Blog > Law & Regulation

Why code must not be law

By Craig Wright | 18 May 2019 | Bitcoin & Blockchain Tech

In early 2014, I had a company called Hotwire in Australia that had just under 50 staff members. In December 2013, with 45 staff members working on Bitcoin projects, I think we exceeded about everything in the space. At the same time, at that point, we were hardly known. I discovered back then: there are good and bad aspects of operating under the radar. When several early exchange sites closed in the period between 2013 and mid-2014, it also limited our ability to liquidate assets for funds. We were nominally asset rich and cash poor.

In that period, we were burning $4.6 million a year in payroll alone — just in Australia. A part of what we were doing included trying to develop a core banking solution based on Bitcoin that used the Bitcoin ledger. Some of my patents cover such a solution. When you get to a certain size in an organisation, you cannot do everything. More importantly, then as now, my focus has been on research and development.

In 2013, only a few exchanges were operational, and none were trustworthy. We used the Caribbean exchanges as a means to transfer bitcoin and other assets into cash. In 2013, there were not many sites that could handle the volume of bitcoin transactions — more importantly, not without leaking data. It was not the government that I was hiding from; it was the rest of the world. We wanted to create something then that does not even exist now.

Going back even further, we see the start of some of the problems that occurred with all of this.

LulzSec, Anonymous… freedom fighters or the new face of evil?

When we look back at the 2010–2011 period, you start to discover that a number of groups including Anonymous and the splinter groups associated and derived from them didn’t particularly like me. The same applies to WikiLeaks, which happened to be what I would call a criminal organisation.

Much of why I created Bitcoin stems from all of this. It includes fighting the AntiSec movement and the criminal groups that have come from it.

Greg Maxwell has been a thorn in my side for a long time. Even now he is seeking to create a Zero Knowledge Contingent Payment system, basically everything Bitcoin isn’t. They will make claims of privacy, but such was never part of what it was designed for. One of the reasons for the Zero Knowledge Contingent Payment system that is in development has been to enable conditional payments for ransomware.

Here is why we have law. You need to prove the source of funds. #Fail

The concept here is to set the decryption key as a pre-image for a public hash that is associated with the decryption software used by the ransomware. Unlike Bitcoin, it will enable autonomous verifiable ransomware to be created. It is what they’re seeking in a distributed autonomous network (e.g. DAO): to create ransomware that does not require operators. With the use of confidential addressing, it would be possible to create crime groups that are paid anonymously and that cannot be tracked. Removing traceability enables such a scenario. It is possible to create verifiable keys within Bitcoin, the scripts are powerful enough, but the problem is that the system is not anonymous.

Which is the reason that people like Contrarian and all the rest of the guys in Core want something like bit gold. They are trying to manipulate my creation into the ultimate criminal system by adding anonymisation features to blockchains. Ransomware cost the US economy alone over $1 billion a year.

It is the result of poorly designed systems that are hard to sell and track back to the source all the time. The Holy Grail for many people such as those like Contrarian is the creation of a truly anonymous system. With true anonymity and not simply privacy, there would be little to stop the creation of a criminal empire. If you can take badly designed systems, as ransomware is right now, and create something that allows you to sell and transmit without leaving any evidence, you are in a position that some people would kill for.

Ransomware doesn’t work terribly well as there are no ways of guaranteeing that the attacker will give you the decryption key. There is no way of provably knowing that it is the attacker who is shaking you down for money or even if they haven’t lost it. Right now, if any of such scammers create a network that is too large or too efficient, they are traced and law enforcement will arrest them.

This is why some individuals who have been working on unnecessary products such as confidential transactions and anonymity systems like Zcash and Monero have been working on verifiable proofs in smart contracts. When Bitcoin is used, the introduction of AML/KYC controls to exchanges (as the law has started to require, but which was always really part of funding requirements) leaves the use of Bitcoin for ransomware as something to be avoided. So, what they’re seeking to do is to create a payment system that can be used in the exchange with something like Bitcoin but which is more reliable when used for a variety of different crimes — not just ransomware.

