[Webcast Transcript] Concerns and Challenges for Blockchain, Cryptocurrency and NFT Investigations | HaystackID

[co-authors: John Wilson and Rene Novoa]

 

Editor’s Observe: On Could 18, 2022, HaystackID shared an academic webcast developed to spotlight the foundational fundamentals of blockchain, cryptocurrencies, and NFTs and to current sensible concerns for the investigational course of round these transactional applied sciences.

 

This session, led by one of many world’s main cybersecurity, data governance, and authorized discovery digital forensics consultants, additionally offered an examination of uncooked knowledge on blockchain ledgers, shared the way to analysis particular addresses and transactions as a part of an investigational course of, and regarded NFTs from an eDiscovery perspective.

Whereas your complete recorded presentation is obtainable for on-demand viewing, supplied in your comfort is a whole transcript of the presentation.

---

[Webcast Transcript] Concerns and Challenges for Blockchain, Cryptocurrency and NFT Investigations

Presenting Specialists

+ John Wilson, ACE, AME, CBE, Chief Info Safety Officer and President of Forensics, HaystackID

As Chief Info Safety Officer and President of Forensics at HaystackID, John gives consulting and forensic providers to assist corporations tackle numerous issues associated to digital discovery and laptop forensics together with main forensic investigations, cryptocurrency investigations, and guaranteeing correct preservation of proof objects and chain of custody.

+ Rene Novoa, Director of Forensics, HaystackID

As Director of Forensics for HaystackID, Rene Novoa has greater than 20 years of know-how expertise conducting knowledge restoration, digital forensics, eDiscovery, and account administration and gross sales actions.

---

Presentation Transcript

Moderator

Howdy, everybody, and welcome to as we speak’s webinar. We’ve bought an excellent presentation lined up for you as we speak, however earlier than we get began, there are only a few basic admin factors to cowl. Before everything, please use the web query software to put up any questions that you’ve, and we’ll share them with our speaker. Second, for those who expertise any technical difficulties, please tell us utilizing that very same questions software and a member of our admin staff can be readily available to help you. And eventually, simply to notice, the webinar can be recorded and we’ll be sharing a replica of that with you alongside the slides through e mail inside the subsequent few days. So with out additional ado, I’d like at hand over to our speaker to get us began.

John Wilson

Properly, thanks. Howdy, and good morning, afternoon, and night to as we speak’s worldwide viewers. I hope you’re all having an excellent week. My identify is John Wilson. On behalf of your complete staff at HaystackID, I’d wish to thanks for attending as we speak’s presentation and dialogue titled, “Concerns and Challenges for Blockchain, Cryptocurrency and NFT Investigations”. Right this moment’s webcast is a part of HaystackID’s common sequence of academic displays developed to make sure listeners are proactively ready to realize their cybersecurity, data governance, and eDiscovery aims.

So the presenters as we speak have been speculated to be myself and Rene Novoa. Sadly, Rene Novoa is just not in a position to be with us as we speak, as a consequence of some unexpected circumstances, so that you’re caught with me, however we’ll get via it. I’m at present employed at HaystackID. Each of us are skilled veterans in digital investigations with particular experience in digital forensics, assortment of cell gadgets, and rising knowledge sorts, codecs, together with Blockchain, cryptocurrencies, NFTs, or different digital property. Having served as skilled witnesses in investigations associated to as we speak’s subject, I’m excited to have the ability to share with you as we speak.

So from a proper introduction perspective, I’m John Wilson. I’m the Chief Info Safety Officer and President of Forensics right here at HaystackID. On this function, I present experience and skilled witness providers to assist corporations tackle numerous digital forensics and eDiscovery (digital discovery) issues, together with main investigations and guaranteeing correct preservation of proof objects and chain of custody. I commonly develop processes, create workflows, and lead implementation tasks for shoppers, together with main monetary establishments, Fortune 100 corporations, and Am Regulation 100 companies. I’ve additionally been lucky to work on a few of the most vital issues on report in the USA and lots of the 39 nations the place I’ve had the chance to work on circumstances.

Right this moment’s webcast presentation is being recorded for future on-demand viewing. A duplicate of the presentation will even be accessible for the attendees as soon as the on-demand model is accomplished, and we anticipate these objects to be accessible on the HaystackID web site quickly after we conclude as we speak’s stay presentation.

At the moment, let’s transfer into our presentation on cryptocurrency and NFT investigations.

So as we speak, we’re going to speak via what’s a Blockchain for people who don’t have vital data or understanding of what’s a Blockchain and what are digital property, what are the makes use of of these digital property? Then we’ll get into investigating and the forensics round digital property and Blockchain and cryptocurrencies, and all that enjoyable stuff, how are you aware if digital property exist within the case that you simply’re engaged on, after which some suggestions and methods or issues that assist advance these investigations.

