EasyChair Preprint № 4995

Abuses of Blockchain and Cryptocurrency in Dark Web and How to Regulate Them

Shiv Hari Tewari

EasyChair preprints are intended for rapid dissemination of research results and are integrated with the rest of EasyChair.

February 21, 2021 Abuses of blockchain and Cryptocurrency in dark web and how to regulate them By: SHIV HARI TEWARI (M.Tech.(CSE) BIT, Mesra) Email: [email protected]

Abstract happens and how we can regulate and track the illegal activities on the dark The blockchain technology is a web using regulated and sovereign distributed ledger system where it is backed crypto currencies. distributed among the users who does the transactions using this technique, What is Blockchain it first came in trend after the sudden Blockchains are originally the rise in the value of bitcoin in 2017 database of collection of blocks and then people get to know about containing the details of transactions this blockchain system and its between the two parties. It is basically working, it provides anonymity and a system of recording information in a security both to the user and that is way that makes it difficult or why crypto currencies like Bitcoin impossible to change, hack or cheat and now Monero are using the the system. blockchain method to ensure the safe, secure and untraceable transactions. A blockchain is essentially a digital Anonymity and security are like two ledger of transactions that is edges of the same sword, they can be duplicated and distributed across the used for the great purposes like entire network of computer systems protecting the privacy of people, on the blockchain. Each block fostering, freedom of speech etc on contains the number of transactions the other hand they can be misused and every time a new transaction for the illegal activities happening occurs on the blockchain, a record of over the internet like cyber terrorism that transaction is added to every and perpetrators often go unaccounted participant’s ledger. The decentralized for their acts. Where there are many database managed by multiple qualities of blockchains there are also participants is known as Distributed some downsides too, because of Ledger Technology (DLT). increased security and anonymity it worked as a fuel for the dark web So, blockchain is a kind of DLT in users to illicit transactions and do the which transactions are recorded with an immutable cryptographic signature illegal activities on the dark web. In this paper we have shown what are called “Hash”. the downsides of blockchain, how the transaction happen on the dark web The picture below shows the stipulated time and stores all the properties of DLT and why it is useful details of the transactions. for today’s database security. Why it became famous Some of the major properties that overnight: makes it more useful for secure transactions are, anonymity of the There have been so many attempts to users who done the transactions, its create the digital currency but they all distributed nature and time-stamping. failed miserably as they weren’t reliable and there was a trust issue in all of them, for example if someone is created a cryptocurrency named “X” now can we trust that they won’t give themselves a million “X” or steal our millions of “X” for themselves.

The bitcoin was designed to solve this issue by using a specific type of database called a blockchain. Most normal databases, such as an SQL database, have someone in charge who can change the entries (e.g. Fig. 1: Properties of Blockchain giving themselves a million X Which means if one block in one dollars). Blockchain is different chain is changed then it would be because nobody is in charge; it’s run immediately apparent it had been by the people who use it. What’s tampered with? If hackers wanted to more, bitcoins can’t be faked, hacked corrupt a blockchain system, they or double spent, so people that own would have to change every block in this money can trust that it has some the chain, across all of the distributed value. versions of the chain. Hence in a nutshell blockchain is As we can see the blockchain reliable, secure and it is originally technology is not only secure but it devised for the digital currency or also maintains the anonymity of its cryptocurrency like Bitcoin but tech users and completes the transaction in community has find its some other uses because it maintains anonymity Payment in Bitcoin starts by of its users and known for the secure broadcasting a transaction over the transactions. Bitcoin network by Bitcoin users. Suppose that Alice sends BTCs to Since it maintains the anonymity of Bob. Alice’s wallet software first its users, it has turned into a weapon searches unspent transaction for those who want to perform some outputs(UTXOs) that contain amounts illegal task over the internet or we can of BTCs and conditions to spend say the dark net. corresponding BTCs. Each UTXO What is Bitcoin: can be spent on other Bitcoin addresses as an input in a new trans- Bitcoin[9] is a decentralized digital action. If Alice has authentication crypto currency that relies on information (i.e., private keys) to cryptography algorithms and a peer- ensure ownership of Bitcoin addresses to-peer network to manage a fully having valid UTXOs, Alice’s wallet distributed ledger without a central software creates a transaction signed authority. by her private keys and broadcasts it over the Bitcoin network. Bitcoin Unlike the traditional banking system, users can transfer arbitrary valid the absence of a central authority public addresses to receive/send means that financial activities have BTCs with other users, but the remained under a pseudonym. Bitcoin address reuse is not recommended for users can generate multiple ac-counts privacy and security reasons. (i.e., public addresses) with corresponding verifiers of the After receiving a transaction request, ownership (i.e., private keys) to Bitcoin nodes first check whether the send/receive bitcoins (BTCs) through requested transaction is a wallet software, which makes a cryptographically acceptable (valid) payment as well as manages key and register the transaction into the pairs. Thus, payments in Bitcoin can Bitcoin Mempool if it is verified. For be transferred over the Bitcoin creating a new Bitcoin block, Bitcoin network without revealing the real nodes collate a set of transactions identities of the participants involved from the Mempool, form them into a in each transaction. block, then perform PoW to solve a theBTCs back to the same address, used inT xIn(0).

