
How to launder Bitcoins - oleganza
http://blog.oleganza.com/post/67885463476/how-to-launder-bitcoins-perfectly
======
jamhan
That is not what structuring is at all. Structuring is conducting transactions
in a way that will avoid triggering reporting requirements. If the legislation
in your country requires financial services providers to report any cash
transaction greater than or equal to say, $10,000, and you go and deposit
$9500 five times with the sole purpose being to avoid these reporting
requirements, then you are in breach of structuring laws. That's it. It has
nothing to do with the legality or otherwise of the source of your money.

Also, money laundering is not about forbidding buying bad things. In fact,
it's entirely the opposite. It's about buying legal things to hide the
proceeds of crime.

~~~
pmorici
Structuring laws are pretty shitty there have been plenty of examples of
people being screwed over by the government w/o legal due process for just
conducting legitimate businesses that happen to receive a lot of cash payments
from customers. Just one recent one...

[http://overlawyered.com/2013/09/institute-justice-tackles-
st...](http://overlawyered.com/2013/09/institute-justice-tackles-structuring-
forfeiture-case/)

~~~
jamhan
This seems to me to be more a problem of rampant abuse of forfeiture laws
rather than a failure of structuring laws. The many stories I have read
recently of "forfeiture corridors" in the USA would seem to reinforce that.

------
dobbsbob
Bitcoin wiki tells you exactly what you need to do.

Generate addresses offline or proxied through Tor or JonDonym. Use different
addresses for every input. Use CoinControl program to send coins
[https://bitcointalk.org/index.php?topic=144331.0](https://bitcointalk.org/index.php?topic=144331.0)

Never post your bitcoin address anywhere you can be identified, such as a msg
forum signature, or directly to an exchange for withdrawal/deposit. Use
addresses not linked to you (OPSEC).

Stay away from the exchanges that want piles of ID and use P2P trading on IRC
or in person.

~~~
sliverstorm
Managing addresses seems like the easy part, to me. The real challenge is
getting money in & out of BTC, at least until you can spend it just about
anywhere.

~~~
sturmeh
It'll get significantly easier soon enough, but at the moment it's no easier
to load your PayPal with money.

------
nullc
::Yawn:: The insurance contract approach is lame as it makes you lose your
funds if the other party suffers an honest failure (e.g. they get hit by a
bus).

Better protocols are possible:
[https://bitcointalk.org/index.php?topic=321228](https://bitcointalk.org/index.php?topic=321228)
(CoinSwap)

Describing it as "laundering" is more than a little hopeful-eyed. These sorts
of things are privacy mechanisms, which make Bitcoin's privacy a bit closer to
traditional banking... but they don't provide an apparent legitimate origin of
the funds, so they aren't themselves useful for money laundering.

------
hershel
How do you implement anonymous peer discovery against someone who can tap the
whole internet ?

~~~
oleganza
Tor works somehow and NSA admits that it's a pain in the ass even for them.
When someone targets you specifically, you have little chances, but when the
whole network routinely mixes coins it's much easier to hide in the woods.

~~~
hershel
Does tor conceal the fact that you're using TOR, i.e. peer discovery ? because
i got the impression it didn't , that it only did conceal end to end links.

~~~
daurnimator
It doesn't explicitly say if you are the originator vs just some node on the
way.

If you run a tor relay you can hide your own traffic in the noise.

~~~
dllthomas
_" If you run a tor relay you can hide your own traffic in the noise."_

Assuming you don't have way more traffic than noise.

------
a3_nm
There are other approaches for laundering which do not rely on insurance
contracts, such as [http://zerocoin.org/](http://zerocoin.org/)

~~~
oleganza
Zerocoin is interesting, but Bitcoin in its current form has two practical
advantages:

1\. Cryptographic primitives used in Bitcoin are old and well-tested. There's
no crypto code in Bitcoin that was invented by Satoshi and could have been
badly broken in a subtle manner. Zerocoin's commitment scheme requires years
of testing, attempts to crack it and fixing may be impossible. If the problem
is discovered, the whole thing may lose all value overnight.

2\. Bitcoin is more friendly in the eyes of the law enforcement. Bitcoin looks
like a traceable, compatible with "tracking all citizens" policy. It gives it
a green light from the governments. Of course, in reality, you can launder
bitcoins and hide yourself quite well, but that's extra work and complexity.
Meanwhile, like a Trojan horse, Bitcoin comes to the legal scene as a nice
instrument that allows to track "bad" guys. Not relevant in the long term, but
important in the short term to get legality and massive adoption.

~~~
nwh
> _There 's no crypto code in Bitcoin that was invited by Satoshi and could
> have been badly broken in a subtle manner._

Read up on the history of the client. Satoshi was innovative but could
certainly not code securely to save themselves. Most of the script OP codes
are still disabled because they introduced huge vulnerabilities. You could
spend anybodies coins in Satoshi's client, or create integer overflows that
created billions of coins in a transaction.

The client is a lot better now, but to say it's perfect because it was there
from inception is a huge mistake.

~~~
oleganza
Which only proves my point. It's really hard to make it right in v0.1 and you
_have_ to make it right, otherwise the whole thing is forever broken. Even
then, there were two huge bugs: one with integer overflow that created
billions of bitcoins in one transaction. Another was with OP_RETURN that
allowed to spend bitcoins from any transactions without any effort.

Bitcoin wins over more complex schemes because it has less moving parts.
Fortunately, the parts that were enabled work fine and give us awesome
possibilities. Otherwise, they'd be disabled too.

------
cheesylard
I'm starting to get sick of these Bitcoin posts.

~~~
VMG
Get used to it. This now is a bigger part of the tech world than NodeJS and
friends.

~~~
Helianthus
I'm on fat0wl's train out of here. Previously I gave you guys the respect of
honest antagonism. The quackery of bitcoin is so obviously ludicrous I can no
longer justify my time spent pointing it out.

People throwing money around does not make a thing important.

Don't you dare say no one warned you when the whole thing comes crashing down.

And yes, fine, whatever, you can say "toldya so" all you like when Bitcoin
fulfills your fantastic greed and you lot join the 1% of your new capitalist
utopia. Real moral high ground you'll have, then.

~~~
vectorpush
_" The quackery of bitcoin is so obviously ludicrous I can no longer justify
my time spent pointing it out."_

Oh, what a terrible loss for thoughtful discussion, nothing frames a debate
quite as nicely as dismissing the topic of discussion as quackery.

 _" People throwing money around does not make a thing important."_

What does that even mean? I'm not sure what makes something important, but
from an entrepreneur's perspective "people throwing money around" (to the tune
of a couple billion dollars) is at least... significant? something that merits
continued examination? Important doesn't seem like a stretch, but I'm sure you
have a quintessential example of something important...

 _" Don't you dare say no one warned you when the whole thing comes crashing
down."_

I appreciate the smugness in your concern, but just about everyone who invests
in bitcoin is aware of the price volatility, you're like the guy who scoffs at
lost mountain climbers as if they didn't realize that risk was part of the
journey.

 _" And yes, fine, whatever, you can say "toldya so" all you like when Bitcoin
fulfills your fantastic greed and you lot join the 1% of your new capitalist
utopia. Real moral high ground you'll have, then."_

Ok, right. So if I understand, if it all comes crashing down, you warned us
all, but if the opposite happens then we're all assholes for reaping the
rewards of our investment in something we were told was unimportant quackery
destined to fail.

I'm starting to feel like this is one of those posts designed to trigger a
defensive response in gullible readers who mistake your comment for an attempt
at reasoned discourse. What do they call that again?

------
JSZZHlmumeUE
The issue with money laundering in the real world isn't the technical
difficulty. It's easy as pie to launder cash if you ignore the laws
surrounding it.

I'd imagine that if Bitcon becomes prevalent, governments would ask you to
"voluntarily" declare your "salary" wallet. And then if they spotted any sort
of suspicious laundering-like activity happening from that wallet, they would
very quickly obtain warrants and show up at your door asking for an
explanation.

~~~
oleganza
Government would still have to set up a center of "approving" unknown money
coming from other sources into local economy. These centers, as you can
expect, will be massively bribed by everyone who needs to launder their
tainted coins.

Also, governments will be much more limited in power when they can't print
their money at will and do any "deficit spending".

