Money laundering, the process of disguising the origins of illegally obtained funds, has undergone significant transformations in the digital age, particularly with the advent of cryptocurrencies like Bitcoin. In response to increased scrutiny from regulators and law enforcement, users have turned to Bitcoin mixers as a means to enhance financial privacy and anonymity. These mixers, which obscure the source and destination of Bitcoin transactions, have legitimate uses but have also attracted attention for their potential role in facilitating illicit activities, including money laundering.
This exploration delves into the intricate world of Bitcoin mixers, their mechanisms, use cases, and implications for anti-money laundering efforts. We also discuss the evolving landscape of financial privacy and the ongoing challenges faced by authorities in balancing privacy, innovation, and security within the cryptocurrency ecosystem.
Anti-money laundering (AML)
Money laundering refers to the process of blending illegally obtained funds, also known as dirty money, into the legitimate economy, which mainly comprises clean money. This makes it challenging to differentiate between dirty and clean money, allowing criminals to spend their illegal funds without arousing suspicion. The money laundering process typically involves three stages, namely, placement, layering, and insertion, as explained by Frunza in 2015.
In the past, financial institutions had provided avenues for criminal groups to separate their funds from illegal activities, according to Frunza’s 2015 analysis. This has led to modern financial institutions being subjected to strict Anti-Money Laundering (AML) and know-your-customer (KYC) regulations. In the United States, several bills, such as the Money Laundering Control Act of 1986, the Annunzio-Wylie Anti-Money Laundering Act of 1992, and the Money Laundering and Financial Crimes Strategies Act of 1998, require financial institutions to comply with heavy regulatory requirements to prevent illegal funds from being laundered through them. However, with the emergence of decentralized finance (DeFi), there has been a growing trend of money laundering through cryptocurrencies and DeFi institutions, often subject to different AML compliance requirements than traditional financial institutions. This trend was noted by the US Department of the Treasury and Chainalysis in 2022.
Dupuis and Gleason’s review of DeFi money laundering methods identified mixers or tumblers as one of the possible means of laundering. The Financial Action Task Force’s report also highlights mixers as a significant risk for virtual asset money laundering. Recently, the US Treasury sanctioned Tornado Cash, a mixing service, for allegedly facilitating the laundering of over $7 billion worth of virtual currency. Despite much research showing that multiple Bitcoin wallet addresses could be linked to the same user, Bitcoin remains the cryptocurrency of choice for illicit transactions on online platforms, including the darknet, mainly because it offers liquidity that privacy coins cannot match. Bitcoin’s circulation of approximately $374 billion is much higher than privacy coins like Monero and ZCash, which have circulations of $2.7 billion and $850 million, respectively. Additionally, numerous coin-mixing protocols for the Bitcoin network potentially aid in obscuring Bitcoin transaction trails.
Bitcoin, initially introduced under the pseudonym Satoshi Nakamoto in 2008, is a peer-to-peer (P2P) cryptocurrency. One of the fundamental principles of the Bitcoin system is that users can conduct anonymous digital transactions. This differs from digital transactions within the traditional financial system, where financial institutions are obligated to carry out KYC on customers, and transactions can be linked to accounts that may eventually lead to the real-world identities of individuals.
The Bitcoin network allows for anonymous transactions due to its public-private key transaction mechanism. To explain, let us assume Alice has 1 Bitcoin token in her digital Bitcoin wallet and wants to transfer it to Bob’s wallet. Each wallet has unique private and public keys, which are mathematically related on an Elliptic Curve. To transfer the token, Alice would sign the transaction and the public key of Bob’s wallet with her private key, creating a hash and posting it on the public ledger of the Bitcoin network. Then, Bob would sign the hash of the previous transaction and the public key of Carol’s wallet, and post it to the public ledger, creating a chain that can be traced back to verify the token’s validity.
However, users can generate as many wallet addresses as they want, and the addresses cannot be traced back to their real-world identities, making it possible to send and receive Bitcoin without linking the transactions to the user or each other.
In Bitcoin transactions, it is common for users only to want to send the entire amount of tokens they received in a prior transaction. To handle this, Bitcoin uses the concept of Unspent Transaction Outputs (UTXOs). For example, if Alice wants to send only 0.7 tokens to Bob from her 1 Bitcoin token, the transaction would have two outputs: 0.7 tokens to Bob’s wallet and 0.3 tokens as a UTXO to a new address accessible by Alice. Since transactions are unlikely to match the exact amount of Bitcoin tokens in a sender’s wallet, most transactions have two outputs, one for the intended receiver’s wallet and another for the UTXO.
