Blockchain analysis

What is Blockchain Analysis and How Does It Work?

The term "blockchain analysis" encompasses a set of methods from IT forensics that are used to evaluate transaction data. Typically, blockchain analysis is used to determine the origin and destination of a transaction or a series of transactions. While one might think of this as work resembling that of detectives, in practice, these investigations are much more straightforward.

Unlike detectives who often seek non-public information, blockchain analysis relies on data that is publicly accessible. Of course, this data can also be linked to external events, locations, or individuals. In the following, we would like to briefly introduce what blockchain analysis is and how it functions in practice.

The Blockchain is a Ledger

A blockchain, as we know it from Bitcoin, for example, is designed as a decentralized ledger. While it can be used for various purposes, the primary purpose of blockchain technology in most cases is to serve as a decentralized ledger.

In this context, decentralized means that the ledger is distributed. Ideally, each node possesses a complete copy of the entire transaction history. Additionally, it receives and propagates new blocks to continuously update and validate the transaction history. The blockchain itself ensures that no one can create money or Bitcoin arbitrarily. This is primarily achieved by requiring computational power to append a new block to the chain. Only when a miner determines the correct hash value can the next block be added and accepted by the network nodes.

Transactions are carried out by users generating addresses with their wallets. Such an address is a complex sequence of letters and numbers. Therefore, the address itself does not initially reveal information about the recipient. If a user shares their address, anyone can freely transfer the corresponding cryptocurrency to that address. Because the blockchain is a continuous record, all transactions ever made can be analyzed at any given time, both for the sender and the recipient.

What Happens in a Blockchain Analysis?

In a blockchain analysis, key transaction data is used to determine the source and destination of funds or to identify where they have flowed. This is known as transaction analysis. It preferably requires the relevant transaction IDs and the addresses of the sender and receiver. However, these data can also be used for other complex investigations, either manually or with software assistance. Here are some examples:

  • Address Analysis: Analyzing addresses can easily identify behavioral patterns. Who frequently engages in transactions with whom? Are there connections to known addresses of criminals or darknet marketplaces? These and other questions can be answered in detail.
  • Cluster Analysis: By grouping transactions into clusters, relationships that would otherwise remain hidden can sometimes be revealed. Because cluster analysis is more dynamic, transactions are often easier to uncover in this way. Cluster analysis is used in conjunction with blockchain technology to identify addresses likely associated with the same individual.
  • Network Analysis: Network data can also be analyzed. Network analysis includes evaluations of relationships and connections between different nodes, addresses, and transactions. Essentially, it is a detection of behavioral patterns.
  • Money Flow Analysis: As the name suggests, this analysis can visualize the sources of money flows. For example, it can be used to determine how an organization or individual is funded.

In addition to these aspects of blockchain analysis, visual aids are also used to create diagrams that illustrate the flow of money or the connections between different addresses and participants.

How is Blockchain Analysis Conducted?

In principle, blockchain analysis can be carried out manually using a tool called a "block explorer." These tools are accessible to anyone and allow queries if you have specific information to start a search. While this can be considered a form of blockchain analysis, the possibilities of obtaining information in this way are limited.

Professionals, on the other hand, either use tools they have developed themselves or rely on software providers that offer specialized programs. These include companies like Elliptic or Chainalysis. They turn big data into a business and provide investigators and businesses with their own software and processed data.

For end-users, these licenses are generally not of interest because the costs are very high, and expertise and training are required to work with them properly. For them, it is worthwhile to hire a service like Crypto-Tracing when it comes to conducting a blockchain analysis.

Who Uses Such Analyses?

Tools and analyses are commonly used by many companies. Cryptocurrency exchanges, for example, use blockchain analysis to detect transactions to and from suspicious or sanctioned wallets. Because they are obligated to take countermeasures as part of anti-money laundering efforts, they constantly use tools in the background to monitor transactions to and from their wallets.

