1BdvhDp78d3ez2cV7xkHPy5JqD8f2cJV9W

Last update: February 2, 2019 - The trojan skull .

You will find below information related to the Silk Road websites and forums.

Since the original work some of the hyperlinks are dead due to the original Silk Road forum shut down. However, the screenshots are still valid and should hopefully provide enough understanding of the context and accurate information .

Credit:

Timeline of events surrounding Silk Road rise and fall (work in progress):

Maryland Indictment and Investigation New-York Complaint and Investigation Chicago Homeland Security Investigation San Francisco Criminal Complaint Silk Road forum Media DPR Journal Blockchain

22/10/2013

Based on the Silk Road Maryland indictment, in April 2012 an Undercover (UC) Agent started communicating with Dread Pirate Roberts (DPR). The UC claimed to be a drug smuggler who specialised in moving large quantity of drugs. During the following weeks DPR and the UC will stay in touch. The 7th of December 2012, the UC complained about Silk Road buyers wanting "very small amount" and "it really isn't worth it for him to do below 10kg". DPR offers to look around to find a buyer for a large quantity of drug. He mandates someone known as "The employee" in the indictment to solicit Silk Road's top sellers to find someone who could move large quantity of drugs from the UC. In the indictment the employee seems to have been hired sometime in November 2012 and is paid to respond questions and complaints from buyers and sellers, resolve disputes between buyers and sellers, and investigate possible law enforcement activity on Silk Road.

In May 2012, the following users have high privileges on Silk Road forum and are able to carry administrative tasks:

DigitalAlch - Administrator.

Chronicpain - Global Moderator and Wiki administrator

Nomad bloodbath - Global Moderator.

Limetless - Global Moderator.

squidShephar - Global Administrator.

The 3rd November 2012 a user, flush, registers an account on the forum and few days later starts to be active as what looks like a Silk Road support role. I haven't found official statement about flush role but its different posts (screenshot 1 and screenshot 2) on the forum strongly suggest that he has advanced privileges on the forum as well as on the Silk Road site:

He is helping users with technical issues

Has access Silk Road support mailbox

Has access transaction number

He can reset user's PIN

Based on the information from the Maryland indictment, flush looks like a good pick for the "Employee" role in the assassination plot:

Hired in November 2012.

High privileges on Silk Road site and forum.

Support role, responding to questions and complaints, resolving disputes between buyers and sellers,

Last connection on the forum the day "the Employee" got arrested

Assuming Flush is "the employee" mentioned in the Maryland indictment who could be the undercover agent? We don't know much about him except that he plays the big dog by introducing himself as "a drug smuggler who specialised in moving large quantity of drugs", minimum 10kg type of guy. Suppliers selling in bulk or high quantity doesn't seem to be that common on Silk Road, so people have a tendency to remember them. One guy who seems to have attracted (screenshot) a lot (screenshot) of attention (screenshot) and questions (screenshot) for his listing of kilos (screenshot 1 and screenshot 2) goes by the name of "nob". Some users on the forum even thinks the low enforcement scam (screenshot) is too big to be true (screenshot). In light of what will follow the latest assumption might be relevant.

On the 12th of February 2012, a vendor going by the name googleyed1 posts an enigmatic message on the Vendor forum warning other vendors and DPR to not deal with nob:

"So I'm not going to say much but I feel some people should be warned, this seller has cost me 6 months work. It is very dangerous to deal with him and my honest advice is to avoid at all costs. DPR... I am just doing this to protect the other sellers, please understand this. I would not want even my worst enemy to go through what I have with this guy". (screenshot).

Unfortunately, we do not have access to the vendor forum and the previous message was taken from a quote posted on one of the numerous threads related to nob. Access to the thread, the quote was taken from on the vendor forum, would probably clear up some of the mystery. If anyone with access to the vendor forum roundtable could get the information it would be really useful. Backups of the vendor roundtable seems to be floating around, if you managed to get your hand on them, please consider sharing.

Updated 08/11/2013: Access to the thread on the vendor roundtable mentioned previously confirms googleyed1 warned other vendors not to deal with Nob. Most of them took the piss somehow arguing it was so obvious Nob was LE that googleyed1 deserved to loose money. In an interesting comment googleyed1 stated Nob had the full backing of DPR. However it seems googleyed1 didn't get asked by DPR directly but from "one of the MODS" who said DPR asked him to look around for big vendor with an interest to work with a big vendor. As noticed by another vendor, in theory it could have been the "MOD" who took the incentive to back Nob, however in another enigmatic message googleyed1 doesn't rule this possibility and says "yes this is true, but there have been some other things I don't want to talk about" (screenshot 1 and screenshot 2).

This nob guy could be a good pick to play the part of the undercover agent (Would you say it passes the duck test?).

Deals large quantity of drugs (or pretend to).

Prefers dead drop instead of recommended use of mail for delivery.

Doesn't have much positive feedbacks and no one ever claimed to have bought anything from him (maybe once in very small quantity).

Only user having dealt with nob to some extend recommended other vendor to stay away from him at all cost.

Publicly says he wants to get in with DPR.

Suspected law enforcement.

Googleyed1 is "The Vendor".

The guy who got busted was chronicpain former Silk Road administrator and "friend" of DPR.

Nob was indeed and without much surprise an undercover agent and Googleyed1 knew about it but for some reason DPR backed nob up and recommended him to Googleyed1.

Chronicpain offered to be a re-shipper for Googleyed1 and got the drug delivered at his place.

Chronicpain offered to be a re-shipper for a cut on the product which was destined to the Silk Road market (screenshot).

The drug was delivered via USPS and it wasn't a drop (screenshot).

DPR wasn't involve nor participate in the transaction, he only backed nob (screenshot).

It might be surprising to have chronicpain involved in this deal as flush ticked all he boxes to be "The Employee". However looking at the timeline and other particularities of both accounts one could extrapolate the same person managed both handles :)

The 12th of November 2012, few days after flush registered on the forum, chronicpain writes his last post in a style really close from someone having some support responsibilities (screenshot). Some of his latest posts also have a similar "tone".

The 26th of January 2013, last connection from flush on the forum. The exact same day "The employee" is reported to have been busted by DPR.

The 12th of February 2013, last connection from chronicpain on the forum. The following day the UC sends a message to DPR telling him "Employee is still alive but being tortured".

As suggested previously it would have make sense for chronicpain to be "promoted" as SR Support staff since he was one of the longest forum moderator and administrator of the wiki

Chronicpain used to be a semi-professional (screenshot) poker player (screenshot) and is a keen gambler (screenshot). In a similar way flush seems to have some interest in gambling as well, using the lyrics of Kenny Rogers's song "The gambler" near its avatar. "You got to know when to hold 'em, know when to fold 'em" (screenshot). This sentence being often associated with and quoted by poker players.

A "Flush" is also a poker hand such as Q♣ 10♣ 7♣ 6♣ 4♣, where all five cards are of the same suit, but not in sequence.

We don't want to mention the over use of ellipsis (...) in both writing styles but we have to... since it is noticeable.

The assassination plot seems partially solved according to this theory. However some questions remain unclear:

Why DPR got involved with nob, where many users seems to have seen the scam from miles away. Googleyed1 suggested DPR got sweet talked and saw the commission (understand money $$$ here) from a big seller.

Why Googleyed1 apparently suspicious of nob from the beginning (as everyone else) agreed to deal with him, even if he was backed by DPR.

Did chronicpain/flush really turned rogue before the bust and stole the alleged Bitcoins from several top vendors?

Why is googleyed1 bragging about being the "Vendor"? Bold move to admit having been part of a drug deal mentioned in a court indictment involving the prime suspect of a high profile drug market place whereas in the same time the police is arresting buyers and sellers worldwide. Low profile would be a smarter tactic, considering the other two persons involved are behind bars. Unless...

30/10/2013

Ross Ulbricht, who was arrested the 2/10/2013 and is allegedly Dread Pirate Roberts, seems to have made some obvious mistakes online regarding his real identity which helped law enforcement to identify him and arrest him. Plenty has been said about his bad "opsec" and there isn't much to add about it for the moment.

However there are still some really interesting "characters" in this story. "The Employee" is one of them which has not received much attention despite the fact he played an important part in the "first act" of the DPR investigation. In the following lines we will try to find out a bit more about him and if the theory of chronicpain/flush being "the Employee" exist as already discussed in "The Employee assassination plot" above. What follow is not a parallel construction and the observations are based on a timeline following our findings.

