Kougar wrote:Since every transaction just adds to the blockchain moving the stolen funds around a dozen times seems rather futile.
You mix them with other plausibly legitimate bitcoins in a bunch of convoluted transactions involving thousands of address.
Ultimately traceable? Sure, in sense. Extremely difficult to practically enforce? Absolutely.
Consider this: I steal 5 bitcoins, send to address A with another 5 bitcoins that weren't stolen. I then send 5 bitcoins each from that address to addresses B & C.
Voila! Addresses B and C are both for identifiable individuals, and you can even seize them! (what luck!)
The owner of Address B, Bob, and the owner of address C, Carlos, both state that they purchased these bitcoins from Alice, the owner of Address A.
Alice cannot be found, and you are only legally entitled to claim 5 bitcoin in restitution.
Oh! We'll just split the different, 2.5 both from Bob and Carlos.
Well, OK, but what if Bob swears that Carlos is actually Alice: he BOUGHT his 5 bitcoins from Carlos/Alice. Oh! And Carlos says that Bob is Alice!
Oh my! Now we have to evaluate these claims, don't we?
And what if we only caught Bob? Is it legally justifiable to take his 5 bitcoin when, maybe, Carlos is actually Alice?
This is why "traceable" is only true in a sense: you can trace all transactions. Bitcoin isn't just legally fungible, like money (if someone steals cash from you, you're not entitled to restitution of those exact dollar bills with specific serial numbers & denominations, just the equivalent amount), it's unavoidably technically fungible too! Bitcoins don't have any independent existence and can't, they are simply balances on accounts with transactional histories.
Now, banks track account balances much the same way (Captain Ned, correct me if I am wrong here), but theoretically they don't have to. They could, for instance, issue a nominal ID for every dollar or cent you deposit and individually track those so they could answer a question of which specific dollar went where. Obviously that's an enormous headache, but it is at least technically possible. But because they don't anything remotely like that(unless Captain Ned corrects me) they are required to follow KYC regulations "Know Your Customer". That way, at least, we're supposed to know all the participants involved whenever we have to partition co-mingled funds and other such legal things.
That way Bob can't just point fingers at a numerical address as the "real culprit" and we're all just kinda stuck. Because if Bob looks upright and we can't demonstrate he isn't, the courts are going to get the shakes about taking all his bitcoin as the "stolen" ones.