What is dark web:

The dark web[20] also known as the dark net or deep web is a place where Fig.2: An example of a Bitcoin questionable activities used to run. transaction between Alice and Bob. The dark web in itself is several times The gray and white ovals indicate the bigger than the general indexed public Bitcoin addresses owned by net(also called the surface web) which Alice and Bob respectively. is known to us over time. This means mathematical equation, called a that it is not visible on the search mining process. If a Bitcoin node engines like google and bing. solves the math problem and it is verified by other Bitcoin nodes, the What kind of people access new block is finally linked to the the dark web: Bitcoin Blockchain. The dark web resonates with a large Figure-2 illustrates an example number of people, however, the chief transaction in which Alice sends among them are those who use it for BTCs to Bob and sends back the the illegal trades. A study in 2014 at remainder of the BTCs to Alice. This Portsmouth discovered that the most Bitcoin transaction consists of a list of solicited content on the dark web is inputs (T x In), which are referenced child pornography and the next on to Alice’s public addresses (the gray hierarchy is drugs and unlicensed oval) connected to unspent transaction arms. It is also discovered that people outputs (U T XO),and a list of outputs used it purchase the illicit information (T xOut) - the destination public and even for renting the hitman to kill addresses belonging to Alice and Bob. someone. [15] In this example, Alice transfers certain BTCs to Bob’s public As per our study we have found some addresses (addr CandD).Since the of those websites, one of them is total input value should equal the total besamafia which is used to hire a output valueaccording to the Bitcoin hitman and there is website named protocol, Alice sends the rest of doxtor which sells the product which was created by Apple but didn’t The criminal ecosystem of launch in the market. There many dark web: more websites like them available on the dark net market and these The procedures for how an illegal websites uses bitcoin as their payment underground transaction involving the interface and PGP key for Dark Web and cryptocurrency communication.[14] operates, which consists of five steps: (i) advertisement, (ii) discovery, (iii) Now the question raises here, “is dark negotiation, (iv) payment and (v) web only devoted to dark activities?” fulfillment. the answer is no, for example wikileaks, it is a platform devoted to Advertisement: whistleblowing and it allows individuals upload classified Advertising illegal products or information incognito to the services on the Dark Web requires appropriate agencies. In addition to different approaches from promoting this, the dark web has also helped legal products or services through the people in China access certain sites Surface Web since traditional search which are otherwise inaccessible. engines do not index content on the Dark Web. If a dark website is created Encryption and anonymity to promote sales, then this on the dark web: information must be registered with a directory service provided on the Most users on the dark web make use Dark Web (e.g., a hidden service of sophisticated encryption directory through Tor). This technologies. One example is the use registration is then advertised to of Virtual Private Networks (VPNs) potential visitors by posting access which keep the activities on the information (e.g., onion domains) on internet safe and private. The the Surface Web(e.g., SNS and conventional routing of the VPN is forums). An alternative approach is to prone to traffic analysis and this can advertise dark websites on general reveal the origin of this traffic, purpose Dark Web search engines information about the transmission, (e.g., Ahmia[1] and Haystak[5]) or and the destination. market platforms (e.g., Silkroad[11] and Dream Market [6]).

