Citing a basketball star, the Dude (a character in the cult classic film "The Big Lebowski") and "Star Trek: First Contact," a federal judge praised the cryptocurrency analytics tools that helped lead federal agents to yesterday’s multibillion-dollar bitcoin trove.
In an August 2021 opinion unsealed yesterday tied to a search warrant that helped nab nearly 100,000 stolen Bitfinex bitcoins, U.S. Magistrate Judge Zia Faruqui cast blockchain tracing technology as a powerful tool to meet probable cause requirements.
CoinDesk acquired a copy of the memorandum from a source familiar with the case.
Faruqui’s memorandum opinion – summarizing the Washington district court's approval of a search warrant for email accounts – highlights the influential role private-sector tracing software plays in the federal government's crypto investigations.
That influence was pivotal in the Bitfinex money laundering case, according to Faruqui, who has delved into crypto issues in past memoranda. He said the case agent's affidavit clearly showed how industry software techniques led his investigation to the suspects' email accounts.
Federal agents wrote that they acquired the addresses and private keys to 2,000 wallets after obtaining a warrant to search the defendants' cloud storage services. It's unclear whether this was the same warrant.
"Cryptocurrency and related software analytics tools are 'the wave of the future, Dude. One hundred percent electronic,'" Faruqui concluded, tipping his hat to Jeff "The Dude" Lebowski, the rug-loving stoner lead character in the 1998 movie "The Big Lebowski."
Faruqui, who as a former prosecutor conducted federal crypto investigations, said the tracing industry's sleuthing techniques – like clustering, which divines patterns from inherently public crypto transaction data – have emerged as "one of the most reliable bases for a search ever."
"Going 50 for 50 is beyond what could be expected of a mere human," he said, apparently referring to the success rate of clustering-derived subpoenas in the Welcome to Video investigation he helped lead (and also referencing National Basketball Association star Damian Lillard in a footnote).
Clustering techniques help investigators determine what addresses belong to suspects, according to Tom Robinson, co-founder of Elliptic, a tracing company. In a previous interview with CoinDesk, Robinson called clustering the blockchain analytics industry's "special sauce."
Indeed, legal documents released Tuesday detail Internal Revenue Service agents' focus on a "specific cluster" of crypto wallet addresses that led them to Ilya Lichtenstein and Heather Morgan, the Manhattan couple arrested on charges of money laundering stemming from a hack of the Bitfinex crypto exchange in 2016.
"Humans are 'Flawed. Weak. Organic,' whereas clustering software strives for perfection," Faruqui said, partially quoting the 1996 film "Star Trek: First Contact."
Unfortunately for lawyerly pop culture nerds, Faruqui's spunky references aren't part of binding legal precedent. Memorandum opinions summarize court decisions; they don't set them in stone.
This one nevertheless represents a shift in how judges think about evidence derived from crypto tracing software, according to Ari Redbord, a former federal prosecutor who now leads industry player TRM Labs' policy division.
"For the first time ever, the Court analyzes the weight and reliability of blockchain evidence finding that blockchain analytics tools like TRM Labs are reliable and can form the basis of probable cause for a warrant," Redbord wrote in an email to CoinDesk.
The full extent to which IRS agents used blockchain tracing technology isn't clear yet.
IRS-CI has signed multimillion-dollar contracts with Chainalysis, Elliptic and TRM Labs; all had something to say following yesterday's news.
What is clear is that their tools have emerged a critical component of federal crypto investigations. The are powerful enough to lead investigators to suspects' doorstep and persuasive enough to yield warrants that open them.
But there's another, simpler take away from the Bitfinex hack's latest twist: Pricey software or no, it's very difficult to get away with on-chain crypto theft.
"These people were absolute F***** morons," said one source in the tracing industry. "Starting with: stealing a couple billion in the world's most transparent and traceable assets."
Read the full opinion below:
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.