加密貨幣一度被視為匿名同財務自由嘅樂土。但去到2025年,現實係你用加密貨幣,好大機會有人已經留意緊你個錢包。
全球各地嘅執法機構同區塊鏈分析公司正利用先進工具——甚至包括人工智能——嚟追蹤交易、將數碼錢包連接返現實身份。因為區塊鏈記錄係公開,每一筆加密貨幣支付都會留低痕跡,調查人員已經學識點樣追蹤呢啲痕跡。
本文會深入淺出咁介紹2025年加密貨幣監控現況:全球明查加密貨幣活動、Chainalysis等公司嘅能力、FBI及其他機構點樣追查非法資金流、AI在區塊鏈監察角色同私隱同監管嘅拉鋸戰。
全球加強加密貨幣透明度
2025年,世界各地政府都加快咗對加密貨幣世界嘅規管。國際金融犯罪監察組織FATF(金融行動特別組織)一直促請各國收緊加密貨幣轉帳規則。但進展唔平均,截至2025年4月,138個受評地區只有40個「基本遵從」FATF對虛擬資產的規範,雖然較一年前(32個)已有所提升。FATF警告,監管漏洞會產生全球性風險,因為數碼貨幣無國界,一地監管失效都會牽連全球——正如該組2025年6月報告所指出。
監管人員面對最大挑戰之一,就係要識別加密貨幣交易背後嘅「真身」。雖然所有交易都記錄喺鏈上,但只係同錢包位址掛鉤,無真正嘅名字,要追查到背後嘅人或者機構好困難。FATF指出,「世界各地政府仲持續難以識別虛擬資產交易背後嘅人士。」長期以來,呢種不透明吸引咗罪犯使用加密貨幣,例如勒索軟件幫派,毒販等等。根據Chainalysis嘅數據,僅2024年,用於違法活動嘅虛擬地址已經收到至多510億美元加密貨幣。呢啲數字引起金融監管警覺。
2022 至 2025 年間,每年加密貨幣服務被盜累積金額。2025年遭黑客和被盜金額創新高,遠超以往。
一啲牽涉地緣政治的重大加密貨幣罪案推動咗加強監察。例如:2025年2月ByBit交易所被黑,總損失達15億美元,被歸咎於北韓支持嘅Lazarus黑客集團。美國官員指出,呢啲攻擊資金會被用於非法軍事計劃,全球正努力堵塞體系漏洞,避免流向流氓政權。早於ByBit前,北韓黑客2024年已偽裝做IT工 infiltrate咗超過十間加密公司。北韓活動凸顯咗美、歐、亞監管第一步,開始全力監控加密貨幣流向。例如歐盟推出全面性監管(MiCA),以及全球推行「Travel Rule」,要求交易所對大額轉帳披露身份資料。美國監管機構同樣加強審查,目標正如美國副司法部長Lisa Monaco講:「唔可以再畀加密貨幣做罪犯嘅避風港。」
呢個大環境底下,數萬億美元加密資金已經流入主流市場,無論正當商戶抑或不法分子都用緊。問題唔係政府「可唔可以」監控,而係「做到咗幾多」,睇得幾清。答案係——2025年監察能力極高,區塊鏈監控已經係成熟產業。
Chainalysis及區塊鏈監控公司崛起
要講到今日加密貨幣監控代表,一定係Chainalysis。自2014年成立,總部喺紐約,呢間公司已成為全球政府、銀行、交易所指定嘅區塊鏈情報平台。佢主要任務係將現實世界實體同鏈上活動串連起—即將錢包主人「起底」。運用先進機器學習加上海量資料收集,Chainalysis至今已識別逾107,000個在鏈上運作嘅特定實體(包括交易所、暗網市場、騙徒等),將十億以上錢包位址分類,幫助追回約126億美元被竊加密貨幣。
咁公司點知區塊鏈上嘅「誰是誰」?一切由所謂「地面歸屬」開始—即確定某些地址同已知實體關聯。例如大型交易所公開列出比特幣存款地址,或辦案人員知某犯罪嫌疑人常用某個錢包,呢啲地址會入資料庫,成為關鍵線索。Chainalysis全球情報小組會收集大量資料(好多時位於困難存取或被制裁地區),再輸入系統,俾機器學習演算法進一步擴展。
下一步靠啟發式群組分析。區塊鏈本身嘅交易活動留下足跡,例如比特幣裡面,兩個位址一齊用作單一交易輸入,通常代表同一擁有人(常見的群組技巧)。Chainalysis及其同行會用幾百種技術分析交易,掃描數十條區塊鏈上數十億次交易,以圖樣識別位址群組,揾出可能同一實體或同一錢包。配合專屬工作流程同AI模型,仲可以偵測細微「獨特模式」追蹤資金,持續提升準確度。最終調查人員眼前唔再係一堆亂碼位址,而係標示咗「交易所X」、「暗網市場Y」、「騙徒集團Z」甚至「張三錢包」嘅分類。Chainalysis仲話,好多交易所會自願同佢哋分享地址,有效驗證群組,把私營和調查部門緊密連繫。
實際上,若你錢包曾經接觸過主流交易所、商戶或服務,Chainalysis好可能已經標記咗你部分位址或已群組起來。佢地嘅Reactor平台讓分析員可視化錢包交易圖,追蹤資金流向。例如調查員追查可疑錢包A發現佢收過5個比特幣嚟自一個標記為「勒索軟件」群組,再轉出2個比特幣去主流交易所位址—交易所甚至可能被傳召客戶資料。事實上,將鏈上資料拼湊到現實身份,正係Chainalysis目標:「去匿名」靠將加密錢包同外部資料(如KYC或公開情報)結合實現。佢哋聲稱資料準確,參與交易所每日同佢哋確認幾千個位址,而且誤差幾乎零。簡單嚟講,Chainalysis等公司就係區塊鏈世界嘅「解碼石」,將密碼地址「翻譯」成現實身份。
Chainalysis並非唯一一間,Elliptic、TRM Labs等對手都提供類似區塊鏈分析及合規工具。佢哋支持25條以上區塊鏈(如比特幣、以太坊等)及數千種代幣同NFT。隨住加密貨幣多元化,分析技巧亦不斷進化—無論嫌疑人透過比特幣UTXO方式調錢,或經Ethereum DeFi協議轉成穩定幣,工具都主動追查。現代平台仲可以追縱跨鏈洗錢—例如TRM Labs自稱可「一鍵追縱跨鏈交易」,利用超過七千四百萬個跨鏈換幣實例資料庫,協助查明換幣軌跡。如果洗黑錢者試圖經橋換幣,由以太坊換去比特幣,調查員都可以串連起來。
到2025年,加密貨幣用戶「假名外殼」愈來愈薄。單靠錢包位址或許唔會直接起底你身分,但一旦同主流加密生態有交集,就會留下線索。譬如,送錢去規管交易所時,該交易所極有可能用自動交易監控檢查來歷。交易所同加密平台愈來愈依賴區塊鏈監控以符合法規,評估入帳交易風險,包括錢包歷史、資金來源、地理位置等。高風險交易,例如之前流經已知毒品暗網錢包,就會自動標記,有需要即時審查或凍結。交易所可能要求用戶解釋、上報可疑活動、甚至封帳戶、凍結資產。根據Chainalysis指南,大部分平台最少會要求用戶提供交代,嚴重情況下立刻報告及臨時凍資。呢啲措施同2010年代初期完全唔同,現今再難做到早年咁放任。
crypto is likely to set off alarms at exchanges.