So what’s a Blockchain? Actually, it’s troublesome to get right into a dialog about cryptocurrencies and digital property for those who don’t perceive what a Blockchain is, to start with. So actually, from a simplistic standpoint, a Blockchain is a ledger of data that data transactions. In order that ledger is public. The Blockchain is public. Anyone that has entry to a shopper can entry the Blockchain for that individual ledger. The transactions are recorded. Most of them say anonymously, nevertheless it’s actually synonymous. A variety of the data might be tracked again, it’s not actually nameless. The transactions are recorded to a hash or a crypto string, which is generally called the general public tackle for any individual. I imply, it has no figuring out data, however there are methods to lookup and discover a few of that data, however the important thing level is it’s an immutable ledger.

So it’s a ledger that after it’s written to, it could’t be modified, as a result of as you write new blocks to the chain, it’s the older blocks, the validation, and the hash for the validation of these blocks, is what builds the important thing for the brand new block. So for those who alter any of the earlier blocks, it could invalidate your complete Blockchain, and so therefore, it’s immutable, for those who change something, it’s going to interrupt the Blockchain, new transactions, the brand new blocks, wouldn’t be capable of be efficiently mined or validated, and we’ll get right into a bunch of those phrases right here shortly. However once more, the transactions are on this public ledger, so they’re traceable. You possibly can observe, “Hey, I’ve bought this public tackle, this hash key, that’s associated to a transaction or units of transactions”, and you may observe that hash key and see the place these currencies have gone and the place they have been spent. Now, you’re solely in a position to perceive the hash key that it’s related to or the tackle that it’s related to, and you need to make the most of different methodologies to then perceive what that tackle is or who it belongs to.

It’s actually additionally necessary to grasp that there are a lot of Blockchains and public ledgers. You get Bitcoin, Ethereum, Tether, Ripple, Dogecoin, advert infinitum. There are tons of of them within the market, or 1000’s, actually. After which you may as well have personal ledgers. So you will have monetary establishments which may run a Blockchain or any type of entity, nevertheless it’s widespread in logistics and monetary establishments, the place a monetary establishment has places in a number of nations, as an example, and they also’ll use their very own personal Blockchain to handle transfers to totally different accounts or totally different places via their Blockchain, as a substitute of utilizing Swift or worldwide wires, and the methodologies that banks historically have used. It permits them to account for and monitor these transactions a lot sooner.

And so, loads of attention-grabbing issues are being achieved round that, and we’ll speak about there are a lot of extra makes use of than simply digital property and simply cryptocurrencies. You could have logistics. Firms are utilizing the Blockchain to trace – there’s an enormous poultry firm, as an example, that tracks the eggs that they delivered to the grocery from the conception of the egg, what hen home it was made in, all over packaging, into cargo to the shop, after which truly dishing out on the retailer, who bought that dozen eggs. They’ve very concerned Blockchain techniques that monitor all of that data. And you then even have good contracts. You could have the NFTs. There’s simply loads of exercise, loads of issues that Blockchain may be very nicely fitted to.

Once more, it’s this immutable public ledger. It turns into very intriguing for doing loads of these several types of issues. Sensible contracts are very attention-grabbing. To interrupt a wise contract down into easy phrases, a wise contract is type of like a merchandising machine, these old fashioned merchandising machines. It’s bought all these items in there, after which it’s bought a keypad with some letters and a few numbers. So that you stroll as much as the machine and also you punch in I would like B2, and so B2 goes to drop you out these Bugles chips or no matter it might be in that individual slot. So you possibly can consider a wise contract as similar to that. So as soon as any individual goes as much as the machine, they meet the situations to set off the good contract. So like within the merchandising machine, the situation is that I’ve put within the acceptable quantity of foreign money into the merchandising machine, I’d then punch the important thing that claims, hey, I would like B2, after which it dispenses B2, and that’s just about how a wise contract works.

As soon as the situations are met, you place within the acceptable foreign money, or the suitable enter, no matter which may be, the good contract triggers and it does no matter directions that good contract is meant to do, and that may be signing an actual property contract, it may be establishing a course of to ship a automobile to any individual, it may be loads of various things, and it may be very complicated with a number of steps. However ultimately, it’s actually only a merchandising machine. It’s a course of when the situations are met, the method triggers, goes via no matter steps it has, and there could also be checkpoints or new actions that need to happen. So just like the merchandising machine, you begin the good contract by placing the cash in, then it’s ready for enter. You must choose the letter first, after which the good contract’s like, okay, I now have a letter, so now I’m going to ask for a quantity, after which you choose a quantity, after which it provides you the actual merchandise associated to that. There’s loads of steps concerned in that, although it appears quite simple. You could have the foreign money entering into, you will have validating, did I get the suitable quantity of foreign money? Sure. Okay, now I can ask for the enter to say what I need to be distributed out of the machine, and increase, okay, I’ve bought A and I’ve bought 2. Okay, now I’ve bought my correct inputs. Now I’ve to spin the coil. Spit out the only merchandise. Did the only merchandise fall via the trapdoor? Sure, it did. Did the trapdoor get opened? Sure, it did. Did the merchandise get pulled out of the trapdoor? Sure, it did. Now the contract is fulfilled, it’s accomplished. In order that’s actually the primary gist.

