A while ago we talked to you about Kilos, the search engine for the Dark Web markets, putting it in close relationship with the late Grams. At one time Grams also integrated Helix, its mixing service for bitcoins. Today, however, Kilos has implemented Krumble, a service that promises to make our bitcoins anonymous. Let's see if it's true!

Kilos_banner

What is Krumble?

As we said on a few occasions, all Bitcoin transactions are tracked and will be accessible by anyone forever. Using mixing services could combine the activities of multiple subjects and carry out various apparently superfluous transactions, in order to prevent or make it difficult to associate them with their respective authors.

Kilos' administrators claim they created Krumble to protect user security more effectively than previously existing services. In particular, it seems that they have developed it for using random fees to not associate transactions with the mixer, and for waiting random intervals between transactions. In fact, always using the same fee for each transaction (expressed in sat / bytes), could make it easy to label the transactions related to the mixing service.

Krumble Presentation

Kilos' administrators also point out that the service is more effective if asked to mix a large number of coins.

How does it work?

Let's see together how to use the Krumble mixer. First we have to to enter one or more Bitcoin addresses, where the bitcoins should be sent at the end of the mixing process.

So, let's get an address where we will again receive the bitcoins that we are entrusting to Krumble to "clean them up". We will use our specially created address, 1osiNtqFFr3vi2iJMF9RtR9PtS2MLZf6B.

Krumble_destination

To create it we used the  VanityGen tool, in order to obtain a customized one. We also report a project, derived from VanityGen, VanityGen Plus, capable of creating personalized addresses for many virtual coins. In addition, we point out an Italian article that explains in detail how VanityGen works.

Once entered the Bitcoin address, click on the "Clean my coins!" button to receive subsequent instructions.

Krumble_mixing_ID

First of all, our mixing request receives an identifier which, properly inserted in the URL, will allow us to know its status even if we close the page.

Then Krumble indicates us some deposit addresses, to which we have to send the bitcoins that we want to clean up.

We must be careful not to send amounts below 0.05 bitcoins as they may be ignored.

Clean up our bitcons!

To test how the mixer works, we send some bitcoins to one of the addresses that Krumble provided to us. We chose the second one, 36Tjmat2YqhrmHFxWY2dZhjg611iUhKEm6 and sent a 0.005 bitcoin transaction.

Transaction_to:Krumble

At this point, after waiting for the transaction to have received at least one confirmation, let's update the Krumble page, to verify that our mixing request is in progress.

Krumble_update

In fact, we find the hash of the transaction that we disposed just before. At this moment, Krumble has not yet started to clean up our bitcoins, but remains on hold, until the expiring a time that is indicated to us every time we update the page. Only after that interval has passed our bitcoins will be handled.

Krumble_wait

How are our bitcoins mixed?

Once the expected time has elapsed, we see that our 1osiNtqFFr3vi2iJMF9RtR9PtS2MLZf6B address has received the sum of 0.00463294 bitcoins, with a transaction disposed a few moments after the expiry of the waiting time expected by Krumble. We immediately notice that the amount received is slightly less than the expected 0.00483755 bitcoins.

Now let's try to reconstruct the path followed by the bitcoins that we received at our address back to our initial transaction. To do this we can use the transforms of blockchain.info through the Maltego software.

Maltego_Blockchain_Graph

The result is certainly disappointing. Krumble limited himself to spending the bitcoins sent by us together with those sent by another user to the address 3QEw8rJzLJyuJoPYWsut983zH8vxrp7YqU and sending them to the destination addresses in a single transaction.

For an external observer, observing the moved amounts makes it extremely simple to determine which is the origin of the bitcoins received from our address and from the address 3ADJ9FcCASuXj2U3fFvhRMCgsUhNQkH2B2.

Conclusions

Despite the excellent premises, we were quite disappointed with Krumble. Clearly, as indicated on the service description page, in order to maximize its effectiveness, it is preferable to send multiple transactions on more than one of the provided addresses and indicate more than one output address.

By adopting these precautions the result would certainly have been more interesting, but the way Krumble works remains so elementary that it can be easily replicated manually by any user, without the need to entrust their bitcoins to third parties, losing their availability for several hours and risking not seeing them again.

In our case, we sent a single transaction and provided a single destination address to simplify our analysis. However, the mixing activity carried out by Krumble was practically limited to receiving our bitcoins on an address and returning them back to one provided by us.

After all, Krumble does not seem to be a great service from the point of view of privacy: perhaps it will not make life too difficult for investigators and analysts. However, there is no victory to sing, as today there are many alternatives to mix bitcoins in a very effective and reliable way.

Mister Serious
Post by Mister Serious
March 28, 2020
Head of the AnuBitux project. Works as a cryptocurrency analyst and in the blockchain forensics field. In the free time he develops this distro and codes with Python.

Comments