In September 2012, I was extorted for $32 for being gwern; I declined to pay. In November 2013, I called an encryption bluff that I was Dread Pirate Roberts. In December 2013, a crazy person tried to blackmail me for billions of dollars for being Satoshi Nakamoto; I declined to pay. In March 2014, the black-market Evolution threatened to dox me if I did not reveal information about their security vulnerabilities. I have long been interested in cryptographic topics, and in June 2011, I began researching the new black-markets, as epitomized by Silk Road (SR). Between my sustained coverage of black-market topics, occasional interventions like my Sheep-MarketPlace/BlackMarket-Reloaded bet, and my minor role in the doxing of Sheep MarketPlace’s owner, and my essays Bitcoin is Worse is Better & Time-lock cryptography, I have been sometimes accused of being more involved than I appear - possibly Dread Pirate Roberts (really Ross Ulbricht), Satoshi Nakamoto, a high-level seller, a law enforcement agent, or other things. While sometimes flattering (I wish I was Satoshi Nakamoto!), these are all quite wrong: I am but an impoverished writer who barely makes ends meet, and certainly not a Bitcoin billionaire or elite C++ P2P crypto programmer, though I write about Bitcoin/cryptography/black-markets. Still, some tinge of notoriety can be useful if it means people are willing to tell me private information. On the other hand, sometimes it is plain irritating. They don’t always go anywhere. Here are 3 examples of things that went nowhere, or at least, not where I wanted them to go. # 2012 ## Anonymous ### 10 September On 10 September 2012, I returned from my dinner to discover in my inbox news of a message someone sent me at 4:55PM using my anonymous feedback form: gwern I signed up usernames “gwern” and “gwernbranwen” at pivory.com I will release login info to you for a ransom. The ransom value decreases over time following exponential decay with a half-life of 365/2=182.5 days. It starts at 32 USD on 2012-09-11. I’ll allow a 1 day precision. Payment is to be sent as Bitcoin using MtGox average price to 1LtiftPcu3AjTbXf2XFCbvNTaeRFL1yBAy After 365 days I will start using the accounts. [email protected] Oh no! I was being extorted over a username on some forum site called Pivory. Was I going to pay up$32 to rescue my doppelganger from the clutches of a sinister extortionist? Did he plan to post threats against the President or child porn on this site to besmirch my good name? I knew I had to act swiftly to stanch the damage!

I told him no.

More precisely, I posted the following signed message to Google+ and a private mailing list, publicly committing to not paying him a single satoshi:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

CCing cheshirecats as site owner; CCing OB-NYC as witnesses.

> gwern
> I signed up usernames "gwern" and "gwernbranwen" at pivory.com
> I will release login info to you for a ransom.
> The ransom value decreases over time following exponential decay with a half-life of 365/2=182.5 days.
> It starts at 32 USD on 2012-09-11. I'll allow a 1 day precision.
> Payment is to be sent as Bitcoin using MtGox average price to 1LtiftPcu3AjTbXf2XFCbvNTaeRFL1yBAy
> After 365 days I will start using the accounts.
> [email protected]
/* <![CDATA[ */
(function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
/* ]]> */

Your message in my anonymous site feedback form leaves me deeply
amused, and I applaud your courtesy in setting the 365-day ransom at a
modest $8 (2 half-lives from$32); but I'm afraid I must decline your
offer permanently.

Since there are indefinitely many Internet sites which allow user
signups and publicly visible comments, accepting an extortion on any
of them for any amount exposes me to indefinitely large losses. Hence
by backward induction, there is a clear decision-theoretic verdict
against paying you any sum.

- --
gwern
http://www.gwern.net
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)

iEYEAREKAAYFAlKuIbAACgkQvpDo5Pfl1oLzlwCgltduvcnKy2GB5Lmz6EtBTknT
fRIAnRtF4DVLmoW8fGAR32fFFeuIqG24
=+rda
-----END PGP SIGNATURE-----

(See decision theory and backward induction for background. I think my little argument may not be quite right, but it’s still clear that a precommitment to not paying in such circumstances is optimal for the same reason one precommits to not negotiate with hostage-takers etc.)

### Discussion

One curious aspect was that the payment declined with time, rather than, as one would expect, increase with time as a penalty. Michael O’Kelly in the Google+ comments pointed out that the scheme was also in conflict with option-value/learning:

Am I missing something, or would it make more sense for the ransom to increase exponentially? You will only really be tempted to pay if Pivory becomes the hot new thing, which becomes less ambiguous with time.

I theorized that it was not motivated by a particular economic or decision-theoretic consideration, but more of a psychological hack:

Michael: I figured it was an attempt to hack convenience; if I paid up quickly, he’d make the most. Most people would not be patient enough to wait. (You’re right that you and I would choose a compounding strategy, like any regular extortionist, to instead incentivize quick payment by all sorts of people.)

Of course, he must not know me very well, because if he did, he would’ve known that I would simply put payment on my calendar for a year from now and pay as little as possible, or better yet, wait for him to actually start using the accounts and only paying up if it looked like he could do some damage with it.

Арсений Алексеев pointed out an additional failing if we took the psychological view, that the extortionist provided a clear deadline and so there was less incentive to pay to reduce uncertainty (dislike of uncertainty seems related to loss aversion):

You would be tempted to pay early if the ending date was unknown. I am surprised he made that public.

Finally, Joshua Zelinsky speculated on broader implications of the extortionist’s failure:

This suggests that people only take exponential discounting seriously when it isn’t made explicit. If one thinks that hyperbolic discounting makes more sense though then this ransom doesn’t really work.

