Course Outline
Foundations of Blockchain Technology
Decentralisation, openness, and transparency as core architectural features.
Cryptographic primitives that secure the blockchain: hashing, digital signatures, and Merkle trees.
Consensus mechanisms: Proof of Work, Proof of Stake, and emerging alternatives.
The roles of nodes, miners, and validators, along with live network topology.
Cryptocurrency Landscape
Bitcoin and the original ledger model.
Ethereum and account-based smart contract execution.
Privacy-focused chains: Monero, Zcash, and their distinctions from transparent ledgers.
Stablecoins, alternative chains, and their involvement in illicit financial flows.
Practical Lab - Reading the Blockchain
Connecting to Bitcoin and Ethereum nodes for real-time data access.
Navigating block explorers and querying live transactions.
Interpreting raw transactions, scripts, and smart contract calls.
Mapping a wallet's history on a transparent chain.
Wallets, Keys, and Transaction Mechanics
Wallet taxonomy: web, desktop, mobile, hardware, and custodial versus non-custodial options.
Seed phrases, key derivation processes, and recovery vectors.
UTXO versus account-based transaction models.
Addresses, change outputs, and transaction graphs from an investigator's perspective.
Mining and Trading as Investigative Context
Mining mechanics, pools, hash rate, and how mining infrastructure is exploited for laundering or fund origination.
Centralised exchanges, decentralised exchanges, and over-the-counter desks.
KYC and AML controls at exchanges and their vulnerabilities.
How trading patterns can obscure underlying corruption flows.
Smart Contracts and DeFi Surface
Understanding smart contracts and how their state is observable on-chain.
DeFi primitives: swaps, lending, liquidity pools, and yield farming.
Cross-chain bridges and wrapped assets used as obfuscation tools.
Analyzing contract interactions for investigative indicators.
Practical Lab - Wallet and Transaction Forensics
Inspecting hardware and software wallets in a controlled environment.
Recovering and analysing artifacts from seized devices.
Reconstructing transaction graphs across UTXO and account-based chains.
Address Clustering and Attribution
Common-input clustering and other industry-standard heuristics.
Change-output detection and behavioral fingerprints.
Linking on-chain entities to off-chain identities through Open Source Intelligence (OSINT).
Combining web crawling, social media, and leaked data sources for attribution.
Dark Web, Marketplaces, and Criminal Cryptocurrency Flows
Mapping criminal economies on dark web marketplaces.
Common typologies: scams, fraud, contraband, and sanctions evasion.
Tracking proceeds from the initial deposit through cash-out points.
Indicators of corruption-linked cryptocurrency activity.
Privacy-Enhancing Tools and Counter-Forensics
Mixers, tumblers, and CoinJoin implementations.
Privacy coins and the limitations of public-chain tracing.
Cross-chain bridges and asset wrapping as obfuscation layers.
What tracing can and cannot recover under each technique.
Practical Lab - Tracing a Suspect Wallet
Using open-source tools to follow a complex transaction graph.
Clustering a wallet network and assigning confidence levels to attribution.
Documenting findings as a structured intelligence package.
Money Laundering Typologies in Crypto
Placement, layering, and integration adapted for digital assets.
Layering through decentralised exchanges, bridges, and mixers.
DeFi protocols as laundering surfaces and how to interpret them.
Cash-out vectors: peer-to-peer markets, OTC desks, and prepaid instruments.
Ransomware, Theft, and Scam Response
Ransomware payment patterns and immediate response steps.
Negotiation and recovery practices, including limits and risks.
Exchange hacks, rug pulls, phishing, and large-scale theft analysis.
Working with victims to preserve evidence without compromising the investigation.
Cross-Chain Investigation
Tracing assets across Bitcoin, Ethereum, and EVM-compatible chains.
Following funds through bridges and wrapped tokens.
Reconciling on-chain evidence with exchange and off-chain records.
Practical Simulation - Corruption Investigation Lab
Simulated bribery flow across multiple chains and a mixer.
Building a coherent narrative from fragmented on-chain evidence.
Producing chain-of-custody documentation for digital evidence.
AML Compliance and the Legal Landscape
FATF guidance, the Travel Rule, and jurisdictional differences.
AML and KYC obligations across virtual asset service providers.
Sanctions, politically exposed persons, and corruption-relevant typologies.
Integrating cryptocurrency findings into existing compliance programmes.
Working with Exchanges and Cross-Border Partners
Subpoenas, Mutual Legal Assistance Treaties (MLATs), and information-sharing channels.
Freezing orders, asset preservation, and seizure procedures.
Coordinating cryptocurrency tracing with traditional financial investigation lines.
Digital Evidence and Courtroom Readiness
Chain of custody for cryptocurrency artifacts and on-chain evidence.
Presenting blockchain evidence to non-technical decision-makers and juries.
Common challenges to digital evidence and strategies to defend findings.
Working with expert witnesses and external technical advisors.
Capstone - End-to-End Corruption Inquiry Simulation
Working from an initial intelligence tip through a full investigation.
Building the wallet network, attribution, and timeline.
Engaging exchanges and cross-border partners.
Producing a courtroom-ready report and oral briefing.
Summary and Next Steps
Requirements
- Intermediate technical competence, encompassing networking fundamentals and basic Linux command-line proficiency.
- Working knowledge of cryptographic concepts, such as hashing and public-key encryption.
- Professional background in financial investigation, cybersecurity, forensics, or regulatory compliance.
- Familiarity with at least one scripting language is advantageous, though not mandatory.
- General understanding of financial transactions and Anti-Money Laundering (AML) principles.
Target Audience
Investigators and forensic analysts within anti-corruption agencies, financial crime units, and law enforcement bodies. Cybersecurity specialists supporting fraud prevention, AML, and digital evidence functions. Compliance and risk professionals operating in regulated sectors where cryptocurrency exposure is growing.
Testimonials (2)
- like the blockchain introduction. For a blockchain newbie like me, its englighten me. - Like the technical workshop, also interesting
Muhammad Lutfi Budiansyah - PT Digital Daya Teknologi
Course - Web3 Engineering & Supply Chain Finance Architecture
I really enjoy the training with Patrick. He is clearly very knowledgeable on various topics related to blockchain. He explains really well.
