Disclaimer: This is not financial advice. Anything stated in this article is for informational purposes only and should not be relied upon as a basis for investment decisions. Triton may maintain positions in any of the assets or projects discussed on this website.
TL;DR
Anonymous and Private? Or Traceable and Public?
Many people that are not deeply familiar with blockchain technology are under the impression that blockchains allow for entirely private, anonymous transactions online. While a select few are specifically designed with privacy in mind, such as ZCash or Monero, their use remains limited (<$75M per day in transaction volume). The vast majority – including Bitcoin, Ethereum, Solana, Base, Arbitrum, and essentially all other prominent chains - are open ledgers and thus any transactions that occur are readily viewable through simple tools.
In this post, we will showcase how blockchains generally allow for pseudonymous transactions but are by and large fully transparent for anybody to view.
We regularly highlight how easy it is to monitor and verify onchain balances and transactions. Because blockchains are permissionless public ledgers the data and transaction activity are readily available to access. Every chain has what are called ‘explorers’ that allow for easy monitoring of the chain activity. Ethereum’s main explorer is Etherscan, and anyone interested can watch the activity in real time (e.g. block creation every 12 seconds and all of the transaction activity that occurs as a result). For more technically savvy users, one can run a node themselves or access the data via API or other indexing tools to pull the data on their own. We will provide some simple examples to showcase exactly what we mean.
In the below snapshot (taken from Ethereum’s explorer, Etherscan), we can see all of the transactions that have occurred up until the most recent block that was created 10 seconds ago – including which addresses sent and received, which function was actually executed, the amount of Ether sent, any smart contracts involved, and the network transaction fee to do so. One will note that there is a combination of human-readable addresses (‘Uphold’, ‘Circle’, ‘Paxos 4’) and alphanumeric addresses (‘0x352981eA…’) in the ‘From’ and ‘To’ columns. As we explained in this post, a user’s default address is the public key that they generated to participate on the network, which takes the form of 0x**** on Ethereum. In many cases, however, certain addresses have been identified and labeled either by the owner themselves or by the community, as is the case with Uphold, Circle and Paxos 4 in the example below. Others may choose to self-identify by purchasing, for example, an ‘ENS’ name that explicitly names one’s address, in much the same way a website domain name translates between an IP address and human-readable form (such as www.google.com).
In the example above you can also see if a transaction included the use of a smart contract to facilitate the action. There are a few transactions where the ‘To’ address is “Circle: USDC Token” and “Tether: USDT Stablecoin”, each helpfully marked by a little contract icon. These represent transactions involving the stablecoins USDC and USDT, respectively. As such, we also see that there was 0 ETH involved in these transactions aside from the few-cent TXN Fees required to pay the network for those transactions to be included.
We can easily double click on any transaction of interest to learn more and will focus on a transaction involving the $60B stablecoin USDC here to show how much information is readily available onchain. Let’s look at the transaction 0xaf8d7863ae5e294d9347f7f888b84b1608ca0621ca52e2dff255276653892506, specifically.
First, we know that it involved the smart contract that enables USDC token transfers. At the time of writing, there is exactly 40,005,939,697.781768 USDC on Ethereum held by 2,941,690 different addresses (over 60B across all chains). One can view all of the transactions, holders, how much has been transacted over the past 24 hours ($15.906 billion), which trades it was used in across onchain decentralized exchanges, the code for the contract itself, and other data that one may be interested in understanding.
USDC smart contract on Etherscan
Next, we can examine the single transaction that used the USDC smart contract in order to transfer funds from one address to another. In the specific block of transactions (22197950) at exactly 8:29:11 PM UTC, address 0x3247f6b66F24F672EAcF52080e0381fA45DEb307 sent 101.120982 USDC to address 0x4518521da02Ca5Be9FC14c5faE7dbDe592b0d289 with the transaction hash 0xaf8d7863ae5e294d9347f7f888b84b1608ca0621ca52e2dff255276653892506 . The fee to do so was $0.08, and as a result of the transfer, 0.00004323102167008 ETH was burned by the network:
All of that information is trivially easy to access and is visibility that simply does not exist with traditional financial rails. Readers are invited to click into any of the links above and explore the information available.
This is why networks like Ethereum are considered pseudonymous rather than strictly anonymous. Every single transaction is able to be viewed in extraordinarily minute detail, including the exact addresses involved. However, the specific identity of the user behind each address may not be publicly known. In many cases it is, especially when dealing with important organizations such as exchanges, project teams, stablecoin issuers, etc. But the default state is only being able to identify users by their alphanumeric public keys (addresses). What this means is that if a user wishes to remain anonymous, they can do so only as long as they do not tie their identity to a specific address, or more realistically, to any related addresses. Advanced tooling created by companies like Chainalysis or Arkham are able to cluster addresses together that are more than likely to be associated with a specific user.
A corollary of all of this is the importance of on- and off-ramps between the traditional system and onchain networks. More specifically, even if a user tries to keep their address anonymous onchain, they first have to get their funds onchain somehow and this is most often done through exchanges like Coinbase or Binance or through dedicated on-ramp providers such as MoonPay, Paypal or Ramp. By and large, these companies will require some degree of information to be shared, whether that is a bank account number, debit or credit card, or an explicit KYC process where the user provides the on-ramp provider with their identification in order to comply with various licensing, regulations and KYC/AML and international sanctions laws. Off-ramping (e.g. turning one’s crypto back into regular money) requires going through similar providers. And because there are centralized operating companies involved in these processes that know the identity of their users, there is often the ability to identify otherwise ‘anonymous’ self-custodied wallets onchain by tracing transaction flows and clustering analyses.
