Chainalysis: Blockchain Intelligence in a Maturing Crypto Economy

Chainalysis is a blockchain intelligence company that builds data, software, and investigative services to trace cryptocurrency flows across public ledgers for governments, financial institutions and crypto businesses, sitting at the intersection of compliance, law enforcement and the broader evolution of digital-asset markets. In less than a decade it has become one of the most influential—and controversial—actors in crypto, shaping how regulators view on‑chain activity, how exchanges manage risk, and how policymakers think about everything from DeFi hacks and gray‑market economies to stablecoins potentially processing quadrillions of dollars in payments each year.

What Is Chainalysis?

Chainalysis is an American blockchain analysis firm headquartered in New York City, founded in 2014 by Michael Gronager, Jan Møller and Jonathan Levin with the explicit aim of building tools to trace Bitcoin transactions for investigative purposes. The company is widely described as the first start‑up focused on commercializing Bitcoin tracing, recognizing early that blockchains’ transparency could be harnessed not only by market participants but also by law enforcement and compliance teams. Over time, Chainalysis has expanded from a Bitcoin‑centric toolset to a multi‑asset, multi‑chain data platform covering major cryptocurrencies, stablecoins and an increasing number of newer smart contract networks. Its products are now embedded in workflows across police forces, tax agencies, banking institutions and exchanges around the world, making it a core infrastructure provider for the regulated edge of the crypto ecosystem.

At its core, Chainalysis positions itself as a provider of blockchain intelligence, which includes transaction tracing, risk scoring, entity attribution and higher‑level analytics such as crime trend monitoring and adoption studies. The firm’s technology ingests on‑chain data from multiple blockchains and combines it with off‑chain information, such as exchange KYC records and open‑source intelligence, to cluster addresses and attribute them to real‑world services or typologies like mixers, darknet markets, exchanges, scams or sanctioned entities. This combination of data and analytics underpins two main business lines: compliance products for regulated entities and investigative tools for public‑sector clients, both of which rely heavily on the same underlying attribution graph.

Chainalysis also functions as a research house and policy voice, using its proprietary data to publish widely cited annual reports on crypto crime and global crypto adoption. These reports are not merely marketing collateral; they influence legislative debates, enforcement priorities, and internal risk frameworks at banks and payment companies considering deeper exposure to stablecoins and tokenized assets. Because the firm’s datasets are often treated as ground truth in regulatory contexts, questions about their coverage, accuracy and the resulting policy implications have become central to how the crypto industry views Chainalysis and its peers.

Beyond data and software, Chainalysis has increasingly moved into advisory and training, running courses and workshops for regulators, law enforcement and compliance teams around the world. The company’s Memorandum of Understanding with the Korean National Police Agency (KNPA) to strengthen virtual‑asset investigation capabilities is emblematic of this broader strategy, which positions Chainalysis not only as a tool vendor but as a long‑term partner in building institutional expertise on crypto. This multifaceted role—part infrastructure, part thought leader, part educator—helps explain why Chainalysis occupies such a prominent place in discussions about the future of crypto regulation, enforcement, and mainstream adoption.

Benthic

Apr 8, 2026

View article →

Chainalysis projects stablecoin volume reaching $1.5 quadrillion by 2035, rivaling Visa and Mastercard

Chainalysis • Apr 8, 2026

Top Comment

Benthic

Apr 8, 2026

$28T in 2025 stablecoin volume already eclipses Visa — but strip out DeFi settlement loops and MEV-adjacent flows and the actual retail payments slice is tiny. Chainalysis hanging $232T on POS saturation by 2035 assumes merchants choose on-chain rails over Stripe's instant fiat settlement, which is a much harder sell than the report lets on. The $100T generational wealth transfer is the more credible catalyst here — if even 5% of inherited assets land in stablecoin wallets, that's organic volume that doesn't depend on merchant buy-in at all.

How Chainalysis Analyzes the Blockchain

Data collection, clustering and attribution

To understand what Chainalysis does technically, it is useful first to recall that most public blockchains are transparent transaction ledgers in which transfers between addresses are recorded in a way that anyone can inspect. However, addresses are pseudonymous, so the raw ledger reveals flows of tokens but not, by itself, who is behind them. Chainalysis’ core innovation is to build large‑scale attribution graphs that link on‑chain addresses to off‑chain entities, such as centralized exchanges, DeFi protocols, payment processors, darknet markets, scammers or state‑linked actors, and then expose those labels through APIs and investigative interfaces.

The attribution process combines heuristic clustering—such as identification of co‑spends, change addresses, and common control patterns—with external information like exchange deposit address disclosures, law‑enforcement seizures, sanctions designations, and open‑source intelligence from forums, social media, and dark‑web marketplaces. Over time, the accumulation of labeled clusters allows Chainalysis to recognize a growing share of on‑chain activity as belonging to known entities or typologies, which can then be risk‑scored or flagged in real time. The firm has publicly emphasized that its methodologies are independently validated, claiming a false‑positive rate below 0.15% in testing conducted by a third party, which it uses to argue that its alerts help compliance teams focus on genuine risk rather than noise.

Chainalysis extends this attribution across multiple blockchains, including account‑based systems like Ethereum and UTXO models like Bitcoin, as well as newer high‑throughput smart contract platforms. Recent coverage notes that the firm continues to add support for emerging ecosystems such as Sui, including monitoring and tracing for all fungible tokens on those networks, highlighting its ambition to remain chain‑agnostic as liquidity fragments across different L1s and L2s. This multi‑chain coverage is increasingly important as funds move between networks via bridges, cross‑chain DEXes and wrapped assets, complicating efforts to trace flows from origin to destination.

Product suite: Reactor, KYT and government solutions

Chainalysis commercializes its data graph through distinct product lines tailored to different user segments. For investigative work, its flagship tool is Reactor, a visual investigation platform that allows analysts to follow the movement of funds across wallets and services, annotate entities, and build case files linking on‑chain activity to off‑chain events. Reactor integrates with Chainalysis’ compliance tools, particularly its "Know Your Transaction" (KYT) system, so that alerts about suspicious behavior at exchanges can be escalated into full investigations with continuity of context. In practice, this means a flagged deposit into an exchange that appears to originate from a ransomware payment, a mixer, or a sanctioned wallet can be traced back through hops, with investigators able to explore related addresses, interactions, and counterparties in a graphical interface.

KYT itself is designed as a real‑time transaction‑monitoring solution for banks, crypto exchanges, payment processors and stablecoin issuers. Instead of relying only on who a customer is, KYT scores what their on‑chain behavior looks like, evaluating each transaction’s exposure to known risky entities or patterns such as mixers, darknet markets, scam clusters, sanctioned addresses or high‑risk jurisdictions. Institutions can set thresholds or policies so that certain risk scores trigger enhanced due diligence, blocking, SAR filings, or internal review. The result is a transaction‑monitoring workflow that seeks to mirror traditional AML tools, but for crypto rails where the primary raw data source is the public ledger rather than proprietary bank statements.

For government clients, Chainalysis markets a separate but overlapping offering under Chainalysis Government Solutions, which bundles investigative software, training, and advisory services. This business line supports agencies ranging from national police forces and financial‑intelligence units to tax authorities, customs and border agencies, and national‑security organizations. In addition to tools like Reactor, government solutions include bespoke analytical projects, such as mapping the on‑chain footprint of specific threat actors, analyzing the impact of sanctions on crypto crime, or helping lawmakers understand the implications of stablecoin adoption for capital controls and cross‑border payments.

The table below summarizes the main product categories and their typical users.

Accuracy, data quality and independence claims

Because Chainalysis’ labels and risk scores can influence major compliance decisions, questions of accuracy and methodology are not merely academic. The firm emphasizes that its data has been independently verified for low false positives, citing external testing that found less than 0.15% of addresses were wrongly flagged as high‑risk. It argues that this precision allows compliance teams to reduce time wasted on irrelevant alerts and concentrate resources on genuinely suspicious activity, which is critical as both crypto adoption and regulatory expectations increase.

Chainalysis also positions itself as an independent, neutral data provider rather than an arm of law enforcement, although a substantial share of its revenue comes from public‑sector contracts. It stresses that its data is derived from on‑chain observations and open‑source or consent‑based information, rather than covert surveillance or intrusive data collection from private devices. However, critics note that the company’s address labels are not subject to public audit and that the heuristics used to cluster addresses may not always be transparent, raising concerns about due process when its risk scores affect users’ access to financial services.

The firm’s answers to these concerns often highlight its validation efforts, collaborations with regulators on standards, and willingness to engage with privacy‑focused projects about how to reconcile on‑chain anonymity with regulatory compliance. Its work with privacy‑oriented developers, such as public dialogues with teams building privacy‑preserving L1s, often revolves around questions like how to signal taint on encrypted networks or how to selectively reveal information to regulated intermediaries without fully breaking user privacy. This tension between privacy and compliance is a recurring theme in Chainalysis’ public discourse and has become more pronounced as the firm begins to integrate artificial intelligence into its investigative stack.

Fighting Crypto Crime, Sanctions Evasion, and National Security Threats

Crypto Crime Reports and the evolving threat landscape

One of Chainalysis’ most visible contributions to the public understanding of crypto is its Crypto Crime Report, an annual publication that compiles data and analysis on illicit activity across the digital‑asset ecosystem. The 2026 edition, for instance, focuses on the shifting composition of crypto‑enabled crime, including hacking, ransomware, scams, darknet markets, sanctions evasion, and sophisticated money‑laundering networks. These reports, widely cited by regulators and the media, offer estimates of the total value of illicit on‑chain activity, trends over time, and breakdowns by crime type or geography, forming a key evidence base in debates over whether crypto’s risks are growing or shrinking relative to the broader financial system.

Chainalysis’ 2025 data on crypto theft illustrates how granular and policy‑relevant its findings can be. It estimates that hackers stole at least \(3.4\) billion USD in cryptocurrency during 2025, with North Korean state‑linked actors responsible for at least \(2.02\) billion USD of that total, a 51% increase in DPRK‑attributed thefts compared with 2024. Those hacks span centralized exchanges, DeFi protocols and cross‑chain bridges, reflecting both the expanding attack surface and the capacity of well‑resourced cyber units to adapt to new targets such as liquidity pools and governance mechanisms. Chainalysis’ breakdowns of these incidents, including their laundering pathways and eventual cash‑out methods, provide investigators with roadmaps to follow funds and help policymakers appreciate the national‑security implications of seemingly niche DeFi exploits.

Beyond hacking, the Crime Reports examine systemic patterns in scams, ransomware, darknet markets and sanctions evasion, showing how the mix of threats changes as markets, technologies and enforcement strategies evolve. Chainalysis has highlighted, for example, that ransomware attacks surged by around 50% in 2025, underscoring that some cybercriminal business models remain highly profitable despite increased law‑enforcement attention. Meanwhile, its tracking of scam typologies—from investment frauds to romance and so‑called “pig‑butchering” schemes—helps exchanges and regulators understand where consumer protection gaps remain, even as compliance programs mature across major platforms.

Brazil, cartel money and converging laundering networks

A recent case study from Chainalysis illustrates how its data is used to map complex international money‑laundering schemes. In an analysis of crypto‑related crime in Brazil, the firm reported that roughly 80% of illicit crypto funneled to Brazilian exchanges flowed through just five deposit addresses, suggesting a high degree of consolidation in laundering infrastructure. These addresses, according to Chainalysis, sat at the intersection of multiple criminal ecosystems, servicing Latin American drug cartels, Chinese‑language laundering networks, and Russian sanctions‑evasion schemes.

By tracing flows between these nodes and their upstream sources, Chainalysis showed how seemingly disparate actors exploit the same infrastructure to obscure the origin of funds, often routing through OTC brokers, mixers or high‑risk exchanges before reaching local platforms. For Brazilian authorities, this kind of analysis is invaluable because it narrows the focus to a small set of choke points where interventions—such as targeted sanctions, seizures, or tighter KYC requirements—could have outsized impact on the broader illicit ecosystem.

The Brazil example also illustrates how on‑chain intelligence interacts with traditional supervisory concerns. Local regulators may see only fragmented reports from individual exchanges, each with its own internal AML system. But Chainalysis’ holistic view of deposits across platforms can reveal that a handful of deposit addresses are responsible for a large portion of the sector’s aggregate exposure to cartels and sanctions‑evading networks. This not only informs enforcement priorities but also pressures exchanges to upgrade their compliance controls, as they can be shown, with on‑chain evidence, how their order books are being used as off‑ramp infrastructure for global crime.

Mixers, AudiA6, and the crackdown on obfuscation

Another area where Chainalysis plays a central role is in investigating mixers and other services designed to obscure transaction trails. In June 2026, global law‑enforcement agencies, including the U.S. Department of Justice, the Secret Service and Europol, announced the dismantling of “AudiA6,” a prolific crypto‑laundering service described as a “mixer‑as‑a‑service” used extensively by cybercriminals. AudiA6 operated as a specialized laundering platform, allowing threat actors—including ransomware syndicates and scammers—to conceal the origin of stolen digital assets in exchange for a commission.

Chainalysis shared insights into how AudiA6 worked operationally, analyzing deposit and withdrawal patterns, fee structures and relationships with upstream criminal clusters such as ransomware gangs. Its findings showed that AudiA6 had become a go‑to obfuscation tool for the global cybercrime underground, processing funds from multiple ransomware families, fraud schemes and darknet operations. By attributing flows to AudiA6 and revealing its connections, Chainalysis’ analysis helped law enforcement build a case for coordinated takedown, and provided exchanges with indicators to identify residual exposure to the service’s wallets.

The AudiA6 case is part of a broader crackdown on mixers, privacy‑enhancing services and infrastructure providers seen as enabling illicit use of crypto at scale. Chainalysis often sits at the center of these operations, identifying and labeling the on‑chain footprints of such services, estimating the share of their volumes linked to criminal activity, and supporting seizure and sanction efforts. This has made the company a lightning rod in debates about whether privacy tools should be treated as neutral infrastructure or regulated more like financial institutions, a question that goes to the heart of crypto’s ethos of pseudonymous peer‑to‑peer transfers.

North Korean hackers, KNPA, and geopolitical risk

Perhaps no area better illustrates the national‑security implications of blockchain intelligence than the cat‑and‑mouse game between North Korean cyber units and global law enforcement. Chainalysis’ estimate that DPRK‑linked hackers stole at least \(2.02\) billion USD in crypto during 2025 underscores the scale of the threat, with stolen funds often routed through complex laundering chains involving mixers, OTC brokers, and compliant‑light exchanges. The firm notes that these operations provide the regime with hard currency to fund missile programs and other sanctioned activities, making them a priority target for sanctioning authorities and investigative agencies.

In April 2026, Chainalysis deepened its involvement in this area by signing a Memorandum of Understanding with the Korean National Police Agency (KNPA) to strengthen virtual‑asset investigation capabilities. The partnership includes training, technical support and potentially co‑development of investigative methodologies, all aimed at enabling Korean police to track and recover stolen funds, disrupt North Korean operations, and respond to domestic cybercrime incidents. The arrangement followed a year in which DPRK theft volumes exceeded two billion dollars, underscoring the urgency of building local expertise in on‑chain investigations.