The only information we've got about "The employee" can be found in the Maryland indictment. Following our theory of chronicpain/flush and the Employee being the same person, another set of information we can rely on are the posts from chronicpain and flush on the Silk Road forum. We've compiled below a list of "quotes" and "facts" extracted from various posts of chronicpain (The posts from flush being minimalist).

"I am in charge of a web site that sells products and takes credit cards every day. I do go thru authorize.net" "I am very opiate tolerant" "Opana is not oxycontin, It's much much stronger" "Opana is Oxymorphone not hydrocodone" "Most of you know that Im all about harm reduction" "Im not a smoker" "I was a paramedic for 20 years and went through nursing school. Like I said in another thread, I couldn't finish due to an accident." "Experience with Drupal? I have made my last 2 sites with it and absolutely love it...Easy to manage, change things, etc.." "That's exactly what happened to my wife. It took a 3 month stint in jail to get her sober. She has been clean and awesome for over 10 years." "There are a lot of other forums, like poppies.org, opiophile, bluelight, etc that is in clearnet (they talk about much more and with much more detail than here) I have never heard anyone get into trouble." "My daughter (who just got married) had her mail returned because she used her married name instead of her maiden." "In fact when I was getting adderall, when they first went generic on the ER" "Technically, an 80mg oxycontin is equal to 40mg of opana ER. TAKEN ORALLY!! Now, if you snort them, 40mg of opana is 2 or 3 times the strength vs a snorted 80mg oxy. IV its about 3-4 times the strength. Would you consider getting an oxycontin 80mg for 15 or 20 bucks? thats basically what you are paying if you buy an opana 40mg ER for around 60 bucks." "I could barely make a profit with my lost luggage delivery service. I would get paid between 20-100 bucks a bag, depending on where it had to be delivered. with only one airline, I had about 10 vehicles and there was no way I could go more than a couple hundred miles away from the airport. I eventually had to give it up because I was losing too much money. I guess you could get a taxi network going. Have one taxi hand it off to another taxi, etc. but the costs are going to be so high, it just wouldnt be worth it. Plus, with usps/fedex/ups how can you compete with their prices and delivery times?" "For those under 45 years old" "Luckily I got a position with my dads company" "Used to be in the movie business. I couldn't stand when the actors had to use the clove cigarettes." "Used to live in the costa del sol.... Gotta love Malaga, Motril, Jaen, Granada.... I liked Sevilla as well, but Cadiz, and Malaga were my favorites....... (the summer is very hot) but the winters are mild and the spring and fall are just superb......" "When i used to be a manager at high very popular cell phone chain" "Are you getting the the OP 80s or the old school 80's" "I usually get Mallincrodt brand roxies." "I have gotten this message a few times. I never say ok. but it does come up every once in a while. Its not silk road either, I just tried to send an email with hushmail and got the same message not 2 minutes ago.." "Never say " I have ten pounds of such an such, How do I iv it?" instead, you would say "I've heard that you can do such and such with this, is this correct? any advice?" That way you aren't implicating yourself in anything. there are a lot of other forums, like poppies.org, opiophile, bluelight, etc that is in clearnet (they talk about much more and with much more detail than here) I have never heard anyone get into trouble. (not saying that nobody has) just don't implicate yourself or others. Never mention any specif items that could identify you or others in any way. It's not that hard." I will get a touchpad for sure, ill just keep looking, dont want to pay more than 200 bucks for one.. the one I found was 250 "I am a semi-pro poker player. I used to be a full on pro poker player. Since I can't play online in the states anymore its made it much more difficult." "I have cashed in 2 WSOP events and many other events". "I have started to gamble a bit in sports.. If you know what your doing and have control, you can make a lot of money..."

He is in his 40s (probably late 40s) has a wife and daughter whom is married.

He seems to be very knowledgeable about pharmaceutical drug with a keen interest and need for everything related to opioid (Oxymorphone, oxycontin, opana etc.) and benzos.

His nickname could imply that he might be suffering himself from chronic pain (thus the pharmaceutical drug knowledge and use).

He campaigns on drugs harm reduction.

He likely spend some time on other boards and forums like poppies.org, opiophile and bluelight.

He is a drug user as well as a seller on Silk Road.

He is quite technology aware (GPG, Drupal, Touchpad, etc.)

He is a "semi-pro" poker player and used to be a "professional player". He cashed in in two World Series Of Poker.

He used to be a paramedic for 20 years before an accident.

He used to be a manager for a cell phone chain.

He used to be in the movie business

He used to have his own transportation business.

He used to live in Spain.

He is a keen gambler.

A quick google search on his nickname does not help much as it returns way too many results on chronic pain symptoms, management treatment and relief. We need to narrow the search scope.

Using specific combined keywords.

Limiting the search scope.

The boards and forums mentioned previously look like a good start to limit the scope of the search. Searching for the nickname "chronicpain" has the annoying effect of returning large unrelated results on chronic pain treatment and relief. "Flush" also has that really frustrating habit of returning all sort of things that can be flushed somewhere.

We need to focus on the content of the posts which could help us match the profile of chronicpain rather than an unlikely look-a-like nickname.

The method we followed here is:

Search keywords unrelated to the forum main interest/topic in order to hit posts engaging personal discussion related to the person we know something about ("costa del sol", "poker", "wife", "daughter", "silk road", "paramedic", "transportation service" for example).

Quote exactly full or part of messages posted on Silk Road within the scope of the forum, in this case drug related ("Im all about harm reduction", "I am very opiate tolerant", etc.).

Within the results returned, go through the different posts and extract the poster nickname which could fit a potential candidate.

Run the two previous searches type through the posts of the candidate.

Extend searches of potential candidate attributes (email address, nickname, habits etc.) to search engines.

Start again.

We're not going to go through the long and boring process of the combined searches but it was possible to isolate an interested profile named pokergooch.

One of the early forum pokergooch subscribed is bluelight.ru in 2006. Few years later in 2009 he will be an active member of another drug related board opiophile.org. They are both quite famous drug related forums which have also been mentioned several times by chronicpain (screenshots) on Silk Road.

From his different posts on both forums we can see a quite deep knowledge and interest in pharmaceutical drug and how to used them for pain relief (preferably without using intravenous method), characteristics also shared with chronicpain. As chronicpain, pokergooch has a wife and a daughter of whom he likes talking about. Pokergooch first post on opiophiles.org (screenshot) is actually about his wife and how she is drug tested on weekly basis and got tested positive for methamphetamines. Through several posts we also learn that both pokergooch's daughter as chronicpain's daughter is under Adderall (screenshot).

Digging further other interesting similarities between chronicpain and pokergooch can be highlighted . They both:

Recommend the use of a combination of clonidine, lopedermine and benzos (Xanax) against opiates withdrawal. This combination doesn't seem to be the only one and others might recommend something different. (screenshots).

Have very bad headaches side effect caused by the absorption of Neurotin. (screenshots).

Need testosterone due to low sex drive caused by the large amount of opiate consumed. (screenshots).

Are very cautious about the use of fentanyl. (screenshot).

Registered on Silk Road and its forum in fews days of interval. (screenshots).

Seem to like to tell that anecdote, which happened 10 years ago, about that Canadian scammer who disappeared with quite a lot of cash. (screenshots).

Lived in spain. We can find on picasa an account belonging to "pokergooch" geotagged in Spain where the picture of a dog is posted (sasha.jpg). (screenshots).

Do not smoke (screenshots).

Have a soft spot for Touchpads (screenshots).

We certainly don't have enough to assert pokergooch and chronicpain are the same person, but it looks like we are on a good path.

Pokergoosh as his nickname implies is also a keen poker player which, according to his sayings, makes must of his incomes playing poker at a pro/semi-pro level (screenshot). Interesting enough it is another particularity he shares with chronicpain (screenshots). Extending the search of "pokergooch" on different search engines returns extremely interesting results:

Now switching focus on that Curtis Green guy we found out that he is as well a poker player and has participated and cashed in in two World Series Of Poker (WSOP) events (screenshot). Do you remember when chronicpain was bragging about having "cashed in two WSOP events and many other events" (screenshot)?

For some reason the Curtis Green listed on the Hendon Mob website player profile is marked as coming from Itasca, Illinois. It is probably a mistake since the official WSOP website for the 2010 WSOP event in Las Vegas lists him as coming from Spanish Fork, Utah (screenshot).