The FBI and other law enforcement agencies have become quite adept at following these flows onchain, and because they are able to do this, they are able to track any funds that they deem to be criminal and watch until they are sent to one of these offramp providers. At that point, because that involves centralized companies, they can both a) identify the owners of those accounts, and b) work with those companies to freeze the funds and aid in any arrests or prosecutions.
Teams in control of smart contracts are also able to take action if asked by law enforcement or regulators. Circle and Tether, for example, both have embedded functionality in their smart contracts that allow them to freeze the transfer of USDC or USDT out of a wallet. Each also regularly screen international sanctions lists and will block any addresses that are flagged by e.g. OFAC from being able to use their stablecoins to transact. A list of USDC’s blacklisted addresses are available here, again, publicly available to anyone that wants to view them. At the time of writing, there is ~$93M in USDC frozen in those addresses. The latest USDC blacklisting happened just a few days ago:
Recent blacklisting action for USDC
What do these more advanced tools look like? Well, one can view the transactions that USDC issuer Circle has been involved in:
Tracing Circle’s onchain activity via Arkham
Many readers have likely heard of Strategy (formerly Microstrategy), led by mega-Bitcoin proponent Michael Saylor. Here is what his transaction activity looks like:
Strategy’s Bitcoin activity via Arkham
Fidelity, the major US financial institution is heavily involved in digital assets:
As is Blackrock, the $12 trillion asset manager:
This also works well for tracing any hacked funds. In our last post, we highlighted the recent $1.4B hack of the exchange Bybit. Well, we can all watch how North Korea tried to move the funds around onchain in order to obfuscate the source, in essence trying to launder them and throw off any law enforcement or government agencies tracking. Notice the very different pattern in transaction activity from the normal operations of licensed companies as they try to mask their transfer and flows over time:
Interestingly, the public was heavily involved in helping Bybit track the funds post-hack. One of the best known in the industry (ZachXBT) was actually able to link some of the addresses used to 3 other hacks that have happened. All of the information is available onchain, forever, and because of this, every action makes it increasingly likely that one may be identified even if trying to remain anonymous. Because a past hack was linked to this new one, one is able to gain confidence in the identity of the hackers. In this case, this was the Lazarus Group out of North Korea. Amazingly, none of this is confidential, secret or privileged information released by law enforcement. Rather, this is all available to the public at any time.
Like any technology, blockchains and cryptocurrencies are neutral; simply tools to be used for a purpose. As we explored last post, there are unfortunately many cases where actors have operated in malicious and predatory manners. Several months ago, we also took an in depth look at crypto fraud and scams and tried to contextualize that in the grand scheme of financial crime around the world. Sadly, there remains a great deal, and any user or investor must be aware of the risks.
However, there is a flip side to all of this that hopefully has become clear throughout this post. Even though there is the potential to remain anonymous, for those looking to transact in a fair and honest manner, the traceability of blockchains is an incredibly powerful feature of the technology.
For example, imagine a government that wants to send foreign aid to a developing country, but it is well known that there is a weaker legal system and the potential for corruption in that destination country. Historically, that is a risk that the government has to take when they send money – and there is no guarantee that the entirety of the funds will reach the target destination or be put to use as intended. With blockchain technology, the sending government can now actively track the flow of funds sent and know for certain that every dollar reached the desired recipient, all the while remaining outside of that country’s banking system. Ignoring any partisanship or politics, this is exactly the thinking behind the US government’s recent ideation around implementing blockchain technology in its USAID program reformation. And this is not without precedent either. In 2020, the US government partnered with Circle to send USDC as aid payment to Venezuela. They realized that had they used traditional systems, the Maduro administration would likely have been able to seize or block the funds. However, by using USDC, the US government was able to bypass the dictator and ensure funds were received by their intended recipients. In 2022, the UN also used USDC for aid disbursements to Ukrainian refugees.
So, when one hears the argument that ‘crypto is all anonymous and just for the dark web’, we can verifiably prove that is not the case and easily see what is happening onchain in real-time. Ten years ago, before all of the requisite tooling was developed to trace these flows, Bitcoin and early cryptocurrencies may have been ideal ways to do this. But increasingly that is untrue as the ability to trace transactions is ever improved. For this very reason, Hamas reversed its stance on fundraising via crypto and in 2023 warned supporters against using Bitcoin, largely due to the increasing ability to identify and prosecute those contributing.
Source: Reuters
Is it still possible to remain anonymous? Yes – and criminal actors will continue to try to find ways to get around enforcement and sequestration of funds. This will forever be a cat-and-mouse game, much like it is in the traditional financial world where an estimated 2-5% of global GDP is laundered every year (around $1-2 trillion). But the increasingly complex strategies that criminals are requiring to use – mass wallet creation, bridge hopping, mixers, memecoin laundering – and the very fact we can see and watch all of this happening moment-by-moment is a sign of how far the infrastructure has come and points to what will be possible as it is further developed. As a result, it is also increasingly difficult to successfully commit crimes in a forum that the public can closely monitor. By no means are the infrastructure and preventative mechanisms in place to fully stop this behavior today – it still happens with all too much frequency - but it is yet another sign of a young-but-maturing industry and an area still requiring significant investment.
Unpacking the myth of crypto anonymity.
Revisiting crypto’s core security, systemic risks, and the evolving landscape of threats and resilience.
Revisiting blockchain fundamentals: layers, tokenization, native assets.