US Recommends 30-Year Prison Sentence For Alleged Bitcoin Fog Operator
The case that put blockchain analysis on trial is moving forward with the sentencing of alleged Bitcoin Fog operator Roman Sterlingov – but not everyone's convinced that the government's got the right guy.
The US Government recommends a 30-year prison sentence and a fine of $100,000 for Roman Sterlingov, a Swedish-Russian citizen convicted of money laundering and the operation of an unlicensed money transmitter earlier this year for the alleged operation of the custodial Bitcoin mixer Bitcoin Fog.
Sterlingov's case became known as the case that could "put cryptocurrency tracing on trial". As WIRED wrote in 2021, "unlike in some more-clear-cut investigations of criminal use of cryptocurrency, prosecutors in Sterlingov’s case haven’t pointed to any smoking-gun digital evidence retrieved from Sterlingov’s possessions or devices when he was arrested during his trip to the US last year. Instead, the statement of facts released when charges against Sterlingov became public in April 2021 detailed a combination of blockchain-based cryptocurrency tracing, IP address matching, and online account information links."
Sterlingov was convicted on all four counts last March, but experts in AML and cryptocurrency tracing are not convinced that Sterlingov operated Bitcoin Fog, who continues to maintain that he had been a user of Bitcoin Fog – but not its operator.
According to J.W. Verret, a forensic accountant, former member of the SEC Investor Advisory Committee, and expert witness for Sterlingov's defense, "the case against Roman Sterlingov showed that Chainalysis tools are flawed — and shouldn't be trusted to convict defendants when they face decades in prison". Verret testified to "the mystery of the missing bitcoin" in pretrial hearings, speaking of 19,939 BTC in unaccounted for proceeds. Verret concluded that there is "no financial forensic evidence that Mr. Sterlingov operated Bitcoin Fog".
Laurent Salat, developer of the open-source blockchain analysis tool OXT Research, detailed to have found "odd" results in Chainalysis' clustering, for which he sees two possible explanations: "government experts misrepresented the functions of the closed source heuristics used to create the Bitcoin Fog cluster" or "the Reactor platform isn't deterministic and its results aren't reproducible".
According to the OXT report, a "disturbing aspect" of Sterlingov's case is that "the scientific method has been completely ignored while considering that “hearsay” or anecdotal evidence of past successes are a replacement for tracking false positives and negatives". Mr. Salat was invited to testify as an expert witness for the defense, but denied due to the competitiveness of his work.
Chainalysis Head of Investigations Elizabeth Bisbee had previously declared that "Chainalysis is looking into the potential of trying to collect and record any potential false positives and margin of error, but such a collection does not currently exist." Bisbee further declared that "Chainalysis clustering methodologies have not been peer-reviewed in the sense that an academic paper would get peer-reviewed with data and methodology(ies) reviewed in a separate study by other scientists."
At trial, the judge ultimately opined that Chainalysis' Reactor software was "sufficiently reliable" as "it doesn't need to, at least as offered in this case, offer, you know, absolute precision. So if it were right, you know, only 90 percent of the time or only 80 percent of the time, I think it would still be valuable for offering the evidence that the government is seeking to offer it for."
The judge stated that "I do have evidence in front of me with respect to the reliability of Reactor, as it has been used in law enforcement for many, many thousands of subpoenas, as I understand or thousands of subpoenas over time and which there is a natural check in that those who have testified at a Daubert hearing with respect to this have indicated to me that they are not aware of any incidents in which the results were incorrect."
Leo Schwartz of Fortune Magazine described some of the judge's logic as "circular", referring to statements made that accredit Chainalyis Reactor's reliability to the fact that "law enforcement uses blockchain analysis extensively throughout the world, and that Chainalysis is an “industry standard tool” for customers from the Department of Justice to the Department of the Treasury".
A particular subject of discussion in Sterlingov's case was the use of behavioral analysis: the practice of evaluating certain behavior, such as transaction timing and types of signatures, to assume whether transactions may have been made by the same person or entity.
According to a supplemental expert report conducted by the Mastercard-owned blockchain analysis firm Ciphertrace, Ciphertrace had found "discrepancy rates between Ciphertrace and Chainalysis attribution data upwards of 60%", and an error rate "upwards of 64%" for the behavioral heuristic. Ciphertrace noted that, in the Sterlingov case, "over 527,000 Bitcoin Fog addresses" were clustered by Chainalysis using the behavioral heuristic, and that "Ciphertrace does not utilize Heuristic 2 (behavioral) because it is inaccurate, error-prone, and over inclusive".
Ciphertrace's report concluded that "Chainalysis attribution data should not be used in court for this case nor any other case: it has not been audited, the model has not been validated, nor has the collection trail been identified". Ciphertrace's report was withdrawn shortly before trial, as CipherTrace attorneys stated that "some of the data relied upon may be unverifiable and unauditable". Only a month later, Ciphertrace announced to be shutting down key products, but declined to comment whether the decision to discontinue certain operations stood in relation to developments in the Sterlingov case.
In an unrelated paper funded by the German Research Foundation, in which researchers attempt to develop a taxonomy for expert witnesses and law enforcement agencies for the evaluation of blockchain analysis data, the authors argue that "general assumptions based on user behaviour are the least reliable". The authors state that "law enforcement agencies should question whether any results of attacks based on uncertain assumptions really establish the necessary degree of suspicion for more intensive investigative measures. For this purpose, analysis software must not be used as a black box or pressure must be built up on the companies developing such software so that they disclose the methods employed and, if necessary, argue their reliability".
On the occasion of Sterlingov's guilty verdict, Chainalysis stated on X that "this case has meaningful implications because of the Court’s forceful rejections of defense challenges to the admissibility of Chainalysis blockchain analytics as evidence." Citing the court's motion, Chainalysis stated that "the government also won the Daubert hearing that ruled in favor of the admissibility and reliability of Chainalysis blockchain analytics as evidence in court".
While the motion states that the court is "unpersuaded" by the defense's arguments that "Reactor is “junk science,”[...] and that, as a result, any testimony based on Reactor is not “the product of reliable principles and methods,” the motion also states that "the defense is correct that not all of the heuristics used in this case have been subject to “peer review” and that Chainalysis does not gather and record an error rate in a central location".
"Follow the science, even though we all know it's not scientific", independent journalist and privacy researcher Janine Roemer joked in response to the motion.
Chainalysis further stated that the verdict "sets precedent for Chainalysis blockchain analytics being used by prosecutors as evidence when they take criminals to court — a win for the government agencies who use our solutions to investigate illicit activity and bring the criminals behind these transactions to justice".
Chainalysis' CEO Michael Gronager told WIRED that he is hopeful that the judge’s ruling will be the “final word” on the admissibility of evidence collected by Chainalysis software – “at least until future developments in crypto tracing demand a reevaluation.”
Tor Ekeland, Steringov's lead defense lawyer stated that he planned to appeal.
Independent journalism does not finance itself. If you enjoyed this article, please consider donating to our Geyser Fund.