Sometime we can hear that Bitcoin payments are not really anonymous. Ok, let’s try to test this statement and try to find out as much information as possible about some random transaction. One should not take this test very serious because resources and knowledge we have cannot be compared with some intelligence office.
The experiment
For our experiment let’s take a random transaction from the blockchain explorer and dig into it using various methods. You can then repeat the steps for any other transaction.
We could do some prior investigation on the pre-selected transaction and then present you the results but we will not do it. We want clear experiment.
ID: 7b984df2e9407e4781ccb7cf6700a513d07ac2d81e6946cd5e6171d270cad68f
Tools
What can help us identify the transaction parties? There are few public resources which can be used:
- Blockchain explorer
- Crystal explorer
- Search engines
Blockchain explorer
A regular blockchain explorer already gives us few insights about this transaction. You might want to read our previous article about Bitcoin transactions to get some basic knowledge how to read explorer data on page. We skip this and move forward.
Let go to the transaction page and first thing we want to pay attention to is to this paragraph: PRIVACY ANALYSIS
Transaction is marked as green. This is good for privacy. This means that the transaction does NOT 1. re-use addresses 2. use change addresses 3. use multiple outputs. If the (3) was not the case, we could link transaction to multiple addresses of the one owner. The more addresses of the same owner we know, the more are the chances to identify the owner. So far so good. If you want to understand this paragraph better, please check on this article about Bitcoin privacy leaks.
Ok, so far we can only say that address bc1qe0ez4dewasw04tt7tfn2902quxw3hasqlw4jq4
sent almost 5 BTC in total to 69 different addresses. No change address were used which could mean that it’s not a self-transfer.
Crystal Explorer
There are many different services which help to measure Bitcoin transaction and address risk level. One of them is Crystal Blockchain. Since it’s public and free (for most cases) let’s try to see if it can help us to dig some more info about our transaction.
The below image illustrates the output we get for this transaction. We have expanded the visualization as a tree to see all outputs to the addresses.
Crystal Blockchain tracks and analyzes connections between addresses and luckily they have some info regarding some receiving addresses.
One of the receiver is GoUrl.io. We checked the website and it claims to be a crypto payment gateway. We could identify few more: Bitso (crypto exchange), ByBit (another exchange), Binance (again crypto exchange), many unidentified wallets.
So, what do we have now. This looks like a payout sent to multiple receiving addresses, some on exchanges, for some purchase and some unknown receivers. What conclusion can be made: possible mass payout from some exchange.
Backwards analysis
Let make one step back and check the transaction made to
before it sent that multi-payment.bc1qe0ez4dewasw04tt7tfn2902quxw3hasqlw4jq4
Again we can see strong connection with exchanges but we could not see the owner. So we did one step back again and identified a prior transaction: 107e88e15611ba26149cc36d87c648e6fa546a63dbc1da782fd4aa55cba6fb91
with many inputs and only one output. This means it was a highly likely transfer between same owner. And this owner is viola – Coinbase
So, what do we know so far. The wallet
is highly likely a Coinbase payout wallet. Knowing that some authorized party can make a request to Coinbase and identify all receivers of the transaction we are digging into. Coinbase is a KYC exchange and they keep records of the customers.bc1qe0ez4dewasw04tt7tfn2902quxw3hasqlw4jq4
Search engines
We were not able to find any information regarding possible owners of unidentified receiving wallets on the search engines. This is good. Transaction utilizes good privacy practise but still we know that it a mass payout from Coinbase to its users. Also not so long ago (Oct 2021) Coinbase reported a data leak of 6000 customers accounts, this means that not only authorities might gain access to the Coinbase users information.