Bad blockchain forensics convict the user of a Bitcoin mixer — as its operator

The case against Roman Sterlingov showed that Chainalysis tools are flawed — and shouldn't be trusted to convict defendants when they face decades in prison.
The case against Roman Sterlingov showed that Chainalysis tools are flawed — and shouldn't be trusted to convict defendants when they face decades in prison.

I was sitting at the counsel table next to 35-year-old Roman Sterlingov at the largest Bitcoin-mixer money laundering trial ever. We called him “Mr. Sterlingov” throughout the trial, but I just knew him as Roman. He was the defendant. We were waiting for the jury to read the verdict.

The verdict, issued March 12, was “guilty.” They say it four times as the four counts of the indictment are read. It felt like I was punched in the stomach. The only way my brain can process it is to focus on strategies for appeal.

The trial lasted four weeks. I testified for a full day and I worked on the case for a year. The subject of the case was Bitcoin Fog, the largest mixer in Bitcoin’s (BTC) history.

Related: Gary Gensler approved the ETFs — but now he’s striking back

Bitcoin Fog processed around 1.2 million Bitcoin over its life. Hundreds of millions of dollars in drug money from darknet sites like Silk Road and AlphaBay were allegedly laundered through it. The prosecution said Roman not only used it, but ran it.

Defense counsel Tor Ekeland and Mike Hassard fought like lions against every motion and objection — like Paul Newman in “The Verdict,” but with a crypto-tech twist.

The top five darknet markets to transact with Bitcoin Fog, according to IRS-CI cyber analysts. Source: Indictment of Roman Sterlingov

The prosecution’s case largely mirrored the original indictment. It focused on a Bitcoin transaction from Sterlingov’s Mt. Gox account that traveled to a Bitcoin wallet. We don’t know who owned that wallet or held its private key. From there, a series of transactions were eventually linked to the purchase of a Bitcoin Fog clearnet site that described how to find Bitcoin Fog on the darknet.

Sterlingov may have sold Bitcoin to someone who bought the Bitcoin Fog website, or that someone may have later sold Bitcoin to someone who then sold it to someone else — and so forth — who eventually purchased the domain.

The government harped on how Sterlingov used Bitcoin Fog. He testified that, yes, he regularly used Fog for privacy. The government only claimed that Sterlingov sent 2,700 Bitcoin through Bitcoin Fog. Yet I testified that the true operator of Fog would have earned 24,000 to 36,000 Bitcoin based on Fog’s fees.

I showed that would be hundreds of millions of dollars, the same as a flipped government witness, Larry Harmon, testified he earned running the related Bitcoin mixer Helix. Yet the government’s IRS witness showed that Roman never spent more than $60,000 a year, lived in a one-bedroom apartment, and was never worth more than $1.8 million over the ten years they watched him.

Related: Bitcoin just hit a record in open interest — expect imminent volatility

The "Perry Mason" moment was a catch by defense expert Jeff Fishbach. The government’s evidence included their description of a screenshot of a text message chain discussing a money laundering plan by the defendant. Turns out, it was just a picture from an e-book the defendant was reading on his computer! Ouch. During closing the prosecution apologized for their mistake but promised it was their only one.

The prosecutors C. Alden Pelker and Chris Brown wrote a Justice Department publication advising prosecutors against bringing cases based on tracing alone. They suggested using corroborating evidence like possession of a private key to Bitcoin addresses holding illicit funds.

Good advice since the academic literature shows Chainalysis heuristics can be wrong 90% of the time. That's not something to build a case on when someone faces decades in prison. Yet in this case, prosecutors made precisely the mistake they urged other prosecutors against.

A key problem: The Chainalysis “co-spend” heuristic assumes that Bitcoin spent together originates from the same user, yet is frustrated by splitting a dinner check with a friend using Bitcoin.

Likewise, its “peel chain” heuristic assumes that unspent Bitcoins are linked along a chain where the bigger transaction is the spender keeping their “change.” Yet this is defeated if you send the larger Bitcoin amount to another person within that chain. It's also defeated if you simply give another person the private key in an off-chain transaction, which was more common in the early years of Bitcoin examined in this case.

These two tracing heuristics were at the heart of Chainalysis tracing in this case. The Chainalysis expert testified about critiques of her tools and suggested a secret sauce in the Chainalysis source code fixes them. Since the code is proprietary she can’t share it and we should just trust her.

Roman was early to Bitcoin, in that way he was lucky. He was also an early user of Bitcoin Fog for privacy, he had a Russian passport, and he was into computers. That made him an easy mark to pin the operation of Fog onto. In that way he may have been the unluckiest person I’ve ever met.

J.W. Verret is an associate professor at George Mason University’s Antonin Scalia Law School. He is a practicing crypto forensic accountant and also practices securities law at Lawrence Law LLC. He is a member of the Financial Accounting Standards Board’s Advisory Council and a former member of the SEC Investor Advisory Committee. He also leads the Crypto Freedom Lab, a think tank fighting for policy change to preserve freedom and privacy for crypto developers and users.

This article is for general information purposes and is not intended to be and should not be taken as legal or investment advice. The views, thoughts and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.