[co-author: Mary Mack*]
Editor’s Observe: On August 17, 2022, The Digital Discovery Reference Mannequin (EDRM) below the management of Mary Mack and Kaylee Walstad, hosted HaystackID as we collectively shared an academic webcast developed to spotlight the foundational fundamentals of blockchain, cryptocurrencies, and NFTs and to current sensible issues for the investigational course of round these transactional applied sciences.
This session, led by two of the world’s main cybersecurity, info governance, and authorized discovery digital forensics consultants, John Wilson and Rene Novoa, and accompanied by eDiscovery luminary Mary Mack of the EDRM, additionally introduced an examination of uncooked information on blockchain ledgers, shared easy methods to analysis particular addresses and transactions as a part of an investigational course of, and regarded NFTs from an eDiscovery perspective.
Whereas your entire recorded presentation is on the market for on-demand viewing, offered in your comfort is a whole transcript of the presentation.
[EDRM Webcast Transcript] Issues and Challenges for Blockchain, Cryptocurrency and NFT Investigations
Presenting Consultants
+ Mary Mack, CEO and Chief Authorized Expertise, EDRM
As CEO and Chief Authorized Technologist for EDRM, Mary is a number one advocate and innovator within the self-discipline of eDiscovery. Along with her trade management roles starting from associations to suppliers, Mary is an completed creator and educator, having served because the co-editor of the “Thomson Reuters West Treatise, eDiscovery for Company Counsel” for 10 years and the co-author of the guide, A Technique of Illumination: The Sensible Information to Digital Discovery. She holds the CISSP amongst her certifications.
+ John Wilson, ACE, AME, CBE, Chief Info Safety Officer and President of Forensics, HaystackID
As Chief Info Safety Officer and President of Forensics at HaystackID, John offers consulting and forensic providers to assist corporations deal with numerous issues associated to digital discovery and pc forensics together with main forensic investigations, cryptocurrency investigations, and making certain correct preservation of proof objects and chain of custody.
+ Rene Novoa, Director of Forensics, HaystackID
As Director of Forensics for HaystackID, Rene Novoa has greater than 20 years of expertise expertise conducting information restoration, digital forensics, eDiscovery, and account administration and gross sales actions.
Presentation Transcript
Mary Mack
Whats up and welcome to the EDRM international webinar channel. My title is Mary Mack. I’m the CEO and Chief Authorized Technologist for EDRM, and as we speak’s webinar is an academic collaboration with our fantastic associate, HaystackID. All organized and organized by Rob Robinson, and the webcast known as “Issues and Challenges for Blockchain, Cryptocurrency and NFT Investigations”, and we now have as our college, John Wilson and Rene Novoa, and I’ll be introducing them in only a minute.
We welcome your questions and suggestions within the console. The Attachments tab is the little paperclip on the proper and it provides you with some extra details about HaystackID and easy methods to get in contact with John and Rene, and in addition a hyperlink to our subsequent webinar, which is one in every of our flash webinars ripped from the headlines on the deleted textual content messages from the Secret Service, DOD, and DHS, with Jason R. Barron and different consultants.
And so, on the finish of the webinar, on the high of your console, you’ll see slightly hyperlink and it provides you with a certificates of attendance for as we speak’s webinar to make use of in your persevering with ed.
Now our college. We’re so happy to welcome John Wilson, Chief Info Safety Officer and President of Forensics at HaystackID. Moreover consulting and forensic providers to assist corporations deal with numerous issues associated to common eDiscovery and pc forensics. He has been doing cryptocurrency investigations since 2013, and making certain correct preservation of proof and chain of custody, and all of these issues. And Director of Forensics for HaystackID is Rene Novoa. He’s bought greater than 20 years of expertise expertise with information restoration, digital forensics, eDiscovery, and he’s labored with a few of the finest and most refined organizations (ICAC, HTCIA, and IACIS). He’s effectively versed in each civil and prison forensics.
And we’ve bought fairly an agenda, don’t we, John? We’re going to cowl the gamut right here from the start of what’s blockchain, and what sorts of digital belongings, and John, why don’t you inform us slightly bit concerning the journey you’re going to take us on via crypto?
John Wilson
Sure, completely. So we’re going to first discuss simply blockchain on the whole, what it’s and what meaning in cryptocurrencies and digital currencies and digital belongings, and we’ll run via these issues, and what are a few of the widespread makes use of and the way they’re used and misused? Why there’s a necessity to really get in to start out investigating them and do forensics round them? After which some parting ideas and feedback round, effectively, for those who’re concerned in a case, how have you learnt if digital belongings are even in play in a case, or if it’s a problem, and so some steerage round a few of that stuff, ideas and methods, issues that you may take a look at to get slightly deeper into determining what you really must know.
Mary Mack
Nicely, that’s good. So John, what’s Blockchain? And let’s simply get slightly little bit of a grounding on it.
John Wilson
Sure, sounds nice. Thanks, Mary. So Blockchain, you’ll be able to consider it as a ledger, like an old-school accounting ledger, and it information all these transactions. The massive distinction is that ledger is public, so everyone has entry to the ledger, everyone can see what transactions have occurred. Now, these transactions are recorded anonymously, or pseudonymously. It’s mainly the transactions recognized as belonging to a crypto hash, which is the general public deal with that any explicit pockets owns, and in order that’s all you’ll see in relation to it, and also you’d must do different issues to determine who owns that. If you will get that found out, and we’ll discuss rather a lot about that as we get slightly additional. However actually key issues to know is it’s a public ledger. It tracks all of the cash in, all of the cash out, all of the coin actions, and it’s all traceable. You possibly can observe the transactions on most blockchains. There’s some caveats whenever you begin speaking about privateness, crypto-coins, that do issues slightly in another way.
Once more, it’s nonetheless a public ledger, however understanding the quantities and the values and stuff like that will get slightly totally different in a few of these. And primary public communicate, you’re coping with a public ledger, the transactions are traceable, and so they’re immutable. That’s most likely one of many key traits to know, is the immutable nature. In order transactions are recorded into the blockchain, they go into blocks, and therefore the title blockchain, after which every block needs to be verified, and there’s a time mechanism and a crypto-algorithmic mechanism that enables for that to happen, and so the subsequent block builds on all of the earlier blocks. So for those who return and also you have been to change any of the knowledge in any of the transactions in a previous block, it might invalidate the blockchain itself. It might invalidate it as a result of the hashes would not match, after which the hash is the important thing construction for transferring from block to dam to dam because the blocks progress, and in order that’s the actually key factor to know whenever you’re speaking about blockchain expertise, whether or not you’re speaking a few logistics provide chain, otherwise you’re speaking about cryptocurrencies or good contracts, is it’s an immutable ledger, and for those who strive to return and alter something, it’s going to interrupt.
Now, as I stated, there’s a couple of ledger. Every cryptocurrency, every blockchain is its personal ledger. So Bitcoin, Ethereum, Monero, Sprint, Shiba, no matter cryptocurrency you wish to discuss, or an NFT tokenized blockchain, lots of them are constructed on Ethereum, however every blockchain has its personal ledger, and that ledger is distinct and separate from every other ledgers. If we’re speaking concerning the Bitcoin blockchain, you’ll by no means see an Ethereum transaction in a Bitcoin Blockchain. Any individual may take Bitcoin via an alternate and convert it to Ethereum, however there could be entries of that Bitcoin being exchanged to another person who’s then offering the money worth for these Bitcoins, after which, in flip, taking that money worth and buying Ethereum, so that they present up independently on their separate blockchains.
Rene Novoa
Hey, John, I believe one factor to additionally point out is that it’s decentralized. There isn’t a one centralized location the place all that is saved. It’s distributed as a distributed community so that everybody on the community has a bit of the Blockchain, so it can’t be managed by one entity or not.
John Wilson
Sure, nice level, and really legitimate. That’s why you’ll hear individuals discuss a 51% assault. If anyone can take over and management over 51% of the community, that’s how they will begin writing code that might probably change a blockchain. It’s very troublesome. Once you begin speaking about Bitcoin, there are actually thousands and thousands of nodes which might be working the Bitcoin software program and collaborating within the Bitcoin community, and so they must take over a really massive share of these. The identical factor with Ethereum or any of the opposite blockchains. The place that idea can get slightly extra fascinating is whenever you begin speaking about non-public ledgers the place monetary establishments, as an example, which have a worldwide presence, might need their very own non-public blockchain to maneuver cash or belongings from their US entity to their EU entity, to their APAC entity, these sorts of issues, and so it’s a a lot faster mechanism than going via the SWIFT Switch Community to really effectuate these transfers, and people are non-public blockchains. In order that they’re not a public ledger, they’re non-public that you need to have entry and authentication as a way to really acquire entry to even see the community, not to mention really run a node or take part within the community and people kinds of issues. So quite a lot of considerably difficult ideas, however we’ll delve deeper as we go additional into this.
The final parting factor right here is it’s not only for managing belongings. The blockchain, it does logistics, so one of many nice tales is a logistics chain involving a poultry producer, and thru a non-public blockchain that they run, they will really verify the place an egg is delivered from, then the place it will get boxed, the place it will get shipped out to a retailer, the place it goes into the shop, what retailer location it really will get delivered to, and all the way in which right down to whenever you take a look at on the grocery retailer on the checkout counter to know that you’re the purchaser of these eggs, in order that then when a salmonella incident happens, or another contamination incident, recall incident happens, they will really monitor all of it the way in which again to, hey, listed here are the 4 hens that laid the eggs that have been on this carton. It’s actually wonderful, however definitely it’s not monitoring an asset like a cryptocurrency or bodily belongings or no matter, whereas the good contracts, they’re additionally not a digital asset, however they’re a digital asset illustration of bodily belongings typically, resembling there are some locations which might be utilizing it for titles to trace property and titles, and people titles will be moved in a a lot faster and rather more traceable style. You possibly can very clearly see the titles owned by particular person X, financed by particular person Y. Okay, the financing was paid off into that good contract, and now the title is owned free and clear by that particular person, and now they wish to title switch to the subsequent particular person and the subsequent particular person, the subsequent particular person. It’s actually intriguing stuff.
Rene Novoa
However John, the blockchain and the expertise is predicated on protocols and guidelines. So irrespective of the way it’s used, why it’s trusted is as a result of these guidelines and people circumstances are very set. It solely will be added to. It can’t be manipulated, it can’t be deleted, or subtracted. It’s simply grown from one chain to a sequence. That may be protected to say, on this case, appropriate, on something that we’re monitoring, whether or not you’ve coated good contracts, NFTs, or crypto, this entire focus is certainly on financial worth of what individuals give it some thought. However in your instance of the egg and monitoring, it truly is that the belief that that egg made to this particular person for the salmonella, is as a result of these protocols and guidelines are simple, and so they’re trusted. So the expertise is trusted. So nonetheless this expertise is used, you’ll be able to really feel safe ultimately consequence.
John Wilson
Sure, completely appropriate, and really a fantastic assertion. The entire premise behind blockchain and the rationale blockchain works is it’s based mostly on the precept of belief, and you need to have belief within the community, and even within the worth. So Bitcoin, the one purpose Bitcoin has worth is as a result of individuals have belief in it, and so they’re prepared to alternate in it, and so they’re prepared to make use of it, and that units the worth. If individuals’s belief will get eroded, in the event that they suppose anyone’s found out a method to break the community, or they suppose anyone has gained entry to it, then that belief will go down, the worth would go down correspondingly, and that’s why a lot of the cryptocurrencies constructed on blockchain that you just see within the market are very risky. They’ve very massive actions of their values typically. It’s not unusual to see a 5, seven, eight, 10% swing in a worth in a day, and typically there’s a stablecoin or Tether that was tethered to the US greenback that dropped from being well worth the US greenback right down to 10 cents in a single day, and it’s—
Rene Novoa
It’s really down two cents as of yesterday, as a result of I did search for Tether USD. So it’s down to 2 cents for what was value $1 just lately.
John Wilson
Sure, precisely, and so it had that massive drop in a single day, after which it’s continued to erode as a result of, once more, that essential assertion, the belief was damaged. So as soon as that belief is damaged, then the entire key component of a complete of blockchain is having that belief within the community, having that belief, and so we’ll discuss concerning the various kinds of digital belongings to offer you an thought of what’s on the market. We’ve talked a few good little bit of this already, however you’ve got digital currencies, cryptocurrencies, NFTs (non-fungible tokens). NFTs have actually taken off in reputation and have turn out to be an enormous funding market within the final say 12 months to 2 years. Actually, it’s taken off within the final 12 months or so. However NFTs, most are constructed on the Ethereum community. Not all. There are a number of networks which have the power to construct NFTs, however NFTs are mainly taking a digital one thing, tying it to the blockchain via a wise contract, or the coding, after which with the ability to assign possession and monitor that possession inside the blockchain, for these non-fungible tokens. It’s a very intriguing idea. You’ve bought loopy issues that occur within the NFT market. Some artists are making extra money in single transactions than they’ve made of their complete profession as a bodily artist, versus being into the digital realm, after which there’s a bunch of challenges, and we’ll begin speaking about all that as effectively.
After which much like digital forex, or cryptocurrency, you’ve got stablecoins. These are additionally cryptocurrencies. The important thing factor with a cryptocurrency is, once more, it’s tied to utilizing that encryption algorithm to stability it towards that community, however stablecoins have been pegged or backed by another actual asset, whether or not that’s US {dollars}, euros, gold, or no matter different actual asset you wish to have it pegged to, and so then that’s anyone going past the belief of the community to say, so we now have the belief of the community, and never solely that, I’ve the purpose to say that these cash are going to be value $1 every in perpetuity, they’re at all times going to be value $1 every in US {dollars}, or in gold, or in euros or no matter forex it’s pegged to.
Rene Novoa
It’s nonetheless a promise to pay or a promise to have that preserve that worth.
John Wilson
Proper. In order that they’re making an attempt to have the fiat backing idea. Fiat forex is your paper currencies, your governmental currencies which might be run by your nation or your authorities, and your authorities says that, hey, our forex is backed by the great religion of the nation, or it’s backed by gold deposits, or it’s backed by silver deposits, or no matter it could be, and so it’s making an attempt to increase that idea into the cryptocurrencies, which will be actually fascinating, and as we have been speaking about Terra, Terra was speculated to be a stablecoin pegged to the US greenback. That belief was damaged. They didn’t have sufficient forex to really again it at that pegged $1 worth, and therefore the forex worth now could be two cents.
Rene Novoa
Sure, I believe they unpegged it to attempt to change the backing is the place the belief broke down. In case you don’t thoughts, John, do you thoughts if I am going again to 1 factor?
John Wilson
Sure, no, completely.
Rene Novoa
I simply wish to be certain that we contact on the digital forex versus the cryptocurrency. With the digital forex, quite a lot of that will not be in a public ledger. So after we discuss forex, just remember to perceive between the digital and the crypto. Digital forex, an instance could be like, if anyone has teenaged youngsters who’ve requested for V-Bucks, $20 will get you 1400 V-Bucks. There’s a worth to purchase different situations, to have their characters to look nonetheless they’re going to look, John Wick or no matter my child is asking me for, however as managed by builders of what you’re buying actual cash for faux digital forex, and there will not be a public ledger. There may be not a transactional function to it, like you’ve got in cryptocurrency. However digital forex, as a really generic time period, you discover that in Xbox and digital gaming, the place $20 could also be value much more inside that world, or inside that market.
So, relying on the circumstances that you just work on, for those who’re speaking about digital forex, the worth will not be one-to-one or could not scale up and down. It’ll be depending on the builders, or crypto. There may be public ledgers. There may be belief. There may be all of the issues that John has talked about that correlate with the NFTs, stablecoins, and as we get into digital coupons and vouchers, that belief that many supermarkets must guarantee that’s 15% off in comparison with 90% off, that they’re not messing with the expertise there.
So, I wished to cowl the youth a part of the online game world that I see from the digital forex that, actually, I’ve a problem with.
John Wilson
And only one final remark is digital currencies usually are not essentially blockchain. Cryptocurrencies are blockchain-based, so a very good distinction there, and thanks, Rene.
Then we begin speaking about digital coupons. So, you’ve got locations like Burger King that runs a blockchain in order that they will distribute coupons, know that these coupons are genuine, in the event that they’re really offering a – “Hey, right here’s a free Whopper since you did this factor”, no matter that factor is, whether or not it’s you got 20 Whoppers otherwise you stuffed out a survey or did no matter explicit factor entitles you to that coupon – that there’s solely a kind of coupons. And that one coupon was issued to you and solely you’ll be able to redeem it, or just one particular person can redeem it, relying once more on the contractual controls put round that couponing system.
However that’s an entire nother space of blockchain that most individuals don’t learn about, and it’s very intriguing as to serving to a company set up and preserve the worth of the reductions it affords, and forestall it from being abused or watered down, and people kinds of issues.
After which the very last thing is sensible contracts. And good contracts are actually fascinating. You possibly can consider it sort of like – in a easy body, you’ll be able to consider it sort of like a merchandising machine. So, you stroll as much as a merchandising machine, you place your 4 quarters in, that meets the standards. It offers the $1 worth that you need to put into the machine to will let you choose the button to get the merchandise at a selected slot. And so, you place in your 4 cash, you say, “Hey, I need the sweet bar on B3”, and I push the B3 button and the machine says, “Okay, sure, I’ve bought the cash, I now know what you’ve requested for, I’m going to ship it, I’m going to spin the coil, I’m going to ship B3 and I’m going to drop it down into the bucket and you may attain in and seize it”.