### Outcome

I made 2 predictions about how my anonymous extortionist would react to my public declaration:

If he spent the time registering the username and contacting me, after such a rebuke, I expected a reply if only to justify his peculiar payment schedule. Unfortunately, I was wrong and as of 15 December 2013, I have not heard a peep from him, and further, the Bitcoin address 1LtiftPcu3AjTbXf2XFCbvNTaeRFL1yBAy has been inactive since.
2. He will not attempt a second extortion: 65%

As I said at the time, “if it didn’t work the first time, why would it work elsewhere?” Indeed. I’d said no and given a general explanation of why I could not pay for the entire class of extortion attempts.

I paid nothing and suffered no harm, so I regard this mostly as an amusing example of the use of Bitcoin for extortion.

# 2013

## DPR?

### 7 November

At 5:13PM I received a curious PM on Reddit:

Sorry for all the trouble I caused. I know I fuck up alot. This privnote contains everything to cover your ass, its how I connected you to you. https://privnote.com/n/mhstglglfojgxgqb/#opzcvoxulwcwlskl Sorry for fucking up what you had. I was just desperate and was trying to cling to anything I could. You won’t let me vend proper, you won’t leave me alone and just let me do my thing. I felt like I had nothing else to turn to, and if you were going to sink my ship, I would to yours. My dog died today because we couldn’t afford her medication. Such is life. Here is the pgp if you don’t want to click that link. It formatted proper in pgp. —–BEGIN PGP MESSAGE—– Version: GnuPG v2.0.22 (MingW32) hQIMA8J30uIoggNFAQ/9GJDAeJ3P+C7oqcV6deaYXpIStWzSPgF5jhcLgrCHZ7c9 gf16Qi7F1p/HFN7WgarpxBboET9w3/7BXy9+wRueODJV/qffg781kl8pyOtlcHXX d7JpYOZVi8o/faimlsapSP5kMbmhTqPJFsCQ+H7IfI2NRkLXWi9yezq5jNRu9VRb Jda5BvKq37G1F+d5bxKOpJMNxDn2gL3Gz+IbaShHnO9+UtoPR1BbNZqjV/H+TLKm 5J7zWHYU0kwe6fGhY9SobD3QSAXIDNnd6ONYC4tmHOcjMK4SfKVm01uECq6bxGLH l8e5my9CQEME/zr7AapDX9y77AwXuoiah5ZfjFwvyaz/V2C1sOcov2Ws/Z/BT4mL sxwEehEfL0+D1MeoKRJBz73JCxPsRqLUfOK9kax828uEbo7gDPJZdTXPx9z4cfZG 83mSdEQt4gKve8PUTqs6RndJIxZ6Ua1uLW4kS7TZuKXT69QnOTYM1zv3Fh4xz95l R36zbbUUN8ZcolphOr6t2kTAYJlsV17Qiw3+9dTtI5XFSq/Us6FqMcz9Tvh23n7c RVfn49+SH9WjaFz7KvpYw3l68ZdhzPNFIvHLbE1q4LZfut2b9SC3zOHc/nqdKg+H nt0vNljKfuw5Kdb3Jh5e7Gpx2iTfxfQz5dZ5aZ4ITlv7YDNvRVKcg0apVQFqrW7S wSIB13pbIgzlnblI2j/OurmagWJB84fGjGTnBs8Zj7qTG5dRdXRrXZOi2vViNs/u 5F6I6Er34qzCuU2a1VxehrZI5AZ9ivtbQvs6//HbnjVo2kXv9vStepMFlCd4fbCY J/ZJ0Fsk49jjEoODmqVBifPwDGREmYnbtL/uewrOLOrl0nmO9JUii0V8ZL9qBKZM 3Jh2Q8y84O059M+m0oIptBmF8IFfpH+4NtD6Sg6oaVNOja+/rw8+heih3CIo0NGq xLia3qaK/DPBa5wT7skuLfFf6VTZopOvNDir1RPXpHWpJAPk80lQorqKP3Y5KOTo sdzsWzOmvbLvfeaIRccqbds7KGAiZq+WMj7FiTpv309q7AaK16vgC7ndot+pAHyU AZqCZ2W/JCIO+CeF7WYpKfFEXVM/vd4Z08ov2EC30BtLc/nRGGe3L/ZWfs3krA4v CpLad/RoN42KEds0Y0JO7ZHkLf3qb7b3LLFQXGFkjGkY39HpH1AVfG+jQz3geHIx RHaiRNKy2B/Zh3aKxOmPHazxOiyUh8yAn8YtndM3RRVa9D2avaUoTrqqj/mYM31Q 6iYqxwchqxs8DOu2nwchH3aQmNVJjvmGP+zS9fE8dbehvarYj65Q9YUV3RKHJ6cw 5AUiCg== =5yAt —–END PGP MESSAGE—– Again, sorry about being a piece of shit. Although i’m sure thats not enough. Don’t worry. I won’t ever say your name again.

The Privnote link seemed to contain the same PGP-encrypted message, both encrypted to “RSA key, ID 28820345” - not a key I had or whose ID I recognized. My initial guess was that he thought he had linked my Gwern pseudonym to a black-market operator (presumably either an employee of the recently-deceased Silk Road or as an operator of the then-recently-opened Silk Road 2. Other possibilities included BlackMarket Reloaded or Sheep MarketPlace.) I can say this due to the bit about “You won’t let me vend proper”: since I am entirely uninvolved in running the black markets and I generally only document vendors after they’ve been busted, it is improbable I as Gwern interfered with his selling, and that then means he must think I’m someone else.

I’m really curious why he thinks I’m running a black market but the problem is, I can’t decrypt his message and if I tell him that, then it sounds like I’m really am the person he thinks I secretly am and I’m bullshitting him. I’m also curious what trouble he caused ‘me’ because I’ve never heard of this nick before. So here was the plan I decided on to deal with him: I tell him his message is malformed on both Reddit & Privnote (which it is), tell him how to format it for Reddit (indent every line by 4 spaces), and tell him to use my ‘public’ identity’s key. Hopefully he’ll take this as a legitimate technical glitch, re-encrypt to a key I actually have, and then I’ll know what he’s talking about. If he gets spooked by my ‘apparent’ inability to decrypt the message, then he wasn’t really convinced I am ‘me’ in the first place and I don’t especially care what his arguments or facts were.

An hour later, I replied:

I do not know what you are talking about, and certainly would not be able to decrypt that message. You should use my public key http://www.gwern.net/Links#contact if you have something to say to me.

Also, your message is malformed on both Reddit & Privnote: you need to indent each line by 4 spaces and then it’ll work fine.

I really liked the coyness of that first line: I think that’s perfectly worded to sound like I know exactly what he’s talking about but I’m insisting on the re-encryption as a butt-saving maneuver.

### 8 November

I waited with great eagerness for the reply to learn how exactly ‘I’ was being blackmailed or extorted or doxed, only to be told:

The entire text of the first message I sent you was copy/pasted.

I was sent that message by someone who claims to know the identity of DPR. I’m not too advanced with PGP only recently learning it, but I believe it is formatted for DPR PGP key so neither of us will be able to decrypt it. He falsely believed I was someone else after I impersonated an individual he asked to contact him. I was simply trolling awaiting the launch of the new road.

I know the name of the person he is claiming to be DPR and he did show me some convincing evidence but I neglected to save any of the pictures out of lack of belief. Now I’m beginning to think he may have been right because of how quickly I was censored when I tried to divulge this information.

I am honestly undecided as to whether or not I want to poke at the issue, as I’m solely a simple customer from the original SR and a sailing ship is good enough for me. But this information was posted on Reddit more than once after the registration suspension on the official forums. That said, law enforcement has definitely seen what was disseminated and if it’s true, it is in the best interest of everyone to uncover it before LE become involved once again.

I contacted you because I’ve read good things about you on the forums after researching who you were following your encrypted info post last week. If you wish to discuss any of this further, message me back and we’ll move to a more secure platform and I can share with you what I was told and you can followup in an attempt to determine its veracity. Thank you for your time.

I was terribly disappointed: he had been bluffing me! He couldn’t decrypt the message either and had no more idea than I did what was in it. And his theory wasn’t terribly plausible: I did have DPR’s official public key, but it was the key ID 67B7FA25, not key ID 28820345 (as I said, the message hadn’t matched any of the public or private keys I’ve collected over the years).

I replied pointing out the key ID issue and linking him to m public key for further discussion. He never replied.

## jack0fnone

### 10 December

This section is an example of something I hoped would be a useful lead, but which turned out to be a nuisance. (Messages below have been lightly copyedited to remove the most egregious misspellings, and where relevant, encrypted messages are decrypted & several successive comments by a party are combined into a single blockquote; otherwise, their original formatting is preserved as much as possible.)

On 10 December 2013, I visited Reddit to discover in my inbox a peculiar message:

[“The momentum of moments…” from jack0fnone sent 57 minutes ago]

15bD6fYs6p9D9wmniDtTBcQSyWXDYNDCwv

Catch your breath and decide if it’s better to avoid an email/response altogether. I for one have come to be incredibly fascinated by the conviction you’ve demonstrate thus far, and fully stand by your side. I do offend easily, but I’m also quite forgetful when recognized by opportunity. It’s truly been fascinating!

Objectively, jack0fnone

Most peculiar. Not your typical dox - prophetic words. jack0fnone was not a nick I recognized, a quick Google turned up nothing but a probable false positive in some kid’s gamertag, and I did not recognize the Bitcoin address 15bD6fYs6p9D9wmniDtTBcQSyWXDYNDCwv (which turned out to have no transactions). This sounded like it could be anything - perhaps a dox of BlackMarket Reloaded’s backopy? I knew my SMP informant had been looking into BMR, and while this prose didn’t sound like him, I didn’t have much to base that guess on.

Naturally, I opened the Privnote.com link to read the full message:

How much time are we ever really guaranteed? So many beautiful ideas to explore and exploit in this brief lifetime. Wouldn’t you agree?
To realize that it all could have been for something more than absolutely nothing is the way by which we must pride ourselves to exchange a dialogue someday I assume.
I wonder if your sheer brilliance will demonstrate itself to be as resilient this time around, great minds can create true revolutions when they work together in secrecy.
I come offering you an economy of grand scale, a lifetime of secrecy, friendship, and a fast paced blueprint to successfully rid everyone of these tremendous frustrations.
With so much to lose, I am wondering whether everyone is still on track for a contingency plan in Cyprus.

I too can change the world, sometimes we must pretend to believe it’s for the better for reality to catch up to truth–I’m sure you understand. I do not approach you or your team with opposition, only a motivation which I see to be purer than yours. I don’t feel anything truly needs to be discussed. I negotiate in the same way that all of you have, and with that sworn statement, I will take just this one wallet off of your hands and present a plan more motivating and functional (1933phfhK3ZgFQNLGSDXvqCn32k2buXY8a) My meddling in your teams current affairs is of little importance, but to validate the idea of a scam coin and expose it’s truths would not only leave identities and reputations crippled, it would inevitably destroy a foundation that can most certainly be reconciled in these early stages. The alternative route will give you a chance to thoroughly describe this short lived con under your organized list of “mistakes”.

I most certainly am the guy you are looking for, and if not I am forever inclined to be the one you’re looking out for. I would strongly urge against vocalizing your concerns or findings any further in the various communities which you grace as a form of mitigating the future risks you assume to be impending. My unequivocal opinion is that we should continue to change the climate and attitude in a way that doesn’t hinder the progress of this crypto (specifically Bitcoin) movement in places where it is desperately needed. I cannot stress the importance of timeliness as I am eagerly anticipating the expected denial phase that is to come! I, however, am confident that our negotiations have pleasantly concluded; for better or worse, I would avoid focusing on the rationale at this point. It would serve you well to have me on your side these next few months, as I’ve decided it would be an absolute insult and tragic succession of events the following months to have this move forward in any other manner. Similarly I offer the option of ceasing to exist if you so choose to not dignify this partnership I would hope to develop.

signed,
1933phfhK3ZgFQNLGSDXvqCn32k2buXY8a >
15bD6fYs6p9D9wmniDtTBcQSyWXDYNDCwv

[email protected]