When you’re dealing with criminals, you instinctively know that you cannot trust them. So how do you make a solution as a criminal that will allow you to implement something like a ransomware infection that provably demonstrates that a payment to the criminal will guarantee that you get your unlock at the same time?

The criminal can go back and forth proving that they can decrypt files and hence that they have the decryption key, but the same process leaves an audit trail that can be used by law enforcement and makes the capture of the criminal more likely.

So, what you need is something like a Schnorr signature and a mixer.

Combined with a key that is conditionally provable, we now have a system that could be extended to allow another system to be created.

Doing so is of course possible in Bitcoin, but the problem with Bitcoin is that it has an immutable audit trail. If you integrate something like confidential transactions and Schnorr signatures… then you end up with something different. Here is where you come into the touted concept — decentralised and autonomous. You can make a criminal organisation, one that distributes funds and pays members without having to be registered in any country. This allows you to create ransomware that doesn’t have operators and has no head on the Hydra.

When they talk about freedom, they are not talking about free society but the freedom to commit crimes.

So where is it all going?

In the period between 2009 in 2011, there was a member of AntiSec and Anonymous who currently uses the handle Contrarian.

The same person was heavily involved with one of my former staff members in 2014. The issue was that we had a temporary liquidity problem in the organisation. In time, we managed to pay all the creditors in full. But, there were a few people who took it to be an advantageous opportunity and sought to exploit it.

We were dealing with a company called Rubik. A part of what is being talked about in the given chat log that was captured between former staff members of Hotwire is about a plan to take software that had been developed by my group and create a company within the financial services industry. To do so, they needed the company to be in liquidation.

Most of the staff in Hotwire were people that I would recommend. Some were underhanded. Which is the problem of course. It can be difficult to tell what staff are really like when you hire them. I like my current team. But after all that happened, I’ve learned to trust people far less. You see, when I hired people in Hotwire, it was done without share options and unlike most Silicon Valley start-ups. We just paid them a good salary. Part of the contract involved an intellectual property agreement. All the software they wrote for me and all the work they did remained mine.

Of course, if the company had gone into liquidation and had not paid people 100 cents on the dollar, then they would have had an argument to be able to take the intellectual property.

This is of course a reason for court and not proof of social media (PoSM). Part of the story you don’t get to hear on social media is how in 2014 I had people working as system administrators who were in charge of the network, the Windows domain, and the storage servers. The interesting little thing here is that I still have some of the computers and laptops from the ex-staff members.

Why this is important is that some of the documents that have been floating around the Internet originated from a particular computer. I haven’t touched any of the computers in years. I’ve never logged on to any of the staff machines even now. What I did do was hand them to my lawyers and the forensic investigators that they had hired. Under discovery, you need to hand over any files in your possession. Possession is not ownership. Possession does not lead to creation. Interestingly though, one of the staff computers had a copy of my wife’s email store. He could send and receive email as she did. She was the Chief People Officer, and had all of the HR details for other staff. More critically, he had copies of many of the documents that are now floating around the Internet. He was also dealing with a person called Contrarian.

It turns out that the same person who used to work for me was dealing with someone who worked at Verizon, and managed a number of government email servers. It goes beyond this course, Contrarian, the mail-system administrator in Verizon (in the Australian Capital Territory), and some of my staff had plotted to ensure that Hotwire would never come out of liquidation, and everything that I’ve been working for would be up for grabs.

Like many other executives, I will sign large contracts and exchange a digital copy of a page, because that’s all I need to legally do. The reality is that it’s not the contract as a piece of paper that is binding. It’s the agreement. Which is what many people don’t understand. In the document below with Rubik, the agreement is exchanged between lawyers who have copies. So altering the digital document may cause problems, it ruins evidence, and if you don’t notice what’s happening, it can be problematic, but at the same time it doesn’t change the nature of the contract itself.

But this may give you an idea of why I considered my software valuable. If you look at the figures in some of the contracts below, you will start to see the level of expense we were engaged in.

Unfortunately, I’m a hardheaded stubborn bastard. If I had taken the option and allowed the company to go into liquidation, I would have been $4 million better off directly at the time, and much more now, but at the same time it would have allowed people who used to work for me to steal some of my intellectual property. I don’t ever let people steal my intellectual property.

So, we took Hotwire back out of liquidation, and then we closed it and moved everything to the UK. If a single line of source code or anything else that was created in my companies ever appears in any other organisation, the same organisation can expect a long painful round of litigation that will result in a large payment to us. The plot and plan here was to ensure that we were not able to get the companies out of liquidation. A certain ex-staff member had to be injuncted and stopped from his plans to sell my intellectual property. Of course, it didn’t stop some of the other attacks. A certain person who worked at Verizon continued to help plotting with a certain Contrarian AntiSec member and some of my staff — or, sorry, ex-staff — in an aim to ensure I wouldn’t be in the position I am now.

The ex-staff members had one agenda: they wanted to take the intellectual property we had created. The AntiSec fools had a different agenda: they didn’t want Bitcoin. It’s interesting, they are powerful in their own ground. On Reddit and in the world of anonymous social media, they have a lot of power and can set a false narrative. They can create alternative facts, but reality is what matters.

It is for the same reason that I’ll be seeing people in court soon. You don’t get to get away with simply saying Internet documents are real when you’re in court.

In court, when somebody flashes a document and says it’s proof, they need to do more than just show that they have a document. It is why we have hearsay rules in law.

It is why, when you get into a court, you get to look at a document and see the discrepancies like different fonts.

…and other alterations.

Luckily, going forward, and with Metanet, we will be able to store documents in a manner that stops the AntiSec crowd from doing a simple alteration and leaving their usual trail of destruction.

Unfortunately, if I’d known a long time ago what was happening, I could have stopped it before it went anywhere.

In 2014 and 2015, I was far too busy trying to answer queries from the government and deal with company administrators in keeping the organisation out of liquidation. In order to complete some of the research I was working on, which has led to the current pipeline of patents where over 700 applications have already been filed and another thousand are on the way, I needed to focus on R&D and not on finance and staffing. You see, it was the other people such as James Donald who I sparred with as Satoshi who where the die-hard cyberpunks and anarchists. I designed Bitcoin to ensure that systems like bit gold never took off. I designed it to ensure that the criminals wouldn’t have the advantage that they do have at the moment.

AntiSec

As part of an operation by AntiSec in 2011, around 18,952 scientific articles that were owned by JSTOR were released after being stolen by Aaron Swartz. The person who leaked the documents by loading them onto Pirate Bay was Greg Maxwell. His contention was that the documents were outside of copyright and needed to be free. Many of the documents date to before 1923, so the argument is that copyright doesn’t apply and thus the illegal theft of the information by Aaron Swartz and subsequent leaking of the documents by Greg Maxwell should not be a crime.

What they do fail to note is that the documents were scanned and entered by JSTOR. Copyright did not apply to all the documents in the original format. What people fail to understand is that if you get a document that is not covered by current copyright and you scan and retype it, the digital copy is now covered by a new copyright. It protects someone’s work effort.

For instance, if I have a document that I have a copy of where the copyright has expired, I can take a photocopy of it without any issue. If now I pay to have it typed in and saved on a computer so that it is in searchable format, I now own the copyright for the particular version of the document. It does not stop you from obtaining a paper copy of the document and typing it yourself. If you do so, you own the copyright on the typesetting and it differs from mine. So, Greg Maxwell didn’t help Aaron Swartz leak documents that were outside of copyright; he stole JSTOR’s work product.

This was done as a part of an AntiSec operation.

A system like Bitcoin ruins everything that people in the anarchist part of the world want.