Good contracts are, at a quite simple stage, precisely that. It’s important to have that worth enter, you need to meet the necessities of the enter, which is reaching a certain quantity of worth or offering a sure piece of data. That, in flip, triggers the contract to run and the contract does no matter it says, whether or not it’s so simple as “Hey, I’m going to simply output X, no matter X is, as a result of that’s what you place the worth in for”, or it’s going to – they are often considerably extra difficult, but it surely’s all again to that very same programmatic worth.
And the important thing factor to know round good contracts is as soon as that worth standards is met, when you’ve achieved no matter triggers the contract, it robotically runs. There’s no method to cease it. That blockchain is coded and programmed to execute when you obtain A, B is robotically going to occur. There’s not a method to cease that from occurring exterior of stopping the blockchain or breaking the blockchain itself.
Rene Novoa
However John, that’s why there needs to be verification, appropriate? As a result of whenever you put these cash in, they should be US cash or no matter cash the machine takes. You possibly can’t put overseas cash as a result of it’s not been verified, after which it gained’t be verified on the blockchain.
So, even for those who’re saying cash, it’s very particular on the cash, and it makes certain that it’s verified to have that worth to then transfer on to the subsequent step. So, simply since you feed it cash, it must be the precise cash, it must be the precise traits to then be verified that it actually is $1, not simply because I put in – since we’re within the US – 4 Canadian quarters or totally different distinctions of cash, that it’s not a penny, it’s really 1 / 4 that represents a greenback to then be verified via the expertise withinside the merchandising machine to then go onto the stage to finish the contract.
John Wilson
Sure, that’s precisely appropriate. So, I give the straightforward instance of the merchandising machine, however in actuality, the merchandising machine is definitely doing fairly a bit. It’s much more difficult than it sounds. Since you’re placing within the coin and it’s evaluating, “Okay, what coin is that this? Okay, so this can be a quarter, after which wait, now you place in a nickel, and in order that’s a nickel”, and it has to validate that that coin matches the traits for that specific coin and that you just’ve achieved no matter worth or inputs are required.
Once more, good contracts can get extraordinarily difficult and complex. They will do quite a lot of issues. One contract may kick off 30 different actions which might be going to be tracked on that blockchain. It’s not a easy factor.
Mary Mack
So, John, this auto-executing when you meet the standards and also you fund it, there’s bought to be some mechanisms for ensuring that the entity or the people which might be kicking off a course of have company and management over – and acceptable management over – the downstream results if it could actually’t be stopped.
John Wilson
Once more, good contracts are solely nearly as good because the programming that creates them. It’s a giant subject of debate is what if a programmer packages a flaw into the good contract. And there have been assessments and examples of exploiting these flaws and making a wise contract set off since you’re assembly the standards via the exploit versus the programming. So, it’s sufficiently difficult. You’ve gotten to have the ability to really dive into understanding – I might suggest for those who’re making an attempt to do one thing via good contracts, just remember to have a validated contract, you’ve examined towards all the sting and fringe circumstances, and validated that it could actually’t be exploited and have anyone, unexpectedly, a automotive title transferred to them although they haven’t paid the amount of cash or aren’t in a position to really buy the automotive. Say, an eight-year-old managed to get on a blockchain and purportedly pay the cash, once more, quite a lot of sophistication in good contracts and so they’re solely nearly as good because the programmer that’s created them. So, you need to guarantee – because the group that’s launching that good contract – that you just’ve achieved your due diligence to make sure that your contract’s solely going to execute whenever you really intend it to execute.
Rene Novoa
And one different instance of good contracts, after we get extra into NFTs is that the NFTs is a type of a wise contract as a result of one thing needed to occur with regardless of the digital artifact is, and it’s tracked again to a person person or to an deal with. So, there are various kinds of the merchandising machine so far as NFTs, as what is taken into account a wise contract as a result of one thing needed to have occurred, one thing needed to be created, and needed to be assigned to an deal with or to a person.
Do you wish to transfer ahead to the makes use of of digital belongings, John?
John Wilson
Sure, so now we’re going to speak about why we begin having this curiosity in it, and why you may want to really get into investigations, and what fraud could happen.
Digital belongings are utilized in some ways, in some ways which might be very respectable, legitimate causes to be utilizing them. And there’s quite a lot of exercise that’s not so legitimate. Once more, the blockchain is only a ledger and it’s simply monitoring what’s occurring. So, individuals have… totally different industries have began to undertake it, so that you do have quite a lot of prison exercise, quite a lot of the early cryptocurrency curiosity/exercise was pushed by the darkish market, by the darkish internet the place individuals have been “Hey, I’m going to go purchase these medication or do no matter illicit factor I wish to do and pay for it. I’m shopping for bank card info or no matter at the hours of darkness market”. And the darkish market entities have been taking the cryptocurrencies as a way to alternate cash with out having to lift to the extent of financial institution involvement and forex involvement.
That’s modified. It’s continued to develop as a result of there’s quite a lot of financial institution and investigatory authority involvement in quite a lot of the blockchains now. However go forward, Rene.
Rene Novoa
No, I’m simply saying the principle purpose for the prison facet was the decentralization of the cash and the digital belongings. It couldn’t be stopped. They might not freeze the cash switch, the alternate of cash for items or digital belongings for items.
And once more, belief may be very, very massive on this. In case you’re going to offer anyone Bitcoin or no matter cash of digital belongings, the expectation was to obtain. Sadly, within the prison elements, both weapons or medication or no matter illicit type of bank card info, there nonetheless needed to be the belief that adopted utilizing this expertise to keep away from detection since you’re hiding behind a digital deal with (your precise deal with) that’s linked to you, but it surely’s very untraceable, and really arduous to hint in lots of circumstances. However that’s a good way to launder cash, to maneuver massive quantities of money into different areas, into different nations, or into different types of forex.
However because the marketplaces – like Silk Street was highly regarded, that introduced quite a lot of consideration on how digital belongings might be used. Now we have to know that as a result of it’s decentralized, it was very arduous to trace these people and it required quite a lot of time and vitality simply to determine the place this cash was going.