So what sorts of digital property are we speaking about? Once more, we’ve gone via most of this however you will have digital currencies, cryptocurrencies, and NFTs. NFTs are artworks which might be tied right into a Blockchain so you possibly can present sole possession, who owns that individual merchandise, a number of dialogue round NFTs, and we’ll get a little bit extra into that in a bit. Stablecoins. Stablecoins are pegged to one thing or backed by one thing. So you will have USDT, the US greenback tether, you will have a bunch of various tethers of that nature, and that’s actually attention-grabbing territory as a result of there have been some challenges in that just lately, and we’ll speak extra about that shortly as nicely.

Then you will have Blockchains, your digital property which might be strictly digital coupons and vouchers, like Burger King will ship out to clients that submit for a sure factor or do sure issues, they’ll give them digital vouchers or coupons which might be tracked on the Blockchain, to allow them to monitor the redemption, who redeemed it, the place they redeemed it, how they redeemed it, and all types of different data. So it’s a really helpful advertising software.

After which you will have the good contracts, and good contracts, once more, can do many alternative issues. They require that you’ve that acceptable enter, they require that acceptable actions are taken, and the conclusion.

One final remark about good contracts that’s actually necessary is as soon as the triggering situations are met, the good contract will execute. It’s constructed into the Blockchain that method. So you need to be – a complete space that’s going to have to be checked out is actually going to be… how nicely the good contract itself was written, as a result of once more, as soon as situations are met, the good contract triggers, so you probably have a programming error and that good contract triggers due to that programming error, it’s going to execute, it’s going to do what it’s speculated to do and observe via with that course of.

So who makes use of digital property? What are the makes use of of digital property? Actually, most individuals have heard concerning the felony or unhealthy exercise, ransomware, darkish market, darkish internet, the place individuals are transacting and paying for issues in cryptocurrency, however there are one million reliable causes. A variety of industries are utilizing it. It’s used to resolve geographic points. So that you’re in a market house, the place perhaps the standard foreign money in that market, in that geographic space is just not very secure or dependable or accessible, and digital property can actually present some benefits there.

While you begin speaking concerning the industries that become involved in cryptocurrencies, there are loads of companies now accepting cryptocurrencies. There are loads of monetary establishments utilizing it to, once more, run personal ledgers that switch currencies forwards and backwards throughout their organizations. Many, many alternative industries that partake and have some very legitimate makes use of for it. It’s not strictly seen as a felony exercise the place initially a a lot bigger proportion of the exercise on the cryptocurrencies was felony. Right this moment, there may be loads of legitimate exercise, loads of makes use of, loads of investing and buying and selling, day buying and selling, like hedge funds which might be being backed by cryptocurrencies. There’s loads of exercise across the cryptocurrency utilization and definitely adoption throughout the monetary market.

It’s nonetheless extremely unregulated, it’s nonetheless very younger. The EU is simply now beginning to do some regulation round cryptocurrencies and that may proceed to mature, after which the Blockchain, digital property will proceed to evolve and mature as {the marketplace} evolves and matures round it.

So what are a few of these legitimate makes use of? Why would a enterprise become involved in it? So, there are loads of monetary makes use of, the place organizations are using the cryptocurrencies to promote items, obtain items; some organizations are utilizing cryptocurrencies as a hedge towards the volatility within the conventional currencies. You could have very vital functions within the micropayments world the place it’s a lot tougher to cope with micropayments, pennies and cents. A variety of currencies are beginning to eradicate a few of that, or loads of locations are beginning to not carry the change, however cryptocurrencies can go right down to decimal factors of cents. A single little bit of Bitcoin is down into the hundredth of cents and might be divided in a lot smaller chunks, and it’s additionally loads of exercise round decreasing or minimizing the prices per transaction.

