Welcome to Clain's series on cryptocurrency mixers. This is one of series of posts aimed at unraveling the operations of different mixers, highlighting Clain's auto-demixing capabilities, and our tailored algorithms for each. Our exploration delves into the complex interplay between crypto mixers, blockchain privacy, and their role in money laundering activities. Designed for crypto enthusiasts, privacy advocates, and those curious about technology, this series navigates the nuanced world of crypto transactions. By showcasing Clain's innovative solutions, we aim to illuminate how these activities impact blockchain privacy and security, offering insights into our efforts to mitigate such challenges. Join us as we dissect each mixer, revealing Clain's approach to de-anonymizing crypto activities and combating financial crimes.
Mixer Analysis: Samourai Wallet
Welcome to the first installment of “Clain Insights.” As the forefront authority on mixing services, Clain is ready to reveal critical insights into the functionality of mixers and our pivotal role in aiding law enforcement to trace illicit transactions facilitated by these services.
Bitcoin mixers and other services designed to enhance transactional anonymity have grown to meet the market demand that has been around since the inception of crypto. Amongst these services, Samourai Wallet creates a unique challenge for law enforcement. Recognized as a "bastion of privacy" by a segment of Bitcoin users, Samourai Wallet is a non-custodial, open-source platform that places high priority on user privacy, even at the expense of profits for its operators. Samourai Wallet distinguishes itself primarily as a non-custodial wallet that incorporates a built-in mixing feature known as Whirlpool. Most Bitcoin mixers on the market are custodial. This means they hold users' coins and have a potential point of vulnerability. Samourai Wallet's non-custodial nature gives users full control over their private keys and, consequently, their funds throughout the mixing process. This approach inherently strengthens the security and privacy of transactions.
Whirlpool allows users to participate in CoinJoin transactions. CoinJoins allow users to combine multiple Bitcoin payments from several users into a single transaction and further obfuscate the trail back to the funds' original sources. Samourai offers its users the unique capability to deposit their coins into one of four pools, corresponding to different denominations - 0.001, 0.01, 0.05, and 0.5 BTC. Once entered, users have the option to leave their coins within their chosen pool and then partake in numerous CoinJoins without incurring additional fees. Users can then receive several unspent transaction outputs (UTXOs), each corresponding to the denomination amount of the pool they participated in, and further complicate the task of tracing their transaction histories.
Unlike other mixers that impose time restrictions, Samourai users can leave funds within its Whirlpool for an indefinite amount of time. Users also have the flexibility to spend coins post-coinjoin in fragmented amounts over time. Samourai's construction of CoinJoins, coupled with additional withdrawal features that add hops to transactions for an additional fee, further complicates the demixing process.
Samourai Wallet is easily accessible through an Android app or desktop application known as Sparrow. Samourai Wallet's dedication to offering a cheap and reliable service underscores some of the ethical issues of some open-source code and publicly available mixing algorithms.
The Numbers
As of the end of February 2024, Samourai Wallet's users have engaged in 146,502 Whirlpool deposit transactions, known within the ecosystem as 'tx0' transactions, and 528,127 Coinjoins. These transactions have cumulatively mixed 63,840 BTC, translating to an estimated value of 2 billion USD, based on the conversion rates at the time of each transaction.
The substantial volume of the cumulation of transactions raises obvious concerns about the potential misuse of Samourai Wallet's services for illicit activities. This trend is alarming. These tools are only going to increase in popularity and make it increasingly difficult for law enforcement agencies to trace and combat financial crimes effectively.
The earnings received by the developers of Samourai Wallet have remained relatively modest. From approximately 150,000 deposit transactions mentioned above, the total mixing fees amounted to 170 BTC due to the platform's fixed pool entrance fee structure. Though this figure might seem minimal in comparison to the sheer volume of funds mixed, it reflects the reality that these tools are in such high demand that a service can still net a few admins a large personal profit from a relatively small service fee.