Discovery: a third party who mediates transactions between the buyers and Buyers follow similar approaches sellers. Transacting parties without a from the leads of a seller’s third-party mediator make agreements advertisement strategies, such as to receive and send fees directly discovering entry points to suppliers where sellers provide a selling illegal offerings through cryptocurrency address to the buyers communities or Dark Web search for collecting fees. Escrow is engines. Also, buyers may share available to overcome uncertainty in access information with other buyers the credentials of transacting parties directly. since established service providers Negotiation: tend to have a higher reputation. Escrow service providers support an To proceed with a transaction, a buyer automated payment system to buyers must confer with a seller about the and charge service fees to the sellers. deal regarding shipping method, price, customizing services, and Fulfillment: payment methods. These details vary As the final step, sellers fulfill orders according to the type of product or similar to e-commerce services of the service. For example, porn dealers Surface Web by sending physical receive money from a buyer and send products via an agreed delivery a pass-code for accessing a porn method (e.g., drugs and weapons), archive. In contrast, hacking service providing online services (e.g., providers might require additional hacking and illegal content) or details, such as the type of hacking performing criminal activities in real- services requested and general world environments (e.g., targeted information about targets. Typically, assassinations). guidelines for information needed are included with the seller’s sales Tor Networks information. Tor networks use virtual tunnels, Payment: however, these tunnels do not connect the client directly to the servers. What Payment through the Dark Web happens is that a relay point in the Tor commonly hasthe two following network is created and this is able to options depending on the existence of circumnavigate the traffic analysis. It it recorded a daily transaction is achievable thanks to three distinct between $300,000 and $500,000. properties.[14]

• The relay point is not privy to the entire path of the circuit. • The encryption of each relay is unique. • The connections are terminated after a while to preclude long-term observation.

In view of these, a system which offers similar or even superior advantages has been proposed the blockchain technology. Fig.3 : use of dark web in different The Blockchain technology areas and the dark web: When we compare this to the amount A blockchain is a decentralized public of transactions handled by Bitpay, a ledger which keeps immutable payment processor which facilitates records of the transactions on the the conversion of Bitcoin into fiat network. This record is stored across currency, the difference is clear. The several users (decentralization) and largest merchant of Bitpay struggles this adds to the level of security and to bring in $500,000 in a day. reliability. We can then safely conclude that One real importance of the cryptocurrencies are important to the blockchain[20] technology as it burgeoning of the dark web. pertains to the dark web is the Today, we are facing two up-to-date finance. Research was carried out on techniques for hiding identity: (i) six different drug markets and the Dark Web and (ii) Cryptocurrency. daily volume of transaction was found The Dark Web leverages anonymous to be about $650,000. On the average, routing techniques (e.g. Tor) to conceal the user’s identity. While the Dark Web was first proposed to Cloudy and untraceable support the freedom of the press and cryptocurrencies, particularly Bitcoin, guarantee open discussions without are the primary means of payment. A recent report by Chainalysis, a leading political pressure, it is also misused crypto-payment analytic firm, has for malicious purposes, such as shown that Bitcoin transactions advertising harmful content and happening in the dark web grew from command-and-control servers (C&C). an estimated $250 million in 2012 to $872 million in 2018, with a So we can see how blockchain projected $1 billion in 2019. [ 13] [14] technology has fueled the dark net transactions and immune it from the people who can trace it and can shut down the whole network.

Now the question rises here is what kind of cryptocoins or cryptocurrency are used in the dark web and why they can’t be traced.