So, the price per transaction in some cryptocurrencies might be a lot decrease than, say, a normal bank card trade price. So when a enterprise takes a bank card, they pay a proportion charge of that transaction in an effort to obtain these funds, and for companies, these cryptocurrencies can cut back what these charges are, and make it in order that the precise group promoting the products can seize extra of the worth that they’re getting paid, and whether or not that’s handed on as value financial savings to the buyer or handed on as higher profitability for the group, there loads of prospects there, however that diminished charge construction’s actually making vital positive aspects within the commerce marketplaces. You possibly can see there’s loads of

client exercise round this, round the usage of cryptocurrencies. It’s simpler. They’ll preserve one pockets with a number of currencies in it. It has password management or entry controls, so it’s a lot tougher to be stolen basically phrases, however folks don’t at all times handle their passwords correctly, and so that may additionally change into an issue. A variety of attention-grabbing issues there.

So this can be a actually attention-grabbing one as a result of this slide was achieved a month in the past as we have been getting ready to do that presentation, and so Bitcoin, once we did this, was price 43,207. Properly, the entire cryptocurrency market truly has considerably dropped. So as we speak’s value this morning, a Bitcoin is price about 28,953, so you possibly can see it’s a 25% drop, virtually 30% drop over the course of the final 30 days. Ethereum once we did this was price $3,341, and as we speak it’s price $1,952. Once more, a big drop. Tether is an attention-grabbing one and we’re going to speak extra about this in a number of moments, however Tether is a stablecoin, it’s pegged to the US greenback, and it’s speculated to at all times be price $1. Right this moment’s market, it’s price 99 cents as a result of there’s been excessive volatility and they also’re having bother sustaining that peg. Very attention-grabbing stuff. Very difficult. BNB, one other one made a big loss. 498 was the worth once we did this, it’s now price 290. So, as you possibly can see, the crypto market cap was over 2 trillion once we offered this slide. Right this moment’s market worth, cryptocurrencies, the overall quantity is barely price 1.24 trillion. In order you possibly can see, a really vital drop within the market.

Now we’re going to begin getting in direction of corporations which might be utilizing or adopting cryptocurrency so we will begin stepping into the precise investigation aspect. Why do we have to perceive investigations? All of this was foundational data, however now you possibly can see, you’ve bought Starbucks, Subway, Microsoft, professional sports activities groups, Tesla, all of them buying and selling, accepting cryptocurrencies in a single form or one other – Entire Meals, Burger King. Burger King’s one of many massive ones that makes use of these digital coupons. Very attention-grabbing stuff. Entire Meals Market, so staple objects, your grocery retailer, taking cryptocurrencies. Very intriguing stuff, or hedging with cryptocurrencies.

Okay, so now we’re going to speak about non-fungible tokens. Clearly, it’s been a scorching subject, everyone has been speaking about NFTs, and so what’s an NFT? Why is it necessary to grasp what’s occurring there? So, NFTs are actually digital objects, music, artwork, movies, no matter, digitally. There are tweets which might be captured as photos that may be offered on the Blockchain and make sure that there’s a sole proprietor that has full rights to it that owns it. After which that individual can switch it. So it’s like artwork possession, is a technique of it, however with a a lot simpler to entry market. It may be simply transferred, and once more, it’s an immutable ledger and the possession might be confirmed very simply and shortly by going via the ledger and seeing who has the final rights to it, who transferred the final rights to it.

So, once more, there’s been loads of attention-grabbing issues. You could have “Beeple” who had by no means offered something over $100. In March 2020, his first work, his first NFT, The First 5,000 Days, offered for an astounding $69 million. A variety of curiosity there and within the market itself. It positively drove some worth for him. The worldwide marketplace for NFTs is at present about 22 billion, however it’s quickly rising. There are new NFT marketplaces being launched virtually day by day. You’ve bought celebrities and types which might be all becoming a member of in now. One of many newest NFTs that’s being talked about is you will have Gucci and different manufacturers which might be promoting digital variations of a handbag, as an example, to be used inside the metaverse, within the digital world, so you should purchase a Gucci bag, and a few of these Gucci baggage are promoting for greater than the bodily counterparts in the actual world, which is totally insane. So that you personal a replica of the digital model of it, and it’s being offered for greater than precise bodily gadgets.

Stablecoins, we talked about {that a} good bit. Why do you need to perceive them? In order that they’re digital currencies backed by some kind of asset, and that’s sometimes a bodily asset like gold or silver, or fiat foreign money, the US greenback, or the euro, or the pound, the sterling. They’re a stablecoin, they’re backed, and so they’re pegged to these currencies. In order that’s the place issues begin to get attention-grabbing. We are able to speak about Terra that was achieved within the… it was a US dollar-based stablecoin. The market collapsed within the sell-off final week on Could 9, and so a Terra that was supposedly pegged to a greenback, so its worth ought to at all times be $1, is now price roughly 10 cents, and it has been de-pegged from the US greenback since Could 9, because the market tanked that day, and it has but to get better and is prone to by no means get better, however actually necessary to grasp how that occurs and the place that comes from. So principally, you will have a cryptocurrency that’s backed by some kind of asset, and so they have a promise to pay or preserve sufficient property to maintain the worth of that foreign money. And might be very attention-grabbing stuff.