Well. That was ominous. I recognized the address 1933phfhK3ZgFQNLGSDXvqCn32k2buXY8a as being the notorious lost treasure of Dread Pirate Roberts - the ฿111,114 (~$92,224,620) the FBI failed to confiscate using Ross Ulbricht’s laptop. Did Jack think I was the real DPR and Ross a patsy or minor employee? Certainly the mention of “team” suggested I had ongoing operations and that he might think I was the DPR2 running SR2, but I didn’t know what might be meant by “scam coin”. More disturbing was the sentence mentioning my “organized list of ‘mistakes’”, which was a clear allusion to Mistakes and evidence that this was a targeted message and not some indiscriminate broadcast to, say, all Redditors who commented on SR-related articles. Regardless, this is a clear blackmail attempt. How to respond? I have no secret identities worth paying to keep secret, I do not possess ฿111,114 (heck, I don’t even possess ฿111), and if I did, did he seriously think that I would pay up immediately on getting such a cryptic threat? Now, I know he must be wrong in whatever his accusation is, but that doesn’t mean his information is worthless: he could have still stumbled over valuable information, even if his conclusion is wrong. And the purple prose was inherently amusing (if a little disturbing in its own way - “What frightens us most in a madman is his sane conversation”). How to find out what he knows? I can’t simply tell him, “you are wrong, but could you please tell me what information led you to your outlandish conclusion?” I decided to employ the same strategy the last time someone accused me of being DPR: insist on setting up a new public key and talk via that. Naturally, I didn’t care about Reddit eavesdropping on our conversation - what do they care about a mistaken dox or obscure bit of black-market trivia? The point was simply to give Jack an impression of guilt: after all, what innocent person would bother with such high security measures? Surely only the real DPR would insist on such iron-clad secure communications⸮ I replied briefly: Reddit and safe-mail are transparent sieves as far as we are concerned. Here is a public key: -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.15 (GNU/Linux) mQENBFKnzMIBCADuocAFw6DktC6FC+WN21ly7SwiOiVic8uknEl+EqTShX1fZ7Vq DC9TajB3tItHJBDq3J6hBK+vFVOq4+mUDz4/vGNFqRZuOiZBM5vNr8mxYUZrVu50 REvE1YGzTdWqFW2E87Jw/E/psOMAeAM6xiwqffp6RRCl09ERix2FmgMOnHkLsRc5 t5dePjs7jj42l0XAAV8vbPRubOqddSBBxLAq7t2CJOJ+o53lqhD/rH8W5izWephW A63emiDdIJ16hKRzEMGWLRWNMKRzRM5XQ7dUlpLlENgpKduEj+iyEHUYEvXYl/4c 86WHozYkSbE7b8ftzB9BeiMbL8HjoJHhIAmZABEBAAG0I05vIEZpeGVkIFBvaW50 IDx0ZW1wb3JhcnlAdW5pdmVyc2U+iQE+BBMBCgAoBQJSp8zCAhsDBQkDwmcABgsJ CAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRAjuDcHGnJekn52CADkohEBgR8l7WZX 5X0MQyxWTEkNoaDk0daqqUJXq17xljXm+JQ7Z3I4uFEuGeF4CaANhEsnE50h9CZs Gz7w+R+XoUX+/DIqKq7RDQyOM3nVvEiU8oe+OONfFpZHD4OSgvrv6dDmAQgX6m0z 7C/40l5IqZBjtsvwS+WZwq6T9bD+WfziAsMHgpx2WO4BDNwWqpkI7qfKR2y2zWCn r29QN5rEZ8vhZ2vOu2pQ6euR7+xgpSztyfkivF7CuRmCB15c3OsF8hHVbwA191BP tkYHJDLqD04AikRlqzRuPUOPY1e1aK1tGIXovRgGu2uzOjLLxEuQY2PkIUj68prL 3YLQo0TeuQENBFKnzMIBCADnBkf8nD2vNFyE9Dn1a+uN72GPq+UtlQ3eKiGj7Z4a oQzi69ezCl0bESlLlILGQQ/8Y6pd2KJUyt07YCETIcl4iTgCLLdmx3W9k5IxhUc0 YZMTFuAnxFNIgzLaaj3+BQnuVLj/WI9nqz4ztyfX9ywmL4/9RJH1GfHezwSR71tz ULFERRDbKUDN8CA+51D9DZmizGdzP9z14qaDMaTN07xz4Ok0ytxQsvR6BweZXTuC T9ZA5G1Q8xUbPyYAAjL57hFKrKYz/i4ogp+WcdocGyM1t3RuORnofAHDI7r57pwe 2hftnIBzuVGs+/A9cNM6sktiXDWV7XQ7dxzOilGzcyf5ABEBAAGJASUEGAEKAA8F AlKnzMICGwwFCQPCZwAACgkQI7g3BxpyXpKScwf9E1YCb0DGRWSW48rXq+zXJdsp RV+BiydtGSv7BJfzrGS2tkRDgv2cPVOzmtXufgz4RLjuvMPutk32AH/u3Nd48t8k XeFbuoLPK+ksXVCQbkTG7+XvzqxT974l7ILu3cCcHNXhZjx9y+x5ENz2WdAqUTc2 i/lwQ9Qyo4BHSXpI8o59jLKIV12PbkofHE2ytDrOlCDSv/J0sX7lSakKpOEusZhC TqeQTOo0Dwf9jBYjuyVyGiAJBOAZ+5Idky/FjNXi6pSuROtvjFYndxMXCy2I4jol m9KPCj00R+2Wi7ENrTLCVTEYZlPfZSi3rblE63Ch1VWgCGZQVD8bjTtD0KuZUw== =ah5R -----END PGP PUBLIC KEY BLOCK----- Please reply with a fresh public key and your plan for a fix. ### 11 December Jack seemed to take the bait, as he quickly replied With great pleasure. And then sometime later, sent a longer reply: —–BEGIN PGP MESSAGE—– Version: GnuPG v2.0.22 (MingW32) hQEMA4z9l03Eej0JAQgAtmUV4qSJI/9bn50luT1Y4QqAXRNBIik/NyNBB4WFy9zm tQ6snjE6Wt52IYlL7HWc+gw7hprEMTD2N1I9CvhIkXkYMRWrqwW84vzfGhL62FEU