Mini Post: Fast and reliable AML check in 4 quick steps

I often get asked about forensics and transaction tracking. The answer is that I prefer the clustering method and I will now show you how it works.

1 - Let’s take the wallet from this article - it belongs to SilkRoad.


Previous projects tried to de-anonymize the bitcoin by using P2P network traffic and find out an IP address of each bitcoin address owner. However, this method could only obtain the small number of reliable mappings between a bitcoin address and its owner’s IP address.

To improve this, AML companies added a BTC/ETH(ERC20) address clustering process which shows better results and shows unobvious crossings.

2 - Then I do an analysis of clusters through - quite an easy tool to work in.

Investigation revealed 26 connections to 25 clusters, where are 15 direct connections, and 11 indirect.

See full map:

The Investigation shows the names of the clusters, their risks and the number of intermediate addresses (distance to these clusters).

3 - My report proves that wallet owner received bictoins from SilkRoad and probably received money from top exchanges, once lost his bitcoins during the scandalous closure of BTC-E.

Report Proof: ID:24116220210717234420:E1DE144F5E58DFB
Time: 2021-07-17T20:44:20+00:00
Report Generation Block Height: 691470
Link: 24116220210717234420:E1DE144F5E58DFB

4 - Then it can be performed and proved In manual way:

Also suggest reading this article about Ethereum forensics Bookmark In previous tweet example I used BTC address, but same method (and works fine with ERC20 too:

Please advise your fav tools and tactics too! :sunglasses:


If you know a good ERC20 address for the next investigation - please drop it here, I ll choose the best one and check out it with you :sunglasses: It should have a proof in Media/Report to which I will be referring.


This is very interesting!

I have this question I ways wanted to ask when crypto forensics is discussed.

I sometimes read about forensics and analytics unmasking the identity of a (previously pseudonymous) wallet owner.

If this is something that can be done (I understand for security and other good reasons) does it make the popular feature of pseudonymity moot?


Thank you for you comment! :heartpulse: In this case we can understand only clusters - exchangers or P2Ps, projects and other groups of wallets for which you can identify a person by contacting the exchange directly through law enforcement or through the security service of the exchange. Or with using your OSINT/Mindmap skills.

Well, in my opinion, anonymity is important and very necessary, because there are a lot of countries and regimes where without it smart and talented people would have long been noticed, and they would not be allowed to do what they do.

Anyway, it’s a complicated question, anonymity just exists as a fact - it has no advantages and no disadvantages. To be honest, I believe that imitating a perfectly normal personality would work even better than complete anonymity. :sunglasses:


Lets check the wallet of Vitalik Buterin


Investigation revealed 389 connections to 353 clusters, where are 40 direct connections, and 349 indirect. To see the full table of connections follow the link:

@TornadoCash knows something :upside_down_face:

Report Proof:

ID: 24246420210719235748:CF8A842F4AB071A
Time: 2021-07-19T20:57:48+00:00
Report Generation Block Height: 12859270
Link: 24246420210719235748:CF8A842F4AB071A

TXs from Tornado: