Why halting the flow of crypto to protesters may be harder than the government thinks

0


‘For the underlying networks like Bitcoin, it’s outside the reach of the government for sure,’ experts say

Article content

Ottawa’s invocation of the Emergencies Act may succeed in slowing the flow of cryptocurrency to anti-mandate protesters, but stanching it altogether is a much more difficult proposition, crypto experts told the Financial Post this week.

Advertisement

Article content

The act, introduced on Monday, forces financial institutions and intermediaries to freeze and report assets, including cryptocurrencies, tied to accounts suspected of funding the protesters, who have blocked border crossings and set up camp in the nation’s capital.

The specific inclusion of “virtual currencies” in the purview of the order has put a spotlight on how Canada’s nascent crypto industry interacts with regulators, including the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC), which monitors for money laundering.

On Thursday, a number of exchanges confirmed to the Financial Post that they had been enlisted in the effort and had received an RCMP letter asking them to flag any transactions related to a list of more than 30 crypto wallet addresses.

Advertisement

Article content

Christopher DePow, senior advisor for financial institution regulation and compliance at London-based blockchain analysis firm Elliptic, noted that the vast majority of crypto activity is already taking place on such regulated platforms, making the powers laid out in the Emergencies Act an effective way to disrupt large transactions.

But regulated platforms and payment companies, he noted, aren’t the only way to move crypto.

“What’s much more challenging is preventing transactions that are occurring in a peer-to-peer way,” DePow said, adding that two individuals sending funds between unhosted wallets — those controlled by an individual outside of a financial intermediary —will be a challenge to track. “You can surveil for it, you can look for information indicating that that type of activity is occurring. But to actually stop it … is a huge challenge.”

Advertisement

Article content

Bilal Hammoud, founder and chief executive officer at crypto exchange NDAX, has his doubts that the federal government has a full scope of how crypto transactions work. He told the Financial Post that there are three pockets when it comes to cryptocurrencies: Bitcoin as a decentralized protocol; regulated crypto entities registered with FINTRAC; and unregistered platforms, including foreign services and payment providers.

“For the first one, for the underlying networks like Bitcoin, it’s outside the reach of the government for sure. It’s a very decentralized network,” Hammoud said, adding that for regulated entities already reporting to FINTRAC, the Emergencies Act would not be much different from regular day-to-day activities of detecting certain target activity.

Advertisement

Article content

One analytical arrow that the government may have in its quiver is detecting a transaction once it hits a fiat off-ramp. Once the cryptocurrencies that are found to be used in support of the vaccine mandate protest brushes up against one of these regulated crypto exchanges that complies with KYC (know your customer) protocols, then it could potentially put the user on the radar to have that transaction connected back to them.

“If these funds used for supporting the protest pass through a regulated entity … the answer is very easy in terms of what they can and what they can’t enforce,” Hammoud said. “If it does not come through a regulated entity, then there’s very little that they can do.”

The off-grid origins of many cryptocurrencies — something that have made them a favourite for black market activity — is a problem that authorities have been grappling with for years. But as blockchain data is public and crypto is not as anonymous as many think, there are signs that authorities around the world are becoming increasingly sophisticated when it comes to tracking the movement of crypto, peer-to-peer or otherwise. 

Advertisement

Article content

In June of last year, for example, the U.S. Department of Justice recovered nearly US$2.3 million from hackers within weeks of a ransomware attack on pipeline operator Colonial Pipeline. At the time, an expert told the Financial Post authorities would have been able to identify the recipient wallet from the blockchain code as a starting point in their probe. Media reports indicated they then were able to gain access to the holder’s private key to access the funds.

In a separate case early this month, the U.S. charged a couple in New York with laundering US$4.5 billion worth of crypto hacked from the Bitfinex exchange in 2016. According to a report in the Wall Street Journal, investigators were allegedly able to tie the stolen funds to the couple when a fraction of a bitcoin was used to purchase a US$500 Walmart gift card years after the theft.

Advertisement

Article content

The Bitfinex case showed how law enforcement was getting more savvy when it comes to tracking funds.
The Bitfinex case showed how law enforcement was getting more savvy when it comes to tracking funds. Photo by Gabby Jones/Bloomberg files

Simon Grant, partner in the blockchain and fintech practice at Bennett Jones LLP, said the Bitfinex case showed how law enforcement was getting more savvy when it comes to tracking funds.

“I think the recent U.S. arrests in connection with the Bitfinex hack demonstrate how much information is out there for law enforcement to obtain — that is, once law enforcement can marshal the technical capabilities necessary to access it,” Grant said.

One technique for analyzing that data is known as “clustering,” according to Dhirendra Shukla, president and chair of Canadian crypto analytics firm Gray Wolf.

The method involves analyzing a cluster of address and transaction data on the blockchain to find patterns in the flow of funds and get a clearer picture of what addresses might be involved in an investigation.

Advertisement

Article content

Shukla told the Financial Post that the government and law enforcement ultimately have the power to trace some of these transactions, potentially with the help of a crypto security firm, but it then becomes an issue of responding quickly in a “cat and mouse” game, as bad actors can attempt to obfuscate transactions by wrangling them together in processes known as “tumbling and mixing.”

“All of those things need to be understood, analyzed, and presented to the government so they can act quickly,” he said.

Catching crypto transactions as they move on and off the blockchain network is an effective tool that becomes more challenging as individuals move on a more peer-to-peer network, Shukla said.

Advertisement

Article content

While authorities are tightening the noose, Elliptic’s DePow said there are still ways that dedicated supporters of the protest could obfuscate their transactions to get around provisions in the Emergencies Act.

Those include using so-called “privacy wallets” that make transactions more difficult to trace or privacy coins that lump multiple transactions together and make them challenging to parse and determine where they come from.

“There are ways to evade monitoring,” DePow said. “But by and large, it’s much more challenging to do than it is to just move out through a regular exchange.”

For now at least, the authorities are still playing catch up.

“When it comes strictly to crypto-to-crypto transfers between wallets, it’s extremely difficult for the government to stop that activity in a meaningful way,” he said.

• Email: shughes@postmedia.com | Twitter:

• Email: bshecter@nationalpost.com | Twitter:

Advertisement

Comments

Postmedia is committed to maintaining a lively but…



Read More: Why halting the flow of crypto to protesters may be harder than the government thinks

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments