You're close. There's no difficulty decoding the blockchain. The transactions are a public ledger. Have a look: https://blockchain.info/tree/1...
It's not anonymous - it's pseudonymous. Your address is your pseudonym. It can be linked to you in many ways:
When you buy something the seller knows who you are (they have your mailing address, your IP address, etc), and they know your Bitcoin address (the transaction is public information). Anyone watching your address will also see the transaction. If the address you sent coins to is a known address the investigator can then go to that seller and request your identity (via subpoena, violence, bribery, etc).
When you transmit the transaction it's first received by a few network nodes. If the investigator is running one of those nodes they see your IP. They won't know for certain it's you (perhaps you were just relaying a transaction), but it's still a short list to check. If it's the NSA or anyone else who can monitor your internet connection directly, they can easily discover that the transaction originated from you because no one sent it to you first.
People use mixing services to help obscure the origin of their coins. It makes it harder, but it's still possible to perform statistical analysis. For a simple example: https://blockchain.info/taint/... . The investigator can find some addresses which correlate with yours. Even if they don't find YOU they might find someone you do business with, then coerce them into giving up your identity.
It's a lot like cash. You can pass it around freely, but every dollar bill has a serial number. You can spend it with relative anonymity, but it will be scanned whenever it passes through a bank. If someone is looking for certain serial numbers then they can easily find the bank your merchant uses; then stake out the merchant; then find you.