Skip to main content
Support

Blockchain and Bad Actors

21:07October 18, 2024

Join our co-hosts for a conversation with Daniel Goldsmith, CEO of Heights Labs, on how forensic analytic labs like his help law enforcement at the federal, state, and local levels crack down on illicit uses of blockchain and cryptocurrency. Daniel talks about how mapping and tracing of these very transparent ecosystems can thwart even sophisticated bad actors who are setting up multiple accounts and automating their activity to cover up money laundering, scams, or other illicit uses. Tune in now to learn more about these labs help recover funds, identify scammers and thieves, and how the nature of blockchain inherently helps them tackle crime.

Daniel Goldsmith speaking during a Blockchain Explained episode

Watch Now

Learn More

Show Notes:

Internet Crime Complaint Center (IC3),”the central hub for reporting cyber-enabled crime, running by the FBI.

The FATF Recommendations,” the basis on which all countries should meet the shared objective of tackling money laundering, terrorist financing and the financing of proliferation of weapons of mass destruction.

Centralized cryptocurrency exchanges,“ a business that specializes in helping make transactions happen between two parties.

Understanding Tornado Cash, Its Sanctions Implications, and Key Compliance Questions,” an article discussing how sanctions on Tornado Cash, a decentralized crypto mixer, targeted its role in laundering illicit funds from major hacks while raising enforcement challenges.

Central Bank Digital Currency (CBDC),” is generally defined as a digital liability of a central bank that is widely available to the general public.
 

Time Stamps:

01:00 Introduction to Daniel Goldsmith and Heights Labs
02:27 Understanding Blockchain Analytics
04:58 The Role of Law Enforcement in Crypto
06:48 Scams and Recovery Processes
09:34 Mixers vs. Centralized Exchanges
11:51 Privacy Concerns in CBDCs
13:30 Misconceptions About Crypto and Illicit Finance
17:53 Cryptocurrency in Repressive Regimes
19:01 The Future of AI in Blockchain Analytics
 

Episode Transcript

  • Narrator: Welcome to Blockchain Explained, a podcast about opportunities, challenges, and trends in blockchain technology. Whether you're a beginner or an expert, a developer or just crypto-curious, this podcast is for you. It features industry leaders and government officials discussing the world of distributed ledgers, cryptocurrencies, and the metaverse. And now, here are your hosts, Alan Rechtschaffen and Kellee Wicker.

    Alan Rechtschaffen: Hi, I'm Alan Rexhaf, co-host of Blockchain Explained and chair of the Digital Asset Forum and Lab at the Wilson Center. And I'm here with my magnificent co-host, Kellee Wicker, who handles all of science and technology at Wilson. And we have an important guest today to talk about security issues in the world of cryptocurrency and digital assets. I'm going to turn it over to you, Kellee, and it's good to be back together after a little bit of a summer hiatus. And Kellee, why don't you tell us about our program today?

    Kellee Wicker: Yeah, thanks, Alan. It's always good to be back. Today we have Daniel Goldsmith, who's the CEO of the Heights Labs, which is a blockchain analytic firm. And Heights Labs works on using investigation and different analytic tools to find out where bad actors are acting with the technology and helping law enforcement leverage some of the transparency advantages of the technology. But I don't know enough about it to say much more, so I'm gonna let Daniel kick us off with just kind of an overview. What is it that these forensic labs like yours do?

    Daniel Goldsmith: Yeah, absolutely. And thank you both for having me on. So very quickly about Heights Labs in this space. So across the industry, you know, there are various analytics firms that are focused on understanding blockchain, understanding transaction sequencing. The ledger for blockchain is public notoriously, but not many people actually leverage that to their advantage and understand that. you know, if we have a public ledger and we become good at analyzing it, we can actually achieve positive outcomes to minimize financial crime, sanctions evasion, scams, the variety of types of bad actors that you would kind of want out of these financial systems. And so different companies have different capabilities, but the thing that we've pioneered is basically moving from the world of manual investigations. So blockchain analytics today is a highly manual process. So imagine kind of like a Sherlock Holmes, you know, cork board situation where there's a network diagrammed out by hand and you're kind of pinning things in different places and the transactions are the connections between them. We kind of saw that as the, the state of the industry and, personally a recovering mathematician. So if I ever veer in any given direction, just pull me back. But we basically created a set of tools to understand how do you actually create a map of the indirect flows of funds, because at the end of the day, in an environment like a blockchain where it's cheap or easy to create intermediary accounts, you actually want to be ahead of any potential signs of money laundering or other types of illicit activity on the financial side. And the way you do that is just by tracing faster than people can launder funds, right? And so really that's the general space at a very high level. And we kind of bring a few unique capabilities to kind of supercharge that effort. So that we can basically democratize that across law enforcement a much more broad way than is happening today.