The Bitcoin network can be visualized as a transaction graph since all Bitcoin transactions are publicly available on the blockchain and can be linked to previous transactions. This transaction graph is created by analyzing each transaction message’s tx_in and tx_out parameters, which contain the source and amount of Bitcoin tokens being transacted and the destination and amount of Bitcoin tokens being transacted, respectively. By representing each input and output address as nodes and the transaction between input and output addresses as directed edges, a complete transaction graph of the Bitcoin network can be constructed.
Coin mixing services have emerged as a way to address the anonymity of Bitcoin transactions. Various mixing protocols have been proposed and implemented, but they all follow a similar structure; see also in the figure below. Typically, a user is required to provide an input address containing the Bitcoin they wish to mix and an output address to receive the mixed Bitcoin. The mixing service then employs a method to obscure the transaction trail between the user’s input and output addresses. If the mixing service is successful, the user will now have an address containing Bitcoins that cannot be traced back to their origin. Essential properties of mixers in terms of anti-money laundering (AML) include mixing fees, time delay, and whether they are centralized or decentralized. These properties vary between mixing services and can impact their effectiveness in obfuscating mixed transactions.
Bitcoin mixers can be divided into two general categories, which are centralized or decentralized. Centralized mixers are trusted third-party services where users send their Bitcoin for mixing. However, these mixers typically maintain an internal record that links inputs to outputs, which means that a regulator or law enforcement agency could potentially seize the logs of a centralized mixer to obtain all Bitcoin transactions that have been mixed and conduct a de-anonymization attack to trace the path of Bitcoins obtained through illegal means.
On the other hand, decentralized mixers are peer-to-peer (P2P) services that operate across a network of nodes. Unlike centralized mixers, decentralized mixers do not hold custody of the Bitcoins to be mixed; instead, coin mixing is executed by a protocol. For example, popular decentralized Bitcoin mixers, such as Wasabi Wallet and Samourai Whirlpool, incorporate CoinJoin (Maxwell, 2013) into their mixing protocols. Furthermore, decentralized mixers have many points of failure. Thus, the analysis of money laundering transactions that go through such mixers would likely have to be conducted at the network level, provided that they are well-implemented.
Bitcoin mixers in use
- Protecting business privacy: Businesses can use Bitcoin mixers to maintain financial privacy and avoid being tracked by competitors or other interested parties. For example, an individual may want to hide their Bitcoin transactions from being tracked by hackers or other malicious actors.
- Preserving transactional anonymity: For personal or philosophical reasons, some users prefer to maintain anonymity when conducting transactions with Bitcoin. Bitcoin mixers can help achieve this goal by obscuring the source and destination of funds.
- Reducing the risk of hacks: By using a Bitcoin mixer, users can make it more difficult to trace their Bitcoin funds to their wallet address, thus reducing the risk of hacking or theft.
- Enhancing security: Advanced security measures like multi-signature wallets or encryption can be incorporated into Bitcoin mixers to improve transaction security and protect user funds.
- Avoiding surveillance: In certain jurisdictions, government or other entities may monitor Bitcoin transactions for various reasons. Bitcoin mixers can help bypass this surveillance and maintain privacy. However, it is essential to note that this may only be a legitimate use case in some jurisdictions, and using Bitcoin mixers for this purpose could be illegal in some cases.
- Money laundering: A user may want to avoid having their Bitcoin transactions linked to their identity, so they use a mixer to protect their anonymity. Criminals may use Bitcoin mixers to hide the source of their funds when they transfer money obtained from illegal activities.
Bitcoin mixing protocols
- Wasabi Wallet: Wasabi Wallet is an open-source, non-custodial Bitcoin mixer that utilizes the CoinJoin protocol to facilitate mixing. It enables users to mix their Bitcoin in a trustless, decentralized manner by joining with other users to create a significant, mixed transaction. Wasabi Wallet also implements various privacy-enhancing features such as Tor network integration, address reuse prevention, and transaction fee randomization.
- Samourai Whirlpool: Samourai Whirlpool is a non-custodial Bitcoin mixer that also utilizes the CoinJoin protocol. It offers users the option to mix their Bitcoin anonymously with other users, either through a centralized mixing service or a decentralized CoinJoin implementation. Samourai Whirlpool also includes transaction batching, fee optimization, and private key management features.
