Chainalysis CEO Denies ‘Sybil Attack’ on Bitcoin’s Network

attack-hack-hand
14 March 2015

UPDATE (14th March 16:18 GMT): Additional comment added from Chainalysis CEO Michael Grønager.


attack hack hand

Compliance startup Chainalysis was forced to defend itself today after allegations its surveillance tactics had disrupted services and threatened the privacy of bitcoin users.

The Swiss company, headed by ex-Kraken COO Michael Grønager and former Mycelium engineer Jan Møller, created over 250 ‘false’ bitcoin nodes to harvest information on the whereabouts of transactions. The firm claims these nodes have now been shut down.

Three Bitcoin Core developers, Wladimir van der Laan, Peter Todd and Gregory Maxwell, say Chainalysis’ actions amount to a so-called Sybil attack on the bitcoin network, something CEO Grønager denies.

The attack, named after dissociative identity disorder sufferer Shirley Ardell Mason, occurs when an individual creates multiple fake identities to gain influence in a peer-to-peer network.

As van der Laan told CoinDesk:

“Non-functional nodes are injected in the network, in this case to syphon off information. They claim to be full nodes, but do not store blocks nor provide them when requested. This leaves other nodes that connect to them waiting, and that can cause slowdowns.”

Grønager, by contrast, described the incident as an “unintended partial Sybil attack” as it affected relatively few and was “carefully tailored” not to cause harm to the core bitcoin network.

SPV clients affected

Grønager says his company created the fake nodes, first flagged by Bitcoin Talk user ‘Evil-Knievel’, to gather location data for a blog post about bitcoin transfers between countries.

Speaking to CoinDesk, he maintained Chainalysis had no malicious intentions to disrupt the network’s SPV (simplified payment verification) clients, the ‘lightweight’ bitcoin nodes that don’t carry a full copy of the blockchain but rather rely on other trusted nodes for accurate network data.

He added:

“To collect that kind of information [country data] with reasonable accuracy you need to listen on more than a few nodes. Apparently there is a weakness in some SPV clients so they ended up connecting only to our IPs … if this has caused problems for SPV clients we apologise and would seek to fix this as soon as possible.”

One SPV-based service that was affected by Chainalysis’ fake nodes was the decentralised bitcoin wallet Breadwallet.

As the app has no centralised server, each Breadwallet user connects to the blockchain directly. Hence, when a user’s wallet came across one of Chainalysis’ “misbehaving” nodes, it was prevented from syncing with the rest of the network.

“Since these nodes aggressively broadcast the other nodes behaving the same way, the user might get in a position where they would connect to a non-syncing node nearly every time,” Breadwallet developer Aaron Voisine explained. Unlike full nodes, which use Bitcoin Core, SPV clients often lack protective measures in node selection, such as clustering by IP address range.

He added that while he doesn’t believe the node behaviour was malicious, it was certainly “rude”.

Other wallets have been less forgiving. Mycelium – where Møller still works as a consultant – penned a lengthy Reddit post on the subject that distanced the pro-anonymity project from Møller’s new business venture.

The company has joined other node operators to block nodes in Chainalysis’ IP range from connecting with its own. Meanwhile, Breadwallet has pushed an update to avoid all nodes that display nonstandard behaviour.

Legality questioned

According to data tool BitNodes at press time, there are currently 6,489 bitcoin nodes distributed across the planet.

Unlike miners, which reward their owners with freshly-minted coins, bitcoin nodes are not financially incentivised, but are run for the health of the network itself.

The more ‘full’ nodes there are to store and relay bitcoin transactions, the fewer points of failure there are, and the more stable the network becomes.

Critics say the actions of Chainalysis threatened this stability, and could even amount to illegal activity – “exceeding unauthorised access” – under anti-hacking laws, including the US’ Computer Fraud and Abuse Act (CFAA), though this hasn’t been confirmed.

Speaking to CoinDesk, Core developer Peter Todd expressed his concerns about the legality of Sybil attacks, which he said have the potential to impact all of bitcoin’s users.

He added:

“It’d be ironic if a service ostensibly intending to help with regulatory compliance did so by violating laws against disrupting and hacking networks.”

Indeed, besides SPV clients, false nodes can make it harder for bitcoin’s approximately 6,500 publicly accessible full nodes to sync up, find blocks and transmit transaction data, though fellow developer van der Laan denied hearing any reports of this for the Chainalysis nodes.