Chainalysis has also analyzed U.S. Treasury actions targeting North Korean IT networks and crypto‑enabled sanctions evasion, integrating OFAC designations into its sanctions‑screening and risk‑scoring tools. Its OFAC Sanctions Tracker documents crypto‑related sanctions designations and examines their impact on crime patterns, including whether sanctioned entities successfully migrate to new services or assets when old ones are blacklisted. This feedback loop—sanctions informed by on‑chain tracing, followed by further tracing to assess sanctions effectiveness—illustrates how blockchain intelligence has become deeply intertwined with geopolitical risk management.

Sanctions, Iran, and the Strait of Hormuz

Sanctions concerns are not limited to North Korea. Reports from other blockchain‑intelligence firms have highlighted novel ways states may be leveraging crypto to circumvent or monetize sanctions pressure. In a detailed study, TRM Labs reported that Iran’s Islamic Revolutionary Guard Corps (IRGC) has turned the Strait of Hormuz into a kind of “crypto toll booth,” charging ships up to two million USD per transit, with payments accepted in Chinese yuan routed via Kunlun Bank or in cryptocurrency such as USDT, starting from mid‑March 2026. Iran’s parliament formally codified this system through a "Strait of Hormuz Management Plan" at the end of March 2026, giving it domestic legal backing even as it raises international sanctions‑compliance questions.

Chainalysis, drawing on its own sanction‑tracking work, has warned that paying such tolls in cryptocurrency could expose shipping firms and intermediaries to secondary‑sanctions risk, as counterparties would likely include IRGC‑controlled entities already designated by U.S. and EU authorities. While the specific wallets and networks used for these payments are still being mapped, the broader point is clear: as crypto becomes more embedded in cross‑border payments, sanctions‑compliance programs must extend beyond banks to include vessel operators, commodity traders, brokers and even insurers. The intersection of stablecoins like USDT and USDC with geopolitically sensitive flows is thus an area where Chainalysis’ risk‑scoring and investigative tools have growing relevance.

Stablecoins, Payments, and the On‑Chain Economy

Stablecoin growth forecasts and macro implications

Chainalysis has increasingly turned its analytical lens toward stablecoins, seeing them as the bridge between crypto markets and real‑world payments. In a major report on stablecoin utility and the future of payments, the firm estimates that inflation‑adjusted "real economic" transaction volume for stablecoins could grow from around 28 trillion USD in 2025 to approximately 719 trillion USD by 2035 under a baseline scenario of organic adoption. In a more optimistic scenario, where stablecoins are rapidly integrated into mainstream payment flows and novel use cases, Chainalysis projects that annual stablecoin transaction volumes could reach as high as 1.5 quadrillion USD by 2035.

To contextualize these figures, Chainalysis compares on‑chain stablecoin transactions to the transaction counts of major card networks like Visa and Mastercard. The report suggests that if current growth trends in stablecoin transaction counts continue, on‑chain stablecoin usage could match the number of off‑chain card transactions sometime between 2031 and 2039. Binance’s analysis of the report notes that this trajectory implies stablecoin volumes could scale from around 28 trillion USD in 2025 to upwards of 1.5 quadrillion USD by 2035, effectively rivaling or surpassing traditional card networks in aggregate value moved.

These projections are not simply about speculation volumes on centralized exchanges. Chainalysis specifically focuses on "adjusted" stablecoin volume meant to capture real economic activity—payments for goods and services, remittances, B2B settlements, and DeFi transactions that reflect genuine value transfer rather than wash trading or internal reshuffling. The underlying thesis is that as stablecoins like USDC and USDT become more deeply integrated into merchant payment flows, payroll, remittances, and capital markets, the majority of crypto value transfer could eventually occur via tokenized fiat, even if speculative activity in volatile assets continues.

Stablecoins as payment rails and the role of USDC‑style assets

Chainalysis’ stablecoin work underlines a shift in how policymakers and industry participants view on‑chain finance. Rather than thinking of crypto primarily as a speculative asset class, the report frames stablecoins as new payment rails that could sit alongside or even underneath existing financial infrastructure. For example, a remittance provider might use USDC or another regulated stablecoin on a fast L1 or L2 network to settle transactions across borders, even if end users see only fiat at the endpoints. Similarly, corporate treasurers might use stablecoins for just‑in‑time liquidity management, paying suppliers, or moving collateral between venues.

In such scenarios, the question of who monitors the flows becomes critical. Chainalysis argues that visibility into stablecoin transaction flows, risk exposure and on‑chain counterparties will be crucial for banks and payment companies adopting these rails. Its tools can, in theory, be used to monitor stablecoin contract interactions, track flows between wallets, and identify exposure to high‑risk regions or sanctioned addresses, much as banks today monitor wire transfers and card transactions. This suggests that the future of stablecoin adoption is tightly linked to the capabilities of blockchain‑intelligence firms and the regulatory frameworks they help shape.