ZKVOlDGMosRUgFXTNyXO6HhHophyfkuH2dDwkOk2+8feMorPWUvvK/csNTTlFMos xxQ6k/WSNIOlSWCOTvWIXriWedtPLqg9pLMC01B35TJnGKfnIBkxBREqk1B3A5jd rkLJpC1l8DtZXnJN3txNvg2v27QafqBYOUVtvyb/4cgEmfPQW/kDCi5asjZc48CI Mrg4Nsa4VfGDr+iKvkmxcW3Bazpx45Fdzw/qW2JnW9LrAbfVeGEzxHHcuK7fC6t4 9rKqSiSZWwFggmsNKF21VJ0NAUdDFosW3Zxu+p56QMLpKqJnBbFF85yj532M08R9 cGhtctu7YZtQUlw65CgYr92CyV8y9TCqHR7YeUKTv61WMRwv4/M1+JZC8JR/M/Sc bKvIXNI5m+wzG2NaTkafdbzu0Ds2gmAZ93pesunf1XrPQoR6ATum9JNtmAzzVXx6 Zhp/3ZzF8Lo0opI7eTjkUP0/y817Mp2+e4jvswR30G+XrkTp7tdHwE7Iex3RjPF1 w8ckq4NNW7t7VjfNL7VfJgKW941ASRbZdYygiolmh8tqQ3wqLeI99zcYrmw+3dpI 0jMhq2fW+JJb7neEdw9gF6MgWNSDk/q8pS27ROeZyVJZgGfX/HJX9i6hBHinkIsc Fj+janaVWjkbfg3OWLpcg7jDpgzl4O/HRNiFVjhTYYI2k4x6gASCJK4dub45/Bxi yYuzi3l6i/VEkFOw5PlmBd61j0k+LjVD5WZL864jcFAUk/WaDxL3EsVY0c06FXDV H0WW7jL5NfBStydQauWOYRmCsxNKZIVgegFTByWU7jYj7vtsDZ1IdE+JufTYXu8Z tr6OhkEga8N/GACGaRg4fLzEz5soPVT5/CTSa6WJK174cZpR/DKseqQ32k/cFgZD 2kPxTDd3yhlkssDsb+NSnPYJyExxelYuUN2K6TECojrrbUoerfzOy506qUGwPMCa +DFhFuDIYM2wSWJA5+zr7FUFn7kdXys7qWjXFy16EcgT/4MvgFbiwzdIowQNgW+7 aQLntfH9h2cLBEzUYSuimac/MxJq3IMvHQjkrDqZbHkXl3TIBWi0AvRpG/gLvkxJ ZPIUHVua1uWXJykxVh/5mVef9IBtVVlmesKd5pEKqQt/tY8/6z7quKMgikBFzs+k hDlFSGOhtJxdIlXONNVn6tKlfQ2yzycghwsFKfKP0vKbAWW9fK5wquWPcvQM8g1y 58wdkidoo1yBuQ1Ri8HfJ1goBVKv0uyyzbPI8uvnVaykEcH2dGEdDV8BWvKFOPU4 Lc1WVX1msrc7/0R1QxOFi4PBTHHfFUknGjbABUuGenWHeQEclJVR8wQdQ1rhWA3F YfUQ9Pv6nqYlLH18gqK/hLkN9bcTWalIVhFLdcJydLB46XjQSxga6dbmqyfWFUYl Fc1f7CoJlyQ7cj0+uiSSLHYdb2YBwYXOnQGsnTFd5Ynx+wHcBzysnGUp0X+KJNSV 8Mkozo73Y23EB9AYEXOgiidRoAANJZnY7kxM/pTEhJDIXMzqFDk9yqsZIdJsN86s 7B8XHKh9uLBd2VZGoGXLZh36LttEpmCdoGMhUuunvPbTnogv5HkF2S7aJp7Kqk4P Aip+6FoEl3JIFiTjZy68/Xqt2YgcIJs0mn89ZjQkXGWAor3u2Q8CuKaZKryEmPc3 43w1dziujnfZR/WNTZMMDAvscjWnCGudiyaG9oxSKR0bHSORannp9gD/W6et9GEL VFnoS1rHkEsnR8WDJOFGmvt5kADEEQnZfNQJRdMQpm93b2i9i8mkbHcoHMLJzpGM aQ3AbjWutu6cQJYoGgiZy2HHfOuCf8ZmEzXLI2rZ5MghABI7U7mWXarvI4NayUQE 2bBMDxCthaQSPA5YwM42Fow7RteZ+x1vC4xo/yBBm90hn83bwWF24QcA7bGJzUI4 2io8C6fiyPfEqYoItqM1f4TZVkd1r+DLwSDMYXJY0hfYEmIqU6xulK3l44Yw6Id3 rs+9AxQ/oPGdFen955mKVjXH3CSxH8/qXJKrauuDKFYjdZ0sM/+1So38FypX++lO +8d6qFvdOLnhjjP5bBEztTOo7nXhzCWRYXBzzU7oTccY74GUi+601BGVqtJ9E2+4 h++H9E0v/3lePn/jUEF8LUc4N7HB2BUxSWcKoqPIDw532NPEf9QYf/GmRJkT66F7 6lDoIUG6TNCfXAGu2oRGoJwe+7Tm9D/kdMSbpXQRkwMEGX/qh5QxSJB1cvJkbe2w dhNP3G1fTyO2LL0nxmN+RR5G/Lb82NOBsQXdkLqjAQMm4oNHhQsNNjFqzP2w0UJk 9OwQ3wR9lZlpisPegtn5lIxDBT5OZ84ZMwqjqV5sZgGequvJVdEp2ewMy91WVrY5 xdAWmGvxuS6hAf+tQ1Jmkg1JRdoWgYD1ug+lNnwIHZCtWcAohlFgTpYbUsVUK+Bv 5c/AbMMtm+JJ/rltjp8d/90aRMTEn68m4EeLaVIHYPrfLU0CZNYcwh3lczC+fbAV o5J6shY59Mf1WM5+w23vFt1ISSahzBtJHcX7FVp5zzuFCciB6ie3JPV5a2TAoyxn hgCrikgijeqlzub951f7XztCN9jYE/FeAp72xglAB97791M+O+xXWFZcbteBIip6 k2SyuA+2s5jVwBlzsOEBvH4Pgj75ogGxcyslolSN7I1m/PONRRzY4oCFs5KG/q0Y DssR9UcFeXwAgHdnIQe/6lcnzF+xscd59b/T0D6x+cEJ2sf3e1hmcySBlhBkFskN Fg3f2Q+Dji2QjTZO2XJshVgfHSxAXUYcIi3qex0ovJ6R97x/FgArFeLynhYIs6L5 Oz539JAk/zZltdFJG+F8yJWM2GyQiHv4/AQ/yDFvuzqHhG6UhFKs7ex56HQ94pAr L1mutMi2GT/UcBo1rydDMsn2V0cGciw8POT9gVu7nd4nPBINNFbVUYSnJORDkivl LninRm8cjBmLEU33Cyv5NUHArdv3LIXwgiVgvhk1vKeYeMmK+xHm+UwWMddem9dh 8UuK47bdU7YB3AVG8trscPadzCDkFHM9RVRsYJqPN1FE/NaYCPxpwkfLcNricvR2 M7OEt74cJjSsx7ZtOP5+x/IVL9O6CRHB+t3UeGUZcQq4nZff2IQDBB6U9sAFiO/o FqW8qzS8FrPF9lA1mjPcZ7+H/av/DsIa7ei5G/hea0S/3Okij1ZS2aIxMkSgmdlf KybWiph0pPDiBYsYgeR1Tk6pcS27r0d5y4EjAumCy1iKCoo2XtdyWYEUtqefa6oA 5mkKrOcs3ackZdsSwZafuARht8ZsST/9ojobLzCtBXTgXNi+Cg8aTThcK+wifN4C 0p5sN7lPg52gBksf9BTOqq7UtP5Nhn1ju7NWsnuRzxaprGzlWpvWM5duULOD+QHk 0y4z3hECY1RdDMSqSFx/s3E5fCbiSLjP6kZLzQWSkM96Uy06wOZjG1PClK0GsU2n =42HQ —–END PGP MESSAGE—– I will add that all totals will continue to be calculated in BTC on that days average if you fail to comply with any guidelines. Look forward to something more pleasant in discussion as soon as possible, best. The postscript confirmed my belief he was blackmailing me, but I couldn’t figure out more. He had made the usual error of not formatting the PGP-encrypted message as a code block, so it got wrapped. Even after fixing that, the message was invalid: $ xclip -o | gpg --decrypt
gpg: encrypted with 2048-bit RSA key, ID C47A3D09, created 2013-12-11
"jack0fnone <[email protected]
/* <![CDATA[ */
(function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
/* ]]> */
>"
gpg: decryption failed: secret key not available