When I created Bitcoin, I solved the Byzantine Generals Problem using proof-of-work and an immutable ledger. Which is the thing that people are trying to cover up. Which is the thing that people like Greg Maxwell would hate to exist. In the quote below, there is an aspect of what I said that is overlooked but which is a key and fundamental part of Bitcoin and how it works that needs to be talked about more.

A number of Byzantine Generals each have a computer and want to attack the King’s wi-fi by brute forcing the password, which they’ve learned is a certain number of characters in length. Once they stimulate the network to generate a packet, they must crack the password within a limited time to break in and erase the logs, lest they be discovered. They only have enough CPU power to crack it fast enough if a majority of them attack at the same time.

Bitcoin works in part because you cannot erase the logs. When people talk about systems that are more anonymous, ones that are designed to lose logs, or even those like Lightning that hide connections, what they are seeking to do is take away part of what makes Bitcoin strong and secure; it is the aspect of not being able to alter information that they want to remove.

You see, my solution doesn’t allow the Byzantine Generals to deny what they planned. It isn’t the system that the AntiSec crew wanted, but rather a system that stops frauds and stops people from altering records.

Don’t worry, it’s really hard to erase evidence, and it’s only getting harder with Bitcoin. When I managed to get the company back and out of administration, ending what some had tried in an attempt to force me to liquidate, I also got back all of the hard drives and laptops of the former staff members who thought they had covered their tracks.

Enjoy court, I will.

One thing courts do that PoSM (proof of social media) does not is to filter the lies and manipulated evidence. When you have a document obtained through the result of having a server compromised by insiders who installed back-doors that was derived from another… it is generally not good to call it evidence. Any system can be compromised when it starts with insider attacks…

In 2014, when certain individuals altered records within Hotwire, the reasoning had nothing to do with today. It was purely to cause me problems with the Australian government. I did not run the financial systems; we had auditors including Ernst & Young, KPMG, three smaller firms, and a specialist tax lawyer. I did have a CFO I had to get rid of. He had left a trail of destruction by that stage. That particular individual had gone to New York and tried to make a deal to sell my bitcoin and other assets. It was a deal worth about US$300 million of which I would get 100 million. And he told me I was crazy for not taking it.

In altering records, they created a number of subverted files that were designed to keep the companies in audit and lead towards liquidation. Such was the goal. Unfortunately for them and helpers like Contrarian, some of the same backdoors led to documents ending up somehow with Mr Ira Kleiman, who is of course suing me through false pretences.

We didn’t find all of the problems that a few rogue staff members had created until years later. In fact, I didn’t even know about them until around 2016. The point of having finance staff and accountants as a director was so that I could get a summary report and would not have to go over the minutia. That is where people like Stefan Matthews came in. Stefan’s background was in sorting out difficult accounting issues. It wasn’t that we had no records, we had more records than the average multinational company the size of Intel. The problem was finding out what had been changed and altered. We started suspecting things around 2015. But with my head buried in research, I generally left most of the company to others to sort. I’ve learned from such an attitude. Telling people just to get it done isn’t good enough.

On 9th April, 2014, we engaged an external administrator and placed the company into external administration. We could have restructured in such a way that it allowed partial payment of debt. I didn’t. We paid 100 cents on the dollar of every debt, and took Hotwire out of administration with zero debt owing. It wasn’t all of the staff, most people who worked there were very good. And I admit, it was a very difficult time for everyone.

What I never expected: the small group of staff who came to a personal view that they were redundant in order to push an agenda of liquidation. They voted for liquidation at the creditors meeting, but were down-voted as we offered a deed of arrangement that would pay everyone in full. But as I said above, a few staff members had already planned their exit strategy. It was to take the software that the company had been working on for me and sell it into their own company. It was both dishonest and illegal.

I never believed that I would have staff members seeking to liquidate the company that they were employed by so that they could steal the intellectual property and start their own. It is part of the world that a code-is-law mentality breeds.

This is why I chose not to be CEO when nChain was formed. I could not lead both research and the other aspects of the group. To do one role well, you need focus. In trying to be CEO and Chief Researcher at Hotwire, I allowed many things to escape my notice.