Authors: Tyler Thomas, Tiffanie Edwards, Ibrahim Baggili
DFRWS EU 2022
Abstract
Cryptocurrency transaction forensic examinations need to guarantee completeness, confidentiality, and information integrity. Our work presents BlockQuery as a proof of concept blockchain query system for Bitcoin. BlockQuery is capable of detecting transactions generated by Hierarchical Deterministic (HD) wallets that many publicly available tools cannot find due to failures in their address derivation methods. Moreover, BlockQuery does not use third party servers as data providers and operates on a local copy of the blockchain to prevent information disclosure. Compared to other Bitcoin query tools, BlockQuery was designed from a forensic standpoint and meets all four of the defined querying criteria of being open source, confidential, automatically converting key representations, and allowing the manual adjustment of derivation depth.