Besides blocking the offending nodes, users on Reddit are also encouraging others to voice concerns about Chainalysis’ “malicious” use of its IP subnet on its hosting provider’s abuse page.

Chainalysis denies any malicious behaviour – “the accusations got a little out of hand,” Grønager said – and rather points to its technology being used to help law enforcement, for example in tracking and locating stolen funds.

He told CoinDesk:

“Funnily, following the Reddit post we have received a ton of emails from people with stolen bitcoins and requests for finding them – so yes, there is indeed a need [for this kind of service] and yes, we have received a lot of positive feedback from potential customers.”

Anonymity vs compliance

The crux of the debate between Chainalysis and its critics centres around bitcoin’s use: should it seek to serve financial institutions operating in heavily regulated environments, or those wishing to transact in privacy?

Online critics side with the latter, terming Chainalysis’ service “unbelievably shitty behaviour to attack the network and sell it as a service” and “akin to spying“.

Chainalysis sides with the regulators. In providing what it calls ‘automated transaction reporting’, the company says it is helping bitcoin companies conform to existing money transfer regulations, including the travel rule.

This, Grønager said, will help bitcoin businesses get bank accounts and promote the currency’s use among mainstream financial institutions.

He added:

“If you as a MSB (money services business) are offering automated transactions you are obliged to have suitable automated transaction monitoring. That is not to be confused with monitoring the entire bitcoin network, but transfers between you and your client, may that be fiat or may that be bitcoin. We are providing tools for facilitating exactly that.”

However, others are questioning the reliability of these tools and the IP data they collect.

By finding the IP address of the first node that introduces a new transaction in the network, it is possible to guess its country using GeoIP. However, although there can be a weak correlation, receiving a transaction from a particular node does not mean that the individual running it was its creator, generally speaking.

For example, it could come from Tor, an Electrum server or a service like Blockchain’s pushtx.

“Their service cannot provide any guarantees, and many services have tried this before. What is new is how rudely they disrupt the network,” said Wladimir, who stressed that this kind of analysis is, at best, a very unexact science.

Additionally, Todd cited past unconfirmed reports of inaccurate data leading to a user being arrested by police in 2013 after his IP address was falsely linked to criminal activity via blockchain sleuthing.

The IP debate

Due to this weak correlation, companies like Blockchain see no problem in sharing bitcoin’s IP data, which is public in the sense that it can be accessed by anyone on the network.

In a prepared statement, a spokesperson from the company said:

“Blockchain.info engages in this kind of passive behaviour and publishes the data on its block explorer website under the ‘Relayed by IP’ field. Along with this field, Blockchain notes that the IP address indicated is not equivalent to the origin of a bitcoin transaction.”

They added: “In short, Blockchain.info nodes are passive in nature, only record publicly available data, and confirm to the standard behaviour of nodes on the network.”

Grønager is keen to differentiate between Chainalysis’ service, which allows API customers to determine if a transaction originates from a ‘safe’ partner, from those who publicly share data about IPs that have run the bitcoin client.

“Chainalysis does not and will never share IP addresses or enable customers to buy such information, and we consider it highly problematic and unethical to engage in or facilitate that,” he said, adding:

“[Deanonymizing all transactions] could be an interesting exercise for investigation purposes, but probably hard to monetise for compliance. Further, if you try to follow stolen funds by IP you find that the thieves are using Tor anyway, so the main value you gain is the country of origin – hence our coming blogpost.”

All IP data that passes into the bitcoin network can be masked by anonymising services such as Tor and CoinJoin, which advocates argue can help protect the identities of users, and may prevent future Sybil attacks.

“This is also a reminder to always use tor with Bitcoin 100% of the time (and to use a full node if you can), as that reduces the incentives to pull this kind of stunt,” Maxwell said in the original Bitcoin Talk post.

Todd agrees:

“Tor definitely helps as it makes it clear that you can’t determine where a transaction originally came from, removing some of the incentive to perform these attacks. We also need to implement better protections against nodes that aren’t contributing back to the network – like Chainalysis’s nodes – from using up network capacity like proof-of-storage.”

As long as Bitcoin continutes to provide relatively poor privacy, people will continue to try to create services that take advantage of this, he added.

If nothing else, the events of the past 24 hours hammer home that fact that bitcoin operates on ‘user-selectable privacy’ – by default it is no more secret than a google search from a home internet connection.

Whether this should be used to bring the protocol up to regulator’s standards or be changed to protect user identities, is still up for debate.

Hand image via Shutterstock