    Alan Rechtschaffen: And Daniel, what is the difference between what you're doing in classic anti -money laundering efforts, you know, at banks and at financial institutions in terms of being able to trace things to traditional finances always had the same problem and had to deal with shell companies and some version of the traditional finance things that you're talking about.

    Daniel Goldsmith: Yeah. So, so one of the key differences is scale. So if you think about the complexity involved in setting up one fake bank account as an intermediary, right, between whatever ultimate beneficial owner and then whatever actor they're looking to kind of kind of commit, they might set up one or two intermediaries or shell companies or parent accounts, right? But on a blockchain, you'll sometimes get thousands of steps for highly sophisticated bad actors because they're just constantly creating accounts and cycling funds and using other technologies that kind of automate that process for them, right? So the bad guys are basically living in an automated world and the good guys aren't yet. And we're trying to bridge that gap, right? And it's a lot harder to do that at scale in the traditional financial system. I've never seen it done in the hundreds or thousands, but it might be that, but if it's gonna be that, it's gonna be one-off, right? It's very different when you have, you know, for example, a ransomware gang that's willing to sell copies of their technology that you can just pop in and kind of get going pretty quickly.

    Kellee Wicker: So the clients that you work with, the people that you do your analytic work with, are we talking about federal level law enforcement? What kinds of people come to you for services?

    Daniel Goldsmith: Yeah. Yeah. So, so we're engaged with federal law enforcement at a few different agencies and departments. but we also do a lot with state and local. so we're very involved with, operation Shamrock and some of the state and local efforts around how do you bring together and enable the thousands of state and local law enforcement, officers and also district attorneys, right? That are just boots on the ground, kind of the first wave without having everything to kind of report up to like an IC3, which is like the FBI's kind of retention center for when scams are kind of perpetrated against everyday people. So we do a lot on the triaging side there. We're actually in the middle of a few large asset recovery processes that we're leading on the triage side for them. And then basically at the federal level, it's a mix of intelligence, DOD kind of in one bucket where they're trying to kind of see what the state of affairs looks like. Federal civilian, that's a mix between kind of bringing people accountable, holding them accountable for prosecution. But really with things like FATF guidance that have come out recently, there's been a big shift towards asset recovery. So really thinking about how do you recover funds in this digital ecosystem? Because if you have a Southeast Asian Scam facility, it's going to be really hard to hold those people accountable because they're not in country. They may not have any extradition situation, but you can recover the funds at the end of the day, It might not be like the ultimate justice, but practically you're achieving a resolution for the victims that are typically retirement age US citizens.

    Alan Rechtschaffen: I’m sorry Daniel, I just want to walk through how one of these scams would work. Because if somebody sends somebody an email and says, I've seen what you've been doing on the internet, and I'm going to divulge this information to everybody if you don't send me a bunch of Bitcoin. And then the person sent, which is a scam that's going around right now, from what I understand. And so somebody goes ahead and sends the Bitcoin. So the Bitcoin sitting in a wallet somewhere.

    Daniel Goldsmith: Yeah, we saw one of those last week.

    Alan Rechtschaffen: I'm sorry?

    Daniel Goldsmith: No, we saw one of those last week exactly like you're describing. Yeah.

    Alan Rechtschaffen: Yeah, I read about this one that's going around. so the money sitting in the Bitcoin wallet in some foreign jurisdiction. And now you come along, you're like, I know where that it went from wallet A to wallet B, the Bitcoin move from wallet A to wallet B. Wallet B probably belongs to so and so who lives in a foreign jurisdiction. How do I get my money back?

    Daniel Goldsmith: Yeah. So, that's like one type of characterization, right? So, we're gonna kind of break them out in a few different ways. And again, pause me if it ever gets, it gets too hairy, but on the Bitcoin side, what typically will happen is someone will, you know, it'll be like threatening message, you know, like, like what you said, basically they'll say, send your money off to this new wallet. You know, the victim sends the money off. The scammer basically will sometimes actually be naive enough that they'll have their own account at a different centralized service. So there's actually no, we call it like on-chain activity, right? So it's basically them saying, Hey, send me the money. And it sounds very scary, but in reality, they might just have like a normal trading account at a normal cryptocurrency exchange. In which case it's pretty easy for a firm like ours to say, okay, well, the money just directly moved on to that other one and they centralized custody of those funds. So it's pretty easy to pick up the phone and just call them either their compliance or risk department and just say, Hey, you know I have a victim. What we what we're particularly good at outside of the analytics that we do is facilitating like the all the different elements of that investigation. Right. So it's the victim. It's potentially a law firm if there is one. It's local jurisdiction. And then it's the cryptocurrency exchange. Right. And you need all those pieces because the cryptocurrency exchange reasonably in some cases will say, well, you're not law enforcement. You're just a guy saying you have a screenshot of a victim. Right. But the problem is local law enforcement often today still think that cryptocurrency is untraceable and definitely not seizable. And so as we see these cases, we're also elevating the ability for local law enforcement, both through our platform and also just through basic education, right? Showing them that this is seizable, showing them that the money is over there. And then when they call or we elevate it to a federal body and you get the call at the exchange, it's a lot easier of a recovery process on the Bitcoin side.