加密貨幣好大機會會喺交易所觸發警報。
Importantly, exchanges have no ability to stop a suspicious crypto deposit mid-flight (since blockchains themselves are open networks) – but once the funds land in a user’s account, they can and will prevent those coins from moving further into the traditional financial system.
值得留意嘅係,交易所係冇辦法喺一筆可疑加密貨幣存款「飛緊」嘅時候停止交易(因為區塊鏈本身係開放網絡),但一旦資金到咗用戶戶口,佢哋絕對有能力阻止款項再流入傳統金融系統。
For example, if someone sends you Bitcoin that passed through a sanctioned mixer, the exchange might lock your account when you try to cash out.
例如,如果有人發咗啲經過制裁mixer嘅Bitcoin畀你,你喺交易所提現嘅時候,有機會會被封鎖戶口。
They can freeze the funds, report the incident to law enforcement, and refuse to release the crypto back to you if it’s tied to criminal activity.
佢哋可以凍結啲資金、將事件通報埋執法部門,如果證明啲加密貨幣涉及刑事活動,更會拒絕退還俾你。
This illustrates a key point: your “anonymous” crypto wallet is not as private as you might think.
呢點反映一個重點:你以為匿名嘅加密錢包,其實冇你想像咁私隱。
The big picture of your wallet’s activity – how much it holds, where it’s been, and whom it interacted with – may be known to compliance databases.
你個錢包大致上進出幾多錢、經過邊啲途徑、同邊啲地址有聯繫,都有可能俾合規資料庫掌握。
Chainalysis itself markets a product called KYT (Know Your Transaction) used by businesses to screen transfers in real time and assign risk scores, ensuring that “on-ramps and off-ramps are aware of which addresses should be blacklisted or have funds frozen”.
Chainalysis本身都有推出叫KYT(Know Your Transaction,了解你嘅交易)嘅產品,俾企業實時篩查轉帳、評分風險,確保「法幣入金出金嘅渠道知道應該黑名單/凍結邊啲錢包地址」。
In practice, this means if your wallet has a link (even several hops away) to something nefarious on-chain, you could find your exchange account under scrutiny.
實際上,如果你個錢包同啲惡意on-chain行為有關聯(就算隔幾層),你個交易所賬戶都隨時會被調查。
Crypto entrepreneurs sometimes lament “address blacklisting” as an emerging reality akin to how banks handle suspicious fiat funds.
有啲加密貨幣創業者都會慨嘆「地址黑名單」愈來愈普遍,情況就好似銀行遇到可疑法幣一樣。
From a neutral perspective, blockchain surveillance firms cast themselves as bringing trust and safety to crypto.
站喺中立角度睇,區塊鏈監控公司自詡為加密貨幣帶嚟信任同安全。
By tracing illicit funds, they help recover stolen assets and assist law enforcement in holding bad actors accountable.
透過追蹤非法資金,佢哋可以協助追回被盜資產,幫埋執法單位拉人問責。
Chainalysis frequently publishes case studies celebrating such successes.
Chainalysis經常發佈咗好多成功案例嚟宣傳。
In one example from 2025, the company revealed how its tools helped the FBI track and freeze millions of dollars in ransom that hackers extorted from Caesars Entertainment in a high-profile casino ransomware attack.
就以2025年一個例子,該公司公開咗用自家工具幫FBI追蹤同凍結咗被黑客向Caesars Entertainment(著名賭場)勒索嘅數百萬美元贖金。
The hackers thought converting their ransom to cryptocurrency would let them vanish with the money – but agents, using Chainalysis, traced the payments across multiple wallets and even across blockchains as the criminals tried to launder funds via the Avalanche network.
黑客本來以為將贖金轉做加密貨幣就可以洗白走佬,點知調查人員靠Chainalysis追蹤咗呢啲資金竄流,橫跨多個錢包,甚至一度跳鏈(Avalanche network)去洗錢。
With quick action, they had a bridge operator freeze a large portion of the loot mid-transfer, and later they froze more at an exchange where the thieves tried to cash out.
多虧行動夠快,佢哋叫咗bridge營運商喺洗錢途中凍結大量贓款,之後又喺竊匪去交易所提現時再凍結多一批。
The takeaway, as Chainalysis put it, is that crypto’s transparency can turn the tables on criminals, making it possible to follow the money in ways they didn’t expect.
Chainalysis總結話,加密貨幣嘅透明度可以反過來制衡罪犯,好多時大家都能夠跟到資金流向,幾乎超乎犯罪分子想像。
Each such success, they argue, “helps refine methodologies and build precedent” – effectively making the blockchain safer over time.
佢哋認為,每一單成功個案都可以「逐步完善手法,建立先例」,即係區塊鏈世界其實愈嚟愈安全。
Of course, the flip side of this pervasive surveillance is a growing debate about privacy and civil liberties in the crypto space.
當然,監控愈嚴格,大家就愈熱烈討論加密圈入面嘅私隱同公民權益。
As we’ll explore, not everyone is comfortable with private companies mapping out who owns what crypto.
遲啲我哋會探討呢個問題:唔係個個都接受私人公司可以追蹤你手上持有幾多加密貨幣。
But first, let’s look more at how government agencies themselves have embraced these tools to unmask crypto users involved in crimes.
不過先講下,不同政府部門其實都好積極用呢啲工具,專追查涉及犯罪嘅加密貨幣用家。
How the FBI and Law Enforcement Track Crypto Crime
Not long ago, a blockchain investigator in law enforcement was a rarity; in 2025, it’s practically a staple of major agencies.
早幾年,執法部門要請到識查區塊鏈嘅專家相當罕見;2025年,幾乎每個大機構都有呢批人。
The FBI, IRS, U.S. Secret Service, Homeland Security Investigations (HSI), Europol, Interpol – all have dedicated cryptocurrency units or task forces now.
FBI、IRS、美國特勤局、國土安全調查、Europol(歐洲刑警組織)、Interpol(國際刑警)而家全部都有專門負責加密貨幣嘅小組。
They have trained crypto-tracing experts and they subscribe to tools from firms like Chainalysis, TRM Labs, and Elliptic.
佢哋有受過訓練嘅追蹤專家,亦有買入Chainalysis、TRM Labs、Elliptic等公司嘅軟件。
In the U.S., federal agencies have poured resources into crypto enforcement: the Department of Justice launched a “National Cryptocurrency Enforcement Team” (NCET) focusing on illicit use of digital assets, and although its structure may evolve with changing administrations, the priority on crypto crime remains high.
美國聯邦政府好肯投放資源喺打擊加密犯罪:司法部開咗「全國加密貨幣執法組」(NCET),專查非法用數碼資產,即使組織結構隨政權更迭都可能有變,但驅打加密犯罪依然好高優先。
The message from top officials has been clear and consistent.