If you Google image search "Curtis Green Utah" there's a pic of the Silk Road logo which leads to the Twitter of a certain Curtis Green (@ilovepoker). For some reason there isn't any trace of this picture on his twitter account. The image must have been indexed and cached by google before it was deleted from the twitter account (screenshot). (h/t @FranBerkman)

On what looks like Curtis Green Facebook page he "Likes", amoung other things clandestine chemistry (as 199 other people), the World Series of Poker and mentioned a WSOP cash in in 2010, Bitcoins and TouchPads which we know both chronicpain and pokergooch were fan of (screenshot). Credit: YaHtZeEarmadillo

If you still have doubts on the correlation between chronicpain, pokergooch, the "Employee" and Curtis Green, what comes next should finished to convince you:

On January 17th 2013 at 14:16 Curtis Clark Green is arrested in Spanish Fork, Utah, for possession of cocaine by the Utah County Major Crimes task force (UCMC). Does the date sounds familiar? Going back to the Silk Road timeline and the Maryland indictment, on January 17th 2013 "undercover federal agent delivered one kilogram of a mixture or substance containing a detectable amount of cocaine to The Employee".

The 18th of January 2013, Curtis Clark Green is released on bail.

We haven't been able to access potential court documents, indictments on Curtis Clark Green, if any exist, so it is difficult to say what are the real charges against him and if he cooperated with law enforcement

Updated 07/11/2013: Curtis Green's case was filed in Salt Lake County the 08/05/2013, 4 months after his arrest, terminated the 16/09/2013 and is now flagged as CLOSED. No other documents have been made availaible so far. We've search Utah's inmate registry where he doesn't seem to have been incarcerated.

What follow is speculation and food for thoughts:

Few days after having been released we know The employee has been accused of having stolen bitcoins from some top Silk Road vendors, which could easily be explained by vengeance or anger after having been busted and a need of cash.

Did the Employee cooperated with the Law enforcement to help somehow the identification of DPR?

Assuming The Employee knew DPR identity or enough to localise him it could explain why DPR try to have him killed.

Why did chronicpain accepted to get a kilo of cocaine delivered at his address whereas he showed very few interest if not no interest at all in cocaine. His business it is narcotic opioid, which seems to work good enough since he has some kind of unlimited supply due to his condition and a friendly doctor. It doesn't make much sense.

Is it possible he cooperated with Law Enforcement before the bust? We managed to link Curtis Clark Green to chronicpain and with the large footprint he has on Internet we're surely not the only ones

He may as well be still around cooperating with LE and run several accounts on other drug marketplace and forums...

amazing

must

TL;TR

07/11/2013

The 07/11/2013, Curtis Clark Green pleaded guilty to a drug charge in Baltimore, Maryland. The following article of the Baltimore Sun seems to confirm the theories disscused previously. We still don't know the extend of Curtis Green LE cooperation if any as according to Ian Duncan who covered the hearing for The Baltimore Sun, Green's court records are currently sealed. Duncan also reported that the hearing wasn't scheduled in advanced.

However the plea agreement reveals that CCG agreed the following facts are true:

He didn't know the real identity of DPR.

He worked for Silk Road and DPR under the aliases Chronicpain and Flush

He was paid a salary to write weekly report about, support issue, fraud and LE activity

He could see messages Silk Road users sent to each other, the details of transaction, Bitcoin accounts of Silk road users, administrators and Ross Ulbricht.

The drug deal as told by the Maryland indictment and above.

He agreed to act as a "middle-man" for the vendor (googleyed1) without Ulbricht and the UC agent knowledge.

Silk Road users internal messages.

Details of vendor and buyers transactions.

Bitcoin accounts/addresses of Silk Road users and administrators.

View Bitcoin accounts controlled by Dread Pirate Roberts.

Curtis Green will be sentenced in February 2014, facing up to 40 years of prison.

22/11/2013

A lot has already been said about Tony76, one of the biggest scammer on Silk Road. You can read about him on @EileenOrmsby post "the great 420 scam", @chobopeon's "ballad of Tony76" and the excellent page of @gwern, Silk road Theory & Practice. In the following lines we will go as well through Tony76's Silk Road Adventures for archiving purposes and maybe add couple of elements, which might happened to be useful for another tale.

Tony76 registered an account on Silk Road the 10/01/2012 and an account on the forum on the same day (screenshot). As a Canadian wannabe vendor he advertises the products he will be selling which happen to be heroin (his flagship product, allegedly the best heroine on Silk Road) and MDMA. As a good salesman he doesn't miss the opportunity to fish for potential interest on Ketamine and Meth which he can get fairly easily if needed. Apparently short on Bitcoin, he asks for the help of a fellow vendor to pay for his vendor account. The business angel will be rewarded with a "special locked in price of 200/g of H and 50/g of MDMA for life". That's how he rolls Tony (screenshot).

The lucky winner of the life long H&M deal is a vendor named foxymeow (screenshot).

The start of Tony on the Road are a bit slow, he doesn't seem to know how to get attention and trust from the regulars but bold statements about the quality of his product, 20 years experience in the business, great communication skills and attractive prices quickly drag the interest of buyers (screenshot 1 and screenshot 2). Tony has now his own thread on the forum and is ready to ship. "Let's do this baby" (screenshot).

Great customer support for legitimate issues and worried buyers (screenshot), freebies here and there (screenshot), regular new offers (screenshot), Tony is working hard to please his growing customer base and customers satisfactions is #1 for Tony (screenshot). They know how to return the favour: 5/5 feedbacks (screenshot). Yes, Tony knows feedbacks and reputation are life and death for a vendor on the Road (screenshot).

To celebrate his new success Tony decides to treat is customers. sales, discounts, Tony's special (screenshot). The prices are incredible, Tony is "pretty much giving away his product for free". However, in order to do this favour to the community, Tony will require his customers to finalise early (screenshot), which is always a risk for the buyers but It's OK it's Tony and Tony is a trusted vendor now (screenshot). The life of Tony is now made of praising and love from happy fans all over North America. "Tony is the best" and so much love and attention mean a lot for Tony (screenshot).

But success also brings jealousy and soon enough scammers, liars, haters will come and try to destroy all the hard work Tony put together (screenshot). It makes Tony really sad and tired that people try to scam and destroy him. Is he really thinking about quitting? NO! Tony can count on his loyal puirsuivant in arms to wash his honour and defend him when need be (screenshot). Tony doesn't have anything to prove anyway, his reputation speaks for him (screenshot). Tony is the KING.

The high mass of the 4/20 sales is coming and Tony must show the world he deserves the Silk Road throne. For the first time he opens his listing for international shipping (screenshot), however as always he will accept only early finalisation (screenshot). But It's OK it's Tony and everyone trust the King (screenshot). The court is really excited, order in mass and cannot wait for the kingly goods to arrive (screenshot).

As always the faithful bless the yet to arrive ostie (screenshot) and the unbelievers complain about late packages or moan about the quality (screenshot). Tony seems to be busy and less involved than usual. Things are different, and even the most pious of them are slowly but surely questioning their faith (screenshot). What happened to Tony? Where is Tony? No, Tony wouldn't do that to us, we made him King.

Yes, he would. Tony is gone and took with him his crown and all the bitcoins of his "whoreshippers" (screenshot).

The buyers live in a country where the vendor doesn't usually ship so the vendor requires FE for exceptions.

Non domestic shipping is quite expensive for the vendor so he requires buyers to FE in case something happens.

The buyers is unknown from the vendor or has a really low level of successful transactions so the vendor requires FE.

The price of a product is really low and the vendor is taking a risk if packages are lost or intercepted, so he requires FE.

The vendors wants to keep the money and not ship anything.

The scam clearly happened in four different steps:

Offer good product at an attractive prices to attract customers.

Ensure good feedbacks by providing good customers support and shipping time.

Evaluate the level of trust and precondition buyers for the next events.

Scam everyone and fuck off.

In march 2012, Tony76 lobbied to have the stats feature (screenshot) of the forum removed (screenshot), for good reasons as it allows close observers to estimate the amount of time a logged in user spend on the forum. When enabled this feature can also be used to guess a timezone a user is living in or allow an observer to correlate information about multiple users and their time of presence on forum, which wouldn't be a good thing if one want to preserve multiple identities for example (screenshot).

