Nick Furneaux

• CSITech

Crimes committed on the blockchain can be complex. Many investigations will be about purchases made or funds moved via a cryptocurrency, so it is vital that the analyst understands precisely how transactions are prepared, transmitted, processed, and stored. This chapter explains what a transaction is and how it is constructed as well as understandi...

This chapter focuses on Bitcoin wallets. For each cryptocurrency, numerous types of wallets exist that can work on desktops, mobiles, and tablets. Some of these wallets connect to the blockchain remotely, while others maintain a complete blockchain locally. The chapter explores the different types of software wallets: full node wallet, thin node wa...

This chapter looks at ways by which corporate, law enforcement, and other investigators can take cryptocurrency addresses and use that data to try to locate their suspect in the real world. Finding a suspect in the real world from blockchain transactions can be very challenging, and unless the investigators are able to make legal requests for infor...

This chapter considers when and how to seize cryptocurrency assets. Police forces, government agencies, and private investigation firms are currently debating the correct procedures for seizure either at a live crime scene or later during an investigation. Traditionally, Financial investigators (FI's) are long‐time police officers with financial tr...

Understanding the blockchain in a conceptual way can help an analyst better comprehend how criminals might leverage the technology to either facilitate a crime or hide their activities. This could be illegal purchasing, money laundering, or carrying out a fraud of some type—which can all be achieved on a blockchain system. This chapter explains how...

This chapter explores what can be learned using online resources as well as how one can locally open and analyze a wallet that is recovered from a computer. A good digital investigator learns to look at data from two perspectives: a literal interpretation, and for what the data can infer. Clustering is a technique where one can gather a set of data...

Over the past few years, the term cryptocurrency has become a well‐used term in financial circles, new business plans, and news headlines. This chapter examines the concept, the history, and the uses for cryptocurrencies and looks at how to set up a Bitcoin trading node. Users of a cryptocurrency such as Ethereum, Bitcoin, or others are encouraged...

This chapter deals with some of the fundamental math that underpins a cryptocurrency. Hashing introduces one‐way algorithms that are used in many areas of a cryptocurrency. The chapter then extends the concept of a one‐way algorithm into the creation of a derived public key from a private key. The process of how a public/private key system works is...

Traffic sniffing and network protocol analysis are specific skills that need to be learned and practiced. This chapter discusses how carrying out any type of traffic intercept is probably illegal in corporate, law enforcement, and other investigators’ country unless they own the data, have approval from the owner of the data, or are working as a go...

Visualization software helps corporate, law enforcement, and other investigators by graphically displaying the paths from transaction to transaction, making it easier to analyze the transmission of coins. This chapter introduces visualization tools, many of which are free to use. Many of the online blockchain viewers have a visualization option. Th...

This chapter explores the ways by which one can manually follow transactions through the blockchain and how one can do this in a structured manner. It focuses on the techniques to attempt to cluster addresses together into a single owner. Change addresses are often dynamic in that they are generated by a modern wallet when a transaction is built. M...

This chapter presents few examples that provides a reasonable sample of the possibilities one may encounter. A person may be using a cryptocurrency to buy goods online that are illegal. In the same manner as someone buying illegal goods, a trader in illegal merchandise may come to the attention of the authorities for different reasons other than us...

This chapter covers the ability of some cryptocurrencies to encode contracts within a transaction. This feature, especially of contract‐based cryptocurrencies such as Ethereum, has led to companies releasing tokens based on the blockchain, which hold the promise of some reward when the business performs well. Bitcoin and its derivative cryptocurren...

Mining is a fairly straightforward process that usually uses specialist equipment to solve hashing problems. It is unlikely that investigators will stumble across a crime that involves mining specifically, but they could get involved in investigating fraudulent mining software, power stealing, or other crimes. Proof‐of‐work is the concept of findin...

This chapter helps the corporate, law enforcement, and other investigators to learn how to find and then acquire cryptocurrency keys in a variety of situations. It shows how to approach premises searches, what to look for, how to find known addresses online, and how to search for addresses in downloaded websites. The chapter looks at how to find ad...

This paper provides an introduction to the discipline of Computer Forensics. With computers being involved in an increasing number, and type, of crimes the trace data left on electronic media can play a vital part in the legal process. To ensure acceptance by the courts, accepted processes and procedures have to be adopted and demonstrated which ar...