上面官員態度一向好堅定明確。
“Cryptocurrency is not a safe haven for criminals,” declared Deputy AG Lisa Monaco when announcing the largest financial seizure in DOJ history – the recovery of $3.6 billion in Bitcoin from the 2016 Bitfinex exchange hack.
副司法部長Lisa Monaco宣布破紀錄追查番2016年Bitfinex交易所被黑客搵走嘅36億美元Bitcoin時,講得好清楚:「加密貨幣唔係罪犯避風港。」
In that 2022 case, investigators spent years following the digital paper trail.
如2022年嗰單案,調查員幾年來不停咁查電子紀錄。
The accused launderers, a married couple in New York, had moved the stolen bitcoins through thousands of transactions, hoping to erase their origin.
被指控嘅洗錢者係一對紐約夫婦,佢哋將偷返嚟嘅bitcoin分開經過數千筆交易,諗住可以甩甩掉起底痕跡。
But agents traced those funds through a “labyrinth of transactions” and ultimately seized 94,000 BTC after uncovering the private keys in a cloud storage account.
但當局都係循住「層層複雜」嘅轉帳線索,最後係雲端儲存帳戶搵到私鑰,先一次過撈番94,000粒BTC。
The case was a watershed, showing that even years later, the feds could hunt down crypto loot.
呢單案可以話係分水嶺,證明就算隔咗幾年,聯邦政府一樣追到贓款。
As Assistant Attorney General Kenneth Polite Jr. put it, “we can follow the money through the blockchain, and we will not allow cryptocurrency to be a zone of lawlessness”.
副司法部長Kenneth Polite Jr. 話:「我哋可以經區塊鏈追資金,絕對唔會畀加密貨幣無法無天。」
How exactly do law enforcement crypto investigations work?
究竟執法部門點樣查加密貨幣犯罪?
In practice, they often unfold in stages familiar from traditional financial probes – but turbocharged by blockchain data.
實際上大致同傳統金融案件差唔多,但因有區塊鏈數據,效率往往更高。
According to a Chainalysis explainer, a typical law enforcement workflow is:
-
Gather intelligence: Identify relevant wallet addresses and transactions, often via reports from victims, exchanges, or informants. Agents will collect any known addresses tied to the suspects or crime (for example, a ransomware victim provides the Bitcoin address where they sent payment).
-
情報收集:搵出有關錢包地址同交易,資料好多時來自受害人、交易所或線人。例如勒索軟件受害人會交出佢當時轉錢用嗰個Bitcoin地址。
-
Follow the blockchain trail: Using blockchain analysis software, investigators trace the flow of funds from those addresses. They look for clues such as: Do the funds end up at a known exchange or service? Are they funneled through mixers or cross-chain swaps? Are there links to other crimes or known criminal wallets? Modern tools produce visual graphs and risk assessments, flagging, for instance, if a wallet that received money is associated with “darknet market activity” or “sanctioned entity”. This step often reveals where the suspect cashed out or where they are holding funds.
-
跟進區塊鏈足跡:用區塊鏈分析軟件睇資金點流,例如有無入咗知名交易所/服務;有無經過mixer/跨鏈swap;同其他犯罪或犯罪錢包有冇關係。現代工具會畫埋圖、做風險評分,例如錢包收過錢但標示「暗網活動」或「涉及制裁」等等。通常會查出嫌疑人提款位置或者資金藏身地。
-
Subpoena and seize: If the analysis shows crypto going into a certain exchange or platform, law enforcement will send a legal request to that business for information. Thanks to KYC rules, major exchanges can often provide the real name, email, and transaction logs of the account that received the crypto. With that in hand, agents can obtain warrants to seize funds or make arrests. In many jurisdictions, courts have affirmed that crypto assets are property that can be frozen and seized just like bank funds. U.S. authorities, for example, routinely get seizure warrants for exchange accounts or even for private wallets (if they can get the keys).
-
傳召及凍結:分析到資金入咗某交易所/平台,執法部門會向嗰間公司發律師信要求資料。 基於KYC政策,主流交易所一般會交出戶口真名、電郵、交易紀錄。調查員可以據此申請法庭手令凍結資金或拉人。好多地方法院都認可加密貨幣係資產,可以照凍結同銀行錢一樣。例如美國,平時都會對交易所戶口發出扣押令,有時連私有錢包都一齊(如果搞到私鑰)。
We’ve seen this play out repeatedly.
呢啲流程都見識唔少次。
In a 2023 ransomware case, the FBI traced $15 million in Bitcoin paid by a Las Vegas casino (an incident involving the Scattered Spider hacking group) across various wallets and chains.
例如2023年,拉斯維加斯一間賭場俾咗Scattered Spider黑客組$1500萬Bitcoin贖金,FBI就追蹤咗資金經過嘅錢包同區塊鏈。
Investigators monitored the money as hackers tried to split it and convert it via an Avalanche Bridge. Acting swiftly, they worked with a crypto bridge company to freeze a chunk mid-transfer, and then with an exchange (Gate.io) to lock down another portion when the criminals tried to deposit funds there.
調查人員持續監控轉帳,黑客想分拆資金經Avalanche bridge洗,結果調查員快手搵bridge公司協助,過程中先凍咗部分錢,之後又搵Gate.io被黑客想存入時封鎖多一舊。
Court documents from that case included detailed Chainalysis Reactor graphs showing how the ransom moved through “Extortion Wallet 1” and “Extortion Wallet 2,” was combined, bridged, and swapped into stablecoins and Monero, and ultimately landed in an exchange wallet – where authorities intervened.
法庭文件入面都有啲Chainalysis Reactor畫出嚟嘅詳盡資金流圖,見到贖金經「勒索錢包1」、「勒索錢包2」、合併、跨链、換做穩定幣、Monero,最後入咗某間交易所,當局就喺嗰刻出手。
Each arrow on those graphs represented a clue that agents followed to reclaim victim funds.
圖中每條箭咀都係調查員追回啲賠款嘅線索。
In the end, millions were recovered, months after the initial crime, underscoring that crypto payments are not beyond reach of the law.
過幾個月調查後都追回咗過千萬,證明加密資金一樣難逃法網。
Globally, there have been similar successes.
全球好多類似成功例子。
European police have dismantled darknet marketplaces and traced cryptocurrency profits; London’s Metropolitan Police seized over $500 million worth of crypto in various investigations.
歐洲警察搗破過暗網黑市、追查加密幣收益;倫敦警察廳都喺唔同調查中曾經搵返超過五億美元等值加密資產。
International operations have taken down ransomware gangs – in 2024, a coordinated effort by U.S. and European agencies led to the dismantling of the infamous LockBit ransomware group and others, contributing to a 35% drop in ransomware payments that year.
國際合作亦瓦解過唔少勒索集團——2024年美歐聯手摧毀咗惡名昭彰嘅LockBit等勒索集團,令當年勒索贖金總額大跌三成五。
Each of these cases relied on the ability to track the money and often to freeze it in time.
每一單案都靠可以追蹤資金流向,以及及時凍結資產。
Law enforcement now collaborates closely with exchanges and blockchain businesses, creating networks of information sharing.
而家執法單位同交易所、區塊鏈企業合作得好密,成立咗好多資料分享網絡。
Many countries have laws requiring crypto companies to comply with freeze requests or turnover orders, just like banks do.
好多國家法律都規定加密企業要配合凍結/交出資金命令,就如銀行一樣。
And if perpetrators think they can hide in jurisdictions with lax rules, agencies increasingly cooperate across borders (with mutual legal assistance treaties and informal info exchanges) to ensure even cross-border crypto flows can be followed.
就算罪犯諗住走去法規鬆的國家,現在各國部門都越來越多跨境合作(司法互助協議、非正式情報交換等),確保就算跨國資金流都可以查。
It’s important to note that while agencies have new high-tech tools, classic sleuthing still plays a big role.
值得留意,雖然有新科技,但傳統偵查都一樣舉足輕重。
In the Bitfinex case, the “break” was finding the private keys in an online account belonging to the suspects – essentially, an old-fashioned search warrant yielding a digital key to the treasure.
以Bitfinex案為例,突破口就係查到疑犯某個網上賬號入面有條私鑰——傳統搜查令搵到數碼寶藏鎖匙。
In other cases, undercover agents might infiltrate online forums or use informants to get criminals to reveal a wallet address.
有時臥底探員會滲透網上論壇或者用線人引誘疑犯爆錢包地址。
Once an address is known, the blockchain does the rest by immaculately preserving the transaction history.
一旦有地址,區塊鏈就會將所有交易記錄清楚晒。
Unlike cash that can pass hand-to-hand with no record, every crypto move is etched in a ledger that anyone (including the FBI) can inspect.
同現金唔同,加密貨幣每一筆交易都會喺帳簿永久紀錄,任何人(連FBI)都可以查。
This permanence is a boon for forensic investigators: even years later, they can analyze transactions when new analytic techniques become available or when a suspect is identified.
呢個永久特性對法證調查員嚟講係福音,因為隔幾年後,分析技術進步/新嫌疑人出現時,仲可以重查舊數。
As a result, the federal government has amassed quite a war chest of seized crypto.
咁多年來,聯邦政府都累積咗一大堆被查封嘅加密貨幣。
By late 2022, U.S. agencies had confiscated at least $7.1 billion worth of cryptocurrency from criminal cases.
去到2022年底,美國政府就因刑事案件已經充公咗最少71億美元等值加密資產。
Other countries have seized billions more.
其他國家同樣都有幾十億級別。
Governments now even face the question of what to do with all these digital assets – whether to auction them, hold them, or use them for victim compensation.
各國政府而家仲要頭痕點樣處理晒咁多數碼資產——係拍賣、儲住定用嚟賠償受害人。problems that didn’t exist a decade ago.
從一個普通加密貨幣持有者嘅角度嚟睇,值得注意嘅係,執法人員其實未必需要你犯錯先可以揾到你——佢哋只需要有一個聯繫點。如果你嘅幣曾經經過一間要 KYC(認證身分)的交易所,或者你用過啲做過 KYC 嘅商戶收款,一個有心調查嘅人可以透過法庭傳票最終將呢啲交易連接到你身上。即使你無做犯法嘢,只要你嘅交易同某啲來路不明嘅資金有過交集,你都有機會被詳細審查。例如,你純粹收咗人哋啲 Bitcoin,而那些幣曾經喺一個被黑客攻擊過嘅交易所錢包轉過,如果有調查人員正追蹤嗰單黑客案,你個錢包地址可能會出現喺分析報告入面。你可能會收到交易所嘅電郵,甚至有人喺門口搵你。呢啲都係點解有啲私隱倡議者會警告:原本係用嚟打擊罪案而建嘅基建,有機會變成監控守法用戶嘅工具。
不過,對執法機關嚟講,呢啲工具依家主要都係集中打擊最惡劣嘅罪案,包括勒索軟件、詐騙、毒品、兒童剝削、恐怖分子融資等等。當佢哋「跟錢走」去查公開帳本時,其實就好似查銀行記錄一樣,但通常更有效率、更少阻力。但係,佢哋都會遇到挑戰:罪犯不斷有新招式,法域跨境問題拖慢調查進度,而有啲技術會令追蹤變得困難。我哋陣間會再詳談呢啲「貓同老鼠」戰術。但去到 2025 年,整個大方向已經好清楚:警方追蹤加密貨幣已經變得普遍,並且可以擴大規模操作。關於 Bitcoin 不能追蹤嘅神話,早就被類似 Bitfinex 案同其他無數案件徹底打破。
值得一提嘅係,執法部門唔只係「被動」應對罪案,佢哋而家仲會主動出擊。各機構而家會用區塊鏈分析工具做情報——畫出犯罪網絡全貌,甚至認出原本未上名單嘅嫌疑人。好似如果一個暗網黑市被搗破而所有錢包地址曝光,警察就可以追查有哪些買家同賣家同佢有過交易。這啲人就算原本係匿名,都有機會變成另一宗案件嘅調查對象。區塊鏈數據已經變成豐富情報來源——唔止係檢控證據咁簡單,更係用嚟打開犯罪網絡嘅「門票」。有個例子,美國調查人員曾經用分析工具追蹤網上鴉片類藥物銷售流向,最後搵到一個芬太尼販運集團,並且喺 TRM Labs 2023 年報告中提及,成功查封 1,500 萬美元加密貨幣。每一個成功案例,都增加咗警方係區塊鏈世界打擊罪行嘅信心,就好似佢哋喺傳統金融世界一樣。
AI: The New Eyes on the Blockchain
2025 年加密貨幣監控最大嘅新發展之一,就係人工智能成為咗放大作用嘅新力量。面對區塊鏈每日橫跨多個網絡既數以百萬計交易量,單靠人手分析或者簡單規則系統,根本應付唔嚟。AI 出場啦。機器學習模型而家已經積極巡邏區塊鏈,發掘人類難以察覺嘅模式與異常。無論喺合規(例如交易所、金融機構內部)或者調查層面都一樣。
好似交易所,其實已引入以 AI 驅動嘅系統作為合規監控骨幹。Binance 環球金融情報負責人 Nils Andersen-Röed 解釋:「AI 可以做到實時監控、偵測異常模式、同理解高度複雜嘅行為」,呢啲係傳統人手流程做唔到嘅。根據行業報告,去到 2025 年,超過 65% 的交易所都會用 AI 算法做預測分析同偵測詐騙,較幾年前躍升咗好多。AI 合規系統自 2021 年起增長超過一倍半,足以見佢地有幾關鍵。這些系統會吸收大量交易數據及用戶活動訊息,自我學習乜叫做「正常」,點樣先屬懷疑行為。例如,AI 可能學識咗某個用戶通常只會喺美國辦公時間同美國 IP 地址進行交易——如果突然凌晨三點用俄國 IP,而且交易模式同洗黑錢 typologies 好似,AI 會即時(instantly)舉報。Andersen-Röed 又指,Binance 嘅 AI 模型甚至會模擬潛在洗錢手法,預測罪犯可能點避開監控,測試平台防禦能力。AI 亦主動追蹤外部威脅,例如釣魚網站——只要有新假網站註冊,AI 就即時識別,並同下架服務聯絡,從源頭堵截攻擊。