Sensible contracts, we went via this bit already. Ethereum is among the platforms that loads of good contracts are achieved on. A variety of the good contracts are being utilized by numerous corporations. Starbucks is utilizing good contracts to have interaction and transact with their espresso growers and make sure that they’re utilizing acceptable practices, assembly the phrases of their contracts and their agreements, in order that the these good contracts are being executed to buy, management the value, and transact the espresso purchases, as an example.

So, why do we have to get into investigations? Why are we right here as we speak? So, as we stated, there was loads of felony exercise early on in cryptocurrencies. That has considerably diminished, however there’s nonetheless loads of felony exercise there, however past that, you will have loads of legitimate enterprise causes now. So you will have organizations which might be using these cryptocurrencies for reliable functions, and so when reliable functions come, lawsuits begin getting tied in, incidents happen the place an organization’s being acquired or an insolvency, and the way do you perceive what crypto property that entity owns? How do you perceive the place they’re, what’s occurred to them? The record goes on and on, however there’s an enormous want to actually perceive what transaction issues happen. Insurance coverage claims, “Hey, my paper wallets bought stolen”, cyber losses; ransomware occasions the place organizations pay ransomware in cryptocurrencies; the valuations of damages, if somebody stole cryptocurrencies from you, how do you determine what that cryptocurrency’s price? Is it price what it was the day it was stolen?

Once more, as you possibly can see, once we talked about it, cryptocurrencies are extremely risky. They go up and down typically giant percentages in a day, and so, how do you consider these damages? Is it the damages primarily based on as we speak’s worth, the damages primarily based on the day that these currencies have been stolen? Can any of it’s recovered? How do you work that out? Fraud and corruption exercise? One of many case research that I speak about continuously concerned a merger and acquisition situation the place the corporate had acquired cryptocurrency – that the corporate that was acquired had acquired cryptocurrencies as a hedge or as safety for the eventuality of a ransomware occasion, and they also had this nest egg of cryptocurrencies sitting on the books, so to talk, within the occasion an occasion occurred, then they bought acquired, so the brand new firm acquired them. The brand new firm didn’t perceive that that they had these cryptocurrencies and actually had no consciousness of it, and as that transaction occurred, shortly after the acquisition, the brand new firm, the fuller entity, did get ransomwared. So then they’re sitting in a board assembly and, “Hey, I believe Firm X had acquired some cryptocurrency as a hedge to have the ability to pay for the ransom”, the board had determined they wanted to pay the ransom as a result of they couldn’t afford the downtime and numerous different points, and determined to go determine the place that cryptocurrency was, and so they couldn’t discover it. No one had any data of it. They couldn’t discover the place it was. We needed to do an investigation and we have been in a position to decide that the previous CFO of the group determined that no one knew about that cryptocurrency so he would simply transfer it to a few of his personal wallets, and we have been in a position to hint that, monitor that, unwind that, and efficiently get better the big majority of that cryptocurrency for the group.

There are industrial instruments. There are additionally public, free instruments. You could have the industrial instruments CipherTrace and Chainalysis and Maltego that do loads of this. They’ve loads of nice options that show you how to unwind or perceive most likely probably the most crucial issues in relation to a cryptocurrency investigation, which is attribution, who owns that individual hash key, that individual pockets, who’s the proprietor or person of that pockets, and so these softwares do preserve some attribution as entities get discovered, in addition to have instruments to will let you construct your personal entities as you perceive what entities personal sure cash, and begin constructing an attribution database, which might be actually necessary in your investigations.

They do a bunch of different issues as nicely, like present danger rankings, how a lot exercise has a selected pockets had at nighttime market, or how a lot exercise of pushing foreign money via spinners or mixers, and that are instruments to obfuscate or launder the cash and stop folks from with the ability to determine the place the foreign money went or how a lot foreign money there was et cetera.

So, these instruments might be extraordinarily helpful and useful in that regard. However it may be achieved with Blockchain.com Explorer that does Bitcoin. You possibly can go and lookup transactions instantly on these platforms. You are able to do the analysis. You possibly can determine – you possibly can observe the path of a transaction, nevertheless it’s guide whereas you will have some extra automation within the industrial instruments.

So, what types of issues do it is advisable perceive for those who’re going to get into investigating cryptocurrencies? That you must perceive pockets sorts, a chilly pockets, a scorching pockets, software program, {hardware} wallets, paper wallets, getting a legitimate understanding of what the wallets are, what you are able to do with a pockets. The addresses, the general public tackle versus the personal keys. So, sometimes for the proprietor of a pockets, you will have your public tackle, that’s the tackle the place folks can ship foreign money to, or you possibly can spend your foreign money. And you need to authenticate together with your personal key. Your secret’s what unlocks it. It says, “Hey, I personal this”. And cryptocurrency may be very very like fiat foreign money in that method. When you’ve got it in your hand and also you management it, you possibly can spend it. And so, within the cryptocurrency world, meaning if I’ve the general public tackle and the personal key, I can spend that foreign money, I can do no matter I would like with that foreign money, I can switch it. And that’s the place loads of danger comes into play.

