Category Archives: Blockchain Technology

More on Blockchain for Supply Chains

I have written about the use of blockchain technology for provenance and supply chains. This is, indeed, a reasonable use case for blockchain technology, if not as compelling as some may think.

But in cryptoland, even the most reasonable ideas can inspire gob-smacking nonsense.

Case in point: Pindar Wong writes at Coindesk about “Blockchain’s Killer App? Making Trade Wars Obsolete” [1].  Huh, what?

This is the familiar supply chain use case.  But what does this have to do with trade wars?

Basically, I think there is a dramatic misunderstanding of what the term “Trade War” means. It means national policies that inhibit trade, especially in physical goods.  It has nothing at all to do with the technical operation of markets.

Wong wants “trade warriors” to use blockchain technology “to reduce trade friction and improve cross-border relations”.  But these frictions and relations are fundamentally political, not technical or economic.  And, tellingly, this article is in the context of strategists in Hong Kong exploring “how to fully digitize trade among the 65-plus countries involved in China’s ‘Belt and Road Initiative’.”  The B&RI is the very model of twenty first century trade war, not to mention neo-colonialism.  (I understand why HK is anxious to find a pivotal role in this initiative.)

Anyway, what is Wong actually talking about?  It’s pretty confusing.

One thing he is talking about is simplifying and automating supply chains. This is a familiar use case, though it is usually supposed to assure the provenance of goods. In this permutation, blockchains actually help trade wars, because smuggling is suppressed.

The ”trustless” blockchain requires some form of trust.  In this case, Wong describes model systems deployed in China.  Characterized as “open, bottom-up, opt-in”, they are actually Chinese government approved standards. Naturally the HK group propose extending these to the B&RI.  “Trust us, we’re from Hong Kong.”

Another innovation, indeed the biggest innovation he talks about is moving supply to demand, i.e., shipping raw materials and IP to the consumer, and manufacturing locally, on-demand.  A blockchain would be one way to keep track of the IP and return royalties and so on.  Basically, when I buy a Samsung mobile phone, it is fabricated in a local factory, and part of the sale gets credited back to Samsung via the blockchain.

This is a highly imaginative scenario, but there are a whole lot of questions. Why would an enterprise want to operate this way?  Why would a government let this be done this way?  I don’t really know.

Wong makes a good point that current WTO rules would have trouble dealing with this approach, at least initially.  But I don’t see any overwhelming difficulties.

More to the point, a blockchain is a pretty minor part of the overall picture. This entire scenario depends on some kind of international legal framework, which is the entire point of the WTO. The WTO of some successor will define the legal framework that the blockchain implements.

The whole idea of a trade war is that nation states have their own policies, which discriminate in favor of local interests. Nothing in Wong’s scenario changes this political picture. Replacing the WTO with an opaque Chinese hegemony such as the B&RI, is scarcely a realistic solution, blockchain or no blockchain.

Taking Wong’s overall point, it is interesting to think it is likely that using a blockchain does not make trade warriors “powerless”. In fact, to the degree that blockchains are transparent and trustworthy, they will make it far easier to implement discriminatory trade policies.  In short, nations will be able to use blockchain based provenance to implement “smart trade wars”.

Blockchains will actually empower a new breed of highly efficient trade warriors.

  1. Pindar Wong (2018) Blockchain’s Killer App? Making Trade Wars Obsolete. Coindesk,


Cryptocurrency Thursday

Yet Another “Blockchain for Provenance” System

In the short decade since the Nakamoto paper [5] cryptocurrency enthusiasts have put forward a variety of use cases for blockchains and cryptocurrencies.  It is notable that most of the exciting use cases aren’t actually in the canonical paper itself, and most of them have yet to prove out in the real world. (And the most successful use cases are the ones not put forward as good examples–extortion, dark commerce, money laundering, etc.)

One of the perennial favorite use cases is Provenance:  tracing goods from source to consumer.  For companies, this is “logistics” or “supply chain”, for ordinary consumer this is about quality control.  This the same problem that scientists (and anyone) faces with data quality—where did this data come from, and what has been done to it?  In the latter form, this is called “provenance” and we were struggling with solutions a long time ago (before Nakamoto, Ante Bitcoin) [3].