Demixing Samourai Wallet with Clain's Auto-Demixing Tool
Clain’s auto-demixing tool has processed a massive set of transactions associated with Samourai Wallet, including 144,453 deposits and 88,745 withdrawals. As of this writing, Clain has achieved a remarkable success rate, demixing 82% of deposits and 96% of withdrawals (with varying demixed model confidence). These figures are particularly noteworthy given the unique challenges posed by Samourai Wallet's design described above.
Samourai Wallet significantly complicates the demixing process. In addition to aforementioned time users can retain funds within its Whirlpool, users have the flexibility to spend coins post-coinjoin in fragmented amounts over time. Samourai's construction of coinjoins, coupled with withdrawal features like Ricochet — which adds extra hops to transactions for an additional fee — further complicates the demixing process.
Despite these challenges, Clain’s auto-demixing tool succeeded because of the predictable behaviors of the mixer’s users. Larger transaction amounts generally lended themselves to easier demixing; however, the combination of user behavior patterns and our tool’s comprehensive exploitation of available features — including transaction amounts, timing, wallet fingerprints, and mixer options — enhanced its potency. Consequently, by utilizing Clain's investigation tool, Probe, users can navigate beyond the veil of mixer deposits to uncover the most plausible tracks of fund movements.
The success of Clain’s Auto-Demixing tool in tackling the complexities of Samourai Wallet transactions underscores Clain's commitment to advancing the state of the art in blockchain analysis and crypto compliance and providing law enforcement with the most accurate and cutting edge tools available. By restoring transparency to the blockchain, we empower law enforcement and regulatory bodies to uphold the integrity of the cryptocurrency ecosystem, ensuring that innovation and privacy do not become a haven for criminal activity.
Cases Involving Samourai Wallet
Through a series of notable cases, the use of Samourai Wallet has highlighted the urgent need for more advanced analytical tools to combat illicit activity.
The Badger DAO Heist: A Trail to Samourai
On December 2, 2021, a Badger DAO hacker boldly siphoned off 2078 BTC, valued at over 118 million USD, from RenBTC. In an attempt to obscure the origins of the illicit funds, these stolen funds were meticulously deposited into Samourai Whirlpool in various amounts throughout 2022 and 2023.
This case is an example of the sophistication of modern cybercriminals and their newfound patience with the lengths they will need to go through to launder their proceeds.
Dark Markets
Hundreds of thousands of dollars in crypto from infamous dark marketplaces like Blacksprut, WorldMarket, OMG! OMG! and Hansa Market have been moved to Samourai Wallet. The mixer emerged as a preferred choice for these operations, facilitating the seamless transition of illicit funds under the radar of law enforcement and regulatory bodies.
Blockchain Bandits
In another disturbing revelation, the owners of the Benumb carding shop were discovered to have mixed 291 BTC (more than $5.7 million) through Samourai's Whirlpool. Additionally, operators of the Netwalker ransomware, known for its crippling cyberattacks, heavily relied on Samourai to launder their ill-gotten gains.
SilkRoad Legacy
A particularly intriguing case involves address bc1qx3n5ky4d44t4uy3prk0h90j2ujgyj342fuq2sa. This address received 9,155.53021981 BTC, a fortune almost untouched since 2013 and traced back to the infamous Silk Road. A significant portion of these funds found their way into Samourai Wallet's Whirlpool, with 5,815 BTC still unspent (on address bc1q5nm43a3wjk3vtgh20qd59eps0j8k2u4nmm7mfs) by the time of writing. This actor continues to move funds to Samourai and avoids mixing the whole amount at once.
About Clain
Clain is at the forefront of blockchain intelligence and analytics. Our mission is to provide the world's most reliable platform to assist financial and government institutions in combating crypto-related financial crimes. With an unparalleled emphasis on technical prowess, Clain prides itself on deploying algorithms with the highest accuracy in the market, setting it apart from the competition.
For additional updates and insights, follow us on:
X: twitter.com/clain_io
LinkedIn: linkedin.com/company/clain