We can say bitcoin is one of the cryptocurrency which is used over the dark web for transactions apart from the bitcoin there are others like litecoin, monero and dash but bitcoin is popular among them, now the other Fig. 4: Bitcoin transaction in dark web question is why they are so Collection of untraceable, according to interpol “despite of having all the tools to Cryptocurrency addresses trace the transactions but on the dark used in the dark web: net there is no means we can trace the data over the dark web and only few Despite the wide attention and dark them get caught” others just slip away web law enforcement and research because there are privacy policies of community, no one could reach any cryptocurrency (bitcoin and monero) conclusions that why there is so much which makes their transaction illicit transaction over the dark web untraceable than the others. and why the security agencies cannot are indeed used for selling illegal trace them.[17] goods and services. Since there are many researchers who How the transactions already have a lot of efforts to study happen (the dark wallet): and analyze the dark web deeply, to facilitate them there is a platform According to Cody Wilson who called MFScope,[14] which we have conceived the dark wallet “I want a implemented to know the details private means for black market about the previous illicit transactions transactions and it’s just a money happened on the dark web. This laundering software” platform mainly of two major components; first one is data The method used by the dark wallet collection, in this part it collects the uses for the transaction in the dark illicit cryptocurrency addresses from web is called “Coin Mixing” and the dark web. Second major part is hence the dark wallet also known as analysis, in this part it analyzes the coin mixer.[16] cryptocurrency addresses and tracks Crypto currency mixing systems such their illicit money flows. as SmartMixer or Dark Wallet are a Data Collection Overview: primary instrument of money laundering used by criminals active in MFScope[14] starts by collecting the dark web and seeking anonymity. seedonion addresses from Tor hidden service search engines such as Ahmia Dark Wallet was created in 2014 by and FreshOnions. From the collected Amir Taaki and Cody Wilson (who seed addresses, MFScope crawls text also created the first 3D printed gun), contents and traverses onion links on and it’s an open source bitcoin visited dark websites until there are platform designed to render its users no more links to traverse. From the anonymous and to obfuscate bitcoin crawled websites, MFScope extracts transactions. cryptocurrency addresses and One of its principal uses is coin performs preprocessing to filter out mixing. invalid or unnecessary addresses. What coin mixing does is combine a Then get labeled whether such user’s transaction with that of other collected crypto currency addresses random users who happen to be making separate transactions through transaction is much secure because of the system at the same time. It joins blockchain, but there are also some the bitcoins of the two or more users downside of blockchain technology and mixes them together so as to like we have seen earlier it provides conceal their origin. The user can DLT which makes anonymity instruct the software to pay the seller property too immune that people use in cut up chunks of the original price this technology over the dark web for (0.4 + 0.2 + 0.1 instead of the 0.7 their illegal works. bitcoins) or at a delayed date that they can set. Why cryptocurrency is so much used on the dark This makes it extremely difficult for an outside party to determine who web: made a particular transaction. Since Blockchain[15] set out to solve In recent years, a number of the issue of centralization. With the competitor wallets have emerged decentralized blockchain technology, including Anonymix, Wasabi Wallet, so much can be achieved with this and SmartMixer. In May of last year, technology and this is the bedrock of BestMixer.io, which worked similarly cryptocurrency. There are two major to Dark Wallet, was shut down by features of the blockchain technology Europol with the aid of the Dutch tax and these are: services on the premises of money 1. Anonymity laundering. It’s the first case of its 2. Security kind. Because of the property of anonymity Hence this is how the transactions and one can be able to execute the launderings of bitcoins happen in the transactions without leaving the trace dark web and this is one the reasons and it might come off as superfluous why we cannot trace it using our usual at first, but if we dig deeper, it sources. becomes extremely beneficial to illicit So, we have seen till now what is the cryptocurrency addresses and apart blockchain, how cryptocurrencies like from the bitcoin new currencies like bitcoin are used for transaction using Monero have features like stealth blockchain and how bitcoin addresses which generates address for receiving illicit funds. These addresses are traceable but cannot be Ways to regulate the traced back by the original owner. transactions happening on Now in the context of security , there the dark web: is a large sale in the dark web from the pornography to purchase of illegal First and the most common way is to drugs and these transactions are quite allot a crypto wallet to the client who expensive to fund and don’t allows wants to buy the cryptocoins or any delays. The dealers require a safe cryptocurrency, it is an encrypted and reliable means of getting their electronic device which allows the illicit funds over and only one keeper to do the transactions using currency can allow for this which is cryptocoins and keeps track of all of cryptocurrency. the transactions. Each wallet will have a public key visible to anyone. Now the question rises here is, “if the But it can be operated by only a dark web is this much worse, are person who has a private key. there any ways to stop or trace the Transactions on the cryptocoin activities happening over dark web?” network are usually anonymous.[18]

To answer this question first we need When people send cryptocoins to each to understand that cryptocoins are other, someone has to keep account of based blockchain technology and that who spent how much at what time. In means no third party(even the case of flat money (or paper money) it government) can intervene between is done by banks (known as Trusted them, which means there will be no Third Parties, for which they charge a traces of that some illicit transaction commission).But in case of Crypto happened over dark net and only the coins, it is registered on a ledger two parties which are involved in the called BlockChain[15] (with nil or activity knows about the transaction. minimal fees).

