Nearly $1bn in Bitcoin was transferred yesterday from a wallet associated with the illegal online marketplace Silk Road.
Shut down by the FBI in 2013, two years after it was started, Silk Road was the first modern darknet market, known ostensibly as a platform for selling illicit drugs.
On November 3, an anonymous user moved 69,370 BTC originating from the Silk Road site in two transactions. The activity arose from a wallet address that had lain dormant since 2015.
The cryptocurrency transfer was reported yesterday by researchers at CipherTrace, who noted that “BTC address 1HQ3Go3ggs8pFnXuHVHRytPCq5fGG8Hbhx transferred its entire balance to address bc1qa5wkgaew2dkv56kfvj49j0av5nml45x9ek9hz6 via 2 separate transactions.
“1 BTC was sent in the first transaction while the remaining 69,369+ BTC was sent shortly after.”
The researchers theorized that the initial transfer was a test run designed to ensure that the sizable amount of BTC would be sent to the correct address.
“This action is typically seen when moving large amounts of cryptocurrencies to new addresses,” wrote researchers.
Both of the addresses that the BCH and BSV were sent to have no transactions prior to the two that occurred yesterday.
The transaction appeared to be conducted as a way to switch from an older legacy address to a newer address format.
“The former address is a Legacy/P2PKH address while the new address is a Bech32/P2WPKH address. Legacy addresses—the original Bitcoin address format—start with a ‘1’ while Bech32 addresses—the native segwit address format—start with bc1q,” wrote researchers.
Bech32 addresses, in which around 5% of BTC is currently held, allow BTC blocks to hold more transactions as they are more efficient with block space.
While CipherTrace continues to monitor the addresses for any additional activity, the person and motive behind the transactions remain a mystery.
Researchers wrote: “These movements could possibly mean that the wallet owner is moving funds to new addresses to prevent hackers from accessing the wallet.dat file or that hackers have already cracked the file.”