I thought bitcoins were untraceable? Colonial ransom partially recovered

Here’s an article on the subject from the NY Times. It doesn’t say anything that’s not already in this thread, but I thought people might like the link.

I will concede that I thought of Bitcoins as being discrete items (with serial numbers, as it were) rather than just ledger accounts, so I appreciate your effort and others in this thread to clarify that. I’m glad I understand the world better.

We could still legislate illegal possession of bitcoins, with only a few minor complications. It becomes illegal to possess bitcoins traced from an account that received bitcoins from a wallet used to receive bitcoin from illegal deeds. If you are downstream of any transaction from wallet, you are similarly tainted. Cure for the recipient is forfeiting the bitcoin. This would make taking bitcoins from illegal sources exceedingly risky and thus would quickly mean that legitimate users would look for certainty in who their counterparts are. That would achieve what we want.

If somebody posts an illegal bitcoin to Coinbase in the hopes of destroying the legitimacy of all their subsequent transactions - well, Bitcoin had better find and fix the situation quickly by forfeiting as needed. Coinbase would have to adopt protocols to ensure th

e legitimacy of their counterparties or they would quickly lose their users’ faith.

It doesn’t seem to me that they have to be particularly the same.

The first crime (let’s say extortion) could result in forfeiture of 10 bitcoin against the person who committed it. In our brave new hypothetical world, if you are a downstream recipient of the bitcoin from an illegal source, you would be guilty of our separate hypothetical crime - receiving tainted bitcoin, for which the penalty could also be forfeiture of the bitcoin received. If that means there is double recovery of bitcoin for a single crime, so be it. We may over deter criminal enterprise. I’m not particularly concerned about that.

How the government divvies up the money it recovers between victims and its own Treasury can be a fight for the legislature to make. I suspect it would be something like “full recovery to the victim, all the surplus to the government.”

This would put an astronomically large burden on participants, though. It’s reasonable enough to require KYC (know your customer) and AML (anti money-laundering) practices on banking entities, as is becoming an emerging norm. A norm that’s at risk because of constant threats of overregulation as you’ve described.

Think if this were applied to dollars. I paid you a dollar. But all my dollars are fungible and commingled in the same account where I’ve done all my business for the past 20 years. To avoid a crime myself, you have to verify the taint-free nature of every account who ever paid me a dollar in the past 20 years. Then you have to do that for accounts that paid those accounts, ad infinitum for every degree of separation.

That’s plainly unreasonable and unjust. If your underlying argument is “I don’t care”, as it seems to be, then you’re arguing for 1 of 2 things:

  1. A backdoor ban. Okay, go ahead, this product has operated in the dark since day 1, and was designed to do so. We’ll just continue doing that, we never trusted you anyhow.
  2. A selectively enforced ban. Sort of like speed limits, where everyone exceeds the posted maximum, so it’s often actually unsafe to comply. It ends up being a pretext for the police to detain someone on an arbitrary whim. It’s wrong to use speed limits that way, and it is absolutely wrong to use asset forfeiture that way.

You have to understand that the opposite side of this coin is "okay, we were willing to act in reasonable good-faith ways to promote lawfulness, but if you’re going to be draconian about it, we’ll return to using this easily-concealed financial instrument as we have for 10 years, outside of all regulatory reach, which it’s ideally suited to do. And if you ban Bitcoin there are hundreds of other cryptocurrencies competing to be the next one, and are already in circulation.

Authoritarian measures don’t work in systems where no authority exists.

Of course, that isn’t possible to do with dollars. If only there was another currency that somehow kept track of every transaction?

Also, I don’t see how this places an undue burden on anyone. You just have to only accept money from sources you trust. So whatever gateway merchant you use to transfer BitCoin, you better trust their vetting of incoming transactions. If you choose to pay or be paid using a bitcoin merchant that isn’t trustworthy, that’s on you.

Ah, yes. The old “if you ban guns only the criminals will have guns” motif. Do tell, how would criminals do business in Bitcoin if it was impossible to redeem Bitcoin for any kind of legitimate good or service? If you can only pay other criminals with it, bitcoin will quickly lose its value.

You could only make a comment like this if you hadn’t read the thread, or if you hadn’t understood anything you’ve read. I’m happy to answer questions if you have any.

This is not what Tired_And_Cranky proposed. They proposed a regime in which everyone “downstream” of a tainted transaction is also liable. That means I have to verify my source, and my sources’s sources, and their sources, and so on. It’s absurd.

That’s not what that cliche means, nor what I said.

And if pigs could fly, etc.

Compliance would not nearly as bad as you describe. You would need to verify at the time you transact with them that the account/wallet is not a blacklist, maintained as a publicly-available database by the implementing authority. As new accounts transacted with the tainted accounts, they would be tainted until they forfeited the bitcoin they received (and were removed from the blacklist). It would mean that when the database went down, you transact in bitcoin at your own peril. In practice, it would mean that no reputable people would transact at all.

It’s not a ban. It’s a regulation. It would be disliked by bitcoin users but especially by criminal users. You are right that I don’t care about them. It would be a nuisance and a risk of forfeiture to careless good faith users. Those users’ carelessness would be what continues to allow bitcoin to be useful to criminal enterprises. It’s a bit like taking away driver’s licenses from drunk drivers. I have limited sympathy for them either.

You would apply it to all cryptocurrencies, perhaps excluding trivial ones until they became non-trivial. Drawing the line between trivial and non-trivial is an exercise for the reader.

I don’t think that would work in practice. Anyone can create an infinite number of wallets. A ransomware attack could accept coin into wallet X and then immediately transfer it into multiple other wallets, and those wallets into other wallets, etc. Even if they blacklisted wallet X, it would be impractical to try to find out which subsequent wallets were legit or criminal. Any reasonably competent criminal will only use one-time-only wallets, so the blacklisted wallet likely wouldn’t have any coins in it anyway. They likely would have been transferred out by the time the wallet was blacklisted.

Yeah, I considered that and I was thinking through a system to distinguish between good faith and bad faith transactions. Something like a transaction being deemed in good faith only if there was sufficient time (let’s say ten minutes) between execution and settlement so the database has time to get updated. It would mean routinely delaying transactions (and perhaps relying on a trusted intermediary to hold the bitcoin in the interim) in order to have sufficient time to update the database before it could be deemed a good faith transaction. If you didn’t want to wait the ten minutes, you wouldn’t have to but you would bear the risk that the database catches up with your bad transaction and taints your wallet (and so on, and so on). Frankly, I haven’t fully thought through the idea so I’m sure there are more weaknesses to probe.

Rather than blacklisting wallets, could the governments mandate a “know your customer” requirement for wallets similar to banking and say that it was illegal to transact with an unverified wallet? So even if someone can make wallets on the fly, they have to provide some kind of validation of who they are and link themselves personally to the wallet. Remove the anonymous aspect. And extend that to the world banking requirements, where any country which didn’t have similar requirements would be blocked from the world banking community. Then Bitcoin could still work the same, but the anonymity would be removed. I’m sure the criminals wouldn’t like that, but so what? The people who just want to buy coffee and cars using Bitcoin would be fine.

I figure, if you really wanted to use bitcoins to buy a cup of coffee, (in El Salvador??), you would not want to pay the equivalent of $65 in fees and wait 60 minutes. So, whether or not Bitcoin transactions are traceable, the actual point-of-sale transaction would not be on the Bitcoin network, and may or not be itself untraceable, but for independent reasons.

I’d expect that actually this would cause the value of BitCoin to crash since people who only want to use it for shady purposes move on. But if BitCoin cannot compete with other currencies without having its worth propped up by illegal transactions, then why does it need to exist?

In that case the clearing house would would also need to abide by the KYC requirements. They would need to publish the wallets of the transactions and gather KYC info for their customers. If they facilitate transactions with unverified wallets or hide the wallets, they would have their wallet invalidated and they would be put on the KYC blacklist.

