The recent Crypto AG story has taken the world by storm. During the cold war, the CIA and W. German intelligence sold encrypted communication devices with a backdoor, allowing them to spy on governments and militaries around the world who used the devices. Are crypto assets at risk too?
CAN THE CIA OR NSA SPY ON YOUR CRYPTO TRANSACTIONS
The Crypto AG story has really awakened a lot of people to the dangers of secret backdoors in encryption and secure communications devices. Crypto AG was a Swiss company that manufactured encrypted communications devices. They sold them from WW2, through the cold war, and into our present age.
They made millions selling these devices, and had a sterling reputation among clients. Little did anyone know that, through a partnership, the CIA and West German intelligence had secretly rigged the devices with a backdoor in the encryption allowing them to spy on the governments and militaries they sold them to.
Do private crypto transactions suffer similar vulnerabilities?
It is possible that one or more of the 5,000 different crypto projects listed on CoinMarketCap are secretly being developed by an intelligence agency or secret military project like Crypto AG.
Aside from a project having a secret backdoor in its encryption, blockchain forensic analysis firms are doing their best to deanonymize users who wish to take advantage of the privacy offered by cryptocurrencies.
Recently law enforcement has been arresting people for using crypto-asset mixers for money laundering, so there is a lot of interest from authorities surrounding privacy coins and private transactions.
DO MIXERS REALLY HELP KEEP YOUR TRANSACTIONS PRIVATE?
Firms like Chainalysis and Ciphertrace use heuristics to make educated guesses on the way cryptocurrencies like Bitcoin move across the blockchain. They study the UTXO set and make assumptions on which are the inputs, outputs and change addresses.
Cryptocurrency mixers and privacy coins like Monero obscure this information making it harder for blockchain analysis companies to track spending, by joining a lot of different UTXOs into one transaction, or in the case of Monero, using advanced cryptography.
Coinjoins and other mixing techniques make it harder for blockchain forensic analysts to rely on their heuristics because they attack the rule set these companies are using to make their guesses about which way the money is moving onchain.
As coinjoining and mixing become more sophisticated, we can assume that a popular cryptocurrency could become compromised like Crypto AG, if law enforcement or military was not able to utilize blockchain forensics in a reliable way.
Blockchains are made to be transparent and easy to audit, so without using a privacy coin or coinjoin, you are vulnerable. In a recent study, analysts were able to track down the real-world identities and financial activity of 133,000 Ethereum users who used the .ETH ethereum naming service.