~~~
JSZZHlmumeUE
_unknown money coming from other sources into local economy_

These centers actually exist even today. I personally know places where you
can buy dollars using the local currency for something like a 10% discount on
the market rate. They are obviously very shady and aren't used by anyone close
to being respectable. If you use them and are big enough to matter, expect to
be screwed over by law enforcement pretty much the instant they feel like
getting you.

 _governments will be much more limited in power when they can 't print their
money at will_

I believe printing money is actually a good thing. But let's not get into an
economics argument here.

And governments can easily take over the bitcoin network tomorrow if they
wanted to, simply because the ability of Intel, IBM, AMD/GF, NVIDIA and the
big semiconductor manufacturers to build really efficient mining ASICs vastly
outstrips that of everyone else. And companies like Intel have nothing to lose
and everything to gain by keeping the US government happy if they requests
come in from the top.

Again the analogy with cash is relevant. There is really very little
technically difficult about printing counterfeit cash. I mean there's not even
cryptography involved - it's just security by obscurity! The reason people
don't do it is because governments clamp down on this activity very hard
through _law-enforcement_ mechanisms. Similarly, if the governments thought
bitcoin was important enough to regulate, they'd be able to do it in an
instant simply they have guns and we don't.

~~~
oleganza
> I believe printing money is actually a good thing. But let's not get into an
> economics argument here.

You are confusing ethical argument with an economical one. I was talking
economics, not ethics. Governments get a lot of power from ability to print
money and censor transactions. Bitcoin removes these sources of power to a
high degree regardless of whether it's good or bad. Like, when the internet
got huge, moral question of whether people should be exposed to "evil books"
or not becomes irrelevant. If one wants to read a book you think is not
appropriate, he will do so anyway.

Governments printing ASICs to spam the network... That's the most expensive
way to attack Bitcoin. If anyone ever gets to it, it simply means that BTC is
already established in many places and widely used and very valuable.
Governments would love to extract that BTC for their spendings instead of
killing it. Like it happened with gold: in theory, gold is superior to printed
fiat currency, but it isn't killed, it's confiscated and used as a hard
currency among those who can afford keeping it secure: governments and banks,
not you and me.

~~~
JSZZHlmumeUE
_Like, when the internet got huge, moral question of whether people should be
exposed to "evil books" or not becomes irrelevant. If one wants to read a book
you think is not appropriate, he will do so anyway._

That's certainly an interesting perspective but it makes certain assumptions
about what bitcoin will be used for that I'm not sure I agree with.

 _Governments printing ASICs to spam the network... That 's the most expensive
way to attack Bitcoin._

Not really, somebody estimated that getting ASICs to control 51% of the
network would cost only a few hundred million dollars, which isn't much at all
from a governmental point of view.

Also, as far semiconductor manufacturing goes - pretty much all of it is the
non-recurring engineering cost of designing the IC. The actual cost of
printing it on Si is a very small fraction for large volume chips.

 _Governments would love to extract that BTC for their spendings instead of
killing it._

Governments than can print fiat currency don't really have a problem financing
their spending. They do have a problem with currencies that undermine fiat
currencies.

~~~
cdash
To be honest they don't even have to actually do it, if they so much as just
announced that they were going to do it is probably enough to cause a panic
sell utterly destroying any chance bitcoin has because so many people would be
burned.

~~~
dllthomas
I wonder if that announcement would lead to more or less mining going on. If
less, the announcement would mean the attack itself gets cheaper.

------
Ihmahr
Something I wonder about is whether an isp or peer nodes could detect the
transactions are coming from you.

~~~
oleganza
There's Tor. In addition, your ISP never sees transactions coming _to you_.
You can later spend your newly received coins from some other network.

~~~
nly
I'm not sure about that. P2P bloom filters were introduced to reduce bandwidth
consumption for SPV clients some time ago. I think this feature can
potentially leaks information about what transactions you're interested in.

[https://en.bitcoin.it/wiki/BIP_0037](https://en.bitcoin.it/wiki/BIP_0037)

------
nwh
Pretty much just CoinJoin, which is in development.

