As a preamble, let’s quickly clarify what the Dark Web is. It’s a kind of clandestine and hidden web. A piece of the Web best known for illegal uses such as drug trafficking or the sale of illegal goods among others. It is accessed through specific software such as Tor or I2P. A perfect playground for anonymous cryptocurrencies.
Bitcoin-proof digital cash
Completely anonymous currencies are largely inspired by the underlying source code of the Bitcoin blockchain. However, they radically change direction both from a technological and philosophical point of view. The Bitcoin protocol has ensured, since its creation, a certain level of confidentiality to its users with the use of private and public keys (my article which details how these keys work: Web 3.0, the redefinition of its digital identity). The software has been designed so that you can access the transaction register, which can be downloaded from any computer, in order to know, via the users’ public keys, the issuing address of the transferred funds, the amount in BTC and the recipient address. Find, in real time, all the mined blocks and the transactions that these blocks include here: Blockchain Explorer
For example, in 2021, in the United States, the FBI (Federal Bureau of Investigation) managed to track down and trace the digital addresses (on the Bitcoin blockchain) used by hackers who had torpedoed 75 bitcoins in the case of the Colonial Pipeline hack. The American federal agents managed to go back to the computer server (via the public keys of the hackers) where the private key (poorly secured) was stored, thus allowing access to the stock of stolen bitcoins and to return the funds thereafter. The very principle of Bitcoin is to be a distributed ledger in which all past transactions can be consulted by anyone and at any time. Our identities are, in the context of Bitcoin, not anonymized but pseudonymized (thanks to the public key). A pseudonym in hexadecimal form (example: “1GH7azeTYdR698azPONdaz597zadf712eazeze14e”) traceable for each transaction made with the public key of each user. Not very practical for hackers wanting to hide and be untraceable. This is not the case for all public blockchains.
Digital cash put to the test of anonymity
Among the most obscure blockchains, and the cryptocurrencies associated with it, we can cite Dash (DASH), Zcash (ZEC), Bytecoin (BCN) and Monero (XMR). The technologies implemented in these tools are suitable for illegal transactions, particularly on the dark web, and are nevertheless paradoxically helpful for certain well-known entities in traditional finance. For example, Zcash developers have deployed solutions on behalf of Quorum, JPMorgan’s private blockchain to make transactions more confidential. The Zcash protocol proposes, thanks to the concept of proof without knowledge (Zero Knowledge Proof in the Anglo-Saxon version), a digital currency making it possible to completely anonymize transactions. In this way, ZCash users can simply hide the origin of the funds, the amount sent and the recipient of the transaction. Thus, the Zcash protocol has the power to guarantee that the transaction has taken place without providing information about it. Pretty handy for Dark Web players. Explanation of the concept of proof without knowledge in the video below.
The creator of the Dash blockchain, Evan Duffield, and his teams have developed two technologies that overlay Bitcoin’s source code to make transactions untraceable:
- InstantSend (immediate payment) allows users to make near-instantaneous payments (as long as the blockchain is not congested with many transactions) while benefiting from the decentralized security of validators on the Dash network. To verify and validate the transaction, it is enough for 10 validators (nodes on the network) to approve the transaction. On the other hand, the exposure to an attack is much greater here, because within the framework of theInstantSend, the number of validators is very limited, a group of hackers could therefore take control of the validation of a transaction and could even hijack the recipient address.
- PrivateSend allows users to enjoy complete confidentiality regarding the structure of transactions. Dash uses the “Coin Mix” technique to anonymously hide the origin of the funds, the amount and the recipient of the funds. This technique consists in taking a certain quantity of coins (cryptocurrencies) which belong to you and mixing them with other coins of other users (while keeping the same value) in such a way as to blur the origin of the funds by modifying the digital identity of users for each transaction. By analogy, it’s as if you had a 50 euro note with an associated serial number, and then, once the “Coin Mix” has been carried out, you end up with 5 10 euro notes, with 5 different serial numbers originally owned by other users. Traceability thus becomes almost impossible.
It is therefore easy to understand why fraudsters in the most obscure corners of the web are leaning towards solutions such as the PrivateSend from Dash.
Bytecoin and Monero
The Bytecoin protocol is based on CryptoNote technology. Its interest, for treacherous actors on the Dark Web, is to offer a high level of confidentiality close to anonymity while maintaining a transaction execution time of less than two minutes. The Monero, which is a deviation (forking) of Bytecoin, changes the characteristics of the mining speed (transaction validation) and uses a technology called one-time in order to create a different digital identity for each transaction carried out, which therefore makes it impossible to trace the balance of an account.
Thus, we understand that not all blockchains can be put in the same basket. Here, we’ve focused on the ones that provide anonymity, but each one has its own functionality and technical characteristics. As we have just seen, Bitcoin cannot be considered as a blockchain allowing the anonymity of users, on the other hand, for Zcash, Dash, Bytecoin and Monero, the desire to hide transactions is obvious. However, they are all based on blockchain technology, a technology that is malleable at the whim of developers. But it is too simplistic to consider these blockchains as being identical when fundamentally they do not all have the same technological underpinnings and the same philosophical vision.
For information, some countries have prohibited trading in these anonymous cryptocurrencies. This is what South Korea did in 2021. Some platforms have also taken the same path, such as Bittrex in the United States, which does not offer these cryptocurrencies due to their total anonymity.
Finally, let’s take a look at the use of cryptocurrencies for fraudulent transactions. The use of these anonymous blockchains, for the purposes of illicit transactions, remains relatively low all the same. If we look at the work of Chainalysis, which provides data, software, services and research to government agencies, stock exchanges, financial institutions in over 70 countries, the use of cryptocurrencies in illicit transactions remains unclear. high (0.15% in 2021).
Share of illicit transactions in total crypto trade volume
Of course, due to the clandestine nature of money laundering, it is difficult to estimate very accurately the total amount of money that goes through the money laundering cycle, but it does give an order of idea. By way of comparison, Europol, the European criminal police agency, and the United Nations estimate that the annual amount of money laundered in traditional currencies (mainly dollars) is between 2 and 5% of world GDP, i.e. between 800 and 2000 billions of dollars.
Let us remember that, concerning blockchains, despite the underlying technological complexities of the cryptosphere, we must not fall into the ease and generalization of all the tools, innovations and assets that constitute it. It is irrefutable that the aforementioned anonymous blockchains clearly aim to provide, certainly a level of confidentiality pushed to its climax allowing anonymity, but also, let’s face it, to facilitate and cover the tracks of malicious actors on the Web. . But Bitcoin cannot be put in that same basket when talking about anonymity.