至於執法部門同區塊鏈情報公司,AI 就係佢哋穿梭大量區塊鏈數據既「快車」。橫跨幾百宗交易、甚至多種貨幣既犯罪行為模式,用靜態規則好難發現,但機器學習就最叻搵到非明顯連結。例如 TRM Labs 有個叫 “Signatures” 嘅系統,利用機器學習自動偵測多宗交易之間嘅可疑模式,例如成堆地址利用報告門檻之下嘅數額分批轉帳,或者新型自動化資金混合服務等。只要基於已知案例訓練,AI 模型就有能力搵到創新型罪案行為。同樣,Chainalysis 都用機器學習去做群組分析及異常偵測。你可以想像,佢哋啲算法已學識點樣分別唔同洗錢手段嘅「鏈上指紋」。
更重要係,AI 可以聰明地將「鏈上」數據同「鏈下」數據組合。例如有研究員會用自然語言處理(NLP)去掃暗網論壇提及嘅某啲地址,或者將犯罪分子描述行為嘅文字,對照實際 Blockchain 上嘅模式。AI 甚至可能將某 DeFi 協議交易突增,同駭客論壇討論新 exploit 事件聯繫起來。呢種數據融合,令「加密監控」定義擴展——唔止睇住地址,連帶晒周邊數碼足跡都包括。
對於你錢包知道咗幾多資料方面,AI 意味住更快、更全面的「畫像」。一個先進 AI 可以理論上分析晒你所有錢包歷史,推斷你係零售投資者定機構交易員?你有冇參與賭博 dApps?你啲資金主要係自我保管定通過交易所出入?某些 AI 模型甚至會考慮你跟已知惡意資金之間相隔幾多層級,以及時間、金額、模式等等,計出細致風險分數。已不單止係「黑名單」咁簡單,而係整個風險光譜。例如你收過啲幣,過去曾經經過受制裁地址(就算好間接),AI 系統都會標識晒風險,但亦可能同時註明其他緩衝因素(例如係兩年前,金額好細)。咁高細緻度的評分據,可以決定要唔要深度調查你定只係打個預防釘。
另一個前線,就係 AI 輔助身份匹配。如果你喺網上任何地方(例如 Twitter 個人簡介)張貼咗你嘅加密貨幣地址,AI 網絡爬蟲就可以搵到,將佢同你真名拉埋一齊。現時有啲公司做 OSINT(開放來源情報)自動化工具,AI 會自動搜尋全網有無 wallet 提及,論壇回帖出現過嘅交易所收款地址,GitHub 貢獻時留低嘅錢包等等,幫助建構用戶資料檔案。所以,監控嘅大網已唔只包圍住區塊鏈本身。
好消息係,AI 真係有效地遏制住加密貨幣犯罪活動。Binance 公佈單係 2023 年,AI 檢測系統已成功阻截超過 12 億美元非法交易,包括阻止可疑提款去到詐騙地址、或者提早發現帳戶被盜。AI 講求「自我適應」——罪犯日日都換招數,但機器學習模型就會自動 retrain,幾乎實時調節。Andersen-Röed 話 Binance 嘅 ML 模型會不斷從每個新威脅自習,保持「敏銳」狀態,遇到突發高頻 bot 攻擊或惡意人士時,自動反應。事實上,交易所而家就等於請咗一隊 24/7* 全天候工作嘅 AI 警察,執行力遠超純人手團隊。
更進一步,部分人甚至倡議「代理型 AI」(agentic AI)——即係可以自我進化、自主獵捕漏洞同反擊攻擊嘅 AI agent。呢樣野仍屬實驗階段,但理念係要 AI 系統唔只識舉報,仲會有行動,例如自動凍結有問題資金,甚至即場介入合同去阻截 exploit。AI 同零知識密碼學(zero-knowledge cryptography)融合更加開始興起,用黎平衡監控與私隱。零知識證明(ZKP)等於用戶可以「證明」自己遵守規則(例如「我錢包唔係與恐怖分子有關」),而毋需公開全部交易細節。Andersen-Röed 指出,先進 AI 加上 ZKP 呢類保障私隱技術,有機會做到「兩全其美——更精明嘅風險偵測、合規同時唔犧牲用戶私隱」。2025 年已經有好多項目探索用 ZKP 做解決方案,例如你做 AML check 只須交一個密碼學證明,而非公開所有交易歷史。呢度係一個新趨勢,希望能平衡監管機構同個人私隱訴求。
不過,正如 AI 令「好人」有更強能力之餘,佢亦……also supercharging the bad actors – a true cat-and-mouse dynamic. Criminals have started using AI to conceal their tracks and scam victims, which complicates the surveillance picture. The FBI issued a warning in late 2024 that criminals are exploiting generative AI to carry out fraud and schemes on a larger scale. For example, AI-generated text and deepfake images have enabled extremely convincing phishing campaigns and impersonation scams. Fraudsters can instantly create thousands of personalized scam emails with flawless grammar – something that used to be a giveaway for detecting fraud. They fabricate entire fake identities and social media profiles using AI-generated profile pictures, making it harder for investigators (and users) to distinguish real from fake. We’re seeing AI deepfakes of CEOs or loved ones in video calls to trick people into approving transfers or giving up keys. In Brazil, there have been reports of AI chatbots being used to socially engineer crypto investors, or malware that uses machine learning to adapt its attack depending on the target’s behavior.
甚至連壞人都因為 AI 得到強化 —— 形成真正的「貓捉老鼠」局面。犯罪分子開始利用人工智能來隱藏行蹤及詐騙受害者,令監控情況更加複雜。FBI 於 2024 年底發出警告,指犯罪集團已經開始濫用生成式 AI,大規模實施詐騙及騙局。例如,AI 生成的文字及深偽(deepfake)圖片令網絡釣魚與冒充詐騙變得極度逼真。騙徒可以即時生成成千上萬封語法完美、針對個人的詐騙電郵 —— 這原本是揭穿騙局的典型特徵。佢哋會用 AI 造假頭像來偽造整個假身份與社交媒體帳戶,調查人員(甚至一般用戶)分辨真假就更困難。我哋見過有 AI 深偽 CEO 或親人在視像通話中出現,騙人認可資金轉賬或者交出密鑰。巴西有報導指,AI 聊天機械人已被用作「社交工程」手段攻擊加密貨幣投資者,又或者有惡意軟件會用機器學習按目標用戶行為自動調整攻擊方式。
Even on the blockchain side, AI can help criminals. There’s speculation that AI could be used to create smarter coin mixing algorithms that learn to evade known tracing heuristics, or to automatically generate new addresses and transaction patterns that confound detection. For instance, a laundering bot could use reinforcement learning to continuously randomize its paths in response to what patterns tend to get flagged by exchanges. If exchanges deploy AI, criminals want to know its blind spots and exploit them.
