We are provided with the one source wallet and one destination wallet for this challenge. We approached this by making a few assumptions:

1. The total amount of eth put into the tumbler networks by the attacker is approximately equal to the eth leaving the tumbler networks ie `Wallet A + Wallet B = Wallet C`
2. All wallets that Wallet A sent eth to (between 2020-05-31 12:20:52 and 2020-05-31 13:13:10) belong to the tumbler networks
3. All wallets that Wallet C received eth from belong to the tumbler networks
4. Wallet B would have sent eth into the same tumbler networks, overlapping with some wallets that Wallet A also sent eth to

As such, our solution is as follows:

1. Take all transactions from Wallet A, label the addresses where eth was sent `tumblers`
2. Take all the transactions from Wallet C, label the addresses where eth was received from `tumblers`
3. Take all the transactions from `tumblers` where the addresses received eth, sum the values by the sources
4. Recover multiple addresses that sent eth into `tumblers`, but only one has a total transferred out eth value of `Wallet C - Wallet A`

Full working (Jupyter notebook) can be found [here](https://github.com/JustinOng/Defenit-CTF-2020)