On the 03/04/2013, few days before disappearing from the forum, Tony76 asks other vendors if they are considering a 0 refund policy because of "a surge of suspicious 'no package' claims?". Nothing out of ordinary seems to have been noticed from the other vendors except few complaints from buyers trying to get freebies. Strangely enough Tony asks the question but doesn't follow up with any other comments, as if he wasn't really interested anyway. However it is a good preconditioning for future complaint which might occur at a later stage. In case complaints happen, vendors or RS staff will probably delay there suspicion and blame delays accusations on scammers trying to get refund. The 30/04/2013, when everyone else seems to have accepted that good old Tony scammed them badly, another vendor posts a sarcastic and angry reply showing some understanding of Tony's reasoning behind the request (screenshot).

When listing his product for the 4/20 sales, Tony accepts for the first time international shipping (screenshot). It is pretty obvious he did it to attract new customers and get as much as possible orders. However, it is also interesting to wonder why he wasn't shipping outside North America in the first place. At first glance shipping internationally might be more subject to lost and delayed deliveries which will directly affect the reputation of the vendor, and is probably a parameter Tony has taken into account, but not only. By restricting shipping to some part of the world he also creates a need from those buyers, which will eventually see daily great review of his products and be more incline to buy directly when he opens his listings. It would have been interesting to see the percentage of international buyers during the 4/20 sales.

Starting around March 2013, Tony kind of changes tone with his customer in a very distinctive way. Whereas before this date he was full of "Thanks Brother", "Love" and other mark of reassurance, his behaviour and writing style change and become much more direct and unfriendly, as if he was acknowledging his reputation is now solid enough (screenshot). From this time onward there will be as well much more arguments about shipping delays, scammers and other nonsense which until then where reduce to a bare minimum. Another interesting phenomenon marking this change is the almost identical and systematic reaction of Tony's fan base to any negative comments, valid or not, towards Tony. It is like they were all their to protect him from malicious outsiders (screenshot). Tony's bot. They have been well trained.

A good example of the preconditioning we mentioned earlier is the reaction of a user called lvlbrained, who is questioning the legitimacy of people complaining about missing packages in the following term: "so is this the smear campaign? alot of real low post people suddenly showing up with missing packages. obviously no proof they have any actual orders unless Tony confirms. i guess have to wait to see what Tony says" (screenshot). That user, and he is not the only one, has obviously followed the thread where Tony is warning whoever that a smear campaign will be organised against him so his customers must expect "a bunch of bullshit to be posted" to discredit him (screenshot). Be ready soldiers, they're coming.

Tony achieved its goal as it is exactly what will happened over and over again for the following few weeks creating a strange confusion. It is now a mix of denial of reality, trolls, fanboys attacks, gentle reminder to never FE, murder conspiracy, discussions about the internals of the canadian postal service, law enforcement and karma prayers (screenshot). Divide ut regnes

To add to the general confusion, Tony has sold (with hindsight we can safely assume on purpose) "weak" batches of products creating more and more arguments between pro Tony and unbelievers (screenshot).

Everything is becoming so chaotic that a group of users decide to get a poll out to get statistics about who received their shipment from Tony. 87% of the 123 voters didn't received their packages. The 5 dudes who received their shipment are likely Tony's accounts or/and trolls, all the others have been scammed for over a month without even realising it. There is a bizarre denial of the reality floating around (screenshot).

Another part of the sting which helped Tony to increase trust from buyers and disguise the scam is the T-Mart or Tony's market. On or about April 2012, Tony sent a private message to "his loyal" and "best customers" to inform them they were invited to a "secret" and "exclusive marketplace" where one would buy Tony's products at a cheaper price, since SR fees didn't apply (screenshot). Tony explicitly asked people who received the message not to discuss anything related to this secret market place. It is another great move from Tony. Most of the buyers who received the invitation must have felt so special having Tony trusting them to keep his secret that there was no reason to question Tony's trust and betray him by disclosing their little secret. It also surely played a role to support Tony's effort to ensure the vigilantes will fight the soon to come anti-Tony propaganda.

As on SR, Tony76 requested early finalization on his shop for the same effects and consequences as no buyers will received products ordered through Tony's marketplace. T-mart seemed to have operated in a simple way compared to Silk Road and listed only Tony's product available for shipping. Unfortunately we didn't managed to access Tony's shop as the hidden service (http://fvemnf53ie7iwd5c.onion) was shutdown around the 02/05/2012 (screenshot).

By having his own market place Tony also had to manage its own wallet, which a Silk Road user, DaMan, attempted to trace. It might have been Tony's only "mistake" so far. We are not Bitcoin tracing expert but it is an interesting excercise which should have been pushed further and with more transparency (screenshot).

Another obvious trick Tony76 relied on to achieved his goal is the use of fake accounts. One episode which gathered a lot of attention from Tony's customer is the alledged attempted of scam by a vendor going by the name ObamaGirl (screenshot). ObamaGirl apparently posted bad review of Tony's product under fake names to discredit him and sent several private messages to Tony to try to extort him. Tony76 posted on the forum different messages from ObamaGirl which made him appear as a victim but also as a great scammer hunter protecting the community. Tony's fan are always really supportive (screenshot).

A particular message from ObamaGirl is really intriguing in the way it somehow seem to provide a quite accurate description of the yet to be scam, and, even if targeted at Tony, with the hindsight, one could also interpret the message as a premonitory post, which would be absolutely genius and we do want to believe the message was posted by Tony76 (screenshot). It is quite difficult to identify with certainty the different accounts Tony76 used to support his plan but ObamaGirl was definitely not the only one. We believe several throwaway accounts and aliases were used by tony76 to bless his products and create confusion when needed. It is also safe to assume some other accounts where used in a rightful way in hope to pull other scams using what would look like a legitimate vendor which has been around for a while, with good statistics and a clean sheet. Mostly for entertainment purposes and because we wish those troll accounts were operated by the real Tony76, you can follow threads with messages by tigger and Antonio76 (screenshot)..

As we tried to demonstrate, Tony76 put together a simple scam mainly relying on the infamous early finalization. However in order to achieve his goal and succeed in his operation, a lot of sophisticated "behind the scene work" has taken place for months to ensure maximum profit and success. It has been said Tony76 disappeared with over $100.000.

05/12/2013

Few months after the whole Tony scandal, Silk Road was once again victim of an infamous scammer, Lucydrop. Lucydrop scam followed a similar pattern than Tony76 and some even suggested they were the same person. We're not going to go through all the timeline of the scam but only highlight similarities and see if the suggestion of Lucydrop and Tony76 being the same person is plausible. @chobopeon has written about Lucydrop scam and we are not pretending to add breaking news here. The following is more of a contextualisation exercise for archiving purposes and our own understanding. If you haven't done so yet, you might want to have a look at Tony76 Silk Road Adventures before continuing your journey.

Lucydrop started on Silk Road offering LSD as a flagship product (screenshot). In a similar way than Tony76, shipping is restricted to certain countries. In Lucydrop's case, the restriction applies to the US. The "official reason" given for this restriction is to avoid to "end up with a life sentence" (screenshot). It seems a bizarre choice for a vendor located in Canada as it is probably one of the easiest "international" location to ship to from Canada and LSD is odourless and fairly easy to hide. We assume that for similar reason than Tony76 it is to create a need from US buyers when opening the market for "the grand finale" scam.

Lucydrop followed the same "tactic" than Tony76 to attract customers, advertising a relatively cheap and good quality product, specical offers from time to time (screenshot) and not hesitating to provide freebies when necessary (screenshot 1 and screenshot 2). The reason behind it, is obviously to have as many customers as possible providing good feedback. A particularity of the LSD market on Silk Road, compared with other products, was the presence of the LSD Avengers, which were sending vendor's LSDs to labs for quality testing and posting the review on the forum for the Silk Road community. More than buyers' feedbacks having the LSD Avenger vouching for your product is definitely an edge on the market. Lucydrop got a good review (screenshot) from the LSD Avengers (allegedly one of the highest quality reviewed by the Avengers at the time (screenshot)) and even a member of the LSD Avenger as an admirer (screenshot) to back up the quality of his LSD. As expected after the LSD Avengers review, orders started kicking in and more and more buyers praised Lucydrop's LSD and posted great feedbacks and reviews on the forum (screenshots).

Quality product at a fair price and good customer service are the ingredients to build a solid customer base and Lucydrop customer support hadn't much to envy to Tony76. Lucydrop was always prompt to reply to worried customers, solve issues (screenshot), be polite even with "rude" customers (screenshot) or provide information about its product to ensure a good reputation. Lucydrop's customers loved him and as Tony he made sure to give some love back (screenshot).