即使係區塊鏈層面,AI 亦有可能幫到罪犯。有揣測指 AI 可以開發出更加聰明的混幣演算法,以適應性逃避現有追蹤方式,或自動產生難以識別的新地址同交易模式。例如「洗錢機械人」可用強化學習隨時改變洗錢路徑,一見到某啲模式容易被交易所標記就即時轉路線。如果交易所用上 AI,罪犯就會想研究其盲點並加以利用。
A vivid example of the lengths criminals go is the ongoing battle over privacy coins like Monero. Monero is designed with built-in privacy features (obscured addresses and amounts), making it very hard to trace. For years, chain analytics firms largely had to shrug when Monero entered the picture. However, a leaked Chainalysis training video in 2024 suggested that even Monero might not be entirely off-limits. In that leak, a Chainalysis representative discussed methods to track Monero transactions by running a large number of “malicious” Monero nodes to collect user IP addresses and timing information. Essentially, by owning many nodes in the Monero network, Chainalysis could observe when transactions hit the network from particular IPs and use statistical analysis (along with introducing some decoy traffic) to reduce the anonymity set. This was not a complete break of Monero’s cryptography – notably, Chainalysis admitted in the same video that Monero remains unlinkable and untraceable in the traditional sense (you can’t definitively link inputs to outputs or see amounts). But even partial tracing through network-layer attacks shows the determination to pierce every veil. Privacy advocates took solace in the fact that Monero’s core privacy was still solid for most users, while Chainalysis defenders argued that “they are just doing their job… kind of like whitehat hackers making Monero more secure” by finding weaknesses. The cat-and-mouse game continues: as Monero developers improve the protocol to foil such snooping, analytics firms innovate new techniques.
一個好具體嘅例子係圍繞 Monero 等私隱幣持續嘅攻防戰。Monero 設計時已內建私隱功能(例如遮掩地址及金額),令追蹤難度極高。多年來區塊鏈分析公司面對 Monero 基本上只能投降。但 2024 年有一段 Chainalysis 培訓影片外洩,顯示就算 Monero 都未必真係完全無從入手。影片中 Chainalysis 人員討論透過運行大量「惡意」Monero 節點收集用戶 IP 及交易時序,試圖追蹤 Monero 交易。由於持有一堆 Monero 節點,可以觀察特定 IP 何時有交易送出,然後用統計分析加上垃圾流量,縮窄匿名範圍。雖然唔算破解 Monero 密碼學 —— Chainalysis 亦在該影片承認 Monero 傳統意義上仍然係不可連結、不可追蹤(無法肯定將輸入對應輸出、又冇金額資訊)。但即使係只係網絡層的部分追蹤,都顯示滲透決心。私隱擁護者覺得 Monero 對大部分用戶核心私隱仍然穩陣,分析公司粉絲則話「佢哋只係做好份工……好似白帽黑客咁幫 Monero 搵漏洞令系統更安全」。這場「貓捉老鼠」戰爭會繼續:Monero 開發者更新協議以堵截監視,公司又不斷創新分析技術。
The Cat-and-Mouse: Privacy Tech vs. Blockchain Forensics
貓捉老鼠:私隱科技 vs 區塊鏈鑑證
All this surveillance has unsurprisingly spurred a counter-movement among privacy-minded crypto users and adversaries of law enforcement. A privacy arms race is unfolding in parallel with the rise of crypto surveillance. On one side are the blockchain sleuths and government regulators; on the other side are privacy advocates, technologists, and of course criminals, all trying to maintain anonymity in the crypto sphere.
所有呢啲監控措施,自然亦激起私隱取向加密貨幣用戶同有心挑戰執法者的反制行動。隨住區塊鏈監控升級,私隱技術同時進入軍備競賽。一邊係政府監管機構同偵查專家,另一邊則有私隱支持者、技術極客,當然仲包括罪犯,大家都嘗試維持加密貨幣世界裡的匿名性。
The simplest tool in the privacy toolkit has been the cryptocurrency mixer – services or protocols that mix together many users’ coins, obfuscating the trails. A mixer takes in coins from Alice, Bob, and Carol, then pays them back out (minus a fee) in different pieces, such that it’s unclear which output belongs to whom. Mixers have been around for Bitcoin since its early days, and on Ethereum there are smart-contract based mixers like Tornado Cash. For a while, mixers were highly effective at breaking investigative trails, forcing analysts to treat mixed funds as a dead-end (or at least highly suspicious if they emerged from the mixer).
最簡單嘅私隱工具就係混幣(mixer)服務 —— 即將多名用戶的加密貨幣混合,打亂資金來源。混幣服務會收集 Alice、Bob 同 Carol 等人嘅資產,再扣除手續費以不同組合派返畀他們,令監察者唔知收款人係邊個。Bitcoin 由最早期已經有混幣服務,至於以太坊則有智能合約型混幣例如 Tornado Cash。一段時間內,混幣對破壞資金查緝路徑好有效,分析人員經常只能將涉及混幣嘅資金當咗係死胡同(或至少高度可疑,只要有資產由 mixer 流出)。
But 2022–2025 saw a concerted crackdown on mixers – a sign of how serious authorities are about crypto surveillance. In an unprecedented move, the U.S. Treasury’s Office of Foreign Assets Control (OFAC) sanctioned Tornado Cash in August 2022, effectively outlawing U.S. persons from using it. The sanction cited Tornado’s role in laundering over $455 million stolen by North Korea’s Lazarus Group (from the Axie Infinity/Ronin bridge hack) and more than $1 billion in illicit funds overall. This was the first time a decentralized software protocol was added to the sanctions list. The impact was dramatic: Tornado Cash’s usage plummeted by about 85% after the sanctions. Law-abiding users fled for fear of legal consequences, and even many illicit actors stayed away since the service was now so closely watched. North Korean hackers, who had heavily used Tornado, largely abandoned it and shifted back to old-school Bitcoin mixers, according to blockchain analysis.
但由 2022–2025 年期間,各國針對混幣服務展開大規模打壓 —— 這證明監管部門對加密貨幣監控的重視。美國財政部海外資產控制辦公室(OFAC)於 2022 年 8 月史無前例地制裁 Tornado Cash,即是美國人一律唔准再用。官方指 Tornado 協助北韓 Lazarus Group 清洗 Axie Infinity/Ronin 橋騙案中偷得逾 $4.55 億美元(同總數過 10 億美元嘅非法資金),首次有去中心化軟件協議被列入制裁清單。事件影響深遠:制裁一出 Tornado Cash 用量急跌約 85%。守法用戶因擔心法律責任紛紛撤離,就連好多不法分子都因服務被嚴密監控而避開。根據區塊鏈分析,重度依賴 Tornado 的北韓黑客,之後都轉用傳統比特幣混幣服務。
The U.S. government didn’t stop at sanctions. In 2023, the DOJ unsealed indictments against Tornado Cash’s developers, accusing them of facilitating money laundering and sanctions violations. One developer was arrested in 2023 and another was added to the U.S. sanctions list. These moves sent a clear signal: those who build or run public mixing tools can be held accountable if their services are used heavily by criminals. It has been a chilling message for the privacy coin community. While some argue that code is speech and tools like Tornado had legitimate uses (e.g., providing financial privacy for law-abiding users), authorities effectively equated them with financial institutions that failed to implement any AML controls.
