How to deanonymize Helix mixer transactions

The mixer Helix by Grams is using a very weak method of mixing, even if it provides 0 taint to the original coins it is still easy to find the original coins.

 

The main problems are:

 

 

In the case of Helix Light the coins are added after 2 confirms with exactly 2.5% fee and then immediately sent to the destination, this is easy and fast for the user but it is a very weak method of mixing.

 

Here comes an example of how to break a mixer that has these problems

 

Lets say that you want to mix some bitcoins, you create this transaction to Helix Light: https://blockchainbdgpzk.onion/tx/951012e00cdd4c3cca50507002ccd379b972073abf5fd5a59f38f548088facb3

 

The mixer receives 0.12478014 BTC and removes the 2.5% fee: 0.12478014*0.975=0.1216606365. Bitcoin only has 8 decimals, so round it up or down depending on the 9th digit, so to 0.12166064 BTC.

The mixer then sends 0.12166064 BTC to the address you specified as soon as the initial transaction has 2 confirms: https://blockchainbdgpzk.onion/tx/2e32421ba0db052c332d78912ee8073f6949b950558cade4b4d72da56b7208f6

 

If someone would try to follow your coins from where you bought them to their destination they would see that you sent 0.12478014 BTC somewhere, if they suspect the mixer is Helix Light then they would know exactly what to look for. They can see in what block the transaction got 2 confirms, in the example above its block #333021. They know that the transaction out from Helix Light will be included in the next 2-4 blocks, Block #333023-333025, go to block 333023: https://blockchainbdgpzk.onion/block-index/505927/ and look for 0.12166064.

 

The blockchain analysis can be done in three easy steps:

 

  1. See 0.12478014 BTC sent to mixer: https://blockchainbdgpzk.onion/tx/951012e00cdd4c3cca50507002ccd379b972073abf5fd5a59f38f548088facb3

  2. Calculate the value after 2.5% fee: 0.12478014*0.975=0.1216606365 = 0.12166064 (round up or down the 8th digit or just search for value with 7 digits after decimal point)

  3. Click on the "Included In Blocks" link on the blockchain.info page of the transaction and search for 0.1216606, if it isnt there click on the "Next Block" link and search for 0.1216606 again, repeat until found.

 

As a fun game for you guys, this is a transaction of 0.12156064 BTC to Helix Light, can you do blockchain analysis on this and find the secret destination address following my short guide?

https://blockchainbdgpzk.onion/tx/f003b867adbcf8f97865becaceb70862df9b92679049f9f38e1e4da0aefd5134

The blockchain analyser that first finds it and posts the correct address here will receive the coins.

 

As you can see it is very easy to do and can even be done fast manually. FBI/DEA could easily develop a tool that would go through all coins sent to and from SR2 and other markets (now that they have the logs) and check if they can find any transactions with this pattern, and they will find the original coins easily if you used Helix Light. A tool like this would look through days of blockchain data to see if they find an exact match, say that 2.5% fee was used but it was delayed by 2 days, if there are no other transactions of exactly 0.12478014 BTC they found a match.

 

The same blockchain analysis technique can be used to trace the transaction backwards too, say for example that you have all the deposit and withdraw logs from SR2 and some other markets.

 

They see a deposit of 0.12166064 BTC going to SR2 and they want to know where it originally came from so they then calculate the 2.5% fee backwards like this: 0.12166064/0.975, and get this number: 0.12478014. Now they know that the initial transaction to Helix must have been of exactly 0.12478014 BTC and the transaction would be confirmed in 3-4 blocks before the deposit to SR2. 0.12478014 BTC is a very unique amount and they will end up finding only 1 transaction with this exact amount even if they have to look through all blocks created that day (if delay was used on Helix for example).

 

Grams should obviously not run a mixer, he is incompetent and is not following the best practices of bitcoin mixing, he is lying to his users saying it provides good anonymity. This mixer, as shown above, can be deanonymized by anyone. The conclusion is that it is totally worthless and that you are paying a 2.5% fee to Grams for nothing. The most expensive mixer available is the one that provides the worst anonymity. It was started after Fog and Blender which both has very good methods of mixing, i do not understand why someone would launch a mixer providing less anonymity and at the same time be more expensive.

Some users say that tumbling is not needed, but those who do use one should care enough about it to at least use a tumbler that does it correctly.

 

The correct way is to have a randomized fee together with a long randomized delay, in the above example of mixing 0.12478014 BTC on any of the other mixers with randomized fee you would receive any value between 1-3%. If someone sees a deposit to SR2 for 0.12166064 then a 1-3% fee random fee on the mixer means that any transaction between 0.12288953 and 0.12542334 could be the original transaction, it is still a very narrow range, but when just looking through a couple of blocks reveals many transactions matching this range. If you have to look through a day worth of blocks (random delay on the withdraw) there would be hundreds of transactions matching which means it would be impossible to make a positive match.

 

There are only two mixers which provide perfect anonymity of your bitcoin transactions: Bitcoin Blender and Bitcoin Fog. Stay safe!


Comments


[9 Points] sharpshooter789:

Looks like grams has some work to do.

edit: looks like he is denying there is even a problem. Glad I never used it.


[5 Points] r0bertden1ro:

Wow. Thank you for making this available to the public.


[8 Points] None:

[deleted]


[7 Points] gramsadmin:

You can read helix's full response here.
https://www.reddit.com/r/DarkNetMarkets/comments/2oi5jh/helix_deanonymization_the_response/

Everyone who has read this has seen that this whole guessing things is nothing new and can't be done for all tumblers if you assume you know which tumbler they used and how long it took them to send the coins.

You can also read how I have fixed the so called "problem" which makes this whole thread irrelevant .