This month yet another company touted this use case at the Ethereal Summit in NYC [1] .  The presentation by Viant traced a Tuna from Fiji all the way to the conference sushi plates.  Tagged with RFID, records of the sales and transportation of the fish are on the Ethereum blockchain, so everyone can check that the fish they are eating is “moral”. (How it can be “moral” to harvest increasingly rare wild animals and fly them half way around the world beats me.)

This is the yuppie version of Provenance (making sure that my luxury goods are authentic and “moral”), but the technology is the same as any supply chain.

Looking at Viant’s web site, they seem to have a reasonable grasp on the problem.  They have a logical model of provenance that includes “four pivotal aspects of an asset: Who, What, When, and Where”.  The model includes “Actors” and actions, and “Roles” that define permissions.  IMO, this is the right stuff (See [3]) .

They also have RFIDs to tag and geo track, and apps to implement operations (e.g., sales to distributors).  These are certainly the right technology, and they are lucky to have ubiquitous mobile devices and “the cloud” to implement these concepts we pioneered in the late twentieth [4].

So what does blockchain technology bring to the table?

First of all, it is used as a shared database, essentially a bulletin board.  The cryptocraphically signed and immutable records provide an unfudgeable trace of the object’s life.  And the blockchain is available to anyone, so ordinary consumers can get the authenticated traces of the object. (More likely, any third party can create apps that deliver the information to consumers – no normal person monkeys around with the blockchain itself.)

The second feature is the use of Ethereum “smart contracts” to process the transactions. This technology lets the company post standard scripts for, say, transfer of an asset. The script is available anywhere, and executes the same way for everyone.

These features are, of course, available from conventional databases and file systems as well.  But the Ethereum blockchain is available to everyone, and is maintained by the Ethereum network rather than dedicated servers.  This is the third advantage of the blockchain—deployment (no need for server farms), availability (no server access required) and maybe cost (TBD).

It is interesting to point out one feature of Nakamotoan blockchains that is not really used here:  trustlessness.  While the system boasts that it is decentralized and therefore “trustless”, this is misleading.

Provenance is literally all about trust. The point of tracing the object is to assure that it is what it is supposed to be, and that requires knowing who did what, etc.  Furthermore, it needs to establish a trusted trace, with each actor and action attested by a trusted source.

Using a blockchain, or, indeed, any digital system, is not sufficient to achieve this.  The company will tell you this.  The RFID can be removed or destroyed.  Actors can make mistakes or be suborned.  On the blockchain, false records look the same as correct records (and can never be removed).  Trust involve real world protocols, including authentication of identities.

In this area, the blockchain may actually be a liability. The “trustless” data cannot be trusted.  Part of what the company is doing with the “smart contracts” is overlaying a network of trusted records on the trustless blockchain.

There are other potential draw backs of using a blockchain in this use case.

Let’s talk about privacy.  Think about it. It’s not clear just how “moral” it is for anyone in the world to know where every bit of sushi came from and ended up.  Individual fishing captains don’t necessarily want any kid on the Internet snooping on their business, not to mention rival captains and possible criminal gangs.  And the caterer doesn’t necessarily want random people, competitors, or criminals tracking their business. And so on.

Second, there is no way to correct mistakes. Even if the software is always correct (which is unlikely), people make mistakes and are dishonest. If bad information gets onto the blockchain, it can’t be removed or corrected.

So, imagine that a bad actor somehow gets a bunch of bad fish entered as OK fish.  The blockchain shows that this is “moral tuna”, even though it isn’t.  Even if we find out about the fraud, the blockchain could still have the evil records forever.

One last point.  Viant is one of I don’t know how many companies trying to implement this kind of Provenance.  With all these variations out there, it will be extremely important to have interoperability standards, so you can combine tracking from a number of sources.  (See the W3C PROV working group.)

Using standards would seem to be both obvious and compatible with the philosophy of decentralization.  After all, if the only way to do tracking is to use Viant’s proprietary data model and software, then a key advantage of the decentralized blockchain is out the window.

Overall, Viant and others are doing the right thing.  It remains to be see whether using a blockchain will be a net win or not.  And all of them should implement the standards we started developing back at the turn of the century.

