Tracing Digital Assets sometimes requires investigators employ Web3 OSINT, utilising associated tools & techniques. These newer practical capabilities are set to bridge an overly wide gap between open-source research on Web2 with the (likely soon-to-be) decentralised nature of the internet.

For effective navigation of the Web3 space, digital forensics experts, investigators and researchers often employ a set of specialized tools and practical methodologies to uncover hidden information about transactions, and to track digital trails of cryptocurrency assets during investigations on their individual(s) of interest.

While the blockchain doesn't directly link your real name to your wallet, given a blockchain is simply a large, chronological, indefinite and irreversible ledger that stores information, sometimes a real name is shown on the blockchain. Various categories of other information can be stored on the blockchain as well, but for our purposes (cryptocurrency investigation), the ledger portion is the most important path that we are going to look at. 

Specific amounts of cryptocurrencies are directly sent to specific wallets, and each transaction is public, along with the time at which it occurred in the blockchain. All of this information is easily searchable through a blockchain explorer, in which this data is easily searchable by wallet address, by transaction number, or even chronologically by block. 

Depending on the situation, this might sometimes be risky from a privacy standpoint, because each and every wallet can have every transaction traced back to its infancy or starting point. If an investigator is able to tie your real name to your public wallet address, then your personal security and safety may be compromised.

With advanced tools, investigators can search a wallet address, email address or username, to potentially find linked accounts on Web3 platforms.

Understanding Cryptocurrency Tracing

To start off, you first need to understand what crypto tracing is. Crypto tracing involves the analysis of blockchain data to track the flow of funds from one address to another. 

While blockchain transactions are transparent and immutable, the semi-anonymous nature of wallet addresses makes it challenging to link them to real-world identities, like say how a passport or an identity card reveals the true identity of a person. OSINT techniques help to bridge the gap by combining several factors such as blockchain analysis with publicly available information, social media clues, and other data sources to de-anonymize transactions and put a face or name to them. This is particularly important to help trace scammers and fraudsters who engage in unscrupulous activities in the crypto space.

Key Tools for Cryptocurrency Tracing

1. Blockchain Explorers

Blockchain explorers like Etherscan (for Ethereum) and Blockchain.com (for Bitcoin) are some of the earlier and essential tools for viewing transaction histories when it comes to tracing wallets, wallet balances, and smart contract interactions within the blockchain. These platforms provide a starting point for tracing funds and identifying patterns that can help an investigator move forward or obtain a clue that would help him crack the case.

Since all the transaction data is visible to anyone, an investigator can use the obtained information to proceed further in his investigation or get a hit.

2. Chainalysis

Chainalysis is one of the leading blockchain analysis platform used by governments, financial institutions, and law enforcement agencies. Some it clients include big names in banking, media, financial institutions and also major law enforcement agencies around the world who employ their services in their investigations.

Chainalysis provides tools to visualize transaction flows from a target wallet, identify suspicious activity and flag them, and link wallet addresses to real-world entities using a number of factors. In fact, Chainalysis has had some limited success in tracing Monero, the highly privacy focused crypto coin which points out to their ability in doing crypto tracing.

3. Elliptic

Elliptic is a British blockchain analytics firm headquartered in London, with offices in New York and Singapore. It specializes in cryptocurrency risk management and compliance. The company was co-founded by Adam Joyce, Tom Robinson and James Smith in 2013. It is the first company in the cryptocurrency industry to develop crypto asset anti-money laundering (AML) and sanctions compliance tools based on blockchain analytics, in which they are an industry leader.

Their clients are usually financial institutions like banks and crypto businesses. They also provide blockchain investigation tools and data to government agencies to help them in their investigations.

Their tools help private businesses and authorities alike to detect illicit activities by analyzing blockchain data and providing risk scores for transactions and wallets, which aids in compliance and monitoring of illicit activities.

4. OnChain Industries

OnChain Industries (OCI) is the industry leading Open-Source Intelligence (OSINT) platform for Web3 investigations, enabling expert investigators to conduct investigations and risk assessments, by searching usernames, email addresses and cryptocurrency wallet addresses across multiple blockchain networks.

The OnChain Industries platform combines sophisticated on-chain analysis with open-source intelligence (OSINT) capabilities to provide actionable insights from cryptocurrency exchanges, NFT marketplaces, blockchain explorers, Web3 platforms, and decentralized gaming environments.

The tool uses automated search features eliminate manual investigation time, allowing investigators to rapidly discover and identify connections between cryptocurrency wallets, usernames, email addresses and profiles.

Used by cryptocurrency forensics teams, financial crime investigators, law enforcement agencies, and compliance professionals worldwide, their platform features real-time results and a risk assessment system that identifies potential cybercrime indicators, dark market operations, fraud patterns, and security incidents.

Techniques used for Tracing Cryptocurrency with OSINT

1. Social Media and Forum Analysis

Social media is one of the easiest way to link crypto transactions to real life names. Many people usually post their public wallet on YouTube, Facebook, X etc., looking for "tips" or donations for their contributions. As soon as that wallet is posted, a direct link is made between their wallet and real world name, thus making their future transactions even less safe than using fiat.

OSINT investigators will usually scour social media platforms, forums, and dark net markets to look for mentions of wallet addresses. The information obtained can then be used to help them link wallet addresses to real-world identities.

2. Cryptocurrency Exchanges (CEX) and KYC Data

Cryptocurrency exchanges are by default required by to implement Know Your Customer (KYC) protocols for all their customers, which collect real world user identification data. By a court order or an authorities request, exchanges can be asked to hand over all the data that they have. This helps investigators link wallet addresses to individuals or organizations easily.

As your real name is directly linked to the addresses provided for your use in an exchange, it goes without saying that any transactions from an exchange are not secure. Blockchain transactions are also historical. If your currency is consistently routed through an exchange to a cold wallet, a direct link can be made from your cold wallet, to your exchange wallet, to your identity which investigators are able to trace very easily.

3. Transactions Pattern Analysis

Analyzing crypto transactions patterns can reveal suspicious behavior, such as frequent transfers to mixing services or known illicit addresses. If you consistently route your coins through an exchange to a cold wallet or a mixer, a pattern can be established which can then be used to infer ownership and real world identity. 

Advanced tools like Chainalysis and OnChain Industries automate this process for investigators and researchers by flagging high-risk transactions, and this makes work easier for the people involved since their workload is immensely reduced.

4. IP Address Tracking

IP address tracking has been used by investigators and law enforcement officers for a long time, which can make it very valuable and necessary when doing crypto tracking.

Investigators often trace the IP addresses associated with crypto transactions to help them in determining the location and possible identity, with help from ISPs. This technique has been useful for identifying the geographic location of wallet owners. With it, law enforcement officers can conduct accurate analysis and help nab scammers and fraudsters. In fact, the owner of Silk Road was traced using his IP address, which was associated with crypto activity.

Final thoughts.

Blockchain analysis and tracking has played a key role in recent civil and criminal trials, including the recent conviction of FTX founder Sam Bankman-Fried, who embezzled customer funds.

Tracing crypto with OSINT is a necessary skill in the fight against financial crime. Tools like Chainalysis, Elliptic, and OnChain Industries have revolutionized the field and enabled investigators to uncover illicit activities and hold bad actors accountable. 

As crypto and Web3 continues to evolve, so too must the tools and techniques used to trace them. By leveraging OSINT and advanced blockchain analysis, we can ensure a safer and more transparent crypto and Web3 ecosystem. All in all, an ounce of prevention is equal to a pound of cure.