Blockchain analysis

Blockchain analysis is the process of inspecting, identifying, clustering, modeling and visually representing data on a cryptographic distributed-ledger known as a blockchain. The goal of blockchain analysis is to discover useful information about different actors transacting in cryptocurrency. Analysis of public blockchains such as Bitcoin and Ethereum is typically conducted by private companies like Chainalysis, TRM Labs, Elliptic, Nansen, CipherTrace, Elementus, Dune Analytics, CryptoQuant, and Ormi Labs.

Cryptocurrency exchanges
Cryptocurrency exchanges are often required by law to address the source of funds for crypto traders. For example, Singapore, Japan, and the United States have all passed laws that require exchanges to track the source of the crypto funds. In the United States, the Bank Secrecy Act requires cryptocurrency businesses to implement know-your-customer and anti-money laundering programs, including registering with FinCEN as a money service business.

Blockchain analysis enables law enforcement to trace cryptocurrencies back to individuals wallets on exchanges, which can then be subpoenaed for information on criminal actors.

Method
Because blockchains are typically public, anyone can view the contents of transactions by querying a node or block explorer site (such as Etherscan. io). By using common-spend clustering algorithms, it is possible to map the transactions of certain entities on the blockchain. This is how criminals have been caught moving illicit funds using various cryptocurrencies.

Law enforcement and blockchain surveillance
Blockchain analysis has helped produce evidence in several high interest cases. In 2018, an analysis of bitcoin transactions uncovered a link between major cryptocurrency exchange BTC-e and Fancy Bear. In 2019, a major website hosting child sexual abuse material was taken down by law enforcement using blockchain analysis techniques.

In 2021, the US Department of Justice used blockchain analysis to recover most of the ransom from the Colonial Pipeline ransomware attack. In 2022, IRS Criminal Investigations used blockchain analysis to seize over 50,000 bitcoin stolen from the Silk Road dark web marketplace.