Now, you need to begin stepping into an trade. Alternate transactions, attention-grabbing issues there. Within the exchanges, in the event that they’re US-based, they observe the KYC banking guidelines. And so, they need to know your buyer, they’ve bought to have that attribution constructed out for that individual tackle that will get created on an trade.

Then you will have the funding platforms the place you don’t truly personal the asset. So, for those who exit on Robinhood as we speak, and you purchase Bitcoin you don’t truly personal the Bitcoin, you personal an asset registered with Robinhood that’s tied to that Bitcoin.

Now, Robinhood, specifically, is launching its personal wallets, and so they’re going to begin supplying you with the power to personal your precise cryptocurrency and be capable of transact in it and switch it. They’re launching their very own pockets. However in as we speak’s market with Robinhood, for those who have been to go have a look at the general public ledger whenever you made a purchase order of Bitcoin, you gained’t see your transaction there as a result of Robinhood owns a big portfolio of cryptocurrency and so they simply transfer round task as to who owns it and purchase extra foreign money in the event that they want. However it’s achieved with a shadow ledger that claims, “OK, so we’re going to assign X {dollars} of X factors of Bitcoin to this person”. And so, that ledger simply tracks what your portion of possession of that individual asset is.

Then you can begin speaking about privateness cash. Privateness cash, like DOGE and monero the place they’re a lot tougher to unwind, they’re a lot nearer to an nameless foreign money as a result of they do issues to obfuscate the possession, they do issues to create new addresses for every transaction. When the transactions get put into the blocks, they seed it with different transactions. They do issues to assist actually obfuscate and preserve the power of monitoring down that cryptocurrency – to make it tougher primarily.

After which the very last thing, simply extra of an consciousness and understanding is mining. What’s mining? Why is mining a time period associated to cryptocurrencies? So, mining is the method of validating a block inside the Blockchain and creating the brand new foreign money. So, Bitcoin, each time you mine a block, there’s a fee of cryptocurrency to the profitable miner of that block. Now, the profitable mining is the method of working the mathematical equations and doing the hashing to find out what the hashes that solves – what’s the hash for a selected block. So, as you undergo on a brand new block, you get all the data – they get all of the details about the transactions contained in that block which were verified and are in that block. After which you need to clear up for the hash of that block. And that’s a mathematical system that will get scaled. Sometimes, it simply will get tougher and tougher as {hardware} developments happen and as software program developments happen, nevertheless it may truly simplify it as nicely as a result of it’s sustaining the method to make sure that it takes 10 minutes to mine a block within the Bitcoin world. So, that course of is actually making an attempt to make sure that it takes 10 minutes to mine every block. And that creates the brand new section of Bitcoin that will get put into {the marketplace} with every block that’s mined. And that will get halved at common intervals till there can be no extra Bitcoin to be added to the block, and there’ll be 21 million Bitcoin on the block. After which at that time, it’ll simply be motion of the Bitcoin, after which the transactional charges associated to that Bitcoin. That will be the one fee.

So, actually necessary to grasp in an investigation context, you’ve bought to exit and also you’ve bought to do forensics. You’ve bought to go have a look at the computer systems. You’ve bought to find out, “Hey, are there cryptocurrencies concerned on this specific asset?” As I stated, typically, you’re going to be doing an investigation and know that there’s cryptocurrencies concerned there. It’s possible you’ll even know some pockets addresses. You will have already gone to Blockchain.com Explorer and traced a few of these transactions, after which found out some new pockets addresses perhaps. And it is advisable go discover them on the gadgets that you simply’ve accessed. That’s the place these regexes come into play. And these are the fundamental regexes that may show you how to discover any Bitcoin, Ethereum, monero, or sprint. And there’s a complete library of those. You possibly can construct – the hashes do have a selected sample, sometimes. So, you possibly can construct and develop these for nearly any cryptocurrency that you really want. Actually, a really useful software.

However you do have to grasp, doing that forensic investigation continues to be the most effective and most tried and true method of starting an investigation as a result of it’s possible you’ll or could not know that cryptocurrencies are concerned in a selected group or a selected matter as you’re beginning to do the investigation. It’s an excellent follow in as we speak’s day and age to begin on the lookout for these cryptocurrency signatures, making an attempt to find out are there wallets put in? Have they got a {hardware} pockets or software program pockets that has been accessed? Or an internet pockets that’s been accessed by a selected endpoint, whether or not it’s a cell machine or a pc. Understanding the presence of these cryptocurrency instruments is actually a sign that you could be need to begin investigating it and figuring it out.