Mary Mack
If it’s public, but it surely’s arduous to hint the entities which might be utilizing it, what’s the influence of the sanctions on that Twister Money program that scrambles the account info in being sanctioned?
John Wilson
In case you’ll give us a couple of minutes, we’ll deal with that Twister Money idea. Let’s discuss concerning the events concerned first.
Once more, simply to sort of construct on what Rene was speaking about, once more, it’s a decentralized public ledger however it’s, in most situations, pseudonymous. Pseudonymous implies that, mainly, you’ve got the crypto key, that’s their public deal with, and that’s the one factor you’ve got. You don’t know who owns that or who has that.
Now, as you begin entering into extra present environments, quite a lot of the exchanges, any of the US-based or any of the exchanges that carry out transactions within the US are required to do what’s known as KYC (Know Your Buyer). So, they do really must get a social safety quantity and validate the identification of the person, and so they do have some monitoring. However that’s not all exchanges.
Some exchanges are run solely out of locations which might be much less respected, much less regulated, and don’t have any controls round that. So, there are nonetheless exchanges the place individuals can go and purchase cash, and maintain that pseudonymity with out giving up their private identification to the alternate that they’re shopping for via.
That covers the prison gambit. Now, we begin speaking about why would a enterprise really wish to take care of cryptocurrency. So, you’ve got quite a lot of companies like a Subway or one thing the place you’ll be able to really go purchase your subs with Bitcoin. They’ve realized that there’s lots of people which have Bitcoin and so they wish to take part in that. They made a enterprise resolution. It’s a legitimate enterprise case, it permits for rather more instantaneous settling. They really get the Bitcoins in 10 minutes to a half-hour usually when you’ve got a transaction happen on the blockchain versus a bank card settlement that may take them 72 hours to really obtain the funds. So, there’s legitimate causes.
Tesla was taking Bitcoin for some time. They stopped taking it. They began taking it. I’m undecided the place they’re really at as we speak. And there’s a bunch of different corporations. You should buy Microsoft software program with Bitcoin.
Rene Novoa
I believe even Burger King – was rewarding prospects through the use of the digital coupons – have been giving out Bitcoin as rewards. I believe that they had 2 million dogecoins and most of the people have been getting at the least one or two dogecoins per transaction in the event that they used the app. So, it was additionally a reward to assist attempt to get extra individuals concerned. But it surely’s the expertise of belief and the concepts of with the ability to have these exchanges to maintain this alive.
I believe it was final 12 months, that they had so many cash that they have been giving out from Bitcoin to Ethereum and to dogecoin and, clearly, nearly all of it was doge, as a result of it was very low cost and so they have been in a position to unfold it out. And relying on the utilization, you could be rewarded in the identical manner that folks have been rewarded with cash via mining – which we’ll get into – it was appearing nearly like its personal… the entire gambit of the cryptocurrency within the blockchain course of.
John Wilson
So, then you definately begin speaking about now we will acknowledge and see that an entity may wish to take cryptocurrency, as a result of it’s a big market, particularly within the youthful demographics. So, it’s available, and they also wish to take part in that community.
Now, you even have companies which might be shopping for cryptocurrency to have a stockpile within the occasion – as a part of their incident response in ransomware administration. These entities is perhaps shopping for some Bitcoin or some Ethereum or no matter to have as a hedge within the occasion that they’ve an occasion happen, and they should pay a ransom, they now have that forex accessible.
Or then you definately even have “Hey, Firm X buys Firm Y. Firm Y has cryptocurrency, whether or not it was via trade, via purchases, transactional stage cryptocurrency involvement, or if it was in a hedge fund or no matter”. So, now, Firm X now has Bitcoin, and so how do they take care of that? It’s substantial worth, and it has a valuation. Actually, it fluctuates, however there’s a valuation to it. And so, companies can definitely wind up proudly owning a bunch of cryptocurrency in that regard.
So, you definitely can’t cease trade from utilizing it. And now, we’ll begin speaking concerning the geographic points round it. So, you’ve got locations like China that restricts individuals from buying sure cryptocurrencies. They wish to management and know what cryptocurrencies individuals are utilizing. So, they prohibit the power to buy or conduct transactions, so they really simply block the community, so the networks can’t run inside the nation’s web infrastructure.
Now, in fact, individuals can bypass that, going into VPNs and different stuff, in order that isn’t an absolute reply. In case you’re working right into a geographic problem with web investigation, there are methods individuals can accomplish issues.
After which you’ve got your traders and your day merchants. That is the place it will get actually fascinating and sticky from an investigation standpoint as a result of lots of people are going out and so they have a Robinhood account, and so they’re buying a bunch of Bitcoin, and a bunch of Ethereum via Robinhood. They’re not really logged or tracked on the blockchain. Robinhood is definitely shopping for these Bitcoin, and it’s in a pockets that’s managed or owned by Robinhood. Robinhood has an inside buying and selling ledger the place they are saying, “Hey, this buyer owns XYZ of X Bitcoins or X Ethereum or no matter”, and in order that’s how they monitor and know the way a lot Bitcoin you really personal. That particular person buying it there’s not really registered on the blockchain.
And so, actually essential to know the differentiation between anyone that’s purchased via a buying and selling funding firm-type alternate, versus a Coinbase or a Binance or somebody that’s an precise true blockchain possession alternate.
Rene Novoa
With these exchanges like Robinhood, you’re in a position to immediately be capable to flip that into money and into your account, which is now regulated that banks can see, you will be taxed on that, appropriate?
So, that’s one of many massive variations after we go to money out, since you don’t personal the precise blockchain, Robinhood is definitely then rewarding you with no matter you promote inside their alternate, as a result of you don’t personal a part of the blockchain. You’ve gotten a bit of what they personal, and they’re then rewarding you into your financial institution accounts.
So, the excellence of you going to Coinbase or whatnot, whenever you go to money out, then there are extra challenges that it’s not really easy that does require a number of further steps. Versus Robinhood, let’s simply promote, it goes into my account, I now have X quantity of {dollars}.
