[api]

It seems that to do shenanigans with Bitcoin would require the same care to avoid information leakage that would be required to do similar things with global digital payment networks and banks.

The key would be to begin by considering any address linked to an identity that is you or related to you "dirty," and to be careful about avoiding linkage to any of those dirty addresses. To really be careful I think you'd have to delve into graph theory and data mining a bit yourself, or follow the precautions of someone who knows what they're talking about. You'd also have to take care to pay attention to network addresses under the protocol, using Tor or similar proxying systems and considering any address that's been used from an IP that can be linked to you similarly "dirty." Use of VPSes that accept anonymous payment would also be an option, though again... don't SSH to them from your house! Use Tor or smurf the data around by way of proxies and drop sites and such.

Laundering money would require extreme caution to avoid such contamination, and would present many of the same challenges as money laundering in the fiat currency world. BTC/fiat conversions would be very risky. In-person BTC/fiat conversions are vulnerable to old fashioned gumshoe police work: "hey, that BTC you exchanged on localbitcoin... you happen to remember what that guy looked like?" These are also only feasible for small quantities. Large quantities would present a huge challenge.

What this really means is that Bitcoin is not intrinsically an instrument for villainy as some lazy press articles make it out to be. In fact, criminal use of Bitcoin requires orders of magnitude more technical sophistication, which the vast majority of criminals do not have. A highly educated or sophisticated criminal or intelligence network could surely pull off shenanigans with Bitcoin, but I doubt your average thug or child porn wanker is going to even comprehend the stuff I wrote above. So at the very least, Bitcoin is only a criminal tool for very geeky high-IQ criminals.

[SilasX]

If they were to automate some big system that cycles money among new addresses throughout the network while preserving ownership, then any address connected with someone would be instantly emptied and its money mixed in with numerous unknown addresses.

Unless you intend to prosecute everyone who spends BTC that was ever connected with a "known, even address" (which could very well be an option they take!), anonymity and laundering capability is preserved.

[JulianMorrison]

No, such a simple approach would be vulnerable to "big data" mining, it would show up as an unusual cluster all connected to itself. Non-laundering transactions splay out quickly.

[SilasX]

You mean, connected to a constant stream of new addresses. And wouldn't finding such a cluster be NP-complete?

[feral]

Finding clusters in graphs is a big research interest in the research group I'm part of.

When we started looking at Bitcoin we thought that we would have to use such sophisticated algorithms to uncover interesting structure, but it turned out to be much easier than we expected to find structure and meaning, so we never got too sophisticated.

There's a very active field of research on these cluster finding algorithms - the term to search with is 'community finding algorithms' - http://en.wikipedia.org/wiki/Community_structure has a reasonable introduction.

>And wouldn't finding such a cluster be NP-complete?

That isn't a problem, in practice.

Finding the maximum clique in a graph is an NP complete problem, which you might be thinking of - but 'clique' is a stricter definition than most people would use for 'community', (in that a clique requires all nodes to be connected to each other), and even then very good heuristic clique finding algorithms exist in practice (E.g. the Bron Kerbosch algorithm).

Some community finding algorithms have objective functions which are NP complete to maximise, but again, often fast heuristics are available.

Consequently, there are many good community finding algorithms out there that will quickly find clusters on networks the size of the Bitcoin graph - we ran some, but we didn't do much with their output.

Its difficult to dig into such problems without a ground truth, and again, we could uncover a lot of meaning using simpler techniques.

[SilasX]

Thanks for the explanation!

I think the benefit of this cycling, though, is in the size, not the obscurity. That is, if 60% of the users (and 99% of the addresses) are cycling money to obscure connection to a person, then either:

- You have to accept that "Joe spent a bitcoin that was once in a crime" is insufficient evidence Joe had any connection whatsoever to it, since "most users have touched that bitcoin too"; or

- You have to make it a crime to be a part of such a cycler altogether, which would effectively require an outright ban on Bitcoin.

These conclusions follow no matter how much structure to the trades you can detect.

[JulianMorrison]

Determining whether a thing's a single stream would be down to finding where it touched down in the world of either fiat currency exchange, or purchasable stuff.

I don't know if it's NP complete. But my guess is no. I can immediately think of algorithms (maybe crude ones, I am no statistician) that could be used to attack it, and they require a lot of iteration, not an explosion of recursion.