That is the place issues begin to get much more difficult as a result of, once more, you do need to exit and begin monitoring these transactions. One of many investigations we did, we needed to monitor the transactions, over 700 transactions deep. When you’re utilizing these free instruments, that may be fairly time-consuming, going single transaction by single transaction and dealing down a tree versus utilizing a few of the industrial instruments. However the industrial instruments are very, very expensive. And every thing that they do might be achieved by the free instruments. It’s only a extra guide course of, excluding the industrial instruments do present rankings. Once more, they’ve like a rating. Nearly consider it like a – you possibly can consider it like a credit score rating. And so, a selected pockets can have a credit score rating that claims, “Hey, that is larger danger, it’s been concerned in loads of darkish internet transactions, or it’s been concerned with different wallets of recognized nefarious actors” as a result of they’ve that attribution constructed out. And so, due to this fact, it has a better danger rating that claims, “Hey this can be a far more dangerous factor”.

From there, I’m going to begin tackling a few of the questions which have are available as we speak. Once more, your finest strategy for any cryptocurrency investigation is actually delving into the forensics first. After which you probably have a big quantity of transactions or a big quantity of IDs and stuff, I actually suggest having an expert that’s bought vital expertise coping with cryptocurrency investigations, as a result of they are often difficult. They are often fairly difficult, particularly as you begin having cross-Blockchain transactions the place individuals are going via an trade. So, they’ve Bitcoin, and so they’re going via an trade and so they’re shopping for Ethereum or they’re shopping for monero or different cryptocurrencies that may make issues extraordinarily extra difficult to observe and monitor.

So, we have now our first query that was requested is, “Utilizing Blockchains to trace real-world property like eggs, does this logistically work? How do I cease one egg being swapped for one more egg? Do you want some type of tattoo or product like a QR code linking to the NFT or is there one other method?”

So, they do have barcodes like on the packaging, and typically even inside the precise objects the place the logistics chains are utilizing it. It’s extraordinarily attention-grabbing, the place they’ll truly observe an egg from the hen home all the way in which to the grocery retailer till the purpose of checkout when any individual truly purchases that individual package deal of eggs.

And so, then that individual goes house and so they get salmonella from these specific eggs, they’ll simply backtrack on to what vans it was on. A few of them are getting much more refined the place that Blockchain, that logistics Blockchain is definitely monitoring the temperature of the truck. It’s getting recorded inputs from the temperature of the truck to know if there was a temperature variation inside the truck that was transport them from the producer location to the distributor location, or from the distributor location to the precise retailer.

So, there are loads of attention-grabbing controls round there. There are loads of issues being achieved with RFID chips linking into these logistics Blockchains. So, they’re getting automated inputs from these RFID chips. There’s loads of actually attention-grabbing actions and issues occurring round it. However sure – to allow them to truly try this monitoring. It’s achieved via barcode/QR code kind data on these gadgets that enables them to try this monitoring.

So, the subsequent query is said to any individual simply stating they didn’t know that they didn’t truly personal the Bitcoin in Robinhood.

And so, that’s right. So, within the Bitcoin public ledger, Robinhood truly owns these Bitcoins at present. Once more, that’s altering with Bitcoin, and a few of the different platforms. However in Robinhood, they’ve an inside ledger that claims, “Hey, we personal 500 Bitcoin, as an example, and that 500 Bitcoin is distributed throughout these folks, that every individual owns a little bit of it”. And so, they’ve their very own inside ledger that tracks that possession versus being out on the precise public ledger.

That public ledger solely says, “Hey, Robinhood has all of those cash”. So, then whenever you’re speaking about doing investigations, you do have to really exit and subpoena Robinhood and say, “Hey…” if the corporate owned a Bitcoin via Robinhood, you would need to truly subpoena the data from Robinhood versus wanting on the Blockchain itself. And that’s only a easy finite instance, however there’s loads of various things that need to occur round that and it may be very attention-grabbing.

So, then we have now – the subsequent query is, “Is possession of Bitcoin at all times public? Is it potential to understand how a lot Bitcoin is in chilly storage at any time?”

Fascinating query. Sophisticated reply. So, the possession of the Bitcoin is public. It’s a public ledger. Each motion – each creation of Bitcoin, after which each motion of that Bitcoin from that creation is tracked in that public ledger. Once more, it’s tracked by these public addresses, by your pockets tackle. And so, these addresses are public and so they’re there.