Say I am the clearing house. You give me 100 bitcoins, and I hand you a stack of identical casino chips, which circulate all over town. At the end of the day or week (or every single transaction…), a few cafe owners and other small businesses cash in some chips, along with a few private individuals. Even if I am legally required to record your and everybody else’s names, I still do not know who bought what. If someone is selling drugs or not reporting taxable income, they can be caught the usual ways, though.

I thought the Bitcoin clearing houses were more like if the casino gave them traceable casino debit cards and the casino is acting like the clearing house. Sort of like the cash cards that cruise ships and amusement parts use. They may not actually know what is being bought, but they would know that $50 is being used at the gift store or whatever. If the authorities figure out that the gift store is slipping bags of drugs in with cigarettes and charging $50 for a pack, then the gift store wallet is flagged and any subsequent transactions would be illegal.

I don’t operate any bitcoin or other clearing house IRL, but I believe you are correct. I know that someone (but not who) bought $50 worth of stuff at your store since that transaction is cleared by me. (I suppose something more anonymous, if not necessarily more secure, could be implemented; eg the recent European Central Bank report on the Digital Euro considers, among other cases, the possibility of offline, anonymous transactions that do not require third-party intervention— however even with normal Euros you, as a merchant, are supposed to keep your accounts in order lest you get busted)

In any case, if your store gets busted because you are selling crack and ringing it up as breakfast cereal, that does not seem like my fault nor my problem)

What we’re discussing about tainted transactions - isn’t this specifically what happened with Madoff’s “investment” fund? Anyone who received a payment over and above their initial investment had to pay back the amount they’d withdrawn.

Of course, in that scenario, as I understand, people twice removed from the transaction were not touched; but not sure what happened with inheritances…

I assume with some similar situation using Bitcoin the trick would be to prove that the person directly upstream from you in the transactions was legitimate; since obviously hackers could own and pass the ransom through multiple wallets they control.

What happens if I rob a bank and run out and buy a Ferrari for cash? Does the FBI go to the Ferrari dealer and take that cash?

I think something basic like a pre-transaction check would work well enough. Similar to how a store verifies the CC is valid before allowing the transaction. Before accepting coin, legal companies would do a check like “Is it okay if wallet X accepts Y coins from wallet Z”. As long as the check came back valid, the company would be in the clear. But if the company did the transaction without a check or even if the check came back negative, then the company would get in trouble.

With something like paying cash for a Ferrari, an example might be like the dealer accepting counterfeit cash. If they accept it, they may have it seized. Counterfeit money is seized no matter when or where it’s found. With real cash, maybe there would be a way to spot-check the serial numbers, but even then I think they can have the money seized if it’s stolen. I think that’s what happens in pawn shops when someone pawns stolen merchandise. The store has the merchandise seized. And I think even if a customer purchased the stolen item from the pawn shop, the customer can have the item seized as well even though they didn’t interact with the criminal.

Correct, it would probably be worse.

Sure, if we do some magical hand-waving and have an omniscient, permanently up-to-date and correct blacklist, that will work. Do you know of any regulatory and judicial entities that move fast enough to adjudicate this kind of information about a suspect wallet in a matter of days? Because if not, the list is going to be badly out of date within a month, and irrecoverably out of date within a few more months.

What if the account wasn’t on the blacklist when I accepted funds, but was later determined to be on the blacklist? This outcome would be 100% guaranteed since the government can’t possibly move fast enough to update the list in a fair and just manner. It would either become like the opaque and abusive no-fly-list implemented under the Bush administration, or a hopelessly arbitrary process.

This is just naive do-something-ism that comes from not fully grasping the nature and enormity of what you’re trying to regulate. And this kind of casual indifference to the financial impact on good-faith users is the kind of thing that makes them push back on even commonsense regulation.

Look, the reason we have banks in the first place, apart from putting unused funds to work, is to help socialize the burden of managing systemic financial risk so that individuals don’t need to. It’s a huge step backwards to shift that burden back to individuals.

Wave the hands, wave them some more, and keep waving them until all the problems go away.