Table of Contents
- What a transaction hash actually is
- Hash, address, and block: three IDs people mix up
- Why it matters for your case
- Where to find your transaction hashes
- What a block explorer shows you
- Confirmations: why "pending" is not final
- What a hash reveals — and what it does not
- Common mistakes when collecting hashes
- When the trail is harder: privacy coins and mixers
- What investigators do with them
- How to organize your hashes for a report
- Frequently asked questions
- Is a transaction hash the same as a wallet address?
- Can a transaction hash be faked or reversed?
- I sent crypto from an exchange — where is my hash?
- My funds were already moved on — can I still trace from my hash?
- What is a gas fee?
- My transaction failed — did I still lose the money?
- Turn confusion into evidence
When people first try to report a crypto scam, one request stops them cold: "Please provide the transaction hashes." If that means nothing to you, you are not alone — and the concept is simpler than it sounds. It is also the single most valuable piece of evidence you can bring to your case.
What a transaction hash actually is
Every time crypto moves between wallets, the network records it permanently on a public ledger. Each record gets a unique identifier — a long string of letters and numbers — called a transaction hash (or TX hash, or TX ID).
Think of it as the receipt number for one specific transfer. It looks like 0x9f3c…a71b and points to exactly one transaction: the amount, the sending wallet, the receiving wallet, and the precise time.
Two things make it powerful:
- It is permanent — once recorded, it cannot be altered or deleted.
- It is public — anyone with the hash can look the transaction up.
Hash, address, and block: three IDs people mix up
Three different identifiers show up around a transaction, and confusing them is the most common reason a report stalls.
| Identifier | What it is | Reused? |
|---|---|---|
| Wallet address | Where funds sit, like an account number (0xAbc…123) | Yes — the same address is used many times |
| Transaction hash | The receipt for one transfer between addresses (0x9f3c…a71b) | No — unique to a single transaction |
| Block | The numbered batch of transactions confirmed together | Not an ID you submit |
When an investigator or exchange asks for "the hash," they mean the transaction ID — not your wallet address, and not the block number.
Why it matters for your case
For an investigator, a hash is the thread that unravels the sweater. From one hash, it is possible to follow the money across wallets — and sometimes to the point where it enters a regulated service that performs identity checks.
Your wallet
the transfer you made
Scammer wallet
first destination
Intermediary wallets
layering to obscure
Exchange
identity checks apply
Without hashes, a report is a story. With them, it becomes traceable evidence — and that difference often decides whether a case gets meaningful attention.
Copy them exactly.
A transaction hash must be copied character for character. A single wrong character points to a different transaction, or to nothing at all. Use the copy button wherever one is offered.
Where to find your transaction hashes
| Source | Where to look |
|---|---|
| Exchange (Coinbase, Binance, Kraken…) | Transaction history → the specific withdrawal → "Transaction ID" or "TxID" |
| Self-custody wallet (MetaMask, Trust…) | Activity tab → tap the transaction → it links to a block explorer |
| Block explorer | Paste your own wallet address to see every associated transaction |
What a block explorer shows you
A block explorer is a free public website that turns a hash into a readable record. Paste yours in and you see the anatomy of the transfer:
| Field | What it tells you |
|---|---|
| From / To | The sending and receiving wallet addresses |
| Amount | How much moved, in the relevant coin or token |
| Status | Whether the transfer succeeded or failed |
| Timestamp | The exact date and time, in UTC |
| Block | The batch it was confirmed in |
| Fee | The network cost paid to process it |
The "To" address is the thread an investigator pulls next: it is the scammer's wallet, and the starting point for tracing the funds.
Confirmations: why "pending" is not final
A transaction is broadcast first and confirmed second. Until the network includes it in a block and stacks a few more on top, it is pending and can still fail or be dropped. Each new block added on top is a "confirmation," and more confirmations means the transfer is effectively irreversible.
This matters in two ways: a pending transfer is not yet money in the scammer's pocket, and a failed transaction means no funds actually moved — the explorer's Status field tells you which. The canonical explanations live in the official Ethereum and Bitcoin documentation.
What a hash reveals — and what it does not
A transaction hash is powerful precisely because it is public, but knowing its limits keeps your expectations realistic.
It does reveal the sending and receiving addresses, the amount and asset, the network, and the exact time. Chained together, those let an investigator follow the money.