  1. Alyssa Hertig (2018) Moral Food: A Fish’s Trek From ‘Bait to Plate’ on the Ethereum Blockchain. Coindesk,
  2. Robert E. McGrath, Semantic Infrastructure for a Ubiquitous Computing Environment, in Computer Science. 2005, University of Illinois, Urbana-Champaign: Urbana.
  3. Robert E. McGrath and Joe Futrelle, Reasoning about Provenance with OWL and SWRL, in AAAI 2008 Spring Symposium “AI Meets Business Rules and Process Management”. 2008: Palo Alto.
  4. Robert E. McGrath, Anand Ranganathan, Roy H. Campbell, and M. Dennis Mickunas. Incorporating “Semantic Discovery” into Ubiquitous Computing Environments. In Ubisys 2003, 2003.
  5. Satoshi Nakamoto, Bitcoin: A Peer-to-Peer Electronic Cash System. 2009.


Cryptocurrency Thursday

Real Quantum Blockchain

More WTF-Science!

Nakamotoan blockchains have a certain mystical quality about them, but they are surely built on Von Neuman or at least Turing machines, no?  Plain old physics.  Time runs one-way. No spooky action at a distance.

At base, The general goal of Nakamoto is to create immutable data structures, permanent across time.  No action in the future can ever change the results of an action. Another way of saying that is that the data today is necessarily tied to the data at the original moment of creation.

This is, in a way, a form of time travel, isn’t it?  When I access the data, I want to access it at the exact moment of creation (or at least, the moment when it was “preserved” or “frozen” or whatever).

From this perspective, cryptographic schemes are mathematically simulating this time travel, by attempting to tunnel through the future in a sealed time corridor, i.e., the cryptographically signed data.  All the rigmarole of Nakamotoan signatures and “consensus” is a mathematical dance designed to make an (almost) unbreakable virtual link between the data and all future incarnations of it.

This dance is all necessary because we can’t have real time travel.

Or can we.

This month, researchers in New Zeeland report a conceptual design for a blockchain using quantum time-entanglement [2].

“Perhaps more shockingly, our encoding procedure can be interpreted as non-classically influencing the past; hence this decentralized quantum blockchain can be viewed as a quantum networked time machine.“ ([2], p. 1)

A time machine?!?   Now this is what we were thinking of when we were first imagining the blockchain!

The concept involves “entanglement in time between photons that do not simultaneously coexist”, which is even spookier action at a distance.

The details are beyond my puny understanding of quantum physics, but the paper describes a system that encodes data in a way that is not just difficult to tamper with, but impossible to tamper with.  Furthermore, it isn’t even possible to try to tamper with any blocks except the latest, because the photons no longer exist!

“in our quantum blockchain, we can interpret our encoding procedure as linking the current records in a block, not to a record of the past, but linking it to the actual record in the past, which does not exist anymore.”

Or, as they say, “…measuring the last photon affects the physical description of the first photon in the past, before it has even been measured. Thus, the “spooky action” is steering the system’s past” (quoting reference 22)

Assuming this concept is valid, it not only solves the challenge that QC poses for conventional blockchains, it is actually a direct implementation of the distributed “time machine” that classical blockchains only simulate.

Very cool.

And very, very spooky.

  1. Charles Q. Choi, Quantum Blockchains Could Act Like Time Machines, in IEEE Spectru – Tech Talk. 2018.
  2. Del Rajan and Matt Visser, Quantum Blockchain using entanglement in time. arxive arXiv:1804.05979, 2018.



Cryptocurrency Thursday

Ethereum Contracts Are Buggy!

CryptoTulip of the Year for 2017, Ethereum is still thrashing around.  It seems like there is another great idea for totally remaking the system every week or so.  Indeed, sometimes there are so many ideas flying around it is hard to see how it can all stick together in a single system.

Nevertheless, confidence and enthusiasm remain high, even though they still haven’t figured out how to deal with last year’s big “oopsie” that left millions of dollars worth of Ethereum unreachable.

Personally, I don’t really think that a gang of unelected philosopher kings is really going to solve the problem.  (Plato advocated this back in the day, but it has never worked as advertised.  “Wise dictators” are usually just dictators.)


Meanwhile, out in the real world….

Several exchanges reportedly have “paused” Ethererum contracts in response to reports of bugs. In fact, they basically stopped support for the problematic ERC-20 protocol completely.

Wow!  Crypto exchanges acting almost like real, grown up businesses!  What a concept!

Of course, I have to wonder, “why now?”

The particular bugs in question are just the latest of a long line of such bugs. So why were they allowing ERC-20 in the first place?

All snarking aside, this development actually raises some very important points.