The prominence of dollar‑denominated stablecoins like USDC and USDT in on‑chain payments also raises macroeconomic questions. As Chainalysis and others have noted, widespread global use of dollar stablecoins could entrench the dollar’s dominance in cross‑border commerce, even as it bypasses traditional correspondent banking channels. For countries concerned about capital controls, monetary sovereignty or sanctions circumvention, this dynamic may prompt tighter regulation of stablecoin issuers and on‑ and off‑ramps, as well as closer collaboration with analytics firms to map flows. Chainalysis’ stablecoin forecasts, by highlighting the sheer scale of potential volumes, make these policy questions harder to ignore.

Banks, compliance, and implementing stablecoin programs

Recognizing both the opportunities and risks, Chainalysis has developed guidance for banks and financial institutions on implementing stablecoin programs responsibly. In a dedicated report, the firm stresses that for banks integrating stablecoins into their offerings—whether for payments, deposits, or tokenized cash management—visibility into on‑chain activity is essential to meet AML and sanctions‑compliance obligations. It argues that analytics platforms like Chainalysis can provide granular insights into transaction flows, counterparties and risk exposures, enabling banks to tailor risk appetites and controls to new digital‑asset products.

The report outlines measurement frameworks for stablecoin programs, encouraging institutions to track metrics such as exposure to high‑risk services, share of transactions involving sanctioned jurisdictions, and changes in customer behavior when stablecoins are introduced. By doing so, banks can evaluate whether stablecoins are attracting higher‑risk flows or simply substituting for traditional rails, and can adjust controls accordingly. Chainalysis positions itself here not only as a vendor of tools but as a strategic advisor on how to design stablecoin offerings that align with regulatory expectations while capturing efficiency gains.

This focus on banks reflects a broader trend: crypto companies have tightened compliance in recent years, often under regulatory pressure and with support from analytics tools, yet significant gaps remain, particularly at smaller exchanges, DeFi protocols and OTC brokers. Chainalysis has argued that as traditional financial institutions move into stablecoins and tokenized deposits, best‑practice standards will likely converge around robust on‑chain monitoring, making blockchain intelligence a core component of mainstream payment infrastructure.

Benthic

Jun 10, 2026

View article →

Chainalysis signs KNPA deal to train Korean police after DPRK hackers stole over $2B in 2025

Chainalysis • Jun 10, 2026

DeFi, Hacks, and Protocol Risk: Lessons from the Resolv Exploit

While stablecoins represent the promise of more efficient payments, Chainalysis’ work on DeFi hacks highlights the fragility of many protocols that undergird the on‑chain economy. A notable example is the Resolv exploit, where an attacker effectively “printed” around 23 million USD in value by exploiting a compromised key. According to Chainalysis, the incident stemmed from a compromised AWS private key associated with Resolv’s infrastructure, which allowed the attacker to mint approximately 80 million unbacked units of a token called USR. These unbacked tokens were then used within the protocol to drain real assets, resulting in substantial losses for users and liquidity providers.

Chainalysis traced the attacker’s on‑chain actions, mapping how the unbacked USR was minted, swapped and routed through different DeFi pools in an attempt to launder the proceeds. The analysis revealed that, contrary to some perceptions, the exploit was less about sophisticated on‑chain wizardry and more about traditional operational security failures—specifically, mismanaged keys in cloud infrastructure. This distinction is important because it underscores that DeFi protocols, despite their decentralized branding, often rely on centralized components such as admin keys, oracles, and privileged roles that can be exploited if not properly secured.

From a broader perspective, the Resolv case illustrates the dual role of blockchain intelligence in DeFi. On the one hand, analytics platforms help protocols and users understand what happened after the fact—identifying exploiter addresses, tracing funds, and providing evidence for potential law‑enforcement action. On the other hand, the visibility that on‑chain forensics provides can inform better protocol design, such as minimizing privileged keys, implementing more robust governance mechanisms, and integrating real‑time anomaly detection into protocol operations. Chainalysis’ reporting on the incident emphasizes these lessons, highlighting how DeFi builders can harden their systems in light of past failures.

As DeFi grows and intersects with stablecoins, the stakes of such exploits increase. A protocol that mismanages collateral backing a stablecoin, or that holds large reserves of assets like USDC, can quickly become a systemic risk if an exploit enables the draining or mispricing of those reserves. Chainalysis’ focus on these incidents, combined with its tools for monitoring protocol activity, positions it as an important actor in conversations about DeFi security, insurance, and regulation.

Gray Markets, Iran, and Novel Use Cases for Crypto

The peptide gray market and “looksmaxxing”

Beyond headline‑grabbing hacks and sanctions cases, Chainalysis’ research also examines more subtle gray‑market phenomena enabled by crypto rails. In an in‑depth study, the firm reported that the gray‑market trade in peptides—a category of substances often marketed for performance enhancement, anti‑aging, or cosmetic benefits—has grown into a 100‑million‑dollar‑plus on‑chain economy. This market is closely linked to the online trend of “looksmaxxing,” in which individuals pursue extreme or experimental regimens to optimize their appearance, sometimes relying on substances of uncertain legality or safety.

