“Own database on entities in the crypto space are a known, or believed to be bad actors. Individual people aren’t exactly tracked.”
As for discussions regarding cryptocurrencies and users that pass their currency through a mixer:
“Mixed funds are rated as high risk if the mixer is attributed (known about). Same level as dark net markets.”
Throughout the course of the Reddit AMA, he went on to recommend that users, in order to preserve their privacy, use Monero, but went on to reiterate that there was a serious need for user caution when employing the use of a mobile wallet, due to the fact that they simply don't incorporate privacy measures.
Along with these nuggets of wisdom, there was some final pieces of advice that the anon user provided for users with regards to maintaining privacy online. It went as follows:
“I would say to avoid mobile wallets, look into Wasabi/Coinjoin and similar efforts, run a VPN/tor at all times, remember that everything you check out on the clear net is being logged by someone.”
Shortly after typing those words, Reddit user “chainalysis1” deleted their account.