First of all, the bugs in question aren’t necessarily a flaw in the protocol, they are mainly just bad programs.  There will always be bad programs.  There is no such thing as a bug free programming language, and there can never be one.  If using Ethereum contracts depends on all contracts being correct, then it will never work, it can never work. Never.

Second, despite the decentralized protocol, and the fact that “no one” is in charge, in the real world the end-to-end system does have people in charge, and can respond to problems. In this case, the operators of the exchanges have intervened to protect their customers and their business.

Unfortunately for some users, the response is a draconian ban on the whole ERC-20 protocol. In this case, I don’t see much alternative.  It’s impossible to really tell if some ERC-20 contract is a problem or not.

Third, note that just because the blockchain is decentralized and immutable doesn’t mean that everyone has to agree on what to do with it.  The ERC-20 protocol and code is still there, indeed, it will be there until the heat death of the universe. But a lot of people can’t use it because their exchange does not honor the protocol.  Ironically, the “decentralization” that assures there is no one who can “censor” the blockchain, also assures that there is no one who can “censor the censors” of the blockchain.

This kind of behavior could be problematic in the long run. If part of the network accepts some contracts and not others, then how can anyone really use the system.  This is sort of a really soft ‘fork’ that effectively splits the network Even though there is a single technical system, it is used differently by different sub networks.

Ethereum is certainly pushing hard to repeat the CryptoTulip of the Year in 2018!

  1. Nikhilesh De (2018) Crypto Exchanges Pause Services Over Contract Bugs. Coindesk,
  2. Rachel Rose O’Leary (2018) Ethereum Infighting Spurs Blockchain Split Concerns. Coindesk,
  3. Rachel Rose O’Leary (2018) Ethereum Is Throwing Out the Crypto Governance Playbook. Coindesk,
  4. Rachel Rose O’Leary (2018) Ethereum’s Dialogue Divide Is Slowing Answers to Its Toughest Questions. Coindesk,


Cryptocurrency Thursday

Ethereum in Space!

Cryptocurrencies have attracted far thinking people, including utopians ideas of “disrupting” money.

But the farthest thinking must involve getting off the planet or even out of the solar system altogether.

NASA is tasked with thinking about and developing concepts for space exploration, and they are certainly aware of the need for decentralized protocols.  NASA missions, by definition, go far beyond Earthbound infrastructure, not to mention beyond the possibility of direct human control.  (Even human spacefarers can only control things within a tiny sphere.)

Many research teams are investigating autonomous systems, which can operate without direct programming from Earth.  This year, Professor Jin Wei Kocsis  of the U. of Akron is looking at Ethereum “smart contracts” as a model for part of the system [2].

[T]his project intends to develop a resilient networking and computing paradigm (RNCP) that consists of two essential parts: (1) a secure and decentralized computing infrastructure and (2) a data-driven cognitive networking management architecture.

Ethereum is a decentralized more-or-less secure infrastructure, with both storage and computation.    Ethereum-style executable contracts are decentralized and Turing complete.  One could imagine Ethereum nodes on a constellation of loosely cooperating spacecraft, and one can imagine Ethereum contracts executing in such a network.


As Samburaj Das remarks, “Details remain slim” [1].

But we can speculate.


The overall goal is “autonomous” spacefaring, i.e., pushing as much sensing and decision-making to the spacecraft.

I hope to develop technology that can recognize environmental threats and avoid them, as well as complete a number of tasks automatically,”  Professor Jin Wei Kocsis quoted in [1]

Reading between the lines of the abstract, it seems likely that the system is expected to incorporate data from many sources, e.g., from planetside radar and swarms of spacecraft.  In such a scenario, the spacecraft needs to get data from many sources and automatically combine and filter it to keep a current assessment of hazards and possible responses.  It is also possible that the assessments (i.e., the computations) might be shared, so the whole system can learn and refine awareness of the whole area.

The scenario I describe is often solved using some form of shared memory, e.g., as a scratchpad or chalkboard shared among many nodes.  Clearly, a blockchain can function as such a shared memory, with the advantage of being completely distributed and robust regardless of nodes dropping out or communication problems.  Ethereum executable contracts offer the additional advantage of distributed computation, which can filter and analyze data on the blockchain.

This is surely the essence of how Ethereum will be used, presumably integrated as storage for their control algorithms.

