Key Points:
The entity has purportedly been gathering data since March 2018 and has used a variety of 812 different IP addresses to conceal its identity.
0xB10C calls the entity LinkingLion because the IP addresses from three IPv4/24 ranges and one IPv6/32 range connect to listening nodes on the Bitcoin network, and these IP address ranges are all announced by AS54098, LionLink Networks. However, the ranges belong to different companies based on ARIN and RIPE registry information.
This behavior may indicate that the entity is trying to determine if a particular node can be reached at a particular IP address.
Fork Networking and Castle VPN are US-based companies owned by the same person. Fork Networking offers hosting and colocation services, while Castle VPN is a VPN provider. Linama UAB is a Lithuanian company with no web presence. Data Canopy is a US-based company offering cloud and colocation data centers. Since the connections from these IP ranges share very similar behavior, 0xB10C assume they are controlled or rented by the same entity.
0xB10C stated that about 15% of the time, LinkingLion doesn’t close the connection immediately. Instead, they either listen for inventory messages that contain transactions or send a request for an address and listen for both inventory and address messages. They then close the connection within 10 minutes.
The behaviour indicates that the entity may be recording the timing of transactions to determine which node first received a transaction. This information can then be used to determine the IP address associated with a particular Bitcoin address. According to 0xB10C, the entity can use that information to link broadcast transactions to IP addresses.
0xB10C is the developer of several Bitcoin analytics websites, including Mempool.observer and Transactionfee.info. They have also been awarded a Bitcoin developer grant from Brink.dev in the past.
To help protect the community from this privacy threat, 0xB10C has produced an open-source ban list that nodes can use to ban LinkingLion from connecting to them. However, the entity could circumvent this ban list by changing the IP addresses it uses to connect. In 0xB10C’s view, the only permanent solution to the problem is to change the transaction logic within Bitcoin Core, which developers have so far been unable to do.
DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
Join us to keep track of news: https://linktr.ee/coincu
Harold
Coincu News
Polymarket user identified only as "wallet mobile" has just made an astonishing bet of $10…
Binance CEO Richard Teng stated that Western companies will benefit most due to regulatory influence.
The Cyprus Securities and Exchange Commission announced that the Cypriot Investment Firm (CIF) FTX license…
The VanEck Pyth ETN, backed by assets stored in cold storage with Bank Frick, has…
Swift, UBS Asset Management, and Chainlink have completed a proof-of-concept that would settle tokenized fund…
Abu Dhabi, United Arab Emirates, 5th November 2024, Chainwire
This website uses cookies.