It was encrypted to his public key? I decided to play security hard-ass, to further the impression of guilt (surely an innocent person would suggest simply messaging like normal people and not be so paranoid):

Please use that key. I don’t mean to be rude, but if you cannot compartmentalize and follow basic opsec, there is nothing that can be safely said.

I was a little amused at my roleplaying here: “safely said”? Anything we had to say to each other could be safely said in the clear - I am not DPR, so what do I care? I had to project an image of being technical and high-status, since from reading many post by DPR and Satoshi, I knew they always spoke confidently and calmly. Regardless of my reasoning, this seemed to have the intended effect of lowering his status and he apologized for his error:

I apologize. I’ll admit my competency is far from flawless. I seldom communicate in PGP. What was the exact issue, please? I will have a response ready for you by morning (your time).

His next response was to provide his (malformed) public key:

—–BEGIN PGP PUBLIC KEY BLOCK—– Version: GnuPG v2.0.22 (MingW32)

mQENBFKolUIBCAC/6/TImZT60vCwGyXh+lWuWttrz1xeDnDyzTm3J2dXlsY6yy0f 58UmtmIHR99abm++jDPr1TcszC5u+Y/c+XICHzPDpkhqKfXmr4NhCkCDjZtmYNI9 4YLbwytaNWvMTbEupyT9SbiPTd//V3W4yuOvYhZKOQfEzcmT1hIcn65c5v93HD4R A7T6rmLoLjKQjccBBXOiRfw62CvU80CVlNiHkGeQYM/1Ym6DTPJkEdyQ4WU5g6d7 P9lCrvGvCQKpU+gVrjjdY4QVLMhdSTmGbogtMwFiEkDPmFB67g67m5nz+DQ+kzzE aTVmZj4OOWS6kUWivYR+0rqaZbDyrF7a7MP7ABEBAAG0JWphY2swZm5vbmUgPGph Y2swZm5vbmVAc2FmZS1tYWlsLm5ldD6JATkEEwECACMFAlKolUICGwMHCwkIBwMC AQYVCAIJCgsEFgIDAQIeAQIXgAAKCRC7IqugAkQU5et8B/43L6XCmbBw+8Fl7xk2 elXk2Q5h6FRVLnGKiPzbq5OBtKSaQlThDku6W6Pg2yWbeMGUWw4ZW8EaU/c0Mn68 oPILgYiydpbJOdn8L5Kju1GiGJl1RD1PCJpl+2iQXoRCptcazubSgDd4NcECr5QP DnGvAasRlHWrMITmWpy9zuIBWiuMzkzgJIRTp8cK+5JPCp36nWF4g41XIgzyLhR3 Z4Zt+YCndCnrYGRRsfMgGMSXGorIxPtJW/Ik5xTNNYOF1550QWgY8I0kVa5R87DT 7Jtl9UcPPWiTTQud6l4YlCfChkPoKwYY6TEXW7vdvfsjOufbQSsPTnC40L2YA8oH Um0TuQENBFKolUIBCADDacxyZw8UzK7inJXIih33rNC9zPLyPemMhJQljjk8esZJ +Tj6zLKxD4BbwEZKxKApXZcqNHbDNbfA05mZzAnMvppLbptSVgKSADyTmvFu6wUC xLhT9DRTp7p4/MtUDupEyq3IvkbLY/AfuBSJfVxzBBpnO+jipLQSHVl09U4ov8R5 IJq6NaNlT6/33pA1frC6JfJumZSCLHDDX2AIuH9T6P8uQmIBy+Wne97A1zvEb4j0 ktKyjhaQ8oJFlkQhlJgEfS1XtQcfpGZo2wyWc63c4q8G4Sbu1S64Gl2EXKStPw14 7MQg0nDqbjDjTEXtJmurwIs4gRBvjDqPT2WlMp7VABEBAAGJAR8EGAECAAkFAlKo lUICGwwACgkQuyKroAJEFOU/Gwf/bYPZILFgpaxXsfX0944ZYHWQZN+x1s2/Sf8A DiG/6C4nkWyPVGRE/ee5RTaOE2DPCSyPmGxpk92+IGZ6aLNsxFcVanaqkrKgP3cZ V2MhJH5wV9rF3SFjQiaUktNitLh5OmwFfBRU6rmKP56i4nh+nz6az6tp2pFyhVtg TInfyAiXfL8klTIh/NkCdDy8pXlRS6SVTOLbECcB8cKtlfiGGccauE46dYhE502Q /vlJWWUjtVHm2AQ2DMQm2o/E3xuO+KmdMOqMAR5IkwZP0YevnXq44tNKrHbEJgL8 HB8yyBO+BblRBXSywPP9VYmKZjS3NFTzu+B0uRi4lwrp/OxQ3g== =kOch —–END PGP PUBLIC KEY BLOCK—–

resolved?

No, not really… but I fixed it anyway to import key 024414E5: "jack0fnone <[email protected] /* <![CDATA[ */ (function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})(); /* ]]> */ >", and gave him an encrypted message explaining the issues since he wasn’t figuring them out for himself:

First, to use PGP on Reddit, it’s best if you indent each line by 4 spaces to preserve the newlines.

