> they found a file listing private keys, after gaining access to the suspect's cloud storage
That's backwards. It's how they wrapped it all up. The real trail is pretty clearly AlphaBay 2016/2017 transactions (under gov control around that timeframe), to KYC-flagged accounts at an exchange, with a web of accounts with real info linked together past there.
If he instead started to draw NFTs, and sell it from his KYC account to his dirty wallet, could he still be convicted? What if only one out of every 100 NFTs his dirty wallet purchased was from his KYC account?
Or what if he decided to create his own crypto-currency and it just so happened that his dirty wallet was an early investor of ETH to his fund.
Seems like he could have done more to distance himself.
> Seems like he could have done more to distance himself.
Bitcoin's public ledger makes transactions into prosecution futures.
This is why it's such a poor choice for revolutionaries and funding the marginalized. You leave a permanent indelible public record in posterity that will in the course of time be de-anonymized, automatically, and traced back to you.
Is it illegal to sell your artwork at an auction, and a criminal happens to be the one to buy it? I honestly don't know.
is the onus on an artist or on an "auction house" to vet buyers. If post sale it turns out the money was fraudulent, does the artist need to pay it back?
In crypto terms. You the artist simply put a NFT up for auction at OpenSea. You the scammer happened to purchase the artwork on OpenSea. However KYC is not well enforced, enabling for money laundering between the two wallets.
It's not illegal if it's a coincidence, however, that may reasonably be probable cause for investigation, and if the investigation finds out that it's not that the criminal "just happened" to buy it but that you colluded to do that, that's a felony.
I mean art and other not easily evaluated assets are used for drug trafficking and money laundering.
Auction houses are known to be on the trick -- that is passively mainly/ they don't care and work to "pump" the prices of artwork. But of course law enforcement agencies know about it too.
It shouldn't be illegal: people should be free to buy what they want. But let's not hide behind our noses.
More simply, they might get away with it because, by and large, they're not actually laundering illegal funds, but merely using the exact same tricks to obscure all sorts of socially disreputable but not actually illegal stuff. Of course, there's a real gray area since arguably a lot of disreputable stuff should also be illegal. But by the same token, some people might genuinely want more privacy depending on their circumstances.
> is the onus on an artist or on an "auction house" to vet buyers. If post sale it turns out the money was fraudulent, does the artist need to pay it back?
No. Normally you have to return items that were stolen from someone even if you purchased them without knowing they were stolen. But money is an exception. See:
> If post sale it turns out the money was fraudulent, does the artist need to pay it back?
Maybe? IIRC, if you unknowingly buy stolen property, and they trace it to you, I think you have to surrender it to its rightful owner (without compensation from the police).
I don't think that works with money, though. I can't imagine someone who sold a house to Bernie Madoff would have to give up the proceeds of the sale years later when he is found out to have been running a Ponzi scheme.
In a closely related scenario, if you sell a kilogram of gold to a buyer who pays in counterfeited US currency, then the secret service will seize the $50,000 and you will not be compensated.
Doing business with criminals can bite you, even if you were not participating in a criminal enterprise.
I don’t think thats quite the whole story though. The feds would have no obligation to make you whole but you would almost certainly have a civil cause of action vs the buyer for the full amount, if you could ever collect. So don’t do business with people who can disappear or avoid court judgements.
> Is it illegal to sell your artwork at an auction, and a criminal happens to be the one to buy it? I honestly don't know.
Law on receiving stolen goods is vague, complex, and jurisdiction-dependent. But in some cases, if the money you get paid is "the same" money that was stolen (something that's actually much easier to show with Bitcoin, where every input to every transaction is another transaction's output), and you know about the crime, yes. See People ex Rel. Briggs v. Hanley.
It may depend on the particular country, and jurisdictions on the internet are gray areas... That said, in the US if you are paid with stolen money and then informed of that fact then you are knowingly in possession of stolen money and would have to return it. If you no longer had the money (used it to pay bills, live your life, etc) then it probably gets more complicated.
I get what you're doing here, but that's way too many steps. just because bitcoins ledger is open & transparent doesn't mean there aren't a million other privacy focused coins you could swap into leaving the trail cold.
You can walk in the river instead of trying to cover your tracks.
To be fair there are some cc* that try to address this. Apparently signal was forced to choose the relatively unknown MobileCoin exactly to avoid this problem.
> Seems like he could have done more to distance himself.
On a value system with an inherently public ledger that eventually has to hit a fiat off ramp with KYC/AML requirements? Nah. Everyone has quality opsec until they don't, and the record of your criminal activity is immutable and highly durable.
You can just sell the bitcoin for monero, then sell the monero for btc.
also, as time goes on, the proportion of btc that are "dirty" approaches 1, so these chainalysis strategies become less effective, assuming you aren't stupid enough to do some criminal act then cash out at a kyc exchange the next day from the same wallet
But are there any exchanges that swap btc for monero or eth that don’t have KYC requirements? Seems like it’d need to be off-chain somewhat, unlike uniswap.
Not unless those actors running those non-KYC exchanges are well hidden away from US extradition. Anybody who doesn't have KYC requirements in this space are risking serious prison time. People don't know it yet but the guys running Tether are going to go away for a long time. What they are doing is far worse than Liberty Reserve and Arthur still has 16 year left in his sentencing.
Morgan and Ilya appear to be the original hackers as well so on top of the money laundering sentencing which is around 10~20 years, they now have to deal with the hacking charge which appears to be a separate trial.
Morgan and Ilya aren't the only ones involved and the rest of the guys will eventually appear on DOJ website.
As far as I understand buyer and seller still have exchange information for the transaction to happen. The moment the buyer tries to use the stolen bitcoin he will have the police knocking on his door to find out where he got them from. The seller basically ends up completely at the mercy of the buyers security, with the added bonus that bisq doesn't enforce a completed transaction, so the buyer might just disappear once the goods changed hands without ever paying.
There are plenty that'd swap bitcoin (BTC) for litecoin (LTC) without KYC despite the fact that LTC can now do private transactions via MWEB. As networks integrate private Tx support, breaking the visible chain is going to be getting easier and easier.
"also, as time goes on, the proportion of btc that are "dirty" approaches 1"
I don't follow what you're saying here. Nothing stops something from being dirty multiple times, does it? So nobody might care that it could be traced back to something sketchy 5 years ago, if more immediately it's traced back to last month's crime.
Suppose he deposited it into AlphaBay and then withdrew from AlphaBay, and FBI didn't seize AlphaBay's logs. Where is the criminal immutable durable record now? There is no proof of connection between incoming and outgoing coins. Same principle with mixers.
I mean, for a recent example of how this works in practice: Polygon got whacked for like 650MM last August, but all the fiat and even stablecoin exchanges blacklisted the addresses and the guy got like 5MM “bug bounty” or whatever.
There might be prestige in some circles for taking down some dumbass Solidity coder, and some people seem to be getting some money out still (e.g. Wormhole).
But overall I’m short Trail of Bits consulting rate.
That's backwards. It's how they wrapped it all up. The real trail is pretty clearly AlphaBay 2016/2017 transactions (under gov control around that timeframe), to KYC-flagged accounts at an exchange, with a web of accounts with real info linked together past there.