The Crypto Detectives Are Cleaning Up

Skip to the content sections

Early adopters believed that cryptocurrencies were safe from prying eyes. Tracking the flow of money has become big business.

Credit...Mark Pernice

This article is for you

By David Yaffe-Bellany

April 22, 2023

Ryan Felton advertised his crypto scheme using a grandiose claim: he was creating "Netflix on blockchain."

He named the streaming service FLiK, which is crypto-themed. Customers could buy a FLiK coin for a small amount in the popular digital currency Ether. This would allow them to watch shows and movies on the new platform. Mr. Felton called the project an "entertainment Revolution"; crypto enthusiasts purchased more than $2,000,000 worth of FLiK Coins.

But the streaming business didn't materialize. Mr. Felton instead bought a $1.5-million house and $32,000 worth of diamonds. He also spent an additional $180,000 on a Ferrari red.

In the early 2010s, when cryptocurrencies became popularized, they were widely seen as the perfect tool for criminals. Drug dealers or scammers could instantly transfer large amounts of money without having to rely on a bank for validation. Early crypto supporters were attracted to it because it offered the anonymity and secrecy of cash without the hassle of face-toface exchanges.

This secrecy is an illusion. Blockchain is a public ledger that records crypto transactions. Untrained observers will find blockchain records unintelligible - a mess of letters and numbers. A growing industry is dedicated in deciphering these records.

The New York analytics startup Chainalysis is at the heart of the project. It was valued at 8,6 billion dollars after a funding round in the past year. Chainalysis, a blockchain analyst team that assists the government in tracking crypto transactions, has a reputation for being one of the leading detectives in the crypto industry.

Chainalysis is a company that has become increasingly influential in the crypto industry as federal agencies have intensified their crackdowns on crypto fraud. The company markets to government and private firms as a force of good in an industry that is not well behaved -- a firm with a business of solving crimes and working with public officials.

Chainalysis was hired by the bankruptcy lawyers of the FTX Exchange after the exchange collapsed to untangle the webs of entities that were at the heart of Sam Bankman Fried's empire, and track the $400,000,000 in crypto stolen from FTX accounts by a hacker. Chainalysis also conducted some light diplomacy. In April, the company hosted a conference to bring government officials together with crypto executives that are now trying to regain their trust. Guests were given socks with the Chainalysis brand on them.

Chainalysis' ambassadorial role also puts it at odds with many of the most passionate crypto advocates who see digital money as an anonymous, private financial network. This clash is a fight for the future of crypto, and it's taking place at a turbulent time in the short history of the industry.

Chainalysis, from the government's point of view, is the most trustworthy company in the crypto industry. But that's only because the company sells powerful tools designed to penetrate the veil which made crypto so attractive.

Image

Jonathan Levin (32), one of Chainalysis' founders, said that the blockchain was 'oftentimes key to unlocking an investigation'. It's more traceable, and conclusive.

Mr. Felton will be indicted by the end of 2020 on charges that he used investor funds to fund his extravagant lifestyle. Last summer, he was tried in Atlanta. Beth Bisbee was a Chainalysis Investigator who had previously worked for the Drug Enforcement Administration. She testified for the prosecution. In 2014, Beth Bisbee's analysis of blockchain records assisted the D.E.A. In Arizona, they were able to track down a drug dealer who was using the internet.

This investigation was low-tech. Ms. Bisbee pasted Bitcoin transactions into a spreadsheet and searched for clues. Crypto fraud has become more complex, as it involves multiple currencies with their own blockchain. Chainalysis creates software that automates the tedious work.

Ms. Bisbee showed a colorful chart in the courtroom that mapped the movement of millions of dollars worth of Ether spent by investors on Mr. Felton’s tokens. The funds were routed into a series crypto wallets - digital repositories that people can use to store their holdings. Ms. Bisbee used a forensic tool called clustering to show that all the wallet addresses were owned by Mr. Felton. He had transferred the Ether of his investors from these accounts to an exchange, before transferring them to another. He then converted the Ether to cash.

