Next scheduled rescrape ... never
Version 1
Last scraped
Scraped on 20/08/2025, 11:30:36 UTC
I was browsing through the "Crypto Tracing Handbook" and I found this,
Case 2: Wasabi Coinjoin Analysis
(1) Background
A whale’s wallet private key was leaked and the funds were stolen, with the stolen assets moved into Wasabi CoinJoin. The affected user sought assistance from the MistTrack team. MistTrack conducted withdrawal analysis on the stolen funds mixed into Wasabi CoinJoin, successfully tracking and recovering the flow of the funds. Subsequently, the hacker attempted cross-chain transfers. MistTrack identified historical traces of the hacker’s addresses moving funds to exchanges and assisted law enforcement in contacting the exchanges to request evidence and apply risk controls on the relevant accounts. Later, as the hacker further transferred stolen funds to exchange-related accounts, part of the stolen funds was successfully frozen.
https://github.com/slowmist/Crypto-Asset-Tracing-Handbook/blob/main/README_EN.md#case-2-wasabi-coinjoin-analysis
This post is not a criticism towards Wasabi, I merely want to know what more the hacker could have done to make his/her transactions more untraceable. If he used the Lightning Network as another "layer of privacy", would SlowMist entirely have no way of knowing what addresses those UTXOs went once they enter LN?
Quote
Case 2: Wasabi Coinjoin Analysis
(1) Background
A whale’s wallet private key was leaked and the funds were stolen, with the stolen assets moved into Wasabi CoinJoin. The affected user sought assistance from the MistTrack team. MistTrack conducted withdrawal analysis on the stolen funds mixed into Wasabi CoinJoin, successfully tracking and recovering the flow of the funds. Subsequently, the hacker attempted cross-chain transfers. MistTrack identified historical traces of the hacker’s addresses moving funds to exchanges and assisted law enforcement in contacting the exchanges to request evidence and apply risk controls on the relevant accounts. Later, as the hacker further transferred stolen funds to exchange-related accounts, part of the stolen funds was successfully frozen.
https://github.com/slowmist/Crypto-Asset-Tracing-Handbook/blob/main/README_EN.md#case-2-wasabi-coinjoin-analysis
This post is not a criticism towards Wasabi, I merely want to know what more the hacker could have done to make his/her transactions more untraceable. If he used the Lightning Network as another "layer of privacy", would SlowMist entirely have no way of knowing what addresses those UTXOs went once they enter LN?
That document doesn't provide any proof of their claim; it is a "just trust me, bro" pamphlet, in my opinion.
👍
You're right. I'll do more research on it.
Quote
I merely want to know what more the hacker could have done to make his/her transactions more untraceable.
You are asking what else could have be done to escape with the stolen money. Are you stupid or what?
Ser, wanting the hacker to get away with the stolen money is NOT the point. Assuming that SlowMist DID trace those transactions, then that probably means that other user transactions that used CoinJoin could probably be traced too, no?
The context is, what else can users, in general, do to make their transactions harder to trace?
Original archived Re: Wasabi Wallet - Total Privacy For Bitcoin
Scraped on 20/08/2025, 11:26:19 UTC
I was browsing through the "Crypto Tracing Handbook" and I found this,
Case 2: Wasabi Coinjoin Analysis
(1) Background
A whale’s wallet private key was leaked and the funds were stolen, with the stolen assets moved into Wasabi CoinJoin. The affected user sought assistance from the MistTrack team. MistTrack conducted withdrawal analysis on the stolen funds mixed into Wasabi CoinJoin, successfully tracking and recovering the flow of the funds. Subsequently, the hacker attempted cross-chain transfers. MistTrack identified historical traces of the hacker’s addresses moving funds to exchanges and assisted law enforcement in contacting the exchanges to request evidence and apply risk controls on the relevant accounts. Later, as the hacker further transferred stolen funds to exchange-related accounts, part of the stolen funds was successfully frozen.
https://github.com/slowmist/Crypto-Asset-Tracing-Handbook/blob/main/README_EN.md#case-2-wasabi-coinjoin-analysis
This post is not a criticism towards Wasabi, I merely want to know what more the hacker could have done to make his/her transactions more untraceable. If he used the Lightning Network as another "layer of privacy", would SlowMist entirely have no way of knowing what addresses those UTXOs went once they enter LN?
Quote
Case 2: Wasabi Coinjoin Analysis
(1) Background
A whale’s wallet private key was leaked and the funds were stolen, with the stolen assets moved into Wasabi CoinJoin. The affected user sought assistance from the MistTrack team. MistTrack conducted withdrawal analysis on the stolen funds mixed into Wasabi CoinJoin, successfully tracking and recovering the flow of the funds. Subsequently, the hacker attempted cross-chain transfers. MistTrack identified historical traces of the hacker’s addresses moving funds to exchanges and assisted law enforcement in contacting the exchanges to request evidence and apply risk controls on the relevant accounts. Later, as the hacker further transferred stolen funds to exchange-related accounts, part of the stolen funds was successfully frozen.
https://github.com/slowmist/Crypto-Asset-Tracing-Handbook/blob/main/README_EN.md#case-2-wasabi-coinjoin-analysis
This post is not a criticism towards Wasabi, I merely want to know what more the hacker could have done to make his/her transactions more untraceable. If he used the Lightning Network as another "layer of privacy", would SlowMist entirely have no way of knowing what addresses those UTXOs went once they enter LN?
That document doesn't provide any proof of their claim; it is a "just trust me, bro" pamphlet, in my opinion.
👍
You're right. I'll do more research on it.
Quote
I merely want to know what more the hacker could have done to make his/her transactions more untraceable.
You are asking what else could have be done to escape with the stolen money. Are you stupid or what?
Ser, wanting the hacker to get away with the stolen money is NOT the point. Assuming that SlowMist DID trace those transactions, then that probably means that other user transactions that used CoinJoin could probably be traced too, no?
The context is, what else can users, in general, do to make their transactions harder to trace?