Beside the financial aspect, the advantage of having a strong customer base is that it also brings the usual fans who will blindly support and defend the vendors against winds and tides. Tony76 understood it in its time and the recipe seems to work also for Lucydrop. As the scam kicked in more and more users complained about weak products being shipped (screenshots) the Ludydop's army will be at work defending him (screenshot).

An another interesting comparison between Tony76 and Lucydrop is they both seem to have a poor knowledge of LSD. Tony started selling LSD few weeks before disappearing from Silk Road but didn't know much about it. In a slightly different way, Lucydrop, for whom LSD was the main product, contrary to Tony, did rookie mistakes when promoting the product. It might look like minor misunderstanding but the terminology confusion didn't seem to impress much the buyers and the excuse of having a different lingo with his mate didn't make it more legit either (screenshots).

As Tony76, Lucydrop lobbied to have the possibility for vendors to provide feedbacks for buyers, feature which didn't exist on Silk Road. In several threads he tried to push for a proper feedback system which will not only be at the advantage of the buyers. With a certain irony, the system is supposed to prevent vendors from getting scammed repeatedly (screenshots). In one post, he pretends as well to be a vendor on SR for 8 months, which is likely a lie since in his first post on the forum, exactly 2 months before, he's saying he just started as a vendor (screenshot). Bold, but as Tony76, Lucydrop relies on a pseudo seniority vendors can vouch for him and therefore establish his reputation.

From a writing style point of view, as other already highlighted there are some more similarities:

The capitalization of the word "I" at the beginning of a sentence, but never if it appears mid-sentence. (This is a very interesting observation from OP which happened to be true most of the time in Tony76 and Lucydrop messages).

The use of ellipsis (...) followed by a space.

Use of the word brother from time to time.

Like Tony76 before him, Lucydrop will open shipping to a once restricted and order-free country, the U.S.A, before ending his Silk Road Adventures with buyers approximately short of $100.000.

As much as we would like to see Lucydrop be Tony76, the similarities provided are too thin evidences. There are definitely some common pattern and likeness in both stories but nothing that would put the final nail in the coffin and shows that Lucydrop and Tony76 are the same person. Nonetheless, Lucydrop and Tony76 might still be linked as we will see next.

06/12/2013

A month after having tried to get Curtis Green killed, Dread Pirate Roberts engaged in another bizarre murder for hire plot targeting an alleged Silk Road vendor named FriendlyChemist (FC). This episode has been one of the most commented and discussed event following Ross Ulbricht arrest. As for the "Employee" assassination plot, the attempting murder resulted in a fake murder letting DPR believe the ordered hit had been successful. To add to the confusion, no one on Silk Road seem to remember FriendlyChemist, neither as a vendor/buyer nor a user of the forum, which add mystery and interest to this episode. We will share some tin foiled ideas and theories here after on this murder-for-hire event.

The original description of the events appear in the New York criminal complaint of the alleged DPR, Ross Ulbricht.

On or about the 13/03/2013, an alleged Silk Road vendor, FriendlyChemist, contacted DPR through the Silk Road's private message system stating he had a list of names and addresses of Silk Road vendors and customers. He threatened to leak the valuable information on Internet unless DPR paid him $500.000. FriendlyChemist justified the blackmailing by explaining he needed to pay off his narcotics suppliers. DPR and a FriendlyChemist supplier, going by the name redandwhite (R&W), got in touch and DPR put a bounty on FC's head and provided FriendlyChemist contact details to the hitman. The suppliers allegedly killed FriendlyChemist and got paid 1670 BTC for the killing by DPR. However, the FBI investigation showed that no one going by the name provided by DPR existed in the area and even more disturbing no body was found in the area the murder is supposed to have happened.

Following the release of the complaint several theories have been discussed about the identity and the role played by FriendlyChemist and redanwhite. The main ones being:

A law enforcement (FC and R&W) operation targeting DPR.

Silk Road vendors (FC and R&W) ripping off DPR in an elaborate scam.

In any case, we are more inclined to believe DPR was the victim of an elaborate scam ran by Silk Road vendors. The main argument to back up this statement is the fact that Ross Ulbricht hasn't been charged of attempted murder in the NY complaint.

The complaint mentions the blackmailing episode which led to the fake murder of FriendlyChemist only to provide solid evidence that DPR is willing to use violence to protect his interests in Silk Road. We find extremely difficult to believe the FBI would miss the opportunity to charge DPR of attempted murder, as it was the case in the Maryland indictment, if they had undercover agents or privileged witnesses in the front-row seats ready confirm DRP hired a hitman to kill someone. One could argue the alleged DPR, Ross Ulbricht, is already charged with attempted murder in Maryland which could be "enough" for the prosecution to which we would reply there are not enough charges for a high profile target like DPR. Moreover the FBI wouldn't conceal evidence of an attempted murder if they had been "hired" by the suspect to carry the hit. Once again, it is important to keep in mind that Ross Ulbricht is not charged of any murder attempt in the NY complaint.

Parallel construction aside, the FBI might only have learnt about the murders attempt after they imaged and analysed a Silk Road server in July 2013, which allowed them next to access DPR and other users private messages and find evidences of the plot.

Now that we have the law enforcement theory out of the way let's have a look at the other one where Silk Road vendors might have colluded to extort DPR. You probably want to wear your tin foil socks and gloves at this point as the hat might not be enough. Also to avoid misunderstanding, we do not claim what follow is how the events occurred and we're only sharing some of our thoughts about the context of the murder-for-hire and the pseudo-identities of the different players.

While reading about the Lucydrop scam, we couldn't help noticing how some late events of the scam were fitting conveniently in the FriendlyChemist and Redandwhite timeline.

The first contact between FriendlyChemist and DPR occurred a week after Lucydrop was last active on the forum, at this occasion FriendlyChemist began threatening DPR to leak customer data he fraudulently acquired by allegedly hacking a vendor computer unless DPR pays him the sum of $500.000. The threats will continue for the next couple of days, period during which FriendlyChemist provides to DPR samples of customers names, addresses, orders information as well as the username and password of the vendor he claimed to have "hacked". The threats will stop the 15/03/2013. It is not specified in the complaint if DPR ever replied to any of FriendlyChemist messages so far so we will assume he didn't. The first reply from DPR to FriendlyChemist will only occurred 5 days later, the 20/03/2013.

Meanwhile, in a very convenient timing, the Lucydrop scam took an interesting twist.

The 15/03/2013, on the same day FriendlyChemist threats stopped, a user, RealLucyDrop, registered an account on the SR forum and posted a message claiming to be the "real" Lucydrop and that his account had been taken over few month earlier by his partner (screenshot 1 and screenshot 2). In this message, RealLucyDrop, explained how his partner took advantage of the fact he was in prison, to operate his Silk Road account, to ship weak/fakes products, to steal his work computer and to disappear with customers' money. As a result, RealLucyDrop is now trying to get in touch with DPR to have his "legitimate" Lucydrop "account shut down immediately and freeze all the funds in the account".

The 17/03/2013, RealLucyDrop says he finally made contact with DPR and seems confident that DPR will be able to confirm his identity and the alleged account take over (screenshot). As far as we known, there isn't any public record of DPR confirming any of RealLucyDrop claims. Nevertheless, couple of days after RealLucyDrop got in touch with DPR, the 20/03/2013, DPR, this time initiating the communication, contacts FriendlyChemist and ask him to tell his suppliers to contact him "so he can work out something with them".

If we put aside Lucydrop's scam and take the point of view of the extortion timeline we have the following succession of events:

07/03/2013 - Lucydrop last active on SR forum (screenshot). F

13/03/2013 - Silk Road vendor FriendlyChemist began sending threats to DPR through Silk Road's private message system. FriendlyChemist stated he had a list of real names and addresses of Silk Road vendors and customers. FriendlyChemist threatened to publish the information on the Internet unless DPR gave him $500.000, which FriendlyChemist indicated he needed to pay off his narcotics suppliers. NY

14/03/2013 - FriendlyChemist further threats to leak vendors and customers info. NY

15/03/2013 - FriendlyChemist provides DPR a sample of usernames, addresses and order information he wants to leak. He also sends DPR the username/password of a vendor he claimed to have hacked and obtained the data from. NY

15/03/2013 - Account RealLucyDrop is registered on the SR forum (screenshot). F

16/03/2013 - RealLucyDrop says he is the "real" Lucydrop and warned vendors not to buy from the Lucydrop accounts. The "real" lucydrop has apparently spent some time in prison (between 2 and 7 months) and was fucked over by his partner who scammed his customers and disappeared with his work computer (screenshot). F

17/03/2013 - RealLucyDrop said he made contact with DPR about the issue, and DPR should be able to confirm who he really is. (screenshot). F

20/03/2013 - Dread Pirate Roberts asks for FriendlyChemist's suppliers to contact him "so he can work out something with them". NY

21/03/2013 - Last message of RealLucyDrop on the forum (screenshot). F

25/03/2013 - redandwhite contacts DPR and introduces himself as one of the people FriendlyChemist owes money to. NY

Searching for Lucydrop posts on the forum we can see that the infamous "partner" is mentioned few times. As a matter of fact he seemed to have been the one who refused to ship to the USA in the first place as he "was not comfortable" with it and also the one who agreed "after much discussion" with Lucydrop to open up to the USA (screenshot 1 and screenshot 2). In what could just be a coincidence Lucydrop named his partner the "chemist" couple of times here and there (screenshots).

This sudden and unexpected apparition of RealLucyDrop definitely provides credibility to the vendor hack claimed by FriendlyChemist and must have put DPR into an uncomfortable situation as he is now dealing with a wild dog, over whom neither RealLucyDrop nor DPR seem to have control, threatening to leak a lot of customer data, putting the whole Silk Road at risk.

Yes, we think FriendlyChemist is Lucydrop's "partner".

Let's rewind a bit, speculate about what might have happened and streamline the succession of events

DPR is being threatened by FriendlyChemist (Lucydrop's "partner") claiming to have hacked a vendor (Lucydrop) and accessed customer data.

The hacked vendor (RealLucyDrop) makes a sudden appearance on the forum and explained his account had been hijacked by his partner. RealLucyDrop wants his real account Lucydrop closed, froze all transaction and give "proofs" to DPR he is the legitimate vendor. It provides in the same time credibility to FriendlyChemist claims and extortion attempt.

DPR eventually believes RealLucyDrop "proofs" and thus ask FriendlyChemist to ask his suppliers to contact him to arrange a solution.

Supplier (redandwhite) contacts DPR.

Now, what about the role of Lucydrop, who came back under the name "RealLucyDrop"? Is it a genuine call for help and was his account really hijacked by his partner? As briefly mentioned earlier, we believe the only purpose of the RealLucyDrop account was to have DPR buy the FriendlyChemist story and provide credibility to it. From the timeline, it appears it took few days for DPR to reply to FriendlyChemist and we don't really know if there was exchanges between them other than FC threats. Considering the lack of reaction of DPR, it was maybe decided to bring RealLucyDrop into the game. It might have been obvious for a majority of people but with hindsight we do know now that DPR lacked a bit of perspicacity in some situation to say the least. Another element makes us believe RealLucyDrop is part of the scam, the fake FriendlyChemist dox.

After DPR got in touch with redandwhite he provided him with a name and a place where FriendlyChemist apparently lived in White Rock, British Columbia. According to the fact that no one on Silk Road (site and forum) seems to remember or know FriendlyChemist neither as a buyer nor as a vendor, we wondered how come DPR had his address and knew he was living with a wife and 3 kids.

He could have got the address and name from a genuine and honest vendor who shipped to FriendlyChemist (minus the marital situation, maybe). To contact and identify a vendor he would just have to search for past transaction on Silk Road, if any, between vendors and FriendlyChemist.

Have had a privileged relationship with FriendlyChemist with enough trust to share personal details such as marital situation, real identity and address.

DPR accessed FriendlyChemist's private messages on SR which for some reason would contain his name, his address and his marital situation.

A third party provided him with the information.

If the information was obtained from a genuine and honest SR vendor it is likely at least the name and address would match and exist, simply for shipping purposes. Also, DPR doesn't provide a complete address and asked redandwhite "if it would be helpful to have his (FC) full address" as if he didn't have the complete information but could get it if necessary. Surely if the information was coming from a vendor who shipped to FriendlyChemist, he would have provided the full address (street, postcode) at once.

The privileged relationship and the private message snooping are just there for multiple choices purpose and very unlikely (I hear someone saying "like the rest of the nonsense I'm reading...", yes maybe).

It leaves us with the possibility of a third-party whoever it might be (friend, family, business partner etc.), who knows FriendlyChemist well enough or has a special relationship with him. The only person on our radar which fit the profile and could have the required information, or put differently, be legitimate enough to pretend to have correct & accurate information about FrendlyChemist, is once again the "real" Lucydrop. We are inclined to believe personal details about FriendlyChemist were provided when RealLucyDrop contacted DPR the first time, on the 17/03/2013, about his rogue partner and/or during the following days. If the "real" Lucydrop had really been scammed as he pretended on the forum, the FriendlyChemist's dox would have been at least partially correct, considering FriendlyChemist is a friend and family friend (screenshot). However, in this case fake contact details were provided which makes us think Lucydrop is part of the scam as well.

What about redandwhite...? He is presented as the supplier FriendlyChemist owes money to and the one DPR commissioned the murder of FriendlyChemist. His nickname implies he is part of a well known organisation, the Hells Angels Motorcycle Club, and it seems to be what DPR thought as well has DPR mentioned in his "diary" (wtf?), "talking with large distributor (hell's angels)". It is probably another attempt from the Canadian Scammer Crew to give credibility to the whole scam, hook DPR and somehow makes him feel impressed he is dealing with an high profile organisation. Is redandwhite really part of the Hells Angels? Probably not, we don't imagine the Hells Angels would use a nickname with such a strong connotation for real, moreover in an online scam, but it is difficult to say. However, would "someone", who is obviously aware of the strong involvement of the Hells Angels in the drug trade in Canada, risk to impersonate the Hells identity? It could be a risky bet, specially if that person is also based in British Columbia and also strongly involved in drug dealing as it seems to be the case. The Hells Angels are known not to appreciate people invoking their name when there is no formal association with the bikers (If you are interested in the Hells Angels and other British Columbia gangs you might want to read more on Gangsters Out and its associated blog. This particular page compile a comprehensive list of "known" gang members in Surrey and the Metro Vancouver Area. We never know... ).

Whatever the truth is about redandwhite pseudo-identity and affiliation the scam worked like a charm and it is fairly obvious he is part of the swindle as shown by the murder-for-hire of FriendlyChemist, where he sent a fake dead body picture to convinced DPR the job was done.

To summarize a this point:

Dread Pirate Roberts was the victim of a Silk Road vendor scam.

FriendlyChemist is possibly Lucydrop's partner.

Lucydrop and RealLucyDrop are part of the scam.

FriendlyChemist, Lucydrop and RealLucyDrop might be the same person/entity.

Redandwhite is part of the scam.

FriendlyChemist, Lucydrop, RealLucyDrop, redandwhite might be the same person/entity.

Following Friendlychemist fake murder, redandwhite told DPR that before killing FriendlyChemist they questioned him and he "spilled everything he knew" and "had identified another individual located in Surrey, British Colombia, who had been working together with FriendlyChemist on this scheme to blackmail" DPR, "and who had been running scams on Silk Road". Redandwhite said "the users went by the username tony76 on Silk Road", and provided a purported true name for the individual.

Tony76 back in business. It is a nice and sexy twist in the story but only half a surprise. From the look of it and assuming we are even partially right on th fact the whole extortion, murder-for-hire plot is a scam, it makes no doubt the alleged revelation of FriendlyChemist to redandwhite involving Tony76 are 100% false. Not that Tony76 is not part of the blackmail scheme but the information about Tony76 involvement has certainly not been retrieved from a dying FriendlyChemist. The choice of accusing Tony76 to be part of the plot is deliberate and destined to trigger a reaction from DPR. It didn't fail as DPR paid another 3000 BTC (approximately $500K at the time) for the assassination of Tony76 and his 3 mates. With Tony76's history on Silk Road it was pretty sure it would hook DPR a second time. Redandwhite (or whoever came up with the idea) was obviously aware of tony76's previous scams.

Was Tony76 involved in the scam? If we consider a possible link between Tony76 and Luccydrop then it is highly probable, but as most of what we've discussed so far it will need more evidences. If somehow Tony76 involvement in this scam could be confirmed it would be an absolute killer and pure genius.