[https://bitcointalk.org/index.php?topic=279249.0](https://bitcointalk.org/index.php?topic=279249.0)

~~~
oleganza
I mentioned explicitly why it's not like CoinJoin. CoinJoin leaves a trace of
"structuring money", while perfect mixing needs to leave no such trace. All
transactions must look like regular payments, statistically indifferent from
any other payment. Also, CoinJoin in present form requires a trusted operator
who can mark all transactions as "laundering".

CoinJoin is better for making Bitcoin look good in the eyes of law
enforcement. You can get your privacy with it from everyone, except law
enforcement. Lawful citizens and cops must be both happy and not fear that
Bitcoin will be used for "terrorism".

~~~
nwh
If you're doing it persistently you just end up flooding the blockchain with
useless information. At least with CoinJoin you're reducing the number of
payment TXs that need to be stored and validated. The blockchain is already
getting annoyingly large (20GB+ with indexes) without adding fluff like that.

If you really want to hide your tracks without hiding your tracks, just use
any service with a shared wallet.

~~~
oleganza
You pay for transactions. Don't tell people what to do with their money. Most
of the transactions wouldn't be mixed at all. Just using new addresses with
small balances is good enough for daily purchases. Mixing is needed only in
certain cases like before and after big consolidating transactions.

CoinJoin is nice too, but it does not look well in the eyes of "anti-
structuring" laws.

Shared wallet is an FBI honeypot unless proven otherwise (which is impossible
to do). The best way is to have as big pool of random nodes as possible
participating in the laundering. Like with Tor: the more users join it, the
safer you are from some malicious entities.

~~~
nwh
A shared wallet, not the "shared wallet" service. Many services use them
internally, they're in no way a trap.

> _CoinJoin is nice too, but it does not look well in the eyes of "anti-
> structuring" laws._

Neither is a system that flings around your wallet contents all the time.

~~~
oleganza
Any service can share its operations with an adversary. That's a risk. If you
don't understand that, then you should prefer Digicash to Bitcoin as it's more
anonymous, confirms transactions instantly and does not need any stupid
mining.

System that flings around my wallet contents does not leave a trace of that
activity on the blockchain. Meaning of every transaction is known only to
transacting parties, but not to anyone else. That's the big difference from
any shared wallet, where operator sees the meaning of _all_ transactions going
through it.

------
drakaal
Complex and won't work. Assumes none of your "insurers" are bad neighbors. If
one of your washers is a government shill you are caught.

------
zapt02
I might have missed something, but how can we be sure that malicious nodes do
not just steal your money?

~~~
oleganza
Insurance deposits. Both nodes lock up much more money than being "promised".
If one node does not deliver, another node will automatically destroy both
deposits. Nodes thus are motivated to follow the protocol and not cheat. Since
the process is automated, there's no one to play extortion games.

The insurance contract is a special type of transaction that I invented:
[http://blog.oleganza.com/post/58240549599/contracts-
without-...](http://blog.oleganza.com/post/58240549599/contracts-without-
trust-or-third-parties)

~~~
Nevermark
I like your transaction idea and have an improvement. The trick is to reduce
the costs of one-time punishment. This makes transactions less risky for
contract keepers and more risky for contract breakers:

Terminology: I would call a contract where both parties lock up funds to be
released on successful contract completion a "co-investment contract". Then I
would add third parties we can call "co-investment insurers".

A co-investment insurer could be any party with a solid reputation of their
own to keep, and who has a long term relationship with you (your bank for
instance). For a small fee, (1%?) the co-investment insurer agrees to cover
your investment loss if a contract fails.

Then the economics work like this:

1) People will not be afraid to lock up co-investments when their investment
is insured because the worst that can happen if a contract is broken is they
are out the small insurance fee.

2) Any party who gets insurance will still be incentivized to complete the
contract successfully, so as not to harm their reputation with their long term
co-investment insurer. (Who could increase their insurance fee or cancel their
account if many transactions failed.)

3) Not everyone needs to buy co-investment insurance for this to have a big
impact. The mere possibility of insurance makes punishment a stronger threat
and therefore contracts more reliable.

4) As the systems's reputation for reliably punishing contract breakers
increases, the insurance costs go down, making it even more affordable. This
further increases the system's reliability for punishing contract breakers.

Given that all this can be automated, and reinforces incentives to keep
contracts, I would think that insurance fees of only 1% or even less would
become possible.