    Alan Rechtschaffen: Is the concept you talked about going on to a centralized exchange, is that what we've heard in this idea of a mixer? Or is the mixer something else?

    Daniel Goldsmith: No, yeah, so a mixer is something else. So basically, so a centralized exchange is basically like a fiat off-ramp for cryptocurrency into real dollars, for example, or whatever sovereign currency there is, right? A mixer is basically an on-chain mechanism. So it's a piece of software that someone wrote that will gobble up a bunch of different cryptocurrency from different people, and then basically obfuscate the source and destination of those funds and then spit them out. So if you think about Tornado Cach as one of the most popular former mixers, what we've seen is that a mixer achieving any level of success, especially when the majority of its volume is based on denied area uses, let's say, the US is not particularly excited about allowing those to continue operating in the wild, which I think is the right decision. I mean, the details can vary, but... Yeah, basically what they did in the case of Tornado Cash was they sanctioned it so that any outbound flows from that service, which looks the same as any other wallet that we can tag on the blockchain, was sanctioned so people don't want to kind of clean those funds by moving them on to centralized exchanges.

    Kellee Wicker: You mentioned you know that we're not really keen on having mixers exist. And this may be outside of your expertise, so feel free to pass the question. But how much can the US government actually do about the existence of mixers? I'm assuming a lot of these are located in other countries.

    Daniel Goldsmith: Yeah. I mean, from a, just an outcomes perspective, I think it comes down to the power of the US dollar, which I think is, you know, thankfully still in a very, very healthy spot. So it has less to do with the jurisdiction and more to do with the outcome right? So if you say, Hey, this is a service we don't want you engaging with, then you'll see a flood exit that service. And the claim would be, well, we used it before it was sanctioned, right. And very few people are going to intentionally engage with the sanctioned service because you're basically nuking your personal financial life in the United States or any partner country.

    Alan Rechtschaffen: The idea of a big topic that comes up when people talk about CBDCs, central bank digital currencies, is this whole idea of privacy that if you have a CBDC, the government knows everything you're doing. But at the end of the day, private entities know everything you're doing anyway, right? Because of the nature of a blockchain, it sees everything that happens with that cryptocurrency where it goes. And a firm like yours could be used to really decipher what people are doing. And I'm curious about the privacy concerns that that raises.

    Daniel Goldsmith: Yeah. So, it's a question we get asked a lot, but I think it actually is, kind of mapping too many traditional financial concepts onto a new technology because in reality, all of the addresses on the blockchain. So addresses are basically just accounts, right? So when I say an address, just means an account. basically all the addresses are pseudonymous, meaning they are repeat use case in some time and they have the same pseudonym, but we don't know who owns them for the most part. We can map them to geographies in some cases or zones of activity, or we can map them to financial services because the financial service writ large has a pattern of activity that we can look at from an on-chain perspective. But it's very different from saying, know, it's Kellee or Alan's account. There's no way for us to know that information. And the KYC or AML processes that the centralized exchanges have are the same as they are for traditional financial institutions. So they would contain that information, but they're highly regulated about what they can do with that.

    Kellee Wicker: So just to kind of return to like a broader point. One thing, and I know I think actually you are helping our research team out with this. We have an upcoming report scheduled for next January talking about the realities of illicit finance in crypto. And you mentioned this earlier that people have this perception that crypto is untraceable. And in fact, it's actually the exact opposite. We were in a meeting one time with one of the State Department divisions that works with this and they were like, we love when people use crypto because I know I can find them.

    Daniel Goldsmith: Yeah.

    Kellee Wicker: Other key misconceptions that you hear repeated a lot, as a person who works on curbing malicious use, you're like, that's fundamentally not how this works.