Looking at the Bitcoin address 1MwvS1idEevZ5gd428TjL3hB2kHaBH9WTL used by redanwhite to receive payment from DPR, there is one particular transaction which makes us think there is maybe more to be revealed in that story and we could expect more "revelations".

on the 31/03/2013 DPR paid 1670 BTC to have FriendlyChemist killed

on the 08/04/2013 DPR paid 3000 BTC to have Tony76 and his three partners killed

on the 12/04/2013, 4 days after the previous DPR payment redandwhite received another payment of 2555 BTC.

Redandwhite Bitcoin address also provides solid evidences law enforcement were not involved in the murder-for-hire operation. As highlighted by Nicholas Weaver on twitter, if redandwhite was a law enforcement officer or confidential informant the coins would not have been sold/transferred by mid-august but kept as evidence until the case was closed, whereas here the coins are going through multiple addresses with a clear will to "wash" them.

We've tried to described the best we can some of the ideas and theories we have on that FriendlyChemist and redandwhite business trying to come up with a story which could make sense and explain some of the events of the timeline but we have to admit it is not an easy task with the available information and as of today it might sound like musings of a slightly confused person. Hopefully time will tell... If you want to discuss further this story you can do so on the following Reddit thread.

07/05/2014

Timeline of events surrounding the investigation and arrest of individuals involved in large scale importation of Methylone from China. An archive of the relevant court documents discussed below can be downloaded here

District of Maryland (Marco Polo Task Force) : GEORGE HANDEL KENNEDY

Eastern District of Virginia : BROWN SCROGGINS HADDOCK BAKER MOORE WALSH TAYLOR JONES TUTWILER

Middle District of Florida, Orlando Division : SALZMANN MAYELL

Western District of New York : BUERMAN VIERA YOUNG

District of Alaska : GATTIS

District court in and for Payne County, State of Oklahoma : JOHNSON

Misc : Silk Road forum Media Misc court document Blockchain

Over the past few months we've been looking at different sides of the Silk Road fallout. We first got interested in the identity of "The Employee", mentioned in Ross Ulbricht's Maryland indictment, then at the Tony76's scam and his potential involvement alongside FriendlyChemist and redandwhite in Dread Pirate Roberts murder-for-hire episode partially described in the New York complaint. Our goal was, and still is, to provide meaningful and contextual information surrounding the Silk Road investigation leading to Dread Pirate Roberts arrest. With the same goal in mind we've been looking in the past few weeks at a different side of the story focusing on law enforcements (LE) investigation and arrest of individuals involved in large scale importation of Methylone from China. For the readers not familiar with Research Chemicals (RCs), we would recommend, for once, to read that article from the Daily Mail, "The Chinese laboratories where scientists are already at work on the new 'meow meow", which should provide a bit of context for what will follow.

Before going in the Silk Road specific let's go back in February 2012, when Portsmouth Police Department's Special Investigations Unit (SIU) contacted Homeland Security Investigations (HSI) following a controlled purchased of suspected 3,4-methylenedioxymethamphetamine (MDMA) from an individual identified as Michael Casey Brown. Brown was suspected of importing MDMA from China. Upon his arrest, Brown waived his Miranda rights and stated "that during spring 2011, he received an email address from an acquaintance for a laboratory in China that could supply him with synthetic drugs. After verifying the email address on various internet forums designed to assert the legitimacy of synthetic drug wholesalers, Brown made contact with a particular laboratory, later identified as Kangshuo Biotech in Suzhou City, Jiangsu Province, China" from which he eventually received packages of Methylone in heavy duty plastic-type bags labelled as "Tungsten". Brown provided LE with all electronic communications he had with his contact, at the lab, named "Alice".

The modus operandi to pass the order was quite straight forward and common in most similar cases:

customer makes email contact with " Alice " to confirm pricing and availability;

" to confirm pricing and availability; customer places an order for Methylone via email to " Alice ";

"; customer or sidekick completes wire transfer to " Alice " for payment using Western Union/MoneyGram/other;

" for payment using Western Union/MoneyGram/other; customer contacts "Alice" via email to ensure "Alice" has received the funds;

" Alice " emails customer the EMS Worldwide Express Mail tracking number;

" emails customer the EMS Worldwide Express Mail tracking number; the package is, in general, delivered within five business days to the address provided upon order.

This somewhat "classic" police work was likely one of the starting point of investigations leading to many more arrest in the following months.

Few days after the search warrant at Brown's residence, "on February 15 2012, the United States Postal Inspection Service (USPIS) notified Hampton Roads Border Enforcement Security Task Force (HR-BEST) of multiple packages originating from Nanjing, China destined for an address on Sampson Place, Portsmouth, Virginia. These packages were identical to packages which had been identified in online purchases of Methylone and other controlled substances from another investigation". Those packages were shipped to an individual named Michael Haddock. The court documents don't provide much information about the Chinese labs the package originated from apart that the parcel contained sealed Mylar bag containing approximately 1kg of Methylone. At their arrival at Haddock's residence law enforcement were authorised to search the house and recovered "996.7 grams of Butylone, an analogue of 3,4-Methylenedioxy-N-methylcathinone (Methylone)1; 653 tablets of Dizaepam (which were not the FDA approved, prescribed medication); a total of 13.525 grams of 3,4-Methylenedioxy-N-methylcathinone (Methylone), a Schedule I controlled substance, and 0.840 gram of 4-Methylethcathinone, commonly known as 4-MEC, an analogue of Methcanthinone, a Schedule I controlled substance".

Couple of months later, the 19th April 2012 a message is posted on the research chemical board Euphoric Knowledge (EK) announcing the arrest of an administrator, w00t and inviting the members to leave the ship. Ten days earlier, on the 9th of April 2012 an affidavit was filed against Justin Steven Scroggins a/k/a "W00t", a/k/a "Dirk McDiggler" in the Eastern District of Virginia for conspiracy to Import an Analogue Controlled Substance. Scroggins was "initially identified by a Cooperating Defendant (CD#1) in this investigation". "On almost daily basis since March 16, 2012, Scroggins has been observed discussed his use, importation and distribution of various controlled substances to include but not limited to: Cocaine, Marijuana, and various synthetic drugs". On April 5th, 2012, LE monitored a recorded three-way video conference on Skype between Scroggins, CD#1, and an individual using the Skype name "reidtang", discussing importing several synthetic drugs from reidtang's laboratory in China. The drug would be ordered by CD#1, from reidtang's laboratory, on behalf of Scroggins. Scroggins agreed to send the money to CD#1 so he could place the order. On April 7th, Special Agent (SA) Brian R. Lewis intercepted a "package of U.S Currency being shipped to #CD1 from Scroggins at the Broad Street Post Office in Portsmouth, Virginia" with the tracking number "EI250466728US". Scroggins will be arrested the 10th of April 2012, and word of the arrest spread within the community few days later, enventually leading to EK shutdown.

Let's have a short review of the previous events before going further.

Brown, et al. seem to have been nailed due to a controlled purchase. A controlled purchase, as the name implies, is a buy controlled by the LE officers. Depending on the context, LE or an informant, under supervision of LE, will buy the controlled substances from the target and from there secure a search/arrest warrant. There isn't much information about the context of the purchase but we know it involves a Source of Information (SOI) or say in a simple way, an informant. The Scroggins affidavit is much more explicit, directly mentioning a Cooperating Defendant (CD). There isn't any doubt the CD in this case is Michael Haddock, as the package sent by Scroggins to the CD was signed by M. Haddock. We might never know for sure but to Haddock misfortune, he seems to have been a collateral damaged of the Brown's investigation. Indeed, Haddock's statement of facts says that the packages intercepted by the United State Postal Inspection Service (USPIS) were seized as they were "identical to packages which had been identified in online purchases of Methylone and other controlled substances from another investigation". At the view of this map and the fact both Brown and Haddock likely receive packages at the same post office it wouldn't be surprising.

Fast forward to another arrest and a criminal complaint filed in September 2013 against Joshua Buerman for possession with intent to distribute, and distribution of a detectable amount of Methylene, a Schedule I controlled substance, and a mixture and substance containing 4-Methyl-n-ethylcathinone, a/k/a "4-MEC", an analogue of Methcathinone, a Schedule I controlled substance, if intended for human consumption. Buerman first came under the radar of LE in the state of Michigan, in May 2012, when federal agents started investigating a website owned by Buerman, named "fantasiesworldwide.com" selling all sorts of research chemicals using the email address fantasiesworldwide@hushmail.com (screenshot) and described as a "profitable business of importing and distributing illegal controlled substances and controlled substance analogs", some of which was obtained, again, from China. Unlike other court documents this one provide interesting information about the chinese source of supply.

