Silk Road forums
Discussion => Security => Topic started by: nameless2 on May 29, 2012, 08:20 pm
-
Consider the following:
A person sends Bitcoins from his local wallet directly to SR. All the generated addresses in your SR account are associated with your account for ever.
When SR gets raided, LEO could see all the BTC addresses for each user and search the global BTC transaction history where ALL IPs are stored. Your local IP as well.
Is this true? I think so. But why does nobody warn us?
-
good question, i've asked before why SR doesnt expire addresses and permantly 'wipe' them.. making the trail harder to follow..
-
good question, i've asked before why SR doesnt expire addresses and permantly 'wipe' them.. making the trail harder to follow..
They could do so but it wouldn't do an awful lot of good. The Bitcoin block chain contains a record of every transaction. Bitcoins must be sent from the same BTC address from which they're received so in the nature of things even if only one BTC address can be linked to a person's identity it is possible to track any coins which have been sent to and from that particular address.
As such if LEO ever did hammer down SR's doors, a single address would be enough. In addition if addresses (and their corresponding private keys) were deleted each time, if anyone sent BTC to one of your previous address you'd be unable to retrieve them.
On the plus side SR's servers are hosted anonymously and each wallet has a built in "mixer" which swaps your coins around with those of other users, reducing the likelihood of your transaction history being traced.
One point that I should clear up for the OP : the Bitcoin block chain does not store your IP address, however if you were to have Bitcoins sent to an online wallet and accessed it using your real IP address it may be possible to associate you with a particular BTC address.
Hope this clears things up.
V.
-
just send your coins to an online wallet. shortly after, go to library or other free wifi location that suits you, access your coins and send them from there, and so on (you see where this is headed).
if you are worried about data on your machine, then, encrypt it etc..
-
just send your coins to an online wallet. shortly after, go to library or other free wifi location that suits you, access your coins and send them from there, and so on (you see where this is headed).
...I'm afraid so. You should bear in mind that as coins must be sent from the same address at which they're received in the first instance, it is theoretically possible to trace transactions across the block chain over 2, 20 or even 200 wallets. You can help yourself by spreading the amounts over different wallets and most importantly by using a mixing service.
At the risk of self aggrandisement, if you buy your with BTC with cash rather than use a bank account then a BTC address cannot be linked to you nearly as easily.
I have always been of two minds about using a public WIfi spot to access sites like SR. If your connection is Torified it will be encrypted making is near impossible to monitor which specific sites you've visited though any fool will be able to see that your connection is encrypted. I would be concerned about people peering over my shoulder - of course if you have 3G tablet or phone it's possible to access the internet anonymously by using a Pay as you Go SIM chip to surf but do make sure you encrypt the device as 46&2 says.
V.
-
They could do so but it wouldn't do an awful lot of good. The Bitcoin block chain contains a record of every transaction. Bitcoins must be sent from the same BTC address from which they're received so in the nature of things even if only one BTC address can be linked to a person's identity it is possible to track any coins which have been sent to and from that particular address.
As such if LEO ever did hammer down SR's doors, a single address would be enough. In addition if addresses (and their corresponding private keys) were deleted each time, if anyone sent BTC to one of your previous address you'd be unable to retrieve them.
...
of course it contains every record, and who cares if the private key is lost?
the ability to permanently detach them from your account username would be nice. otherwise its basically a huge list of every transaction from Username to BTC address which would be make their job a whole lot easier. otherwise its just a bunch of BTC addresses that they don't know who they belong to.
as well the individual transactions (BTC/timestamps) should also expire, keep the sum total but remove the individual transactions+dates...
there is absolutely no reason to keep these things, or at least allow them to be removed at will. there is no reason to defend this, unless you for some reason have a desire to have every BTC address you've ever deposited to linked to your username..