美國政府並未止步於制裁。2023 年,司法部公開起訴 Tornado Cash 開發者,控告佢哋協助洗黑錢及違反制裁。當中一名開發者於 2023 年被捕,另一人亦被列入美國制裁名單。這些行動明顯發出警告:只要你開發或營運公開混幣工具,而服務又多被罪犯濫用,就有機會負上法律責任。這對私隱幣社群來說絕對帶來寒蟬效應。雖然有人認為程式碼也是言論,自由工具如 Tornado 本來也有正當用途(例如保障守法用戶財產私隱),但當局已經基本將佢哋當成嚴重無落實反洗錢措施的「金融機構」來處理。
In response to the Tornado crackdown, crypto launderers have been adapting. As mentioned, North Korean entities shifted to alternatives – for example, a mixer called “Sinbad” (believed by U.S. Treasury to be run by North Koreans) became a favored tumbler for them after Tornado was blacklisted. Others have broken up their laundering across multiple smaller mixers or chain hopping (moving illicit funds through a series of different cryptocurrencies and blockchains to confuse trackers). Chainalysis reported trends of criminals increasingly using cross-chain bridges and even decentralized exchange swaps instead of one big mixer that attracts attention. The analytics community has responded by expanding cross-chain tracing capabilities, as noted earlier, to not lose the scent as funds morph from one form to another.
針對 Tornado 打壓,加密貨幣洗錢方亦積極轉型。正如前文提到,北韓組織轉用其他選項 —— 例如一個叫「Sinbad」的 mixer(美國財政部指相信其背後同北韓有關)在 Tornado 被封後大受追捧。有啲人將資金分拆到多個小型混幣服務,或用「跳鏈」技術(跨不同幣種同多條鏈走資,混淆資金路線)。Chainalysis 發現罪犯愈來愈多改用鏈橋(cross-chain bridge)、甚至去中心化交易平台兌換(swap)來洗錢,而唔再靠單一 mixer。區塊鏈分析業界亦已如前所述,開始擴展跨鏈追蹤能力,要確保即使資金「變身」仍能追蹤到。
Privacy-centric cryptocurrencies, often called privacy coins, are another part of this contest. Monero (XMR) and Zcash (ZEC) are the leading examples. These coins use cryptographic techniques to hide transaction details, making them far more private by default than Bitcoin or Ethereum. For years, Monero has been a thorn in the side of investigators – Chainalysis’s own reports often footnote that certain stats exclude Monero because it’s not traceable with their methods. Criminal markets like dark web sites have long accepted Monero for this reason. However, privacy coins have not achieved mass adoption for various reasons (regulatory pressure on exchanges to delist them, and convenience – Bitcoin and stablecoins remain more liquid). Thus, criminals often face a dilemma: they can convert stolen loot into Monero for anonymity, but eventually if they want to cash out to fiat, they likely must convert back to a traceable coin to use a major exchange, reintroducing traceability at that point. Still, as long as they remain in Monero, they enjoy a cloak.
以私隱為賣點嘅加密幣,即私隱幣,也是這場戰爭的關鍵。Monero(XMR)和 Zcash(ZEC)是最常見例子。這類加密貨幣用密碼學技術遮蔽交易詳情,天生比 Bitcoin 或 Ethereum 私隱度高得多。多年來 Monero 一直令人頭痛——連 Chainalysis 報告都經常註明某些數據基本無法涵蓋 Monero 因為唔 trace 到。Dark web市場長年收 Monero 就係因為咁。不過,私隱幣遲遲未能大眾化(例如交易所受監管壓力下下架、又比唔上主流幣種流通性)。結果,罪犯經常面對兩難:雖然將贓款轉做 Monero 可享匿名,但真係想「兌現」換法定貨幣時,始終要換番易 trace 到嘅主流幣,在交易所提現,私隱罩子就會失效。不過,只要資金繼續留係 Monero,就仲有隱身效果。
The leaked Chainalysis video about Monero suggests that even privacy coins are getting attention. It appears that no technology is off-limits to surveillance attempts. If chain analysts can’t break the encryption, they might try network-level attacks or statistical analysis to reduce anonymity sets. In Monero’s case, one proposed attack involves flooding the network with spy nodes to capture transaction origins and using decoy analysis to improve guessing which inputs are real. Monero’s design uses “ring signatures” to mix each transaction with decoys, but those decoys aren’t perfect if someone controls a lot of the network and can see timing and IP clues. It’s a cat-and-mouse: as of 2025, Monero is still considered highly secure for most users (the community regularly upgrades the tech to strengthen privacy), but the very existence of a leak that Chainalysis is working on it shows how dogged the surveillance side is.
Chainalysis 外洩影片顯示,私隱幣都日益引起關注。看來無論咩科技都唔會係監控者嘅禁區。如果分析公司破解唔到加密層,可能會轉用網絡層攻擊或者統計學,縮窄匿名範圍。以 Monero 為例,有提議話用大量間諜節點「灌爆」網絡,記錄交易來源同用「誘餌分析」估哪些輸入先係真。Monero 透過「環簽名」(ring signature)將每次交易混入誘餌,但如果有人控制咗絕大部分節點,就可能根據時機同IP交叉還原。此消彼長:截至 2025 年,多數用戶仍覺得 Monero 非常安全(社群亦不斷升級技術加強保護),但 Chainalysis 有研究已經夠證明監控一方非常執著。
Other techniques people use for privacy include coinjoins (coordinated mixing among a group of users – popular in wallets like Wasabi and Samourai for Bitcoin) and stealth addresses (one-time addresses for each transaction to avoid reuse). Investigators have had some success against coinjoins – for instance, there have been cases where careless implementation or usage led to de-mixing of transactions. One such case in 2023 saw the FBI and Europol help bust a dark web money laundering service called ChipMixer; they likely used blockchain analysis to trace funds that had gone through ChipMixer and identify its infrastructure.
其他坊間私隱手法包括「coinjoin」(即一班人一齊混錢,Bitcoin 錢包如 Wasabi、Samourai 很流行)以及 stealth address(每次交易用一次新地址,避免重用)。雖然大部分案件查唔到,但偶然都有 coinjoin 被破譯——例如某些實作或用戶操作太求其,引致混錢失效。2023 年有案例,FBI 聯同 Europol 打擊了一間 dark web 洗錢服務 ChipMixer,極有可能就係靠區塊鏈分析追蹤流經 ChipMixer 的資金及其基礎設施。
From a broader view, what do these privacy measures mean for “what they know about your wallet”? If you, as a privacy-conscious user, employ these techniques, the amount of information that Chainalysis or the FBI can glean is reduced. For example, if you religiously coinjoin your Bitcoin, an analyst might see your wallet cluster as part of a larger mixed cluster with no clear trail of where your coins originally came from. Or if you use Monero for certain transactions, those particular transfers
從宏觀角度來看,究竟這些私隱措施對「佢哋知道你個錢包咩資料」有咩影響?若你作為一個重視私隱的用戶,善用這些手法,Chainalysis 或 FBI 所能獲取的訊息將大減。例如,若你每次都用 coinjoin 混比特幣,分析人員只會見到你個錢包屬於一大群混合集群之一,冇辦法追蹤到底啲幣原本由邊度嚟。又或者,你其中部分交易改用 Monero,這啲轉帳就......mght be invisible to tracing (though the points where you enter or exit Monero – say buying XMR on an exchange – are visible and become the focus)。基本上,私隱工具可以恢復一定程度的匿名性,但往往要以犧牲方便為代價,亦有機會招致更高的審查。眾所周知,使用mixer或私隱幣,當這些資金一旦流入受規管的交易所,就會成為重點關注對象;合規系統會將由mixer提出的資金評為高風險,因為數據顯示,大部分mixer流量確實屬於非法用途。(事實上,自從Tornado Cash被制裁,而且大部分正當用途消失後,餘下Tornado流量中屬於非法的比例幾乎倍增,雖然實際總量少了很多。即是話,現時由Tornado流出嘅資金差不多全部都被假定係「污錢」,被封鎖都好合理。)
對合法合規嘅用戶來講,過度監控的確有正當理由令人擔心。加密貨幣本來就係建基於個人自由同私隱嘅理念。看到有機構炫耀可以劃分出錢包同身份關連,確實令人感到不安。有論點認為,財務私隱係公民自由嘅一部份——唔係每個人都希望自己所有交易、捐款或者投資都俾公司或者政府追蹤。Electronic Frontier Foundation (EFF) 等組織就曾經表達過對無差別區塊鏈監控的顧慮,亦曾基於言論自由原則反對如Tornado Cash等被制裁事件。
與此同時,監管當局堅持,打擊銀行洗黑錢同非法融資的規例,一樣要適用於加密貨幣領域。他們認為,加密貨幣唔應該成為全球金融體系嘅漏洞,俾犯罪分子肆意妄為。最大挑戰係要搵到平衡:確保能夠捉到壞人,但唔可以當每個用戶都係嫌疑犯。實際運作上,2025年監控重點仍然放係非法活動——這個先係推動監控的主因。未見有證據顯示,有關當局會用區塊鏈分析追蹤普通用戶日常消費行為。但所建設的基礎設施,理論上確實可以好仔細地追蹤任何人資金流動,只要有人濫用。因此,有部分加密圈人士特別強調去中心化同加密技術嘅重要性——避免將來有人濫用區塊鏈數據,實施財務審查或社會信用評分。
Conclusion: A New Era of Accountable Anonymity?
踏入2025年,加密世界已經喺機器同調查人員的雙重監察下逐漸成熟。大家可以叫依家係「負責任匿名」新時代。表面上,你仍然係用一串字母同數字(即你個錢包地址)做交易,可以自主控管資金。但喺背後,區塊鏈分析與AI監控,令所謂匿名性變得好有條件。如果你個交易唔涉及任何紅線,可能仍然覺得如常自由;但如果你個錢包有同可疑行為有交集——即使只係間接——隨時會俾合規資料庫標記,甚至有執法人員上門問話都唔出奇。
對一般加密用戶而言,這個新現實有幾個明顯啟示。私隱要自己主動爭取:如果你重視,必須使用提升私隱嘅工具或私隱幣,同時要接受一定取捨,而這種保障都唔係絕對。相反地,若然你完全守規,應該預早假設你所有交易基本上都係公開透明,隨時可以追溯到你本人,特別係經過交易所之後。正如口號話:「唔好喺Crypto做你唔敢簽名認帳嘅事」,因為分分鐘真係追得返你身上。
對監管機構同執法人員來講,透明度提升基本上係勝利。加密貨幣已經唔再係十年前無法無天的「狂野西部」。以Chainalysis協助為例,去到2025年已追回超過126億美元,被犯罪分子以為逃得掉的大額資金都極速被凍結。勒索軟件組織和黑客而家都知,即使收咗贖金但資金都未必守得住,只要調查人員破到佢哋洗錢漏洞。這可能產生阻嚇作用:如果被捕或資金被沒收嘅風險高咗,犯案動機就自然減少。事實上,2024年勒索金額就因為執法單位強力追蹤同執法而有所下降。
與此同時,業界都積極同監管機構合作,尋求建立合理政策,利用新型監控能力之下都唔會扼殺創新。業界領袖經常講一個願景:希望區塊鏈同AI最終可以從系統層面提升金融誠信。於理想狀態下,監管機構可獲得加密資金異常流動即時報告(有啲似銀行出即時詐騙警報),甚至有可能即時阻止犯罪完成。遇上黑客事件如果全球合力回應夠快,受害人亦更有望追回資金——好似凱撒皇宮賭場案,黑錢移動數小時內就被凍結,算係一個正面例子。
但同時,大家都唔希望所有加密活動一律被當成犯罪。零知識證明等技術正示範出一種折衷方式,用戶可以保留合法交易的私隱,同時證明有遵規。例如,將來你可以證明「自己冇混合來自北韓或恐怖活動的資金」,但唔需要公開晒所有錢包地址——這方面研究正如火如荼。有啲DeFi協議甚至考慮內置這類合規檢查,寧願拒絕污染資金,從理論上阻截壞人,但唔需要儲存用戶所有資料。這些方法雖然複雜,不過都反映業界方向:希望平衡加密貨幣的開放同去中心化特質,並配合必要監管防止濫用。
總結來講,2025年嘅加密監控既比較無孔不入,亦更加精細。Chainalysis這類公司,以及AI衍生工具,已經令執法部門可以高清監察區塊鏈活動,將一度高度不透明的數碼貨幣流動,變成可讀、可行動的信息。FBI以及國際執法同盟都奉行「無論資金變咩形態都要追」的口號——事實上,資金流向愈來愈容易俾人查到。與此同時,私隱技術依然不斷創新,確保「貓捉老鼠」的遊戲繼續持續。
對普通加密用戶來講,最重要的提醒就係「有意識」。唔好以為你個錢包真係咁隱形,每一單交易都在講故事,而而家分析技術已經可以讀到大部分故事內容。不過,亦要理解,呢份透明感係加密貨幣進步成長嘅一部份——通過剔除濫用來建立大眾信任。好多人相信,如果不大力打擊嚴重犯罪(如大型黑客、為政權洗錢),加密貨幣好難達到主流採納,而監控工具正正就係必不可少。最大難題係:點樣可以在 empowering 個人同確保壞人唔好魚目混珠之間取得平衡。
2025年,加密世界就係喺呢個十字路口上。Chainalysis、FBI、AI演算法——佢哋已經知道你個錢包唔少野。匿名同問責權嘅角力,正喺每條區塊鏈、每個新工具、每個新戰術之間每日上演。結果會帶來更大保障,定係犧牲金錢自由,關鍵在於呢啲新權力點樣被善用,以及社群肯劃條咩界線。有一點肯定:完全匿名的加密時代已經結束,一個透明金融新模式——有好有壞——正逐漸成形。