    Daniel Goldsmith: Yeah, so I mean, I think you highlighted the most important one, which is crypto is probably the worst way to launder money. I mean, the only benefit is that it's digital and fast, but in terms of keeping it long term, a permanent digital ledger that anyone in the world can access, and that is not impossibly difficult to map onto real world financial services that operate in real world jurisdictions that have laws, is a pretty bad place to conduct large scale money laundering. For some reason that hasn't picked up, that concept has not picked up from the people that are using it for those purposes, which is both good and bad because they are operating on these networks, which is kind of frustrating because you want the network to be healthy and legitimate, but it's exciting because, you know, it'd be a lot harder to trace if they were using other capabilities. So, I think those are the two sides of it. And I guess other misconceptions is that, you know, we've moved from a world where it's just tracing and viewing to a world of law enforcement. And then within the world of law enforcement, we've moved from a world of prosecution to acid seizure. And there's unique capabilities that these networks have, especially the ones backed by centralized issuer, around what you can actually do to touch even in some cases, self-custodied funds. These are different than a Bitcoin. So when people talk about Bitcoin as like a store of value, but it doesn't have much utility, the utility is that it's an actual store of value. when you self-custody a wallet, you might lose the pass phrase, but unless somebody else gets it, there's no way to access those funds. But the vast volume off of Bitcoin, I think, is a lot more permissive than most people probably realize, for the benefit, I think, of the US and the Western financial system.

    Alan Rechtschaffen: But guess one of the concerns is if you want to move $20 million from one person to another, you want to do it cross-jurisdictionally, cross-border, doing it in gold, you got to have a big suitcase, doing it in cash, you got to have a big suitcase. But doing it in Bitcoin, you need a jump drive that's about that big. So I don't know how you handle that. I think that maybe even outside studying the blockchain is the ability to move money around physically by handing somebody a jump drive.

    Daniel Goldsmith: Yeah, I mean, I think there is something to be said about like the facility of movement for really large payments as like a core use case, both, you know, good and in some cases risky if it's going to be for like illicit payments. And like you said, I think one of the challenges in the space is actually pretty similar to what you described, which is almost like a digital to physical exchange of cryptocurrency. So it looks like the chain of custody isn't broken when in reality, someone bought it and actually owns that wallet, but there was no actual on-chain signature that moved. The upside of that is, you know, as an analytics firm and as investigators in the space, that doesn't necessarily matter, right? If you engage, you know, if person engages with a sanctioned entity and then that sanctioned entity is able to actually, you know, cleverly get cash and hand someone sanctioned funds that are sanctioned on the blockchain, those funds are still sanctioned, right? The fact that they've changed ownership, you're now directly interacting with a sanctioned actor and it's up to the financial institution and the jurisdiction that you're in to kind of make the rules around what that looks like, but it's not viewed in a very positive way. So the actual funds that you're looking to seize from a cryptocurrency perspective are still there and have a similar kind of signature.

    Kellee Wicker: We're coming to the end of the time we have, but I did want to end on a high note. One of the things that we've talked about in the past has been just the ability for people to use cryptocurrency in situations where they're living in a repressive regime and their assets are not safe. Have you seen this in play in real life? Can you tell us a little bit about it?

    Daniel Goldsmith: Yeah. Yeah, absolutely. So we partner with firms that facilitate kind of large scale, like command and control, like wallet systems almost, that are easily deployed and kind of rugged for humanitarian relief or aid projects where you can rapidly facilitate like the movement of funds, like boots on the ground. And so that's been a pretty exciting capability. And what we're trying to do is basically provide like the risk back end for something like that. you know, to Alan's point, like it's not just, hey, here's like a really quick, easy way for people that are doing the right thing in a difficult part of the world. But also make sure that on the back end, there's not any, any bad actors that are kind of filtering through that crowd.

    Alan Rechtschaffen: And just in the interest of positivity, one of the things that Kellee spends a great deal of time looking at as part of the Wilson Center is Artificial Intelligence. And I'm wondering, how is that working with the things that you're doing? And have you started to implement Artificial Intelligence as part of the process?

    Daniel Goldsmith: So we've been asked about it before. Right now, there's kind of two very quick pieces of that. One is, for reporting. we've thought about how to make kind of smarter reporting mechanisms. Right now it's kind of just a PDF export, that is like almost like a narrative structure. You can easily imagine how that gets fed our data and then spits out something that's more custom made for the end user rather than us pre-drafting like a Mad Libs version of it, which is how we do it now. But the other piece is explainability and right now our analytics, thing that we've built is basically, how do we trace something massive in scale that we've never seen before? Like a blockchain, right? How do we trace it fast enough, but provide explainable results about every single time we give a risk alert or a trace, and we say the money's over there. We produce the actual chain of custody, however many intermediary transactions, right? And so for something like that, we'd really steer away from Artificial Intelligence because that has to be fully explainable and almost like very powerful algorithmic and compute work, but very simple logic, if that makes sense.

    Kellee Wicker: You heard it here first. It's not always about AI. Thanks so much, Daniel, for your time today. We really appreciate it. And Alan, as always, it's a pleasure to share a conversation with you. We hope you all will join us for the next episode of Blockchain Explained.
     

Guest

Daniel Goldsmith's headshot

Daniel Goldsmith

CEO and Cofounder at Heights Labs

Science and Technology Innovation Program

The Science and Technology Innovation Program (STIP) serves as the bridge between technologists, policymakers, industry, and global stakeholders.  Read more