There are other features of Ethereum that may or may not be important or even relevant for this project

It is possible that the cryptographic signatures may be useful as well.  Data on the blockchain is signed and can’t be fiddled with.  Cryptographic signatures mean enable the network to potentially detect and ignore intruders, errors, and false signals.

Speculating further, it is possible that the Nakamotoan distributed consensus mechanisms may be useful in the event that not all nodes are known or trusted.  The blockchain is a ledger designed to be trustworthy without relying on specific nodes to be correct or honest.  Out in space for years with no supervision, being able to trust the data even if you can’t trust the network nodes is probably valuable.

In summary, there is certainly a case for a distributed memory, and something like Ethereum is a useful testbed for these ideas.

On the other hand, I’m not sure if the currency aspects of Ethereum will be particularly useful, or if so, how.

I wonder if the incentives for miners make sense for this use case.  Would autonomous spacecraft want to operate as miners, or would they rely on other nodes (e.g., motherships and dirtside servers)?  It seems unlikely that the energy budget of a spacecraft can afford the costs of mining.

In the case of Ethereum, there is also the question of “gas” to run contracts.  This is extremely important for the correct operation of executable contracts (among other things, it assures that a contract will not run forever).  How are autonomous spacecraft going to be provisioned with Ether to buy gas?  Surely it isn’t reasonable to upload Ethereum coins from Earth.

Perhaps they going to buy and sell data or other services with their peers?  Maybe.  But this seems kind of out of scope, and potentially a huge resource hog for a very constrained system.  (It would be bad to be churning away doing some kind of micro transactions, and not have enough CPU time to actually do the navigation, no?)

(Combining these two possibilities:  maybe the spacecraft will charge for downloads.  “You want the data I collected?  That will be 100 ETH, please.”)

I imagine that these questions are some of the things the research will investigate.

Let me be clear. I know that Ethereum is just a testbed, not proposed to actually use on a mission.

It isn’t likely (or even possible) for Ethereum to be used in real spacecraft.

But Ethereum can help identify the features for a distributed storage and computation system that could be used.

I’ll add that distributed algorithms and storage are scarcely new to NASA.  NASA has been exploring these architectures for a long, long time [4,5].  Nevertheless, it is very interesting to see how these contemporary systems might be applied to specific missions.

  1. Samburaj Das, NASA Researches Ethereum Blockchain Tech for Deep Space Exploration, in Ethereum News. 2018.
  2. Loura Hall, RNCP: A Resilient Networking and Computing Paradigm for NASA Space Exploration, in NASA -Early Career Faculty Awards. 2017.
  3. Alex Knisely, Researcher and NASA work to help spacecraft avoid floating debris, in University of Akron – News. 2018.
  4. J. Russell Carpenter, Decentralized control of satellite formations. International Journal of Robust and Nonlinear Control, 12:141-161, 2002.
  5. Wei Ren and A Randal Beard, eds. Distributed Consensus in Multi-vehicle Cooperative Control: Theory and Applications. Springer Publishing Company, Incorporated: London, 2010.


Space Saturday

Tracking Bitcoins, Mitigating Evil

Bitcoin was designed to be difficult to regulate, in the same way that gold is difficult to regulate. Possession (of a private key) is ten-tenths of the law as far as Bitcoin is concerned, and it can be very difficult to tell exactly how a particular Bitcoin came to be possessed by a particular individual.

This relative opacity is one of the properties that makes Bitcoin and other cryptocurrencies so attractive for criminals, extortionists, tax evaders, and dark markets.

From the point of view of believing Nakamotoans,  untraceability is a feature.

From the point of view of the law and society in general,  opacity is often considered a bug. Civil society in general has little appetite for unregulated financial systems, so Bitcoin will never succeed unless it can be brought into civil society and the rule of law.

This month researchers at Cambridge University describe how an old legal principle might be applied to Nakamotoan cryptocurrency to rein in abuses and “make Bitcoin legal” [1].

The researchers point out that many Internet technologies have been put forward as “outside the law”, but this is an assertion not a fact.  The fact is that “the law” decides what the law is and how it is applied.  No one gets to simply secede from the legal system, at least not without resort to pure power politics.

“we have repeatedly seen a pattern whereby the promoter of an online platform claims that old laws will not apply.”

“The key is making online challengers obey the law – and the laws may not need to change much, or even at all.”

