Helix Mixer de-anonymization

This is a follow up to this post by /u/BlockchainAnalyst : https://www.reddit.com/r/DarkNetMarkets/comments/2ogsgv/how_to_deanonymize_helix_mixer_transactions/

In this post, I am looking to show that de-anonymization is still possible due to how Helix mixer works.

Five test transactions were followed from deposit to withdrawal, as well as about 85000 others. The method is all explained in the report included in the following github repository: https://github.com/digigon1/GramsHelixExplorer

This method has probably been already done internally by some professional blockchain analysis company such as blockseer.com. If not, it would be easier for them to do this because of the availability of the data they have.

All source files are also included in the github repository, as well as a batch file that allows it to run under Windows (with Python 3 and the correct libraries installed (BeautifulSoup)).

Still included in the repository is the file matches.csv under the wallets/output directory, with all the discovered matches.


Comments


[4 Points] gramsadmin:

This assumes quite a lot.

In order for this to work you must assume they used helix light and not helix. With regular helix You can leave in the bitcoins as long as you want. Some users have had bitcoins in their for months. This assumes only 7 hours.

Also they would have to only put 1 address in to be sent to and not use our multiple transaction feature.

This is the same argument that has been said for years. It's is matching values and saying they are the same so they must be the same people. It is the same as if you payed for something at the store with a $5 bill and the next day got a $5 bill from your friend for money he owed you. Would you assume that it must be the same $5 bill just because that store and your friend use the same bank. Yes it could be the same bill but that assumption is ridiculous.

The other thing is the transaction must be picked up by walletexplorer. We change out wallet all the time and many never even get picked up by wallet explorer. Even if his method did work he is only unmasking a very small percent. I read his report and saw 85,142 Helices he says he unmasked that date back to 2014 , Helix does around 800 to 1400 helices a day. That is a lot more than the 333,000 or so he checked.

We have always said for best anonymity use our extra feature or regular helix, but even the simple helix light with no extra features does exactly what it says, it severs the link, such that the taint analysis will not show the original address. There for severing the link on the blockchain between 2 addresses.

That is all I have to say about this.

Stay Safe,
-GramsAdmin

p.s. I do appreciate the work /u/digigon1 did on this and would be willing him to hire him to helix better by doing more checks and working with us to make it even better.


[3 Points] None:

[removed]


[2 Points] AutoModerator:

/u/BlockchainAnalyst - You have been summoned in the thread /r/DarkNetMarkets/comments/67p1wt/helix_mixer_deanonymization/ by /u/digigon1.

This convenience is brought to you by AutoMod. Submissions do not automatically summon users like comments do. AutoMod is trying to be helpful.

For others, it should no longer be necessary to summon the referenced user in a comment any more. AutoMod has done the heavy lifting for you. You're welcome. Bow before me.

I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.


[2 Points] c3ntrifuge:

Posting, just for your review.

https://www.reddit.com/r/DarkNetMarkets/comments/2oi5jh/helix_deanonymization_the_response/?st=j1z6nikz&sh=5d50d9c0


[1 Points] None:

[deleted]


[1 Points] tor_drugs_dnm-:

can you try with some other mixers please? I would be interested in finding out if bitblender and penguin can be de-anonymized


[1 Points] zx88crackingforum:

I've done some pretty large transactions on grams in the past, well into the 3 digit amount. My last being fairly recent, around 50kusd. Neither the address that the coins were deposited to or addresses the cleaned coins were sent to were in the downloadable csv.