On November 5, 2020, federal prosecutors filed a civil complaint describing the seizure of 69,370 bitcoin (worth about $1.06 billion at the time of this writing) from an individual who was able to steal the funds from darknet marketplace Silk Road.
According to the complaint, the funds were stolen from Silk Road across 54 previously undetected bitcoin transactions in 2012 and 2013. As Ars Technica reported, earlier this year, federal authorities commissioned the blockchain analysis firm Chainalysis to investigate these transactions. It found that the stolen BTC was moved into two wallets (with addresses 1BADznNF3W1gi47R65MQs754KB7zTaGuYZ and 1BBqjKsYuLEUE9Y5WzdbzCtYzCiQgHqtPN) and then, in April 2013, those two wallets sent 69,471 BTC to a third wallet (address 1HQ3Go3ggs8pFnXuHVHRytPCq5fGG8Hbhx).
In 2015, that third wallet sent 101 BTC to BTC-e, a disreputable cryptocurrency exchange which itself was seized by authorities in 2017 on money laundering charges. This decision to liquidate some of the funds this way may have offered a critical clue to authorities about the real-world identity behind these transactions.
The remaining BTC remained in the third wallet until it was seized by the federal authorities. The individual that stole the funds from Silk Road and has now forfeited them to authorities is referred to as “Individual X” in the civil complaint.
This third wallet’s connection with Silk Road has been well known for some time. Because Bitcoin transactions are recorded publicly on the blockchain, the transfer of more than 69,000 BTC (the fourth-highest amount of bitcoin in any wallet in the world) from this wallet was quickly flagged because of the huge amount of money involved.
While some in the space initially speculated that this transaction was committed by Individual X to move the bitcoin into an updated wallet, it turns out that the transaction was committed by federal authorities.
They first sent 1 BTC out of the “third wallet” and into a wallet whose private keys they control as a “test transaction,” before sending the remaining 69,369 bitcoin. This method has struck some Bitcoiners as naive because 1 BTC is still a lot of bitcoin to use for a test (the authorities could have sent a smaller fraction of a bitcoin as a test instead) and, because when you send bitcoin from an address the remaining funds stored in that address are sent to a “change” bitcoin address associated with that wallet, they exposed the full amount of funds through that test.
Naturally, the Bitcoin community is curious about the real-world identity of Individual X. Few details have been released, though the government has confirmed that it does know who this is.
“According to the investigation, Individual X was able to hack into Silk Road and gain unauthorized and illegal access to Silk Road and thereby steal the illicit cryptocurrency from Silk Road and move it into wallets that Individual X controlled,” per the complaint. “According to the investigation, [Silk Road Founder Ross] Ulbricht became aware of Individual X’s online identity and threatened Individual X for return of the cryptocurrency to Ulbricht. Individual X did not return the cryptocurrency but kept it and did not spend it.”
In addition to outstanding questions about Individual X, this story has raised issues about the role of blockchain analysis in tracing previously-pseudonymous blockchain transactions, demonstrated some of the unique properties of bitcoin transactions (with $1 billion worth of funds being confiscated and confirmed by the government within minutes) and more. It’s clear that the implications and consequences of this case will develop for some time.