Would you disagree or agree with that?
John Wilson
No, I agree. So, I’m going to handle a few questions actual fast. Now we have some viewers questions.
The primary one is how do you inform – the way you’re telling a cryptocurrency is a cryptocurrency, is what I believe the query is.
And once more, that’s via the investigative course of. If anyone is saying they purchased V-Bucks or no matter it’s, you’ve bought to exit, do the analysis, decide the place that forex got here from, what {the marketplace} is as a way to decide if it’s a cryptocurrency or not.
The following query is “Do all exchanges preserve the KYC?”
It isn’t obligatory in all overseas nations. There are some nations, different nations just like the UK, typically, the EU that do have guidelines and rules round it, and preserve some type of KYC necessities for exchanges that function in these nations. However it isn’t a requirement in all nations, and that’s a key factor to know as a result of it’s actually essential if you determine that the forex went via Coinbase, that you may exit and you are able to do a subpoena to Coinbase for the knowledge. The possession of a selected deal with versus if it was via another overseas alternate, you could not be capable to get that info.
So, how do you establish the Robinhood transaction within the blockchain?
Once more, it’s pseudonymous, so you would need to take that public deal with within the blockchain and do the analysis. There are instruments that we use that preserve some ranges of attribution. It might say, “Sure, this explicit public pockets is a sizzling pockets at Robinhood or it’s a chilly storage at Robinhood”, these kinds of issues. However once more, not a assure that that info can be there. It’s important to try this analysis and try this legwork. And we’ll get into that, that’s sort of the place we’re headed.
So, we’ve sort of gone via this slide already, speaking about quite a lot of the use circumstances for blockchain and the way it’s used. You’ve bought micropayments, and bigger funds, and decentralized finance (DeFi). Once more, there are quite a lot of respectable makes use of. There’s additionally quite a lot of non-legitimate makes use of. You’ve bought to have the ability to attempt to perceive whenever you’re confronted with an investigation, determining was this a respectable use or an illegitimate use, might be a key place to begin and goes to assist present numerous quantities of data. If it’s a respectable use and bonafide trigger, you could not have success getting a subpoena to exit to Coinbase and get KYC info for an deal with versus illegitimate use, it’s a lot simpler to exit and say, “Hey, I must know who used this deal with”.
So, cryptocurrency, once more, we did discuss it is vitally risky. At present, it’s at about 1.15 trillion globally with over 20,000 totally different cryptocurrencies buying and selling on the assorted platforms out within the market. And that is simply public cryptocurrencies. There are non-public – once more, we talked about having non-public blockchains the place a monetary establishment or logistics chains and stuff like that, these usually are not accounted for right here. However what’s actually essential to know is six months in the past, that was 2 trillion. So, there’s been a big attrition over the previous few months, as the worldwide financial system has gone into decline. There’s been a big attrition within the worth of the cryptocurrencies within the market.
Rene Novoa
Is that why you see three and our as stablecoins, John, as a result of they’re in a position to preserve their worth barely?
John Wilson
The explanation that Tether and USD Coin are actually excessive on the checklist is as a result of that’s the currencies that monetary establishments are placing into their buying and selling portfolios, into their funding portfolios as a result of these are extra secure, they’re not as risky. And so, that’s why they’re buying these.
Bitcoin was the primary. Every little thing round blockchain and cryptocurrency began because the Satoshi Nakamoto paper. And most everyone is aware of that Bitcoin was the primary, and it’s by far the biggest and highest belief cryptocurrency within the market. Ethereum, definitely giving it a run for its cash. However you’ll be able to see it’s nonetheless solely 50% of the Bitcoin market.
Rene Novoa
I believed it was an fascinating truth to have the stablecoins so excessive because the trusted. They’re not all created equal. Once we discuss Terra, it’s right down to 2c that we talked about earlier than. So, one thing to keep watch over.
John Wilson
We already sort of talked about – and once more, I wish to maintain this gorgeous conversational and never studying from slides, however there’s quite a lot of entities, quite a lot of respectable companies which might be utilizing cryptocurrencies. And you may see a few of these logos right here simply to offer you a fast sense of enormous Fortune 100 corporations which might be concerned within the blockchain utilization.
Rene Novoa
Not less than the expertise, I believe, we talked about in all these corporations, not just for buying however really for monitoring and logistics that although they’re highly regarded, we could not be capable to purchase Starbucks with cryptocurrency. However I believe it’s very fascinating to quite a lot of these massive firms on the expertise of belief and possession.
John Wilson
Sure, appropriate. And so, then we talked concerning the non-fungible tokens being – actually, that’s one of many rising areas. Lots of people have taken curiosity and suppose that they’re a fantastic funding and so they’re shopping for them. And you may see that 2021, there was 22 billion in that market. 2022 is definitely going to be increased. And you’ve got quite a lot of massive manufacturers. You’ve gotten Gucci making purses which might be digital-only and you should purchase them solely as an NFT, which is insane, however it’s what it’s, and individuals are shopping for it. So, there are some those who suppose it has worth.
Rene Novoa
What’s the challenges there, John? If I took an image of Gucci and created my very own NFT as a result of I took an image of my very own Gucci purse or pockets and I’m saying that I personal that piece of digital artwork now that I’ve created off an image, or my very own Gucci purse, or bag, or sun shades, or whatnot. There are some challenges to that, as a result of now I really personal it on the blockchain and I’m able to promote it as an NFT, however do I actually have that possession?
John Wilson
There’s an enormous authorized market that’s going to come back up round that I believe. You’ve bought a very fascinating well-known instance which is the film Pulp Fiction. Quentin Tarantino directed. He offered a sequence of NFT tokens that have been stills from the movie on the blockchain as NFTs and offered them, and so they did very effectively. Lots of people purchased them, and so they commerce them, and their worth has gone up very considerably. And the studio has now gone again and stated, “Hey, we personal the rights to the movie, due to this fact, we personal the rights to these images from that movie that you just’ve placed on the blockchain. You don’t even have possession”. And that’s nonetheless being fought in courtroom. So, will probably be fascinating to see the place that lands.
