[ikeboy]

But Y might be over Tor, or might not keep logs. There's no mechanism I can see for getting past wiped logs after the fact. If everything is done in RAM, and the machine is rebooted every few days, there's pretty much nothing you could do afterwards.

If all you need is a finite number of leads, then trivially the number of humans/bitcoin users is finite. I don't think that makes a difference.

[jgalt212]

Regardless of whether or not Y is over TOR, it cannot serve as a cut out. All the transactions are stored on the blockchain. So if Y tries to convert to dollars, then they have him. Or if Y's proxy Z tries to convert to dollars, they have Z (and by extension Y).

For these reasons, I cannot figure out why they don't know who stole the MtGox bitcoins. The only way to hide is to forever keep your booty in bitcoins. Whenever the thief tries to convert his/her bitcoins to money or goods, the veil of anonymity will be pierced. And given the amount money involved in MtGox, it would be blow wide open.

As an aside, this has to be one of the deeper HN threads that has not devolved into a flame war. kudos to us.

[ikeboy]

It doesn't matter if they catch Y, as long as he didn't keep logs. Nobody, not even Y, knows who Z is, so Z can safely use his coins.

>For these reasons, I cannot figure out why they don't know who stole the MtGox bitcoins.

When you don't understand something, something might be wrong with your model. (http://lesswrong.com/lw/if/your_strength_as_a_rationalist/ comes to mind).

The exact addresses of the Gox stolen coins aren't known AFAIK. Even if they were, to cash out you only need to get someone to accept them without verifying ID. I can send coins to an exchange, and have them send me other coins in a different cryptocurrency, and send those to another exchange, then convert back to btc. If the intermediate currency is something like Monero, then the chain analysis must stop there.

I'm not saying most mixing happens through alts, but it is a fairly foolproof method for anonymity, at the cost of not supporting volume and high fees.

Also, you can sell to people for cash, so any investigation hits a dead end. There are probably dozens more ways to cash out anonymously.

[jgalt212]

> as long as he didn't keep logs.

It doesn't matter who keeps the logs, the blockchain is the log. I really think you are the one who is missing something. Because the blockchain has the entire history, everyone knows every transaction wallets X, Y, Z and any other wallet has ever done.

> A block chain is a transaction database shared by all nodes participating in a system based on the Bitcoin protocol. A full copy of a currency's block chain contains every transaction ever executed in the currency. With this information, one can find out how much value belonged to each address at any point in history.

https://en.bitcoin.it/wiki/Block_chain

[ikeboy]

You don't understand how mixing can work. I send money to your right pocket, you send me money back from your left pocket. At no point were your right and left pockets connected. As soon as you destroy your logs of what your pockets were, there's no way to identify which pocket was which.

Do you understand the concept of taint in block chain analysis, and how mixing can produce untainted coins?

[jgalt212]

I'm talking about tainted wallets, not coins. When a tainted wallet tries to transact outside the bitcoin system, then you're busted.