Second, the issue is simply that reusing a single public key for everything is not safe. Public keys provide security and irrevocability: these are very useful in some contexts, but in others, you want off-the-record properties and perfect forward secrecy. Casually using a single key for all communications means that third-parties - such as law enforcement - can prove you signed all the communications, and similarly for receiving messages encrypted to your public key. It’s like linking addresses on the blockchain: once you have done it, anyone with a copy can prove there’s a connection. Even if they cannot break the messages, that still offers traffic analysis and metadata. One way to mitigate this is to use multiple public keys / identities, ideally one key per correspondent: that way, if anyone gets a copy of one key, they only decrypt that particular subset of messages.

This was all perfectly true and the reasons why someone like DPR would act as I was acting. They just had nothing to do with why I was insisting on PGP. Instructing people on PGP use can be tedious, but being patient with sources has paid off for me in the past, so one grins and bears it.

He replied with another malformed PGP-encrypted message… encrypted to his own public key again:

—–BEGIN PGP MESSAGE—– Version: GnuPG v2.0.22 (MingW32)

hQEMA4z9l03Eej0JAQgAwLpN8/6fwa403zDRudFXJijnz+j+9Y4TjbmNr8nwzn2X 1cLvYq9h+/QW2RF5yjMAFGZEtwi6GfasYzHlcZ7hN2hGa2m3gsNyxrAXzpOQwuXW UDqxrP5hTUXBlw3NWM71z5H8TrO7vdSWjyVjGdztL/fTsADbvsBEiC5CWGdnYbaK pvepFob4IYV/PGoWCVN4otORlcT7M+tkpMdx44pivV7Ivmu3nkYHf+kflP79lyH0 vA/awyKK+KeF02HhAFRXn8YjJb4sDwluuRSPG4lFYpUmUxVWfYmymPcVyX1fRFma w4nosA9GWsOkgijyrwov6R94MdViZ560DmzOzsF5b9LBPwHYt4OburhyR7F/1MbW BwY/lfQaFw7tu88yf9i43INXyTs17cX430EfacDnkn4KxGjHxNS8ngXVaoQz3h1j IGOt1j3r37tDgzQkBe6zOSsj53o95C/JUlQpS6ypmPMOOtRV6d5gtPC5Ufo8FtIb xIT4ma3rBWiOfjxu1WK3/baz8Tf8NWXM++Qf7iUHZLVpxZv7k9maddldw/ovFzzi H+rgnNIC+3L3V+nAxB746ihISymTjZgjvkPnQ6p60SPO3PHumCUEvI5eM+beMgX5 icSEnBghvlRN7CgMwSv77gSEe541v38KaPyeyDMVHJT16nODiDAFjHIqF+IskeOG HfOzMsyNGZEZhDCksdKJV3+ceWnknusaWu69+o+vgPxlJSBMd8uJjaRS9vbJJPjk VPeV5ZurJ1cjF6IiD2k+pZdFvDg3RbEO+Z6tlDtUYe0qK3kwAoWAatHF4uyqgXwC vfnByz314yeVV29c65fvCf0mQE3WoMa2IQ+v0+NjvSb8U0ahmIIggQxHYk/XqM0Y +dr++nRQuQfvFMOIqTmcNigonCcx/0nQsuSXq0tieUP2E1j6cR/LLjxjdEmfTplz 1RD/wtTV8L+bSHzz6yu/6kU05x04auHLPgOXp1JQ/CQz0x7V5NgIknJKGWpUqi9w o699ms6ZBFe/3Hq27rVO9Ws= =OUp/ —–END PGP MESSAGE—–

Let me know if this is what you meant.

Helpfully, he followed up with a warning:

So we are clear, I would suggest you focus on my initial response rather than avoid addressing the commentary. The requests are as mentioned, very precise and without leniency due to the time sensitive nature of this matter. I will leave this reminder decrypted, your time is highly regarded in all of this. Perhaps we’ll have the pleasure of exchanging formalities at some more convenient point.

I might do that if you hadn’t screwed up the encryption, Jack! By this point I was getting a little frustrated - if he can’t use PGP, how likely is he to know anything worth knowing? - but I persevered, and explained in the clear to him:

No, I’m afraid that’s still not quite right. First, it’s easier if you format messages right by indenting each line by 4 spaces. As it is, one has to carefully fix the message by hand.

Second, your message starting with hQEMA4 is still being encrypted to the wrong key. When I look at it, I see:

$xclip -o | gpg --decrypt gpg: encrypted with 2048-bit RSA key, ID C47A3D09, created 2013-12-11 While in gpg --list-keys, the special-purpose key appears as pub 2048R/1A725E92 2013-12-11 [expires: 2015-12-11] uid No Fixed Point <temporary@universe> C47A3D09!=1A725E92 - it’s encrypted to the wrong key. What you need to be doing is something along the lines of $ cat message.txt | gpg --encrypt --armor --recipient 1A725E92

Specifying that 1A7/temporary is the target public key.

His next reply, thankfully, was properly formatted, and so I could import another public key (key 24E2A726: public key "russiatoday <russia@today>") without issue, and this time decrypt his message, at least yielding his blunt statement of what he was after:

I appreciate the timeliness of your response.

First and foremost compensation, of course.
Secondly, I will provide a clear synopsis of the timeline that will unfold for your maximum 7 day emergency extension.

Invoice: Satoshi Nakamoto

Payment Due Date: 12/11//13

+Day 1-3 $250,000,324 per day +Day 4-6$500,324,324 per day