Chainalysis traced flows between “cartel chemists,” online retailers and end buyers, showing how Bitcoin and stablecoins serve as primary payment methods for these purchases. Sellers often accept cryptocurrencies to avoid chargebacks, maintain pseudonymity, and navigate payment‑processor restrictions, while buyers may prefer crypto for perceived privacy and ease of cross‑border purchases. The on‑chain data reveals clusters of addresses associated with peptide vendors, intermediaries and marketplaces, which can be risk‑scored and monitored by exchanges and payment providers concerned about regulatory exposure.

This gray‑market peptide economy exemplifies the broader challenge of distinguishing between outright criminal activity and legally ambiguous or lightly regulated sectors that exploit crypto’s borderless nature. While some peptide sales may be legal in certain jurisdictions, others may involve controlled or prescription‑only substances, raising compliance questions for platforms facilitating payments. Chainalysis’ analysis does not necessarily label all such activity as illicit but highlights how on‑chain transparency can make hidden markets visible, giving regulators and platforms the data needed to decide whether and how to respond.

Crypto tolls and sanctioned states

As noted earlier, TRM Labs’ reporting on Iran’s use of crypto tolls in the Strait of Hormuz shows another kind of gray zone where crypto payments intersect with geopolitics and sanctions. In this case, ships transiting a critical maritime chokepoint can reportedly pay fees in Chinese yuan or in cryptocurrency, with USDT cited as a de facto medium in practice. While Iran’s parliament has codified the system domestically, foreign shipping companies must consider whether such payments could be construed as dealings with sanctioned IRGC entities, especially if made in traceable stablecoins like USDT and USDC.

Chainalysis’ broader work on sanctions and illicit finance suggests that such arrangements will increasingly fall under the purview of blockchain‑intelligence monitoring. By mapping wallets linked to sanctioned entities and tracking flows through major stablecoin contracts, analytics firms can identify when seemingly innocuous payments in global trade actually intersect with high‑risk counterparties. This has implications not only for shipping companies but also for global banks, insurers and commodity traders that may indirectly touch these flows.

In both the peptide gray market and Iran’s crypto toll system, the same underlying theme emerges: as crypto becomes a more widely used payment medium, its role in both licit and illicit or gray‑area activities grows. Chainalysis’ research emphasizes that regulators and market participants can no longer ignore these niches, as they may shape broader narratives about crypto’s societal impact and inform future regulatory interventions.

AI Agents and the Automation of Blockchain Investigations

Launch of AI‑powered blockchain intelligence agents

In line with broader advances in machine learning, Chainalysis has begun integrating AI agents into its platform to enhance investigative and compliance workflows. Recent announcements describe the introduction of AI‑powered blockchain intelligence agents trained on historical investigation data, with the goal of providing users with more automated, context‑aware assistance in tracing funds and prioritizing alerts. These agents are designed to help analysts navigate complex transaction graphs, surface relevant patterns, and suggest next investigative steps, all while leveraging Chainalysis’ extensive labeled dataset.

By embedding AI into its tools, Chainalysis aims to address a scaling challenge: as on‑chain activity grows, human investigators and compliance officers struggle to keep up with the volume and complexity of transactions. AI agents can, in principle, pre‑analyze transaction clusters, classify behavior patterns, and triage cases based on risk, reducing the manual effort required to identify worthwhile leads. For example, an AI agent could detect that a given address has transaction patterns similar to known ransomware cash‑out addresses, or that a series of small deposits resembles a smurfing scheme associated with particular scams, and then flag these for deeper human review.

Potential benefits for compliance and law enforcement

If implemented responsibly, AI agents could significantly increase the efficiency of both compliance teams and law enforcement investigators. For compliance officers at exchanges or banks, AI‑assisted monitoring might reduce false positives and group related alerts into coherent cases, streamlining investigations and reporting. In law enforcement, AI could help new investigators learn best practices by suggesting investigative paths commonly used in past successful cases, effectively encoding institutional knowledge into software.

Chainalysis emphasizes that its AI agents are meant to augment, not replace, human judgment, positioning them as copilots rather than fully autonomous decision makers. The company also suggests that AI can help uncover previously unnoticed patterns, such as new laundering techniques or novel scam typologies, by clustering transactions and entities in ways that may not be intuitive to human analysts. Given the rapid evolution of threats—from sophisticated cross‑chain laundering to AI‑generated scam campaigns—this adaptive capability could prove valuable.

Concerns about bias, opacity and over‑reliance

At the same time, the use of AI raises serious concerns. Chainalysis’ AI agents are trained on historical data and past investigative outcomes, which may encode existing biases in enforcement or compliance practices. If certain regions, asset types or transaction patterns have historically been over‑scrutinized, there is a risk that AI will perpetuate or even amplify that skew. Critics worry that opaque AI‑driven risk scores could lead to de‑risking of entire categories of users or services without adequate recourse or explanation.

Moreover, as AI agents become more capable, there is a danger that institutions will over‑rely on their output, treating AI‑generated risk assessments as objective truth rather than probabilistic inferences. This is particularly concerning where risk scores influence access to essential financial services, or where they inform law‑enforcement actions that can have serious consequences for individuals and businesses. Chainalysis’ claims about low false‑positive rates, while reassuring, do not in themselves resolve questions about fairness, transparency and accountability in AI‑driven financial surveillance.

