When blockchain analytics gets it wrong: how Chainalysis proposes to split the analysis into two levels of evidence
One and the same cryptocurrency address received two completely opposite assessments from different analytics systems: from an ordinary gambling service to an extremely severe criminal offense. This story has become the starting point for a broader conversation about what the scientific standards of blockchain analysis should look like — and why errors in systems like these can shape the fates of real people.
01.07.2026
5
12 min
0
Methods of blockchain analytics and the investigation of crimes involving cryptocurrencies and digital assets have quickly given rise to ready-made models that specialists follow. Yet these methods are not always beyond reproach. Chainalysis recently ran into just such a case. GetBlock AML Research publishes the details of a case that raises new challenges for cryptocurrency compliance.
One address, two conclusions: from an online casino to crimes against children
One day, a client came to Chainalysis with an unusual problem. Two different blockchain analytics services had given completely different answers about one and the same address that had been receiving cryptocurrency funds.
The first system identified the address as belonging to an online gambling platform. The second concluded that the same address was tied to the distribution of child sexual abuse material. This was not some harmless discrepancy — like whether an address belongs to one crypto exchange or another. The difference between the two conclusions was fundamental.
In one case, the assumption was that the person was simply placing bets on a gambling site. In the other, that they might be purchasing one of the most severe forms of illegal content. After looking into the situation, the specialist immediately understood why the discrepancy had arisen.
How to handle suspicious transactions: A complete guide for crypto companies
FinCEN requires crypto companies to provide authorities with detailed information about suspicious activity — from wallet addresses to users’ IP data. Regulators are increasingly focusing not on the number of reports filed, but on the quality and investigative value of those reports.
If the analysis is built purely on the search for statistical matches, small, regular transfers of identical size can look almost identical regardless of the activity behind them.
The behavior of a person routinely topping up an account on a gaming site and the financial activity linked to far more serious crimes can leave a similar digital footprint if only the surface-level characteristics of the transactions are considered.
But drawing conclusions this serious based solely on outward similarity is extremely dangerous. Accusations of this kind cannot be built on nothing more than the coincidence of statistical patterns, without additional evidence to back them up.
The problem is compounded by the fact that the people making decisions based on such analytical data are often unable to independently verify its accuracy. If an analytics system reports a particular conclusion, it is often taken as an established fact.
With sound methodology, that level of trust can genuinely be earned. But in this case, the trust was misused, and the consequences of such an error could have been extremely serious.
How Chainalysis built a scientific approach to blockchain analytics
Only a few years ago, there was no single, correct method of blockchain analytics. There were no textbooks. No professional standards. No organizations to certify specialists. Recognized methodologies were virtually nonexistent.
Every task that came up amounted to a new research problem. And the tools being built were not meant for a narrow circle of specialists in blockchain architecture. They were being used by people who were not required to have a deep understanding of the technical workings of distributed networks, but who made decisions every day based entirely on the results produced by these analytical systems.
Among them were law enforcement officers building the case files for criminal investigations. Financial compliance specialists making decisions that could cut a person off from access to their own money. Prosecutors presenting evidence in court.
How cryptocurrency transactions are tracked in 2026: a real investigation case
A cryptocurrency transaction became the key lead in an investigation that resulted in the arrest of a daycare worker. Here’s how law enforcement agencies are working with digital assets in 2026.
That is why the same academic approach that was used to study distributed computing systems was applied to the development of these analytical methods. Every method had to withstand independent scientific scrutiny.
If a methodology could be defended before the expert community, it was considered fit for use. If it could not, it was abandoned — no matter how attractive it might have looked in practice.
Particular attention was paid to drawing a clear line between what could genuinely be proven on the basis of blockchain data alone and what required additional intelligence obtained from external sources.
For every method, the possible failure scenarios and the ways of guarding against them were mapped out in advance. The foundational level of the analysis was treated not as a set of heuristics or lucky guesses, but as a fully-fledged scientific discipline.
If you spend years proving the correctness of complex computing systems under every conceivable condition, you cannot simply release a new tool into production and hope it turns out to be reliable.
