Matthew Edman, the cybersecurity expert who took down crypto kingpin Ross Ulbricht, has now set his sites on nChain’s Craig Wright. The estate of Wright’s former partner is suing him for billions of dollars. Modern Consensus has acquired a signed affidavit from Edman which accuses Wright of submitting a provably forged email.
Wright is the person that many believe to be Satoshi Nakamoto, the mysterious author of the Bitcoin white paper. But a typo in a document submitted to the court could get Wright in hot water.
Wright submitted the email during the discovery process in a lawsuit suit brought on by the brother of crypto pioneer Dave Kleiman against Wright. Ira Kleiman says that Wright owes his brother’s estate 1.1 million bitcoins, valued at close to $6 billion today. Wright’s defense cites an email December 20, 2012 but the veracity of that email is in doubt. If the email is incorrect, it won’t help Wright’s case. If it can be proven a fake, it could land him in jail.
[Full disclosure: I like and am fascinated by Craig Wright. We met on Twitter years ago and talked mostly about wine. He has given Modern Consensus several no-holds-barred interviews over the past year. This lawsuit may put Wright’s unspent Bitcoin nest egg in jeopardy, but he will probably be fine.]
Security expert Matthew Edman has submitted an affidavit stating that the email said to be written by Dave Kleiman in 2012 is provably from 2014—which would be problematic for Wright because Dave Kleiman died in 2013.
Normally, something like this could get overlooked or argued away in court. But even without Edman, the courts might have taken down one of the most powerful men in the cryptosphere all thanks to an eagle eyed Redditor.
Two weeks before this affidavit was submitted, u/Contrarian__ noted in that the email in question doesn’t pass the smell test. In his original post he buried the lede on this, but after going through the technical details he noted, “I’ll note, as an aside, that Dave apparently spelled his name incorrectly and put a typo in the subject.”
For Dave Kleiman to spell his last name as “Klieman [sic]” in his own email address is weird. That he made the typo “Apppointment” in an important document that might be worth $10 billion could be attributed to his declining health. “I have been unwell and in the VA far too much,” the purported email states. Records show that Kleiman used a wheelchair to get around at the time and made repeated trips to the VA in 2012.
But before his health declined Kleiman was known as a cybersecurity fanatic. Even on his worst day, his set-it-and-forget-it encryption code wouldn’t likely give the wrong year. Encryption is a bit like blockchain: you can’t go back and change the timestamp without throwing everything else off.
Whenever the email from “Dave Klieman [sic]” was sent, it named Uyen Nguyen as the director of his company.
Since some might wish for a Github-like analysis of the code, here is the brief analysis of posted to Reddit with all relevant links:
We know how to find the long ID of the key used and the timestamp of the signature. I’ve bolded the ID and italicized the timestamp. Looking on the MIT keyserver, we can find the fake* key. The timestamp of the signature is 1394600848, which is March 12, 2014, two weeks before Craig filed to install Uyen as a director of Dave’s old company, and almost a year after Dave died!
Uyen appears in documents in 2014 and some say she was filmed with Wright at an Australian Bitcoin conference in July 2014.
This post from mid-April agrees with Edman’s court filing from April 28, 2019:
“A timestamp in a PGP signature is represented as a numeric value that indicates the number of seconds that have elapsed since midnight on January 1, 1970 UTC (also known as ‘Unix time’ or the ‘Unix epoch.’” Edman explains. “In this instance, I determined the timestamp is 1394600848 which corresponds to 5:07:28 AM UTC on March 12, 2014 —more than a year after the email was allegedly sent.”
It gets much, much worse for Wright because his lawyers sent it over as a PDF. This email could have been submitted by fax and if so, it would still have had a hard-to-find timestamp error. But Edman’s analysis of the PDF’s metadata finds that the PDF of this old email printout is April 17, 2014 at 8:23:41 a.m. It further states that the local timezone is “UTC+10” which is the part of Western Australia where Wright lived at the time.
Another email collected in the discovery process confirms the paper trail. “It shows that the Defendant sent this email to himself on April 17, 2014, at approximately 8:22 AM,” the affidavit states. So if someone forged this email on March 12, 2014 they made sure to get it on the record on April 17, 2014 at 8 a.m. in Australia.
Now, we Millennials of tech like to joke about how Baby Boomers make six figures and can’t attach a PDF. But in this case, we’re talking about a PDF attachment error that could cost him eleven figures if Ira Kleiman wins his lawsuit against Wright for damages in Florida.
Worse, submitting false evidence is a felony in Florida but he is unlikely to appear in court. In our interviews with him, he has mentioned that he avoids the United States from previous run ins with the Department of Treasury.
From our interviews, I understand that Craig created the “Tulip Trust” to shield his bitcoins from governments and divorce. According to a purported leaked Tulip Trust document, the trust valued their 1 million bitcoins at $100,000 at the time of the memo dated June 11, 2011. It required Kleiman to provide outsiders access to the trust in case of his death. Its name is a cheeky reference to the “Tulip Mania” that swept Holland in 1634.
One of the easiest ways for Wright to prove he is Satoshi Nakamoto would be to move the bitcoins locked up in the Tulip Trust. But doing so would violate their agreement—that is until the rapidly approaching January 1, 2020, when the bitcoins in the trust should be returned to Craig Wright.
Whatever happens to settle this case will have a ripple (pardon the pun) effect in the crypto community. If Ira Kleiman settles for $1 billion in BTC, he could cause a Bitcoin recession. If a government authority liquidates the entire $6 billion trust, they could cause a tidal wave equal to the entire Ethereum market’s single day trading volume.
There is definitely more ahead. The interesting thing will be to see what Craig will do in crypto between now and January 2020.