It does not reveal anyone's name, email, or location — a blockchain address is pseudonymous. Real-world identity attaches only when funds reach a regulated service that performs identity checks, which is why our guide to tracing stolen crypto follows the trail to an exchange rather than trying to "decode" a wallet into a person.
Common mistakes when collecting hashes
A few avoidable errors weaken otherwise strong reports:
- Sending a wallet address instead of the hash. An address (where funds rest) is not a transaction (one specific transfer). Investigators need both, clearly labeled.
- Copying the shortened display version. Interfaces show
0x9f3c…a71bto save space — always copy the full-length value, not what is on screen. - Screenshotting instead of copying text. A picture of a hash cannot be searched or pasted. Send the text, and attach the screenshot only as backup.
- Mixing up networks. A similar-looking address can exist on several chains. Note which network each transfer used — Ethereum, Tron, Bitcoin, and so on.
When the trail is harder: privacy coins and mixers
Most scams rely on transparent, traceable assets — Bitcoin, Ethereum, and USDT — whose every movement is public. Some tools deliberately break that visibility: privacy coins such as Monero hide transaction details by design, and "mixers" or "tumblers" pool funds to blur the path.
The encouraging part: blockchain-analysis firms such as Chainalysis report that the large majority of illicit crypto still moves across transparent chains, where it can be followed — and even mixed funds often reveal their entry and exit points. Do not assume your case is hopeless because you have heard crypto is "untraceable." For most victims, it is not.
What investigators do with them
With your hashes, an investigator uses blockchain-analysis tools to trace the flow and, where possible, identify the off-ramp. You can even look a hash up yourself in a blockchain explorer, then open the wallet address that received your funds to see where they moved next. Our guide to tracing stolen crypto walks through how that follow-the-money process works. You can see the kinds of tools involved on our OSINT tools page, and the crypto dictionary explains any unfamiliar terms.
How to organize your hashes for a report
Investigators value clarity as much as completeness. A simple log turns a pile of screenshots into usable evidence:
| Date | Amount & asset | Network | To (destination) | Transaction hash |
|---|---|---|---|---|
| 2026-03-05 | 700 USDT | Ethereum | 0xAbc…123 | 0x4c2a…e9f1 |
| 2026-03-08 | 1,500 USDT | Ethereum | 0xAbc…123 | 0x7b10…2d44 |
Record the full-length values (not the shortened display form), note the network for each transfer, and keep the original screenshots as backup. Our guided report your case flow asks for exactly these fields.
Frequently asked questions
Is a transaction hash the same as a wallet address?
No. A wallet address is like an account number — funds rest there and it is reused. A transaction hash is the receipt for one single transfer between addresses, and it is never reused.
Can a transaction hash be faked or reversed?
No. It is derived from the transaction's own contents and recorded across the whole network. It cannot be altered, and the transfer it represents cannot be undone — which is exactly why it is reliable evidence.
I sent crypto from an exchange — where is my hash?
Open the withdrawal in your exchange's transaction history and look for "Transaction ID," "TxID," or a "View on explorer" link. That is your hash.
My funds were already moved on — can I still trace from my hash?
Yes. Your hash is the entry point; from it, investigators follow each onward hop. See how to trace stolen crypto for the full process.
What is a gas fee?
A gas fee (or network fee) is the small payment that compensates the network for processing your transaction. It shows on the explorer and is separate from the amount you sent — useful to know when the numbers do not match your memory.
My transaction failed — did I still lose the money?
If the explorer shows a failed status, the transfer did not complete and the funds did not move, though a small gas fee may still have been spent. Save the hash anyway; a failed attempt can still belong in your timeline.
Turn confusion into evidence
You do not need to become a blockchain expert — you just need to know which receipts to keep. Gather your hashes, keep them organized, and bring them to your report. The guided report your case flow will prompt you for exactly the right details.
Key takeaways
- A transaction hash is the permanent, public receipt for one crypto transfer.
- It is the single most useful piece of evidence in a fraud case.
- Find it in your exchange history, wallet activity, or a block explorer.
- Copy each hash exactly — one wrong character points elsewhere.
- Hashes turn a story into traceable evidence investigators can follow.
Know someone who needs this? Share it.
Scambulance will never ask for your private keys, passwords, or seed phrases. Anyone promising guaranteed fund recovery is likely a scammer.
