Blockchain Analytics Explained: Overview, Uses, and How Does it Work

The crypto market boomed in 2021, growing meteorically to peak at $3 trillion in global valuation. However, the surge in the crypto industry's growth has also garnered the interest of bad actors leading to a rise of attacks in the DeFi space. Reportedly, both the crypto and the DeFi ecosystems have witnessed losses exceeding $10.2 billion over the past year, resulting from hacks, scams and other malicious activities.

With a rapid rise in global crypto hacking incidents, increased regulatory scrutiny around circumventing crypto-related attacks, and enhanced security measures have become the need of the hour. In July 2021 both the European Commission and the United Kingdom's HM Treasury separately introduced proposals to further strengthen crypto anti-money laundering frameworks — highlighting the region’s desire to improve detection of suspicious transactions and close the loopholes used by criminals to launder illicit proceeds or finance terrorist activities through the financial system. Further, On October 6, 2021, the U.S. Department of Justice announced the National Cryptocurrency Enforcement Team (NCET), an enforcement team dedicated to investigating and prosecuting criminal misuses of cryptocurrency.

Blockchain analytics companies identify, analyze, and cluster the data available on the public blockchain to evaluate financial risks, detect illicit activities, investigate crypto crimes, and track stolen crypto amongst other things. Crypto businesses leverage blockchain analytics technology to stay compliant with global crypto regulations and to timely detect illicit and suspicious activities related to transactions. In fact, not just crypto businesses but regulators and law enforcement agencies also use blockchain analytics technology to trace proceeds from illegal activities on the blockchain. For example, law enforcement agencies are using blockchain analytics to track down ransomware payments.

What is transactional data?

In order to understand blockchain analytics, it is important to first understand the meaning of transactional data and the manner in which it is used by blockchain analytics companies. When a transaction on the blockchain is recorded, details of the transaction including price, asset, and ownership are also recorded and verified. The blockchain database is irreversible and immutable. Therefore, even when new transactions and their corresponding transactional data is added to the blockchain, the past transaction data cannot be erased.

Though the transactional data does not record identifying information of the senders and the receivers, the blockchain analytics companies can, however, trace the transactional data to find out the addresses of those crypto wallets that were involved in the transactions. A crypto wallet address is a unique string of numbers and letters — a public key— that can be used to send and receive crypto.

Typically, blockchain analytics firms analyze two types of transactional data. First, the static data, which already exists in the blockchain’s immutable data store. Second, data in motion is produced each time a transaction is created in the blockchain. The static data helps in reviewing transaction characteristics, identifying trends, predicting future events, and monitoring relationships between blockchain and other data sources such as smart contract-based supply chain solutions. Static data analysis helps in conducting AML/KYC checks, aggregating customer intelligence, fraud detection, and revenue forecasting. The data in motion is used to conduct continuous monitoring and real-time changes in blockchain transactions.

What is blockchain analytics and how does it work?

Blockchain analysis is the process of inspecting, identifying, clustering, modelling and visually representing transactional data obtained from public blockchains such as Ethereum. On a high level, blockchain analytics deals with extracting patterns from large amounts of transactional data. These firms extract transactional data by “scraping” the data from the blockchain. Data scraping refers to a technique in which a computer program extracts data from the output generated from another program. 

Blockchain analytics companies scrape transactional data from the blockchain and analyze the data by using a set of signifiers. These signifiers may include the frequency and size of a transaction, transaction patterns, irregularities in the sender and recipient information, and geographical risks amongst other factors.

In addition to address-level and transaction-level monitoring, the best blockchain analytics companies also conduct behavior-based analytics. Using behavior-based analytics, companies can monitor transaction behaviour based on the transactional history of all the wallet addresses associated with a user. To effectively identify illicit activity associated with a wallet address, blockchainanalytics providers, such as Merkle Science, take into account guidance given by regulators all around the world to include behaviors and patterns that may indicate illicit activity in their analysis. For example, Merkle Science’s Behavioral Rule Engine ensures compliance with FATF’s Red Flag Indicators for Virtual Assets, FinCEN’s Advisory on Illicit Activity Involving Convertible Virtual Currency, Singapore’s MAS PSN02 requirements, and other country-specific AML/CFT laws. In fact, our Behavioral Rule Engine allows users to tailor the tool according to businesses’ own risk and compliance policies — based on the requirements set by each jurisdiction. Additionally, our unique Behavioral Rule Engine proactively monitors transaction patterns and detects potential criminal wallets not listed on public or private databases or blacklists. 

If further investigation is needed, the blockchain analytics companies may also aggregate off-chain data to identify senders and receivers of the funds. To achieve this, these companies analyze the historical blockchain data, combined with knowledge of good and bad actors and techniques, to detect transaction patterns. 

What can blockchain analytics be used for?

• Crypto businesses can make use of blockchain analytics technology to ensure compliance obligations are met within local jurisdictions.
• Before onboarding a customer, crypto businesses may use blockchain analytics to analyze and understand the level of risk exposure attached to the customer.
• Performing counter-party due diligence in compliance with the FATF’s Recommendation 16.
• Law enforcement agencies use blockchain analytics to identify the blockchain addresses of illicit actors and track illicit funds. For instance, the Federal Bureau of Investigation made use of blockchain analytics to recover $2.3 million of the US$4.4 million paid out in the Colonial Pipeline ransomware attack.
• Blockchain analytics tools also help in preventing sanction evasion. These tools provide sanction screenings for wallet addresses that are tagged against sanctioned entities. Methods such as clustering also help identify addresses that have a high probability of being associated with said sanctioned entities. 
• Blockchain analytics also helps in understanding the market trends in the crypto industry by analyzing metrics like active addresses, transaction volume, and asset distribution.

How does Merkle Science help crypto businesses and regulators?

Existing transaction monitoring tools focus on detecting criminal activity based on a database of crypto addresses that are identified as being controlled by criminal entities. Though such methods are sufficient for tracing movements of funds from sanctioned addresses and known criminal entities, they fail to detect crime conducted using privacy coins such as ZCash, DASH,  and Monero that have various anonymity features including ring addresses, stealth addresses, lightning network, and zk Snarks.

Merkle Science’s behavioural rule engine combined with its predictive blockchain monitoring platform — Compass — enables the detection of suspicious cryptocurrency transaction patterns and facilitates the detection of criminal activities that are not performed through addresses listed on blacklists (such as examples mentioned in the FATF Virtual Asset Red Flag Indicators). Our behavioural engine covers both direct and indirect risks.

Further, Merkle Science’s enhanced blockchain investigations tool  — Tracker — supports government agencies, crypto businesses, and financial institutions in visualizing, investigating, and identifying transaction patterns that are not visible on address-based forensics. This tool allows law enforcement agencies to track stolen crypto funds —and identify exit nodes and crypto criminals — so that they may take expert, evidence-based action accordingly.

Merkle Science’s Know Your Blockchain Business (KYBB) report identifies and performs due diligence on crypto businesses and customers, while the Enhanced Due Diligence (EDD) report flags risky transactions and generates a 360-degree report on the business.