Some users may encounter surprises if their transactions are directly or indirectly linked to a suspicious address, as account suspension may be a consequence. This is why blockchain analysis has gained a negative reputation, even though most investors have nothing to fear. In reality, it is very rare for honest citizens to come to the attention of the compliance department.

The second group of users of blockchain analysis consists of private or government investigators. They are tasked with clarifying specific situations and securing evidence. While private investigators like Crypto-Tracing have solid training and experience in this field, the knowledge and skills of government authorities can vary significantly. This discrepancy becomes even more significant when comparing international contexts. Not every country has the resources to train officials or provide them with software.

The FBI, the U.S. federal law enforcement agency, likely has the best expertise among all government agencies in this regard. They began collaborating with companies in this field relatively early. Ultimately, the availability of adequate training and resources comes down to budget considerations, and the agency has ample resources.

The Limits of Blockchain Analyses

Despite the public availability of data, blockchain analyses have limitations. For instance, to link a specific individual to a Bitcoin address, it may be necessary to query data that is not public. Typically, only authorities or exchanges have access to such data, if the trail leads to them.

Blockchain analysis faces limitations due to data protection, which is relatively stringent in Europe. In other countries, laws may be more permissive and allow for different types of queries. The extent to which data protection must be ensured when querying data from the blockchain is still a subject of debate. While every address is ultimately a pseudonym, it enjoys the same protection as all other data.

In addition to these concerns, there are also cryptocurrencies that prioritize privacy. Monero (XMR) and Zcash (ZEC) are notable examples, both of which excel at thwarting blockchain analysis. For this reason, these two cryptocurrencies have been removed from use in various countries. We have discussed in detail why these cryptocurrencies are difficult to trace in another article.

The Societal Dimension

In addition to legal implications regarding data protection, blockchain analysis also has a societal dimension. It enables constant surveillance. While movements between bank accounts are also monitored, they are subject to different legal protections than cryptocurrency transactions.

This raises the question of what a society ultimately looks like when it incorporates blockchain technology into everyday life. This aspect is neither trivial nor purely theoretical. For example, the European Central Bank (ECB) took this issue into account when developing and testing the digital euro. Unlike central bank digital currencies (CBDCs), Bitcoin and Ethereum cannot easily alter their protocols in this regard. While theoretically possible, it is practically challenging. Only so-called zero-knowledge proofs could potentially address this issue in the context of second-layer solutions, as they do not disclose many transaction details.

Apart from that, the discussion remains open on how society wants to deal with public blockchains. For example, Bitcoin's design places transparency at the core of its technology. The fact that anyone can analyze and verify transactions is a feature designed to ensure that no one has to rely blindly on trust at any time, and that all aspects remain verifiable.

FAQs About Blockchain Analysis

Can blockchain analysis help combat money laundering?

Blockchain analysis can identify suspicious transaction patterns indicative of money laundering. As a result, it supports both businesses and authorities in tracking and preventing money laundering activities.

Can false suspicions arise from blockchain analysis?

Yes, it is possible for a person or organization to be falsely suspected of being involved in illegal activities. Because it often revolves around pattern recognition, misinterpretations can occur. There are also cases where certain patterns resemble those of criminals, even though no wrongdoing is involved.

Are there countermeasures to blockchain analysis?

Yes, countermeasures include tools like Bitcoin mixers or Ethereum tumblers like Tornado Cash. The use of privacy coins can also be considered a countermeasure. Especially when, for example, Bitcoin is converted to Monero and then back to Bitcoin, disrupting the chain of transactions.

Can blockchain analysis be used for market analysis?

Yes, by tracking the money flows of significant market participants. Applying this approach to DeFi makes blockchain analysis even more efficient. You can observe successful traders because their trades are all public. However, it's important to note that past successes do not guarantee future results. Some providers, such as Nansen or IntoTheBlock, specialize in analyzing on-chain data to enable market analyses for both amateurs and professionals.