It knows that in some way/shape/form the old address is associated with the new address, so most likely it is the same entity, or a transaction partner. Bitcoin is not supposed to be anonymous, and very unsuitable for use-cases where you want any kind of anonymity guarantee.
But it can be used anonymously and probably in some industries is still used anonymously. A counterparty that is willing to swap anonymously acquired and sent altcoins for Bitcoin can provide a privacy conscious individual with anonymous Bitcoins.
If using proxy-chains, Tor, or a real person in another country to broadcast your trade isn't your cup-of-tea because you don't trust them, there is still another less practical way. If you secretly give someone your Bitcoin private key (for example: written on a small piece of paper), you can give or trade those Bitcoins to someone without the network knowing about the transaction.
>so most likely it is the same entity, or a transaction partner.
Conceivably, the transaction could be broadcasted from an important individual's hacked phone or computer without a trace. This is where being innocent until proven guilty becomes important.
> A counterparty that is willing to swap anonymously acquired and sent altcoins for Bitcoin can provide a privacy conscious individual with anonymous Bitcoins.
Not if amounts are tracked, rather than addresses. "oh look, this gal X just lost 5.3876BTC and gained 3.76549ALTCOIN, and this other dude Y just gained 5.3876BTC and lost 3.76549ALTCOIN. Geeze, I wonder if they traded."
And with the proper graph theory tools, much more complex interactions could be tracked.
The first problem here is that there is no link between the identities across the two currencies. You don't know that X lost some BTC and gained some altcoin. You just know that some BTC was transferred from X to Y and some altcoins were transferred from Z to W—completely different addresses. You also don't know precisely what exchange rate was used, and a privacy-minded service would round to a small number of significant digits (5.4BTC for 3.8ALT) rather than using exact, traceable figures. A proper mixer would probably also use fixed denominations and send each piece to a different address over a randomized timespan.
It's still not immune to tracing, obviously, but it's a much harder problem than just looking for symmetric transactions.
The simplest system, though, is probably just to spend some BTC renting time on a mining rig. It doesn't have to be profitable, just break even. Newly mined bitcoins have no official history to show who paid for the mining.
> It's still not immune to tracing, obviously, but it's a much harder problem than just looking for symmetric transactions.
"And with the proper graph theory tools, much more complex interactions could be tracked."
> The simplest system, though, is probably just to spend some BTC renting time on a mining rig. It doesn't have to be profitable, just break even. Newly mined bitcoins have no official history to show who paid for the mining.
> "And with the proper graph theory tools, much more complex interactions could be tracked."
So you've said, and I already agreed that it isn't impossible. But do you have any real-world examples where someone followed reasonable OPSEC (fixed denominations, mixers, randomized timing) and still had their transactions successfully traced via these "proper graph theory tools"?
Who would have published such an example? When we deal with opsec, we have to consider what is possible, rather than what has been done in the past. We have to do better than merely "locking the house after the thief has gone".
Typically that would be either the academic researcher attempting to prove that their investigation technique works, or the prosecutor looking to use the results of such an investigation as evidence in a trial.
> When we deal with opsec, we have to consider what is possible...
Anything is possible. Even ideal encryption algorithms—other than one-time pads—have some non-zero probability of being broken within a reasonable timeframe by a brute-force search, but that doesn't make them useless. As long as it's not cost-effective to trace the transfer, that's enough. It doesn't need to be mathematically impossible.
> or the prosecutor looking to use the results of such an investigation as evidence in a trial
I'm inclined to believe in the possibility of parallel constructions being used to cover up the best sources of intel.
> Anything is possible.[...] As long as it's not cost-effective to trace the transfer, that's enough. It doesn't need to be mathematically impossible.
And here, I think it is probably cost-effective to come up with that technology, because it would allow tracing people and transactions that might otherwise be impenetrable. And, if that were the case, I don't have a hard time imagining that it would be of utmost importance to keep such technology under wraps.
But again, at this point it seems like we're comparing pessimism to optimism.
> I'm inclined to believe in the possibility of parallel constructions being used to cover up the best sources of intel.
So am I, to a point, but even if they prefer not to disclose their actual methods (and are willing to commit perjury) they can't exactly hide the results. And others wouldn't have any incentive to keep their successes hidden.
> ...I think it is probably cost-effective to come up with that technology...
This isn't a matter of "technology" where some R&D spending up front is likely to lead to a method of cheaply tracing funds. If such a method existed then the system would indeed be broken; it would be akin to finding a critical weakness in an encryption scheme. Barring design flaws, however, the idea is to make all the transactions look the same so that even using your best graph theory tools you can't narrow down the possibilities enough to reasonably investigate all of them. That's what I meant by "not cost-effective": When there are 50 transfers that fit the parameters then you can investigate them all, but if there are 50,000 plausible trails to investigate then that effort would only be worthwhile in very high-profile cases.
> If such a method existed then the system would indeed be broken
Yes, I think that is the fundamental problem with depending on 'mixers' against state-level actors. We both agreed earlier that the tech is theoretically possible. It seems like we're disagreeing about whether someone exists who is motivated enough to build the tech, and whether that person is also motivated to keep their tech under wraps.
> the idea is to make all the transactions look the same so that even using your best graph theory tools you can't narrow down the possibilities enough to reasonably investigate all of them
I just don't get the impression that it's successful. There's a lot of 'metadata' that could be used to narrow the candidates down: geography, time, transaction amount, method of accessing the exchange (API / browser / desktop app ), age of wallets - I don't know which is specifically relevant here, but there's a lot of similar information which could be used to narrow the possibilities down, and most of it could probably involve 'fuzzy logic'. I just don't think that a threat model which includes state-level actors should ignore the possibility that transactions could be traced through mixers.
By the way, I'm really enjoying this discussion. Thanks for playing. :)