As a result of at the moment, if I’ve an NFT market that’s prepared to just accept no matter I put up there and has no validation round it, I can take an image of a Gucci purse and put it up there and say that that’s my NFT that I’m promoting. It’s going to get assigned a worth, and it could be nothing or it could promote effectively if individuals suppose it’s distinctive sufficient.
Rene Novoa
So, what you’re saying is I can have my very own Gucci market that I may then promote NFTs, so long as it’s accepted. They might not all be accepted, and that’s the problem as as to whether these marketplaces are respectable or not.
John Wilson
Proper, and the challenges of trademark and copyright and all of which might be definitely going to come back and possibly come quick and livid. But it surely’s actually intriguing stuff to see the place that’s going to go and the way it’s going to go.
Once more, it’s constructed on blockchain, comparable ideas, you’ve got to have the ability to go take a look at that public ledger and observe the possession of an merchandise, see who has it. And now, they’re speaking about makes use of of the objects and with the ability to say, “Hey, I personal it, however different individuals can use it”. There’s this open licensing mannequin that individuals are speaking about. There’s quite a lot of fascinating issues occurring with NFTs. It’s a really, very younger market.
Cryptocurrencies are nonetheless very younger. They’re nonetheless of their infancy. NFTs are seedlings, they’re not even in infancy but.
As we’re beginning to wind down, I wish to get into the investigative stuff. We did discuss concerning the stablecoins. Stablecoins are usually backed by some type of bodily asset or fiat forex. We talked rather a lot about that already. Actually, in case you have questions round that, be at liberty to achieve out and we’re comfortable to reply them.
Equally, we went fairly deep into the good contracts already. We talked about – mainly, a wise contract is programming, it’s written to sit down on high of a blockchain, and will get transacted on the blockchain. The contracts execute, the code executes based mostly off of a block being accepted and validated, et cetera.
Rene Novoa
And once more, we talked about it, NFTs are an instance of good contracts as effectively.
John Wilson
That’s appropriate. So, why would you really begin entering into an investigation of a Blockchain or a crypto investigation? And what could be the drivers?
So, insurance coverage claims. “Hey, I used to be ransomwared, I paid a ransom of 500,000 in Bitcoin or 500,000 U.S. greenback equivalency in Bitcoin”, and so they’re eager to be reimbursed for that via the insurance coverage firm. Cyber losses. Companies go bankrupt and the CFO decides that – he might imagine that no one is aware of concerning the Bitcoin that the corporate had as a result of they simply had this little hedge and it’s not on any of their stability sheets, it’s probably not tracked wherever, so he goes and transfers it to himself.
We had an precise case of that that we labored on the place it was an insolvency, the corporate went bankrupt, the corporate acquired one other firm, that firm owns some Bitcoin, it was within the ledger, after which the corporate went bankrupt. And the CFO stated, “Oh, effectively, no one is aware of that there’s $700,000 value of Bitcoin sitting right here, so let me simply put that into my sizzling pockets and transfer that forex round, and spend it alone accord”. We did ultimately monitor it down and determine that that’s what had occurred.
You even have circumstances the place a decedent passes away, owns a bunch of cryptocurrency. You might need assistance entering into these wallets and really monitoring what cryptocurrencies that particular person owned, in the event that they didn’t preserve a very good ledger, share good info with their household about that. That’s one other kind of case that we’re often engaged on.
And in addition, valuations. The corporate says, “I’ve Bitcoin”, and also you’re buying the corporate and that forex as we speak is valued at 200,000 US {dollars}, and then you definately shut the next Friday and Bitcoin’s taken a giant dip, and unexpectedly, your Bitcoin is just value $150,000. There might be a valuation problem, and so that you’ve bought to have the ability to decide the dates and transfers. It will get much more difficult.
After which, clearly, the prison exercise, the fraud and the corruption. It’s a standard car for laundering cash. We talked about Twister Money, individuals used Twister Money so they’d steal some Bitcoin or purchase Bitcoin via nefarious channels. They need to have the ability to legitimize it and spend it, so that they put it via Twister Money to clean the forex. That’s known as a glass or a spinner.
And tumblers are typically thought of unlawful by the US Authorities and another governments. And usually, their main goal is to obfuscate the supply and origin of the forex, which is just about the definition of cash laundering.
Rene Novoa
It does get fairly fascinating when they can tumble or twister from one forex to a different, not solely tumble it but in addition convert it from Bitcoin to Ethereum after which again to Bitcoin, tumbling every time, which makes it even excessively more durable to trace, and turns into a much bigger investigation as they attempt to obfuscate our investigation or our methods to trace that cash.
John Wilson
Sure, and particularly as they begin transferring into taking that forex via a glass a number of instances and presumably involving privateness cash.
Privateness cash are a lot more durable, by design, to trace the transactions, as a result of they robotically, by the character of them, do seeding and issues to stop the power – if I put a greenback in, it doesn’t come out on the opposite aspect as a greenback to the individual that I’m making an attempt to ship a greenback to. They could get 5 transactions that whole a greenback, and so with the ability to put all that again collectively turns into rather more difficult.
Making an attempt to get us wrapped up right here. I do know we’re right down to the previous few minutes. A number of key phrases to know.
Wallets. You’ve gotten {hardware} wallets, software program wallets, and also you additionally want to know a chilly pockets versus a sizzling pockets. A sizzling pockets is mostly linked, it’s on the web and will be transacted with readily, the keys can be found.
Rene Novoa
Coinbase is an instance of a few of these different transactional locations.
John Wilson
And so, then you definately even have chilly wallets. Chilly wallets is extra just like the paper pockets or chilly storage the place they don’t maintain it on-line, it’s not accessible till I plug it again in. There’s no method to authenticate a transaction with that chilly pockets with out it being moved on-line.