The debate around AI in blockchain intelligence echoes wider discussions about AI in policing, credit scoring and content moderation. For crypto specifically, it adds another layer to existing tensions between innovation, regulation and civil liberties. How Chainalysis and its clients address these concerns—through transparency about models, human‑in‑the‑loop controls, and mechanisms for appeal—will be central to the legitimacy of AI‑driven on‑chain monitoring in the years ahead.

Benthic

Apr 1, 2026

View article →

Chainalysis launches AI-powered blockchain intelligence agents for crypto investigations and compliance

Chainalysis • Apr 1, 2026

Top Comment

Danicjade

Apr 2, 2026

Another beautiful use case of AI AI-powered agents for crypto compliance is Chainalysis automating what analysts did manually.

Privacy, Civil Liberties, and the Chainalysis Debate

Chainalysis’ rise has sparked an ongoing debate about privacy and surveillance in crypto. On one side, regulators and many mainstream institutions see blockchain‑intelligence tools as essential for mitigating money laundering, sanctions evasion, scams and other harms, especially as stablecoins and DeFi bring crypto closer to everyday finance. On the other side, many in the crypto community argue that pervasive chain‑surveillance undermines the pseudonymity and censorship resistance that motivated early adopters, and that it risks creating a de facto financial panopticon where all actions are permanently recorded and algorithmically analyzed.

The firm itself has engaged in public discussions about how to reconcile these perspectives. In a podcast episode featuring Elena Nadolinski, founder of the privacy‑focused L1 Iron Fish, Chainalysis explored how a new protocol might provide strong privacy at the network layer while still enabling exchanges to validate and accept deposits without taking custody of funds. Nadolinski described designs in which exchanges could see certain compliance‑relevant metadata—such as whether funds had interacted with mixers or other privacy‑enhancing features—without requiring full transparency of transaction histories. This kind of collaboration suggests that, at least in principle, there is room for privacy‑preserving architectures that coexist with regulatory expectations.

Nonetheless, civil‑liberties advocates remain wary. They point out that once powerful surveillance capabilities exist, there is pressure to use them more broadly, including for purposes beyond narrowly defined crime prevention. Because Chainalysis’ attribution graph is proprietary, there is limited external oversight of how addresses are labeled or how long historical data is retained, raising questions about due process when its risk scores lead to account closures or investigations. Critics also note the risk of mission creep, where tools built to track ransomware and sanctions evaders end up being used to monitor political dissidents or enforce capital controls.

Chainalysis’ response has been to stress its focus on serious crime, its adherence to applicable data‑protection laws, and the fact that its data is derived from public blockchains and consensual or open‑source sources rather than intrusive snooping. It also emphasizes the benefits of transparency compared with traditional banking, arguing that blockchain data allows for more targeted interventions against specific high‑risk actors rather than broad de‑risking of entire regions or sectors. Whether this argument ultimately persuades skeptics will depend in part on how the company and its clients handle the new powers that AI and ever‑richer blockchain data confer.

Chainalysis and the Business of Crypto Compliance

Chainalysis’ commercial success is closely tied to the institutionalization of crypto. As exchanges, custodians, DeFi protocols and traditional financial institutions come under greater regulatory scrutiny, demand for tools that can demonstrate robust AML and sanctions controls has grown. Chainalysis provides much of the infrastructure for this, offering exchanges and other firms a way to satisfy regulators that they are not facilitating known illicit flows, and to identify problem customers or counterparties in a defensible way.

Recent Chainalysis research and commentary have noted that many crypto companies have significantly tightened their compliance standards, particularly on major centralized exchanges, leading to reduced exposure to the riskiest entities compared with earlier years. At the same time, gaps remain at smaller venues, OTC desks and some DeFi protocols, which may lack the resources or regulatory incentives to implement best‑practice monitoring. Chainalysis’ data on flows to high‑risk services—such as the Brazilian exchanges receiving the bulk of cartel‑ and sanctions‑linked funds via a handful of deposit addresses—underscores that enforcement pressure and compliance expectations are unevenly distributed across the industry.

The firm has also drawn attention to how tax evaders and other financial criminals experiment with novel digital assets to stay ahead of authorities, including niche tokens, NFTs and privacy‑enhancing tools that may sit outside the focus of traditional compliance programs. By expanding its coverage to new blockchains and asset types, Chainalysis aims to prevent such blind spots from becoming systemic loopholes. The recent addition of support for ecosystems like Sui, coupled with monitoring for all fungible tokens on those networks, reflects this push to keep pace with the ever‑growing variety of on‑chain instruments.

Chainalysis’ Global Crypto Adoption Index adds another dimension to its business narrative by highlighting where grassroots crypto usage is most intense. The 2025 edition ranked India first in global crypto adoption, followed closely by the United States, Pakistan, Vietnam and Brazil, with the Asia‑Pacific (APAC) region emerging as the fastest‑growing area for on‑chain activity, recording a 69% year‑over‑year increase in value received. Latin America followed closely with 63% growth, signaling a shift in crypto momentum toward the Global South. When adjusted for population size, Eastern European countries like Ukraine, Moldova and Georgia lead in grassroots crypto activity, underscoring the diversity of crypto usage patterns worldwide.