Hence we can say till now there is no Second method which can be used to way we can completely stop an illicit regulate the activities over the dark transaction happening on the dark web is known as controlled web or take control of that, but there blockchain method. are few ways to regulate the activities and keep track of that. Bitcoin is a peer-to-peer based cryptocoin which is not backed by any commodity and (unlike flat several money and non-money uses. money) carries no sovereign In its complete form, it will have a guarantee whatsoever. wide spectrum of applications ranging from banking, taxation, and Regulated and Sovereign Backed contracting to space research, Cryptocurrencies (RSBC)[19], on automation and public services. And the other hand are government backed it can be used to effectively regulate cryptocurrency a kin to paper the Deep Web. currency, but in digital form. In this system, the cryptocoins (known as Ways to discern the identity of Nation Coins) are backed by bitcoin wallet holder: Sovereign Guarantee.[19] In reality, it is possible to discern the They are run on a highly secure identities of Bitcoin wallet holders by Controlled BlockChain (referred to as a process known as de- CBC) in which Sovereign backed anonymization. Off late Bitcoins are Cryptocurrencies will be transacted under surveillance and can be de- without any hassles. NationCoins are anonymized. This effectively renders completely managed by the Sovereign the anonymous transactions traceable. Authority i.e. the Government. Computer scientists associate This system is based on the K-Y activities with Bitcoin wallet usage. Protocol. The K-Y Protocol is a set of Even geographically pinpointing the rules and instructions to implement user is possible. But it may take time the Regulated and Sovereign Backed and will most probably be Cryptocurrency (RSBC) system. retrospective.[18][19]