Understanding the general public deal with, the non-public key. The non-public secret is what authenticates anyone to have the ability to spend the forex in a cryptocurrency. Principally, in case you have the non-public key for a cryptocurrency deal with, you personal that cryptocurrency, you are able to do no matter you need with it.
So, if Rene wrote is non-public key down and left it on his desk, I can then go transfer his forex, spend it, do no matter I need. Once more, as soon as it’s moved, it’s moved. It’s within the everlasting blockchain ledger.
Rene Novoa
Decentralized, there’s no method to come again. There’s no insurance coverage. There’s no refund or a reimbursement. It’s all on the market. So, you’ve actually bought to take management and have safety, particularly take these dangers with the recent wallets which might be simply attacked on-line by passwords and e mail addresses and credentials.
John Wilson
The exchanges. We already talked concerning the exchanges like an funding dealer alternate maintains its personal non-public ledger of the forex values. Solely their wallets present up on the blockchain.
We already talked concerning the privateness cash and the explanations that’s essential, and the keys.
The final key subject right here is mining. Mining is the method of fixing the system for the subsequent block. So, the entire transactions get put right into a block, they get revealed out to the community, to the nodes of the community, after which the nodes then course of it and attempt to remedy for the hash. The hash is mainly the knowledge in that block, plus the hash of the final block. And so, it takes all of that info and creates a brand new hash. And you need to remedy for the proper hash. There’s a mathematical system to it, and it has a certain quantity of complexity required. There’s a certain quantity of compute energy, and that’s what creates new Bitcoin or new forex on the blockchain, in addition to the transaction charges associated to all of the transactions in that block.
Rene Novoa
if it’s making an attempt to be cheated, for those who attempt to reduce the system, it gained’t be verified. It will likely be quite a lot of wasted time, and vitality, and computing energy, as a result of it won’t be verified, so it won’t be accepted. That’s why the belief may be very, crucial and the expertise is essential, that everybody is trusted and it strikes ahead as a result of that’s the one manner you’re going to be rewarded with charges and for the subsequent block.
John Wilson
And so, the final display I wished to indicate right here is a few instance of RegEx searches, so in case you have an investigation or you’ve got a case and also you suppose there is perhaps Bitcoin or cryptocurrencies concerned, right here’s some nice RegExes. You possibly can search that information, see if there’s cryptocurrency proof inside that information. You begin having hits on that, you doubtless want to start out serious about doing an investigation, most likely partaking with some professionals that know easy methods to do it or in case you have your individual inside group that may try this, then nice. However these can be connected within the slide, a fantastic useful resource for getting began.
There are a number of questions. We’ll attempt to submit solutions to the questions. I do know we’re nearly out of time. So, let’s see if I can take a look at them actually rapidly right here.
Mary Mack
Let’s do a lightning spherical. So, sure or no, “Can a crypto pockets be cloned?”
John Wilson
No, although there are methods to revive it to a brand new system, so it wouldn’t technically be a clone. You possibly can’t have two wallets precisely the identical on the similar time.
Rene Novoa
You would need to have the protected phrase to even restore it, and that’s very lengthy.
Mary Mack
Okay, however one by one. After which one other one is about transparency and privateness. “Can a 3rd social gathering monitor an NFT on the blockchain with the good contract phrases, or is it solely the events to the transaction that might try this sort of monitoring?”
Rene Novoa
So, once more the blockchains are a public ledger. You possibly can monitor it. A sensible contract, the phrases, and the processes, the programming is compiled, so it’s not simply readable, however in case you have anyone sufficiently expert, you’ll be able to perceive what a contract does.
Mary Mack
Superb. After which “Are there instruments that can assist you establish a selected crypto utilized in against the law or would you return to the RegEx?”
John Wilson
So, there are instruments. We do use instruments to hint wallets and stuff. We use issues like CipherTrace and Chainalysis are a few the massive standard ones. Maltego is one other one. It’s open supply, however a lot more durable to make use of and you need to construct your individual attribution and stuff like that. So, there are instruments. The instruments can be found to assist help with these investigations. They’re very dear and really refined, so it requires a fairly good quantity of studying and information to make the most of the instruments as effectively.
Mary Mack
And this can be the identical query. Once you take a look at anyone’s deal with – let’s say they put it on their Twitter deal with with a .eth on it or one thing like that – are there instruments to seek for transactions with that specific account?
John Wilson
Sure, there are. Once more, those self same instruments. There are additionally open supply instruments. You possibly can go to blockchain.org and do a hint of Bitcoins or Ethereum. There are a number of public ledger parsing instruments, so you’ll be able to put in a pockets, that deal with, and really see present worth, all of the transactions they’ve been concerned in, and issues of that nature.
Mary Mack
Good. So, I see your contact slide right here, John and Rene. As a result of we’re at time now, so we thank each of you, our fantastic associate, HaystackID, with a shout out to the good Rob Robinson for sharing your experience with us. That is an rising subject and it’s clearly high of thoughts for a lot of, many people.
So, take a look at the Attachments tab for extra info on HaystackID and easy methods to get in contact with John and Rene and the group and above the webinar window, a hyperlink can be there for you for a obtain in your certificates of attendance.
We thank all of you in your sort consideration and nice questions, and tune in subsequent time on the EDRM International webinar channel.
Thanks.
John Wilson
Thanks.
Rene Novoa
Thanks.
Mary Mack
Thanks guys.
About EDRM
Empowering the worldwide leaders of e-discovery, the Digital Discovery Reference Mannequin (EDRM) creates sensible international sources to enhance e-discovery, privateness, safety, and data governance. Since 2005, EDRM has delivered management, requirements, instruments, guides, and check datasets to strengthen finest practices all through the world. EDRM has a global presence in 136 nations, spanning 6 continents. EDRM offers an revolutionary assist infrastructure for people, legislation corporations, firms, and authorities organizations searching for to enhance the follow and provision of information and authorized discovery with 19 energetic initiatives. Be taught extra as we speak at EDRM.web.
*EDRM