Now, can I inform what’s in chilly storage? You possibly can’t as a result of it – all is that that pockets exists, that tackle, that public tackle exists. What kind of tackle it’s, is it a chilly storage pockets the place they’re simply printing it out, placing it on paper? There’s no solution to monitor or know that.

Usually, they are saying that not less than 25% of Bitcoin is useless foreign money, foreign money that folks not have entry to. That foreign money can not be accessed, as a result of the folks don’t have the personal keys to entry it, or they transferred it to an invalid tackle, and in order that invalid tackle has no – there is no such thing as a proprietor of it. So, there’s some attention-grabbing issues that happen round that.

Now, for those who begin speaking about monero and privateness cash, once more, nonetheless a public ledger that may be absolutely traced, to the extent that that individual tackle has entry to the coin. The challenges are actually that loads of these privateness cash, they’re taking your $10 transaction, as an example, breaking it up into 5 $2 transactions, or extra sometimes, a $1, a $3, a $2, and a $1.50, and a $1.50. And all these transactions are being mixed to make your transaction. And so, they’re breaking it up into these a number of transactions via automation. And it turns into very exhausting to observe and hint that foreign money due to the way in which they perform. However loads of exercise round that, however it’s nonetheless a public ledger. And you’ll nonetheless have a look at that public ledger, and we’re nonetheless in a position to construct some stage of attribution on these ledgers.

So, subsequent query. “Simply to be clear, can the forensic investigation uncover who the precise particular person is within the management of the pockets i.e., to subject authorized proceedings towards a selected individual?”

Nice query. It’s potential. It’s not essentially constructed into the Blockchains themselves. However once more, via the event of attribution, via the event of the forensics investigation, you seize an individual’s laptop, you discover the precise wallets they’ve, after getting these addresses, perhaps you establish they got here via an trade like Coinbase right here within the US, and so then you possibly can then flip round and subpoena Coinbase. You possibly can subject orders to have that foreign money frozen. There are loads of prospects.

How that every one will get interpreted within the authorized system continues to be type of younger. There’s not loads of case precedent. However there may be loads of exercise there. There are loads of issues that you are able to do via… when any individual owns that foreign money via an trade the place they do have KYC necessities, you will get loads of that data, and you may proceed with that in a authorized court docket.

Now, is that going to say that you simply’re going to achieve success with that on a regular basis or each time? Completely not. It’s a matter of determining, are they utilizing an trade? Is their pockets primarily based via an trade? Or are they simply utilizing a {hardware} pockets the place they’ve direct management and entry to their foreign money? Or in different circumstances, you will have the Robinhood the place you don’t truly personal the foreign money. A lot tougher to perpetrate fraud with the foreign money concerned within the platforms like Robinhood. That’s coming as a result of they’re launching their very own {hardware} wallets, their very own software program pockets the place folks can have entry to their foreign money and be capable of truly transact with the foreign money that they’ve invested in via that platform. So, loads of prospects there that may be taken benefit of.

However the parting thought right here is it’s refined, it’s difficult. They don’t seem to be easy investigations. Sometimes, though there’s a public ledger, there’s loads of work to be achieved to unwind them, examine them, monitor it again, construct attribution to who’re the people concerned in these specific transactions and objects.

Your finest methodology of unwinding most cryptocurrency issues begins with forensic course of. Amassing the machine. Amassing the cellular phone. When you’re particularly doing a crypto investigation and have malfeasance with the cryptocurrency, getting that machine, that cell machine in an unlocked state the place you may get entry to the pockets and be capable of decide the precise pockets addresses and stuff might be extraordinarily useful.

Once more, a few of that data might be gained via the forensic course of, doing the forensic photos of it, after which trying to find the addresses and figuring out the cryptocurrency addresses. However your mileage could differ relying on the sophistication of the person, the actual sorts of transaction and actions that they’re doing.

All that being stated, I believe we’re nearly on the high of the hour. I’ll ask if there are any final questions earlier than we transfer on.

Appears to be like like we’re good. So, I need to thank all of you who took the day out of their schedules to take part in as we speak’s webcast. We all know how invaluable your time is and admire you sharing it with us. We additionally hope you will have the chance to attend our subsequent month-to-month webcast at present scheduled for June 22^nd, 2022. Essential subject for this upcoming webcast can be Information Safety and Privateness with Cross-Border Transfers. You could find data on this forthcoming webcast in addition to on-demand variations of previous webcasts on HaystackID.com.

Thanks for attending, and we hope you will have an excellent day.

If anybody does have any questions, please be at liberty to succeed in out. We’re completely satisfied to reply the questions or have interaction with you, present no matter data we will. It is a subject that’s close to and pricey to my coronary heart and I’d like to dig in and speak about it. So, please be at liberty to succeed in out.

This concludes as we speak’s webcast. I hope you will have a beautiful day.

Supply hyperlink