Titled “An Analysis of Anonymity in Bitcoin Using P2P Network Traffic,” the paper outlines the methods researchers used to link real-time transactions of connected peers. According to the abstract:
Although numerous Bitcoin clients exist, none of them were specialized for data collection. Available clients often need to balance receiving and spending bitcoins, vetting and rejecting invalid transactions, maintaining a user’s wallet, mining bitcoins, and, perhaps most detrimental to our study, disconnecting from “poorly-behaving” peers; these were precisely the peers we were interested in. Because existing software had integrated functionality that interfered with our goals, we decided to build our own minimal Bitcoin client called CoinSeer, which was a lean tool designed exclusively for data collection.
To increase the likelihood of receiving transactions directly from their creators in a gossip protocol, CoinSeer created an outbound connection to every listening peer whose IP address was advertised on the Bitcoin network for a period of 5 months between July 24, 2012 and January 2, 2013. We actively collected all data, along with its IP information, being relayed on the network and stored it for oﬄine processing. This approach was inspired by a technique proposed by Dan Kaminsky during the 2011 Black Hat conference.
The results? While researchers were able to map nearly 1,000 Bitcoin addresses to their likely owners via IP, this was only a fraction of the total traffic. Most of the observable traffic simply did not lend itself to analysis. The researchers concluded:
If you take the proper precautions (e.g., using TOR, eWallets, mixing services), you are still very safe from our approach. Even if you take no special precautions at all, 91.4% of all traffic was not amenable to analysis.