Crypto Analytics Tools 'Wave of the Future, Dude,' Judge Quotes Cult Film in $3.6B Bitcoin Seizure Case

A newly unsealed federal court opinion emphasized the role blockchain analytics played in helping law enforcement agents find and confiscate 94,000 bitcoins stolen from Bitfinex.

AccessTimeIconFeb 9, 2022 at 5:56 a.m. UTC
Updated May 11, 2023 at 4:40 p.m. UTC

Citing a basketball star, the Dude (a character in the cult classic film "The Big Lebowski") and "Star Trek: First Contact," a federal judge praised the cryptocurrency analytics tools that helped lead federal agents to yesterday’s multibillion-dollar bitcoin trove.

In an August 2021 opinion unsealed yesterday tied to a search warrant that helped nab nearly 100,000 stolen Bitfinex bitcoins, U.S. Magistrate Judge Zia Faruqui cast blockchain tracing technology as a powerful tool to meet probable cause requirements.

CoinDesk acquired a copy of the memorandum from a source familiar with the case.

Faruqui’s memorandum opinion – summarizing the Washington district court's approval of a search warrant for email accounts – highlights the influential role private-sector tracing software plays in the federal government's crypto investigations.

That influence was pivotal in the Bitfinex money laundering case, according to Faruqui, who has delved into crypto issues in past memoranda. He said the case agent's affidavit clearly showed how industry software techniques led his investigation to the suspects' email accounts.

Federal agents wrote that they acquired the addresses and private keys to 2,000 wallets after obtaining a warrant to search the defendants' cloud storage services. It's unclear whether this was the same warrant.

"Cryptocurrency and related software analytics tools are 'the wave of the future, Dude. One hundred percent electronic,'" Faruqui concluded, tipping his hat to Jeff "The Dude" Lebowski, the rug-loving stoner lead character in the 1998 movie "The Big Lebowski."

Faruqui, who as a former prosecutor conducted federal crypto investigations, said the tracing industry's sleuthing techniques – like clustering, which divines patterns from inherently public crypto transaction data – have emerged as "one of the most reliable bases for a search ever."

"Going 50 for 50 is beyond what could be expected of a mere human," he said, apparently referring to the success rate of clustering-derived subpoenas in the Welcome to Video investigation he helped lead (and also referencing National Basketball Association star Damian Lillard in a footnote).

Clustering techniques help investigators determine what addresses belong to suspects, according to Tom Robinson, co-founder of Elliptic, a tracing company. In a previous interview with CoinDesk, Robinson called clustering the blockchain analytics industry's "special sauce."

Indeed, legal documents released Tuesday detail Internal Revenue Service agents' focus on a "specific cluster" of crypto wallet addresses that led them to Ilya Lichtenstein and Heather Morgan, the Manhattan couple arrested on charges of money laundering stemming from a hack of the Bitfinex crypto exchange in 2016.

Agents detailed the bitcoin cluster flow. (Justice Department)
Agents detailed the bitcoin cluster flow. (Justice Department)

"Humans are 'Flawed. Weak. Organic,' whereas clustering software strives for perfection," Faruqui said, partially quoting the 1996 film "Star Trek: First Contact."

Unfortunately for lawyerly pop culture nerds, Faruqui's spunky references aren't part of binding legal precedent. Memorandum opinions summarize court decisions; they don't set them in stone.

This one nevertheless represents a shift in how judges think about evidence derived from crypto tracing software, according to Ari Redbord, a former federal prosecutor who now leads industry player TRM Labs' policy division.

"For the first time ever, the Court analyzes the weight and reliability of blockchain evidence finding that blockchain analytics tools like TRM Labs are reliable and can form the basis of probable cause for a warrant," Redbord wrote in an email to CoinDesk.

The full extent to which IRS agents used blockchain tracing technology isn't clear yet.

IRS-CI has signed multimillion-dollar contracts with Chainalysis, Elliptic and TRM Labs; all had something to say following yesterday's news.

What is clear is that their tools have emerged a critical component of federal crypto investigations. The are powerful enough to lead investigators to suspects' doorstep and persuasive enough to yield warrants that open them.

But there's another, simpler take away from the Bitfinex hack's latest twist: Pricey software or no, it's very difficult to get away with on-chain crypto theft.

"These people were absolute F***** morons," said one source in the tracing industry. "Starting with: stealing a couple billion in the world's most transparent and traceable assets."

Read the full opinion below:


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

Danny Nelson

Danny is CoinDesk's Managing Editor for Data & Tokens. He owns BTC, ETH and SOL.

Read more about