A Controlled Blockchain is different Illegal Racketeers run anonymous from a BlockChain . A Block Chain is websites on the Dark Web where permission less Distributed Database, people can order for any illegal items whereas a Controlled BlockChain will they want. This is possible because of be Permission Based. The permission the advent of Cryptocoins which are for access and operation being more advanced than Bitcoin in provided by the Sovereign Authority. maintaining anonymity. Take for example, Monero. Monero is a A Controlled Block Chain (CBC) cryptocoin which uses a technique resulting from the K-Y Protocol has called Ring Signatures. Ring Signatures make Monero highly digital avatar of the US Dollar).These resistant to De-anonymization. In USCoins go into a wallet that is cryptography, a ring signature is a already registered under some verified kind of digital signature executed by name. Thus the persons giving and any member of a set of users, each accepting illegally earned Bitcoins one of whom has keys. A message can be easily traced by de- having a ring signature is signed by anonymization. In case of currencies someone in that certain set of people. like Monero, transaction identities can In a ring signature, it is betraced at the point where there is an mathematically impossible to interface between Monero and determine whose key was used to NationCoins. The system will know create the signature. There is no who is who. By tracing transactions manner in which to unmask the and analyzing patterns, the anonymity of a signature. Monero Government can find out who is thus presents an opaque Blockchain. funding terrorist activities and who is This greatly amplifies and enhances financing drug smuggling.[19] financial anonymity to the extent that Thus by the use of the regulated and even miners do not know where the sovereign blockchain (RSBC) we can money is going or the nature of its easily trace the users and their contents. Crypto currencies like activities happening over the web and Bitcoin and now Monero have given a all the transaction they have done huge boost to the dark web and it has over the internet or we should say the make the dark web much more dark net.[17][18] immune in the context of anonymity. This is evident by the mushrooming Imagine a scenario where 200 of anonymous websites like SilkRoad. sovereign states maintain their own NationCoins. Hard cash transactions But all that will change by will be greatly reduced. People will introducing RSBCs. In fact, we can have to transact using RSBCs. In fact, regulate the Dark Web if governments there will not be enough paper implement the K-Y Protocol. currency to fund illegal activities. All Now imagine a scenario where payments will have to be done by RSBCs are in vogue. Bitcoin is RSBCs. There will hardly be any converted not to Dollars but to unaccounted money. Illegal trade will USCoins (the NationCoin form; the be quickly identified in real-time as the identities of parties involved in the blockchain(RSBC)) is a kind of activities will be known through their advancement in the blockchain NationCoin wallets. The quantum of systems and introduces the concept of money circulating in the Deep Web de-anonymization where one has to will also be known, thus enabling the convert their crypto coins into the Government to tax and regulate the NationCoins( crypto currency of the Deep Web. particular nation)[18][19] by which we can know about the person who Conclusions: has crypto wallet and where is the The blockchain technology has got crypto coins spent and so that can many aspects and it provides track the illicit transactions and illegal anonymity and security of the level activities happening over the dark net. which cannot get breached or traced Thus this is how we can at least have by any third party, since it cannot get the details of the activities running on traced nobody could get to know the the deep web and we can track the activities happened over the illegal activities happened there. blockchain and because of its distributed ledger technology only References those who were involved in the [1] Ahmia, https://ahmia.fi/. activities knows about it. As anonymity increased, it increased the [2] Bcoin-cli, illegal online activities and made dark https://github.com/bcoin- web much more immune than ever, it org/bcoin/wiki/CLI. also gave birth to the concept of crypto currencies like bitcoin and [3] bitcasino, https://bitcasino.io/. Monero. It also increased the use of [4] Cryptopay, https://cryptopay.me. dark web and illicit transactions happened over there. There is no [5] Dream Market, solution found till now and the only http://n3mvkmkqb3ry4rbb.onion. solution we have can be used to [6] Fresh Onions, regulate the transactions over the deep http://zlal32teyptf4tvi.onion. web and to trace back the activities happened there. This [7] Y. Akdeniz, “Anonymity, technology(regulated and sovereign democracy, and cyberspace,”Social Research:An International Quarterly, cryptocurrencies-and-the-dark-web- vol. 69, no. 1. 1a6d85916314

[8] E. Androulaki, G. O. Karame, M. [16] https://pideeco.be/articles/dark- Roeschlin, T. Scherer, and S. web-and-money-laundering/ Capkun,“Evaluating user privacy in [17] Hegadekatti, Kartik and S G, bitcoin,” in International Conference Yatish, The K-YProtocol: The First on Financial Cryptography and Data Protocol for the Regulation of Crypto Security (ICFCDS 2013). Currencies (E.G.- Bitcoin) (February [9] S. Nakamoto, “Bitcoin: A peer-to- 13, 2016).Available at SSRN: peer electronic cash system.”[Online]. https://ssrn.com/abstract=2735267 or Available: http://dx.doi.org/10.2139/ssrn.273526 http://bitcoin.org/bitcoin.pdf. 7

[10] [18] Hegadekatti, Kartik and S G, BitcoinWiki,Addressreuse.[Online].A Yatish, The K-Y Protocol: The First vailable: https://bit.ly/2LRWVCS Protocol for the Regulation of Crypto Currencies (E.G.- Bitcoin) (February [11] Silk Road Market, 13, 2016).Available at SSRN: http://silkroad7rn2puhj.onion/ https://ssrn.com/abstract=2735267 or [12] Blockchain.com, http://dx.doi.org/10.2139/ssrn.273526 https://www.blockchain.com. 7

[13] What is dark market, [19] G. Wood, “Ethereum: A secure https://www.thebalance.com/what-is- decentralized transaction ledger,” a-dark-market-391289. 2014.[Online]. Available: https://bit.ly/2hhPViV [14] MFScope; https://www.darknetstats.com/mfscop [20] Immunity on the dark web as a e-a-novel-platform-for-identifying- result of blockchain technology: illegal-crypto-transactions-on-the- https://codeburst.io/immunity-on-the- dark-web/ dark-web-as-a-result-of-blockchain- technology-6693eb087bdd [15] https://hackernoon.com/blockchain-