# Last edited on 2014-04-22 13:42:38 by stolfilocal
# not posted yet

I wonder if the anonimity of bitcoin addresses could create risks of misidentification of address owners by the police, even for people who have never used bitcoins.

Suppose that a "bandit" X generates an address A1, deposits a pile of "dirty" bitcoin in it.

X then makes some small purchase from a retailer, pretending to be some other person Y who has nothing to do with the matter, and pays in bitcoins out of address A1 to the retailer's address A2. Then X moves the rest of the dirty coins from A1 to a tumbler etc.

While following the trail of the "dirty" bitcoins, the police gets to address A1, notices the transaction to address A2, that they recognize as belonging to the retailer. From the retailer's record of the purchase, they conclude that Y must be the owner of address A1 and hence of the "dirty" money.  

The bandit X could choose the innocent decoy Y so that the suspicion would seem plausible -- eg. someone not very bright and with criminal background, large debts, drug addiction, etc.  

The bandit X could do the same with dozens of decoys, to get the police bogged down into checking dozens of false leads.  

Is this risk significant?

Criminals already use this trick with bank accounts.  However, the risk for bandit X very high in the bank version, because he must steal Y's identity when creating the bank account A1.  On the other hand, Y would have a good chance of proving that he did not create that account nor order the transfers out of it.

With bitcoin addresses, however, the risk for X is very small, while Y has no way of proving to the police that he is [i]not[/i] the owner of address A1.   His only hope is that the police can track the purchase order and/or the bitcoin transaction requests and determine that they could not have been issued from any computer that Y could have accessed.