It has to be built in such a way that its reliability can be proven in advance. A rigorous approach is a philosophy, not a temporary phase. As the industry has developed, the quality standards for analytics have not become any more lenient. New blockchain architectures have appeared. The number of transactions in the networks has grown almost exponentially. The methods used to carry out transactions have become steadily more complex.
Yet the baseline requirements for the reliability of the analysis have remained unchanged. Internal processes have been refined. Verification tools have improved. Quality control methodologies have been expanded. But the minimum standard has never been lowered.
Blockchain without borders: a complete guide to tracking cross-chain transfers
Cross-chain swaps are now the backbone of the crypto economy—but they’re far more complex than they seem. Even with transparent blockchains, many transactions can only be traced with a degree of probability.
United States v. Sterlingov and the Daubert standard: methodology on trial
A particularly telling moment was the trial in United States v. Sterlingov, in which the methodology in use was put through a full examination under the Daubert standard — one of the strictest criteria for assessing the admissibility of scientific evidence in U.S. federal courts.
On every criterion under review, the methodology was found to meet the court's requirements. Another important development was a study carried out by researchers at Delft University of Technology in cooperation with law enforcement.
The work carried out one of the few empirical tests of the accuracy of blockchain address attribution, based on real data obtained after the seizure of infrastructure belonging to criminal groups. The results of the study were published without any restrictions. That kind of approach was seen as a natural part of the scientific process.
Any serious discipline has to be ready for independent external scrutiny of its findings. It is that kind of openness that makes it possible to tell scientific methodology apart from mere claims of reliability.
How the blockchain analytics industry began drifting away from strict standards
As the blockchain analytics market has grown and new players have entered it, changes have been occurring more and more frequently that give serious cause for concern. Little by little, the definitions on which analytical conclusions were built have started to blur.
Results produced by machine learning algorithms have increasingly come to be treated as incontrovertible evidence, even though by their very nature they are only probabilistic estimates.
Over time, clients have started turning up with questions about the quality of the analytical data — questions that should never have arisen in the first place if the methodologies in use had been built on a solid scientific foundation.
The story of an address that was simultaneously tied to both gambling and crimes against children became the most striking example of such problems. But it is far from the only one. Cases like this have kept coming up again and again.
Why blockchain analytics needs a common professional vocabulary
For all its rapid development, blockchain analysis remains a young field of knowledge, and the underlying distributed ledger technology is relatively new. But the main problem is not that investigators, financial regulators, or courts fail to grasp every technical nuance of the blockchain.
Are there “dirty” USDT? We take a detailed look at the issue
What is the status of USDT stablecoins involved in criminal activity? And how does Tether combat the illegal circulation of its coins? We explain in this article
It is unrealistic to expect every law enforcement officer investigating digital asset crimes to be equally well-versed in every technical detail of how blockchains work. That is precisely why the scientific approach exists.
Science lets people rely on the results of complex research without having to dive into every technical detail themselves. In the field of blockchain analysis, though, such a system of unified scientific standards has yet to fully take shape. The industry is only just starting to converge on the principles that have long been the norm in mature scientific disciplines.
For that reason, a special document has been prepared setting out the system of concepts and criteria that is being used. The point of it was neither product promotion nor marketing. The document is a formalized description of the approaches that have been in place since the analytical platform was first built. It breaks all of the work of blockchain analysis down into individual component parts.
For each of them, its own level of evidentiary requirements is defined. In addition, the document proposes a shared professional vocabulary that lets specialists use the same definitions and, in doing so, brings greater transparency to the industry as a whole.
Two levels of evidence at Chainalysis: attribution of addresses and of owners
The proposed system splits blockchain analysis into two distinct levels. The first level answers the question of whether different cryptocurrency wallet addresses are under the control of the same owner. Such conclusions must be built exclusively on structural analysis of the blockchain and meet the strictest requirements.
The results must be:
- deterministic, meaning they always yield the same conclusion given the same input data;
- reproducible by other specialists;
- fit for independent audit;
- accompanied by known, thoroughly documented limitations and possible sources of error.
The second level concerns not the addresses themselves, but the attempt to establish which organization, service, or person may be behind them. Here, a separate system for assessing reliability is used, based on characterizing the sources of information and mandatory documentation of the reasons for each conclusion.