In the case of Bitcoin, the researchers explore how conventional financial controls, especially anti money laundering rules, could be applied to Nakamotoan cryptocurrency.  They conclude that it is surprisingly straight forward and does not require changes to the network protocols.  I.e., the legal system can adapt to cryptocurrencies as they stand now, without any cooperation or consent from programmers or users.

There is a common legal principle that one may not profit from the fruits of crime.  Similarly, you cannot receive goods from someone who does not legitimately own them.  If someone gives you a stolen coin, it must be returned to the original owner (and you may well be out of luck).  Thus, it is very important not to trade in ill-gotten goods.

It is often the case that the monetary fruits of crime are passed along mixed in with other money.  In the case of Bitcoins, this kind of mixing occurs rapidly and across the whole Internet.  This presents a dilemma for the law.  The funds are “partly” stolen, but which part can be confiscated?

The Cambridge team discusses the history of this problem.

Theft and misuse of Bitcoins are a significant issue, to the point that even most Bitcoin users are concerned.  If there is a significant risk that your assets may be stolen (or misplaced), with no possible recourse, then cryptocurrency is unattractive for many uses.

Philosophically, Nakamotoans generally do not want government guarantees (e.g., registration of ownership) or other conventional mechanisms for protecting assets.  An alternative would be for courts to enforce rules, e.g., to allow recovery of stolen or extorted Bitcoins.  But how would courts adjudicate such a case?

In the past, the general legal approach has been to consider the funds “poisoned” by the presence of illegal money.  Someone who holds the funds will have to pay a penalty proportional to the illegal funds.  This stands as a deterrent to dealing in potentially “toxic” assets.

One way to do this is to consider all the money to be N% illegitimate, i.e., to confiscate part of the value of the whole batch.  This approach can be used with Bitcoin, though it is a blunt instrument.  Anderson et al. indicate that a very large proportion of Bitcoins would be touched by such “pollution” (5% in one sample–one in every twenty!)

They propose an alternative mechanism that echoes an approach used in nineteenth century English law:  First-in-first-out.   The idea is to trace the flow of coins and to assign an order to each transaction.  The first coin taken out of an account is equated to the first coin put in, and so on.  When a stolen coin is spent, that transaction is identified and the payment is illegal.  This is a sort of “reverse lottery” – an unlucky user ends up losing.

This approach is much more precise way to identify and deter accepting ill gotten money.  The paper argues that this is quite possible with Bitcoin, using the public blockchain and crime reports.  Furthermore, the FIFO principle works even when “mixers” are used to conceal the origins of the Bitcoins.  In the end, when this legal doctrine is applied, accepting Bitcoins from a mixer risks losing the entire payment in the unpredictable event that you receive coins designated “poison”.

This approach isn’t “centralized”, and it doesn’t break Bitcoin.  It doesn’t even change Bitcoin. It just wraps Bitcoin in a legal framework.  Honest users would have a way to behave honestly (use honest exchanges), crime could be punished, and the system functions as efficiently or inefficiently as now.

“In short, we might be able to turn a rather dangerous system into a much safer one – simply by taking some information that is already public (the blockchain) and publishing it in a more accessible format (the taintchain). Is that not remarkable? “

It is difficult to overstate how important it is for Bitcoin and other cryptocurrencies to get “legal”.  Whatever the technical merits of Nakamotoan technology, it cannot succeed outside the law.

  1. Ross Anderson, Ilia Shumailov, and Mansoor Ahmed, Making Bitcoin Legal. Cambirdge University, Cambirdge, 2018.
  2. Andy Greenberg (2018) A 200-Year-Old Idea Offers a New Way to Trace Stolen Bitcoins.,



Cryptocurrency Thursday

Detailed Study of Ransomware

It is widely known that Bitcoin has become a favorite tool for ransomware. It is easy enough for victims to deliver, can be swiftly “disappeared”, and is readily convertible into other currencies.

Everyone knows what ransomware looks like to the victim.  But what happens to the ransom after it is paid?  And how much extortion is going on?

This spring researchers from several US Universities and Google report a study tracing ransomware payments through the Bitcoin blockchain [1].  The study examined more than 19,000 cases over a two year period, tracing the Bitcoin from acquisition (by victims) to cash out (often in the now seized BTC-E exchange).

While Bitcoin has many attractive properties for illicit commerce, it also has the interesting property that the ledger is completely public.  Ironically, this makes it possible to study illicit transactions in considerable detail, compared to other methods of extortion and covert payments.