What was the source of these funds before they were wired? One of the prosecutors questioned Ms. Bisbee.

She replied, "The FLiK token sales."

In July, the prosecution presented their case on four separate days. On the final day, Mr. Felton entered a guilty plea.

Crypto business is a new type of business

Around a decade back, Mr. Levin was a student at Oxford University studying economics. He and a friend were in a pub when, of course, the topic of arbitrage cryptocurrency came up. The price variations of Bitcoin on two different exchanges created an opportunity to make money: buy Bitcoin at a lower price and then sell it.

Levin was unable to complete the arbitrage deal because it was too complicated and time-consuming. He said, 'I had probably 100 pounds in my account.' Levin became fascinated by Bitcoin after the conversation. In 2008, a mysterious person named Satoshi Nakamoto invented the digital currency. He envisioned an unregulated, private form of commerce, independent of government and financial institutions.

Levin, however, was not a radical libertarian. He was a 20-something British man who was interested in cryptocurrency's inner workings. He saw this as an opportunity to advance his career, since not many people were studying it. Then, Bitcoin was considered to be the domain of drug dealers and hackers. None of Levin's teachers wanted to supervise Mr. Levin’s research.

Unfazed, Mr. Levin attended crypto conferences, and wrote a thesis on Bitcoin titled "Creating a decentralised Payment System: A Study of Bitcoin". He still had some questions.

Levin stated that no one knew how or why people used crypto. If you could package up that information and provide it to all the key stakeholders, then you could build one of the world's most important companies.

Image

Levin founded a blockchain analytics firm called Coinometrics while he was at Oxford. However, the company soon failed. He said that it was probably not a good idea to meet his co-founders via Reddit. In early 2015, he met Michael Gronager, a Danish entrepreneur, and Jan Moller who were also working on a project similar to his. Mr. Gronager was using blockchain analysis to track the crypto lost during the collapse of Mount. Gox was an early exchange. Chainalysis was founded by the three men together.

Blockchain tracking has grown in importance as the crypto industry expanded. Some of the biggest crypto companies are now hiring blockchain analytics firms to monitor their customer's activity and to comply with laws aimed at stopping money laundering. In bankruptcy proceedings analytics firms examine public transaction logs of failed crypto companies to find missing funds.

Recent downturns in the crypto industry have had a negative impact on tracking businesses. Elliptic - a competitor of Chainalysis - cut 10% of its staff in Febraury. In the same month, Chainalysis cut about 40 employees - a 5 percent reduction.

Blockchain analysis companies, however, have been shielded from the worst of the effects of the crypto market crash. Chainalysis refused to disclose its exact sales figures. However, Mr. Gronager stated that the company's revenues increased by 70 percent in the past year despite the crypto market crisis. This growth is a result of the business model of Chainalysis: two-thirds its revenue comes through partnerships with public institutions including law enforcement agencies.

According to federal records, the Justice Department paid Chainalysis $12500 for its work in the Ryan Felton Case. This assignment was just a small part of the overall project. The Justice Department, Treasury Department and other agencies pay Chainalysis for the use of its blockchain-tracing technology, including Reactor which maps transactions. According to Jack Poulson's analysis of federal contracts, Chainalysis currently has contracts with the federal governments worth $65 million.

Chainalysis is facing competition lately from smaller rivals such as TRM Labs. This tracking company has become popular by selling software that supports new types of cryptocurrency with names such as Solana.

According to emails obtained by a public records requests, in 2021 an official from TRM sent an email to the Treasury Department questioning its decision to grant an exclusive contract to Chainalysis.

According to emails, the TRM representative requested a "rationale for why this procurement does not follow a competitive bidding process." The representative stated that there are several providers who have similar capabilities and can meet the requirements. According to a TRM spokesperson, the company had its own contract signed with Treasury Department by early last year. TRM and Chainalysis were hired to work together on FTX’s bankruptcy.