- JoinMarket: JoinMarket is a decentralized Bitcoin mixing protocol that enables users to join together in a “market” to execute CoinJoin transactions. Unlike other mixing protocols that require a fixed number of participants, JoinMarket allows any number of users to participate in a mixing transaction, increasing the anonymity set. JoinMarket also includes yield generation, order matching, and trustless operation.
- Wasabi CoinJoin: Wasabi CoinJoin is a mixing protocol developed by the Wasabi Wallet team that utilizes the CoinJoin protocol. It allows users to mix their Bitcoin with others in a trustless, decentralized manner. Wasabi CoinJoin offers many features, such as privacy-enhancing transaction building, integrated Tor support, and collaboration with other mixing protocols.
- CashShuffle: CashShuffle is a non-custodial Bitcoin mixing protocol that utilizes a trustless, decentralized implementation of the CoinShuffle++ protocol. It enables users to mix their Bitcoin with others by shuffling their inputs and outputs with other users to obscure the transaction graph. CashShuffle also includes features such as fee optimization and integration with various Bitcoin wallets.
- SmartMix: SmartMix is a centralized Bitcoin mixing service that utilizes a proprietary algorithm to mix users’ Bitcoin securely and privately. It offers many features, such as fast mixing times, customizable transaction fees, and multi-currency support. SmartMix also includes an API for developers to integrate the service into their applications.
- Bestmixer: Bestmixer was a centralized Bitcoin mixing service shut down in 2019 by Dutch law enforcement for allegedly facilitating money laundering. It offered to mix services for Bitcoin, Bitcoin Cash, and Litecoin and utilized a proprietary algorithm to mix users’ coins securely. Bestmixer also included features such as Tor network integration, customizable fees, and a user-friendly interface.
- BitMix: BitMix is a non-custodial Bitcoin mixing service that utilizes a proprietary algorithm to mix users’ coins securely and privately. It allows users to customize the mixing process by setting custom delays and fees. BitMix.Biz also includes a referral program that rewards users for referring others to the service.
- Blender: Blender is a non-custodial Bitcoin mixing service that utilizes a proprietary algorithm to mix users’ coins in a secure, private manner. It offers many features, such as customizable transaction fees, multi-currency support, and Tor network integration. Blender.io also includes a referral program that rewards users for referring others to the service.
- BitWhisk: BitWhisk is a non-custodial Bitcoin mixing service that utilizes a proprietary algorithm to mix users’ coins securely and privately. It offers many features, such as customizable transaction fees, mixing delays, and multi-currency.
Mixing detection methods
Although the Bitcoin transaction graph is publicly accessible, it is not easy to identify transactions that have gone through a Bitcoin mixer. Therefore, various studies in the field have attempted to identify mixing transactions in the Bitcoin network, as summarized here for examples.
- Prado-Romero et al. (2018). Mixing services are characterized by having significantly higher inter-community linkage in their addresses. This suggests that detecting anomalies in inter-community transactions can be an effective method of identifying mixing accounts.
- Wu et al. (2022). Bitcoin transaction graph is examined to identify repeating patterns associated with labeled known mixing service address nodes. They used temporal transaction information to enhance their analysis and discovered that transactions involving these mixing service addresses exhibit specific characteristics.
- Shojaeenasab et al. (2022). The method noticed that unspent Bitcoin tokens in mixing service addresses eventually become part of a “sweeper” transaction. Sweeper transactions typically have many inputs and only one or two outputs. They also observed a pattern in withdrawal transactions from known mixing services, where such transactions tend to follow a 1:2 pattern, consisting of one input address and two output addresses, with at least one of the output addresses being a Pay to Script Hash (P2SH) address.
Money laundering has evolved with the advent of DeFi, notably through Bitcoin transactions. Bitcoin mixers, designed to obscure transaction origins, pose a challenge for authorities tracing illegal funds, serving both privacy-seeking users and criminals. Services like Wasabi Wallet and Samourai Whirlpool, employing advanced protocols like CoinJoin, offer enhanced privacy and security but face scrutiny and sanctions due to illicit use, exemplified by Tornado Cash.
The widespread adoption of Bitcoin for illicit activities has prompted research to identify and curb the misuse of Bitcoin mixers. The innovations in cryptocurrencies bring significant opportunities but also challenges, requiring ongoing efforts to balance user privacy, financial innovation, and law enforcement needs. The development and adoption of comprehensive strategies are crucial to address the challenges posed by the anonymous and decentralized nature of cryptocurrencies, ensuring the sustainable development of the cryptocurrency ecosystem while mitigating illegal activities.