This study used a variety of techniques to suss out the end-to-end activity of ransomware.  For the first step, known victims reveal some of the payment addresses, and sandboxed “synthetic victims” provided additional addresses.  The study also statistically clustered addresses to identify other likely but unacknowledged ransomware payments.  In addition, making micropayments by the “synthetic victims” made it possible to trace addresses that are associated with the scheme in question.

The researchers also searched for bursts of payments associated with known ransomware attacks.  In fact, they constructed a timeline of ransomware events and payments.  (This ideas is so obvious, I’m surprised there isn’t one already on the web.)  This chart makes clear that there are likely large gaps in the data.

The researchers also looked for patterns such as many identical payments to the same address which could indicate ransom payments from multiple victims.  They also identified patterns such as known ransom payments that were quickly emptied into a common address.  Other addresses that paid to that same address probably represent other victim payments.

The study also documents where victims purchased Bitcoin. In this (incomplete) dataset, over $16M was identified.  Much of the activity identified was in Korea, i.e., the victims were Korean.

The payments typically are transferred to a output address, often into a mixer that will obscure the origins and destinations of further transactions.  It is difficult to trace the cash outs in many cases, though the study showed the Bitcoins being passed on after a few days (or, in the case of WannaCry, after many weeks).  For those cases that can be identified, several major exchanges were used, presumably to exchange for other currencies (“cash out”).  BTC-E was the top choice. (BTC-E has since been seized by the FBI, presumably for its nefarious activities.)

Analysis of the behavior of the infection software documented that it takes ten minutes or less for the ransomware to encrypt the victim’s files.  This is the window in which defensive measures might be possible, if an attack is detected as it begins.

The researchers comment on some tricky ethical challenges in this work.

Some ransomware posts the payment address on a web page, and when the victim visits the page, a counter starts.  This design means that examining these URLs could potentially harm victims, e.g., by starting the count down without their knowledge.

They point out that even this incomplete analysis would enable them to disrupt or possibly take down parts of the payment infrastructure.  This might deter attacks, but it would prevent victims from regaining their files, which would be harmful.

In many ways, this study is a confirmation of what is widely believed.  I don’t think there is anything particularly surprising here, except maybe some of the details of particular ransomware.  There is some variation in the design of these programs, and some seem pretty sloppy.  That’s bad news, because they are likely to evolve to become much harder to trace or disrupt.

Overall, the amount of money involved isn’t especially large.  Millions of dollars globally, and even several million in a single place like Korea isn’t a huge deal.  Indeed, the ransoms are generally in the range of a few thousands of dollars.  This is basically in the class of a local protection racket.  (“Gimme $100 a week, or we’ll slash your tires.”)

But, like groups of local tough boys, there is probably an infinite supply of them, so the problem will not go away.

Why Bitcoin?

The paper lists features of Bitcoin that make it useful in this racket:  Bitcion is “

“decentralized, largely unregulated, and all parties in a transaction are hidden behind pseudo-anonymous identities. Moreover, all transactions are irreversible, and it is widely available for victims to purchase.”

There is one more feature of Bitcoin that is essential:  the relatively low transaction cost. Bitcoin’s transaction costs will never be as low as enthusiasts imagine, but they are as low enough to make a profit from $1,000 ransoms.

In addition, much of the ransomware technology is built from open source technology, which is cheap and ubiquitous. Besides Bitcoin, ransomware uses encryption, standard network interfaces, Web sites, and so on. This is a very successful, but scarcely innovative technology.

I’ll add one more thing.  If ransomware is a problem today for poorly maintained office software, imagine what is going to happen when it attacks the “Internet of Too Many Things”.  It won’t be your accounting database or documents, it will be your electric grid, car, or hospital equipment that is locked out.  It’s going to be really dangerous.  Doubly dangerous because IoT is generally not “owned” by the user—so who will pay the ransom, if we wanted to?

  1. Danny Yuxing Huang, Maxwell Matthaios Aliapoulios, Vector Guo Li, Luca Invernizzi, Kylie McRoberts, Elie Bursztein, Jonathan Levin, Kirill Levchenko, Alex C. Snoeren, and Damon McCoy, Tracking Ransomware End-to-end, in IEEE Symposium on Security & Privacy. 2018: San Franscisco.


Cryptocurrency Thursday