Esteban Castano is the chief executive of TRM. He said: 'We moved from a Bitcoin-based world to a multi-chained world. People need tools to track illicit activity, no matter where in the crypto economy it occurs. There will always be new assets and new blockchains.

Privacy is a hot topic

Image

The transparency of blockchain technology has at times been a boon for law enforcement. Chainalysis and U.S. investigators worked together in 2020 to bring down the biggest child-pornography site on the dark Web. Agents located digital addresses for customers using Bitcoin to purchase illegal pornography by analyzing the blockchain. The trail led back to the crypto exchanges from which the customers bought their Bitcoin. The government was able to subpoena these firms in order to determine the identities of the wallet owners.

The rapid growth of firms that track blockchains has caused some unease in the crypto community despite these kinds of victories. Immigration and Customs Enforcement is one of Chainalysis’s government clients. According to federal records, the contract between the two companies could reach a value of up to $12 million. I.C.E. A spokesman for I.C.E. I.C.E. has not used the tools of his company for immigration enforcement.

Privacy advocates view the relationship between I.C.E. and the company as a slippery slope. It looks like a steep slope.

Justin Ehrenhofer is an executive with the crypto privacy company Cake Wallet. He said that it's easy to use a tool for blockchain analysis to determine which transactions send money to El Salvador. This gives them a fresh angle to target immigrants.

Mr. Ehrenhofer first discovered virtual currencies as a teenager. He was using private browsers at the time to search for L.G.B.T.Q. He had not yet told his parents that he was gay. The technology's potential as a tool for privacy drew his interest. This viewpoint is becoming increasingly outdated. The radical and idealistic tradition of the technology has largely been replaced by a more practical approach in recent years as Wall Street traders, Silicon Valley venture capitalists, and other online wealth-generating professionals have gravitated to the cryptosphere.

Finn Brunton is the author of the 2019 book on the history of cryptocurrency. He said that the initial motivation for what we now think of as digital currency and cash was privacy. It's been flipped around.

Image

Cake Wallet is among a few companies that are still working on tools to make crypto-transactions less traceable. It's a counteroffensive, a sort of offensive against the blockchain tracking industry. Cake Wallet's main product is a crypto-wallet compatible with Monero — a privacy coin which is harder to track than most other cryptocurrencies. The exchange of funds are recorded, but transaction details are obscured. This makes it difficult to determine which wallet received or sent the money.

Investors who want to avoid blockchain tracking software can move money through mixers. These services receive multiple transactions and combine them in order to hide the source and destination. The Treasury Department banned Americans from using Tornado Cash in August. It said that the mixer had been used to wash more than $7 billion of virtual currency including hundreds of millions stolen by North Korean hackers.

Crypto investors were outraged by the sanctions. Tornado Cash customers filed a lawsuit against the Treasury Department in order to stop the ban, arguing mixers were essential for privacy protection. One plaintiff said that he donated to the Ukrainian war effort using the service, in order to remain anonymous and avoid retaliation by Russia.

Chainalysis is not very forthcoming about its techniques for combating technologies such as Monero and another crypto privacy service, Wasabi Wallet. The company has been trying to track these transactions. According to documents obtained via a public records requests, Chainalysis offered Wasabi Demixing Services to the Office of Foreign Assets Control (a unit of Treasury Department overseeing sanctions) to help trace the transactions.

Old-school crypto enthusiasts are concerned about the government's ability to access such tools. Max Hillebrand is the CEO of zkSNACKs and the company behind Wasabi Wallet. He said that Bitcoin could be a nightmare surveillance scenario. "That's not the world I would be comfortable with."

Crypto-viruses: How to clean them up

Image

In April, Mr. Gronager welcomed a large group of guests at Links 2023, a conference organized by Chainalysis, on the Marriott Marquis in Manhattan. He wore a Chainalysis orange T-shirt that matched his orange sneakers, and an orange watch strap. A line of glowing orange