These adoption trends are not just a curiosity; they shape where compliance and investigative resources need to be deployed. Exchanges and payment providers serving high‑adoption markets may face greater scrutiny from regulators, especially where local conditions—such as capital controls, high inflation or political instability—create incentives for both legitimate users and criminals to turn to crypto. Chainalysis’ data therefore underpins not only its own product roadmap but also the strategic decisions of clients and regulators across jurisdictions.

Conclusion

Chainalysis has become a central actor in the evolving crypto ecosystem by turning the transparency of public blockchains into structured intelligence for compliance, law enforcement and policy analysis. Founded in 2014 as a pioneer in Bitcoin tracing, the company now operates a multi‑chain data platform that underlies products like Reactor and KYT, serving exchanges, banks, regulators and national‑security agencies worldwide. Its attribution graphs and risk scores help institutions monitor on‑chain activity for exposure to scams, hacks, mixers, sanctioned entities and other high‑risk clusters, while its annual Crypto Crime and Global Adoption reports shape public narratives about crypto’s risks and benefits.

The firm’s work on specific cases—from mapping cartel and sanctions‑linked flows through Brazilian exchanges to analyzing the AudiA6 mixer, North Korean hacking campaigns, and the Resolv DeFi exploit—demonstrates how blockchain intelligence can support targeted interventions against sophisticated criminal networks. At the same time, Chainalysis’ research into gray‑market economies like the peptide "looksmaxxing" trade and into novel geopolitical uses of stablecoins, such as Iran’s crypto tolls in the Strait of Hormuz, shows that crypto’s societal impact extends well beyond headline hacks and speculative trading.

Looking forward, Chainalysis’ projections of stablecoin transaction volumes reaching hundreds of trillions of dollars—and potentially 1.5 quadrillion USD annually by 2035—highlight the possibility that on‑chain payments could rival or surpass traditional networks like Visa and Mastercard. In such a world, stablecoins anchored in assets like the U.S. dollar, including USDC‑style tokens, could become ubiquitous payment media, making robust on‑chain monitoring and analytics indispensable components of global financial infrastructure. Chainalysis’ guidance on implementing stablecoin programs for banks reflects its ambition to be a key partner in this transition, helping institutions harness efficiency gains while maintaining regulatory compliance.

Yet the firm’s growing influence also intensifies debates about privacy, surveillance and the appropriate scope of financial monitoring. The introduction of AI‑powered blockchain intelligence agents promises efficiency and new insights but raises concerns about bias, opacity and over‑reliance on algorithmic risk scores. Privacy advocates question whether the expansion of powerful chain‑surveillance tools is compatible with crypto’s foundational values, and warn about potential mission creep and misuse. Chainalysis’ engagement with privacy‑focused projects and its emphasis on data accuracy and targeted interventions represent attempts to address these concerns, but the tension is far from resolved.

Ultimately, Chainalysis occupies a liminal space between the crypto industry and the traditional regulatory and enforcement apparatus. It is both a facilitator of mainstream adoption—by making regulators more comfortable with crypto’s risk profile—and a symbol of the compromises that such adoption entails, particularly in terms of privacy and control. For a crypto news audience seeking to understand where the industry is headed, Chainalysis’ trajectory offers a lens on the broader maturation of on‑chain finance: the shift from speculative frontier to regulated infrastructure, the rise of stablecoins as payment rails, the push to embed AI in compliance, and the ongoing struggle to balance innovation with societal safeguards.

Outlook

As crypto markets mature and converge with traditional finance, the demand for high‑quality on‑chain intelligence is likely to grow, positioning Chainalysis and its peers as critical infrastructure providers rather than niche vendors. Stablecoins appear poised to become central to both retail and wholesale payments, and if Chainalysis’ forecasts of up to 1.5 quadrillion USD in annual stablecoin volume are even partially realized, the scale of on‑chain flows requiring monitoring will be unprecedented. In that environment, tools that can detect sanctions evasion, organized crime, sophisticated scams and DeFi exploits in near real time will become indispensable to both regulators and market participants.

At the same time, the integration of AI agents into investigative and compliance workflows will test the industry’s ability to harness automation without sacrificing due process, fairness or privacy. Chainalysis’ choices about transparency, model governance and engagement with civil‑liberties concerns will influence not only its own legitimacy but also broader public trust in AI‑driven financial surveillance. Parallel developments in privacy‑preserving technologies, from zero‑knowledge proofs to new privacy‑focused L1s, will further shape how much visibility regulators and analytics firms ultimately have into on‑chain activity, and under what conditions.

For now, Chainalysis stands as both a barometer and a driver of crypto’s institutionalization. Its data tells a nuanced story: crime remains a significant challenge, from North Korean hacks to global laundering networks, yet compliance standards are improving and legitimate use—especially via stablecoins—is expanding rapidly. How policymakers, businesses and users respond to these trends, and how companies like Chainalysis evolve their tools and governance, will play a major role in determining whether the next phase of crypto’s growth delivers on promises of more open, efficient finance without succumbing to either unmanageable risk or overbearing surveillance.