[6 Points] jjgnnbbcbruru:

Shit ive been saying this since when helix opened, these are teh same problems that affected blockchains mixer, not enough randomization.

What really sketches me out is to get helix's full mixer you have to create an account by sending some btc into it, like what is this supposed to accomplish besides incentivizing users to retain the same account and link all their mixes.


[3 Points] impost_r:

Thank you for this, I was actually planning on doing this as I suspected Grams using very weak techniques, I just had never used it. What is your take on tumbling through purpose built tumblers versus through other clearnet services like casinos and exchanges?


[3 Points] gramsadmin:

You could do with any mixer as long as you know even the estimated percentage. All you have to do is go back through the blockchain and look for a transaction around the one with a percentage of 2 to 2.5% take out , it is a very small window and can easily be found. The only difference between helix and the others is you will find slight taint in their , but no taint in helix.


[2 Points] None:

[deleted]


[2 Points] None:

Very informative and important. Thank you.


[1 Points] None:

[removed]


[1 Points] bluezone2427:

Ok so I've had a question regarding mixers that I was meaning to post since the last large thread on tumblers.

Firstly nice work on de-anonymizing helix your writeup makes it very intuitive. Now in my personal experience I've been transfering <1 BTC out of coinbase into helix light and then straight into a DNM wallet. We can debate whether or not it's actually necessary but my question is about the bitcoin providers really. I've read that coinbase/circle can close your account if you transfer funds directly to DNM wallets. Thats why I was sending it through the tumbler, basically to protect from coinbase rather than the blockchain analysis at large. Does anyone have any first hand experience with bitcoin providers closing accounts because of NOT using a tumbler when sending coins to a DNM.

Also as a result of this thread I think maybe sending coins from coinbase -> online wallet -> tumbler -> DNM may be a safer route. Does anyone have any suggestions for secure online wallets (if such even exist? blockchain.info has been getting a lot of bad rep lately)

Thanks for reading.


[1 Points] sheeproadreloaded2:

Grams has also not considered the basic fundamentals of money-laundering, and has tricked drug CUSTOMERS into laundering already clean bitcoins unnecessarily, before enjoying the cleanliness of their coins for about 10 minutes and handing them straight to a drug dealer.

It makes things safer for darknet drug vedors though, when EVERYONE is tumbling bitcoin and doing their best to look like a drug dealer. They can sneak teir ill-gotten gain out of the random address chosen each time by the marketplace's superior tumbler, ready pressed and laundered to be able to buy legitimate things like houses and yachts

The 2.5% thing wouldn't matter if enough people put round numbers like 0.3 BTC, 1BTC etc through. Also, when big money you are following goes into bitcoin fog, you know about it because it keeps getting split up and sent in 3 or more directions.


BitcoinFog is easily cracked if a large sum from a robbery goes through, because there isn't enough bitcoin already on deposit to be sent in it's place. the stolen 10,000BTC or whatever have to go straight through. You just follow the largest chunk each time and it gets smaller and smaller, then starts to gain bitcoin like a snowball gaining snow - you know you are halfway through bitcoinfog. There IS taint - not a lot, but the % taint is unimportant.

Just do a reverse (forward-looking) taint analysis from the halfway point when you've just squeezed through a tiny hole and the tunnel is starting to get wider again - you can see the light of the output wallet at the end of the tunnel!

As you look down the list, ignore the % taint and look at the number of connections. It reads like "1, 2, 1,1,3,2, 5766, 2, 2"

You don't even have to follow the bitcoin to the final wallet, just slightly past the midpoint.

If you are following say, one bitcoin and it goes into grams - how would you know? Somebody else's bitcoin is sent instead, and yours gets used by somebody else tomorrow.

You would have to do the steps you mentioned for every wallet-to-wallet movement - just in case its Grams.

The "use somebody else's bitcoin, plus or minus random amounts of bitcoin and time" method of tumbling is almost uncrackable, but there is always a way if you see bitcoin going IN to a tumbler.

Tumblers are designed to protect the honest appearance of bitcoin where it is NOW. Not where it's come from. Which shows how daft it is to then give it to somebody else in exchange for illegal goods!

By the way, its good to see other forensic blockchain accountants advising Redditors how to safely sped their money on drugs, as well as scaring marketplace owners into not robbing everyone. Everyone who's ever had bitcoin stolen should do it, instead of just standing around discussing how pointless it is and watching us instead of doing something.

If you can say with reasonable certainty "the thief controls THAT wallet", just once, its all over for them. Eventually.

They know that as long as we record the first few minutes of bitcoin movement when they rob us, anybody interested has until 2140 to build supercomputers to catch them.

WE don't have powers of arrest. But we don't need it.


[1 Points] Shillsandthrills:

I'm not surprised. They have a flashy site to lure you in with the idea that if it looks professional and well done then it must be the best. Nah. It's just a money hungry fool who only wants their 2.5%. Betcha anything they don't give a shit about user security. Just use bitcoin fog. It's been around for years. Why the put trust in an unproven mixer when you have one that has basically withstood the test of time? It's a no brainer. But then again.......well I think you know.


[0 Points] gramsadmin:

Sorry guys I was away and just got back to the computer. The fact is Helix is the best tumbler. The evidence you suggest is all circumstantial. If a us users didn't use long awkward amount it would be impossible to trace because. There is absolutely no taint on the blockchain. mean the send from address is no where in the link on the send to addresses chain.

If you do a taint analysis on the other tumblers you will find usually find the send address in the the taint with a small percentage. Where with Helix it is not even there.


[-8 Points] gramssupport:

Hello everyone,

THIS OF COURSE IS NOT A TRUE!!!

HELIX USERS ARE 100% SAFE, IT'S IMPOSSIBLE TO DEANONYMIZE THEM!!!

GramsSupport