[Вставка: статья о группе T3 FCU]
Both levels demand a high degree of rigor. But these are different kinds of rigor. Mixing the two approaches has become one of the main reasons erroneous conclusions arise. If a probabilistic estimate starts being treated as a proven fact, the risk of serious errors follows.
That is exactly how you end up with a situation in which an ordinary online casino user is mistakenly classified as someone involved in the distribution of child sexual abuse material.
Why formalizing standards matters for the industry as a whole
Chainalysis argues that its proposal does not create any new rules. It only formalizes the principles the developers have been guided by from the very beginning, while acknowledging that the specific ways of implementing those principles continue to evolve as the technology itself develops. In effect, the work has been an attempt to put a name to the approach that has been applied in practice for many years.
All of the requirements set out in the document have long been used in the development of the analytical systems. All of the lines drawn between the different levels of evidence were defined years ago, because only that kind of approach can withstand independent scientific scrutiny.
Trust in blockchain analytics: why conclusions have to withstand expert scrutiny
The people who rely on the results of blockchain analysis do not always have the expertise to independently verify that those conclusions are correct. That is why a particular kind of trust inevitably develops between the developers of analytical tools and their users.
That places a particular responsibility on the creators of such systems. Every algorithm. Every heuristic method. Every analytical conclusion.
All of it has to be built with the understanding that, one day, the results may become the subject of thorough scrutiny by independent experts, by critically minded specialists, or by parties in court proceedings with a high level of technical expertise.
[Вставка: статья о том, как ИИ помогает криптомошенникам]
That is why an analytical system has to be capable of standing up to such scrutiny. Not because it is trusted. But because its conclusions can be backed up with objective evidence.
Common standards for blockchain analytics: an invitation to an industry-wide conversation
But confidence in the quality of one's own work is not enough on its own. The consequences of flawed conclusions produced by analytical systems affect very real people. They may be individuals caught up in criminal investigations. Users whose accounts have been frozen by automated financial monitoring systems. Defendants in criminal cases. Organizations against which serious legal decisions are being taken.
All of these people deserve for the industry as a whole — not just a handful of companies — to adhere to equally high standards for the quality of the analysis. That is why publishing formalized principles is only the first step. It is not the final answer to every problem, nor an attempt to declare the existing approach the only one possible.
Rather, it is an invitation to the entire industry to have an open conversation about common professional standards. Someone had to be the first to publicly draw the line between what can genuinely be considered proven and what remains only a probabilistic estimate. It was with that goal in mind that the definitions and evaluation criteria in use were published.
The developers are now inviting the wider professional community to help build these standards together, and in doing so to bring more transparency, reproducibility, and reliability to the analysis of the blockchain.
Useful material?
Research
The blockchain has helped uncover the ties between cryptocurrency fundraising campaigns, exchangers in Syria, and intermediaries in several countries around the world. A telltale pattern has emerged in which the same addresses were used across multiple donation drives at once
Jun 24, 2026
Research
Four Iranian cryptocurrency exchanges accounted for roughly 78% of all digital asset volume tied to the country in 2025. They have now become the focal point of the largest U.S. sanctions campaign against Iran's cryptocurrency infrastructure.
Jun 5, 2026
Research
A financial system is already up and running on public blockchains, with loans, analogues of U.S. Treasuries, and automated capital markets. More than $551 billion has flowed through DeFi protocols — but most of that activity has nothing to do with the real economy and everything to do with the speculative build-up of risk.
May 29, 2026
Research
Around 97% of Chinese suppliers of chemicals used to make fentanyl accept payment in cryptocurrency. The volume of such transactions continues to grow alongside the global market for synthetic drugs
May 22, 2026
Research
For the first time, the new law makes blockchain analytics an officially mandatory tool of financial oversight in the United States. Authorities will also gain the power to restrict transactions with foreign crypto services tied to money-laundering risks.
May 20, 2026
Research
Working with cryptocurrencies requires more than just new technology — it demands a complete overhaul of internal processes. We explain how the financial sector is learning to control digital assets and detect threats
May 8, 2026
Telegram
Twitter