Methodology

Flags outputs matching common round BTC or satoshi values. Round amounts typically indicate the payment (not change), letting an observer determine fund flow direction.

Identifies which output returns funds to the sender using address type matching, round amount analysis, and output ordering patterns. Also detects the critical case where outputs are sent back to an input address (self-send), revealing the sender's exact balance. Correct change identification enables multi-hop tracing.

If a transaction spends multiple inputs, all inputs are assumed to belong to the same entity. This is the foundational clustering heuristic - the single most powerful tool in chain surveillance. Applied transitively across transactions to build massive address clusters.

Detects Whirlpool (5 equal outputs at known denominations) and WabiSabi/Wasabi (large input/output sets with equal-value groups) CoinJoin transactions. CoinJoin is the only heuristic that increases the privacy score.

Measures how many valid input-to-output mappings exist. Higher entropy means more ambiguity for adversaries. Uses exact enumeration for small transactions and structural estimation for large ones.

Examines fee rate precision and RBF signaling. Round fee rates and specific RBF patterns help identify wallet software, reducing the anonymity set.

Identifies embedded data in OP_RETURN outputs - protocol markers (Omni, OpenTimestamps, Counterparty, Runes, Ordinals) and arbitrary text. Permanently visible metadata that distinguishes the transaction. Impact stacks with multiple OP_RETURN outputs.

Identifies wallet software through nLockTime, nSequence, BIP69 ordering, and low-R signature grinding. Approximately 45% of transactions are identifiable by wallet software from structure alone.

Flags tiny UTXOs (under 1000 sats) as potential dusting attacks - an active surveillance technique where adversaries send small amounts that, when spent alongside other UTXOs, link addresses via CIOH.

Examines transaction timing patterns including broadcast recency (unconfirmed transactions risk IP correlation), locktime anomalies, and stale nLockTime values that can fingerprint wallet software.

Checks whether inputs and outputs use the same script type. Mixed script types (e.g., P2WPKH input with P2TR output) make change detection easier. Uniform script types improve ambiguity. Also flags bare multisig outputs.

Parses wrapped multisig inputs (P2SH/P2WSH) to determine M-of-N configuration and detect escrow patterns. Identifies 2-of-2 escrow (P2P exchange or Lightning), 2-of-3 escrow (cold storage or P2P exchange), and HodlHodl fee address matches.

Identifies mining reward transactions and their privacy implications for the recipient.

Evaluates whether the transaction has meaningful equal-value output groups that provide plausible deniability.

Detects peel chains where small amounts are repeatedly peeled off a large UTXO across multiple hops.

Identifies UTXO consolidation transactions that link multiple addresses to the same wallet.

Flags transactions where a single input could have funded the payment, revealing additional wallet UTXOs.

Identifies Whirlpool tx0 premix transactions that prepare UTXOs for CoinJoin rounds.

Detects lexicographic input/output ordering (BIP69) which narrows wallet identification.

Identifies BIP47 payment code notification transactions.

Identifies patterns typical of exchange deposits and withdrawals.

Identifies coin selection algorithms (knapsack, branch-and-bound, FIFO) that fingerprint wallet software.

Analyzes witness stack structure, signature types, and depth patterns for wallet fingerprinting.

Detects addresses that have received funds in more than one transaction. Address reuse is the single most damaging privacy behavior - it creates deterministic, irrefutable links between all transactions. Carries the harshest penalty, scaling with the number of reuses.

Evaluates the UTXO set for count, value distribution, dust detection, and consolidation risk. Large UTXO counts represent future privacy damage if consolidated carelessly.

Assesses the address format: Taproot (P2TR) hides script complexity, ideal for multisig and contracts. P2WPKH (native SegWit) has the largest anonymity set, excellent for single-sig. Legacy (P2PKH) and wrapped (P2SH) leak more information.

Address-level analysis of spending behavior including transaction volume, UTXO turnover rate, and counterparty diversity. High-volume addresses or accounts that never spend may indicate specific usage patterns like exchanges or cold storage.

Detects recurring payment patterns that reveal regular financial relationships.

Flags addresses with unusually high transaction counts that increase surveillance exposure.