"On or about July 12, 2013, the Honorable Frank P. Geraci, Jr, United States District Judge, Western District of New York, issued an order pursuant to Section 2518 of Title 18, United States Code, authorizing the 30 day interception of electronic communications occurring over the electronic mail facility assigned to the address alicechoica@gmail.com (hereafter, "Target Account") an electronic mail (email) account that was created on or about June 2, 2007, under the Registered Account Holder name of Alice Choica. The Account Holder is believed to be living on mainland China. Those contacting this email address generally refer to the user as Alice. Electronic communications were intercepted between approximately 20:37 (GMT) on July 23rd, 2013 through August 22, 2013".

It is not clearly specified how the investigation on Buerman identified Alice as being Buerman's source of Methylone but alicechoica@gmail.com had already been under surveillance for a while. Indeed the criminal complaint mentions that "HSI SA Brian Lewis of Norfolk, Virginia (EDVA) was also investigating a Chinese source of supply of illicit chemicals using the email address alicechoica@gmail.com" and that as early as the 14th March 2012 "a federal search warrant was issued for the Target Account in the Eastern District of Virginia by United States Magistrate Judge F. Bradford Stillman. That warrant resulted in the production of several thousand email communications going to and from the Target Account, all of which clearly demonstrated that the individual utilizing the Target email address was actively distributing controlled substances and analogue substances throughout the United States". Careful readers will maybe have noticed few important details:

HSI SA Brian Lewis, is the same federal agent who investigated Brown, Haddock and Scroggins in the Eastern District of Virginia.

Brown's contact at the Chinese Lab was named Alice

The judge F. Bradford Stillman who issued the search warrant for the target email alicechoica@gmail.com is the same judge that signed Brown's affidavit

is the same judge that signed Brown's affidavit Brown's affidavit was filed the same day, 14th March 2012, the search warrant for the target email alicechoica@gmail.com was issued

In total at least three search warrants and one live interception of emails, in at least two distinct investigations have been issued for the "Target Account" alicechoica@gmail.com between March 2012 and July 2013:

14th March 2012, Eastern District of Virginia issued a search warrant on the Target Account.

September 2012, Unspecified district issued a search warrant on the Target Account.

May 2013, Unspecified district issued a search warrant on the Target Account.

23rd July 2013, Western District of New York authorized a 30 day interception period on Target Account. "Electronic communications were intercepted between approximately 20:37 (GMT) on July 23rd, 2013 through August 22, 2013.

We will note that two versions of the Buerman's affidavit have been published. A complete version, filed the 13th September 2013, and a redacted version, 10 days later, the 25th September 2012. The redacted version is now the "only" version available on PACER. The redacted version of the affidavit is stripped of all information helping identification of the source of supply. DEA agents clearly fucked up here and published much more information than intended or didn't think of the consequences for other "on-going" investigation as some people are as of today are still doing business with this supplier.

What about the Chinese labs?

Kangshuo Biotech - Brown affidavit mentions a laboratory "later identified as Kangshuo Biotech in Suzhou City, Jiangsu Province, China" as the source of importation. The "Contact Us" page, available on the website, contains a slight discrepancy regarding the laboratory address as two different addresses are listed.

Zhongshan Road, Nanjing City, Jiangsu Province, China

Laodong Road, Suzhou City, Jiangsu Province, China

In another case involving the importation of Methylone from China (also investigated by SA Brian R. Lewis in the Eastern District of Virgina between August 2012 and October 2012), United States of America v.Moore, Taylor, Walke, the affidavit says that in "a subsequent search of Taylor's vehicle, pursuant to the sarch warrant, several envelopes containing bank statements were retrieved. In reviewing these records, two wire transfers to Kangshuo Biotech's account at the Shenzen Development Bank in china were discovered. Kangshuo Biotech is the laboratory that was contacted by Moore an Taylor, and the same laboratory responsible for shipping packages of Methylone to Moore from China. A review of the traffic between mirandabailey@hushmail.com and Kangshuo Biotech shows that the bank wires correspond to orders of Methylone placed by Moore and Taylor". Kangshuo Biotech mentioned again as the chinese source of Methylone.

KaiKai Technology - Buerman court's documents don't clearly specify the name of the laboratory used as wholesaler however the operator of alicechoica@gmail.com instructs Buerman to do a Western Union transfer matching the address of a lab named KaiKai Technology. The contact page of Nanjing KaiKai Technology, as of today, display a different address, but older references of the address, as mentioned in Buerman affidavit, can be found here, here or there. You will also notice that two different contact persons are associated with the lab: Kevin Peng (kevin.pengchem@gmail.com, kevinpengchem@hotmail.com) and Alice Choi (which we can safely assume is the account holder of alicechoica@gmail.com).

Jiangyin Abigale Chemical - The recorded Skype conversation from the Scroggins affidavit involved, at least, (some says another Euphoric Knowledge administrator known as WipedOut might have been of the party), MrMike, w00t and an individual going by the name reidtang. Reidtang is easily associated with Jiangyin Abigale Chemical Company, Jiangsu Province, China. The lab is linked to the email address reidsales@hotmail.com and list reidtang as Skype contact. We also know thanks to the lovely "Tips tricks and tidbits from your husband: Mr. Mike" that Haddock was using at least 3 different suppliers. It shouldn't come as a surprise that one of the other lab Haddock ordered from as some point in the past is associated with good old alicechoica@gmail.com. Indeed MrMike reviewed alicechoica@gmail.com several times between May and December 2011. Unsurprisingly, w00t was also alicechoica@gmail.com's customer as shown by this comment from November 2011.

Shanghai Yidai Cosmetic - Shanghai Yidai Cosmetic is mentioned in Buerman's court documents in relation with two other cases. It is not really clear if it is a laboratory or just a company name used on the label of the packages. Robin Gattis' superseeding indictment refers to suppliers suggesting to "add a fake company name" which would tend to think it is common practice. In any case, "about February 7, 2012, a package arrived at the CBP Port of Entry (POE), Anchorage, Alaska, from SHANGHAI YIDAI COSMETIC CO LTD, Shanghai, China. The packages was addressed to Brad Vannater", Buerman's partner at FWW, in Michigan. "The package was manifested as containing matt hardener and had a listed weight of one (1) kilogram. The packages cleared CBP and was not seized. One day earlier, that is February 6, 2012, "another package manifested as 'matt hardener' was shipped from the same Chinese company, SHANGHAI YIDAI COSMETIC CO.LTD. through the POE, Anchorage, Alaska. This particular package was being shipped to Robin Gattis, Wasilla, Alaska. Unlike the package sent to VANNATTER, the package shipped to Gattis was actually seized and searched by CBP, pursuant to their border search authority. According to HSI Special Agent Ty Bishop (Anchorage, Alaska) the "matt hardener" tested positive for Methylone". The package seizure was followed by a controlled delivery and arrest of Gattis. Court documents shows that Gattis' Chinese source was using the email address rcsupplier0526@gmail.com. This email address has also been associated with a lab named defchem and other websites like http://www.ur144.net. Buerman's affidavit only mentions alicechoica@gmail.com as the source of importation of methylone. Does it mean Shanghai Yidai Cosmetic is also related with Alice or Buerman was using multiple labs. The latest would have our preference but it doesn't exclude the other possibility as well. MrMike and w00t were also linked to rcsupplier0526@gmail.com as shown here and there. Buerman's affidavit also says that "additional research conducted by CBP Officer Witt revealed that on March 29, 2012, CBP, POE Cincinnati, Ohio seized 504 grams of Methylene that was sent from the SHANGHAI YIDAI COSMETIC CO to a recipient unrelated to the investigation into Fantasy Worldwide. The shipment was also manifested as "matt hardener". Unfortunately we didn't manage to locate a case referring to this interception.

Anyway, by looking a bit more in details about the labs it looks like email addresses like alicechoica@gmail.com, rcsupplier0526@gmail.com and others act as "brokers" or "middle-man/woman" between the customers and the labs and are not necessary associated with one single laboratory. It is also obvious that the previously mentioned middle men/women were (still are?) extremely popular over the years and have been used on regular basis as main source of supply by multiple RC vendors. For example, the different email addresses and contact details of Alice, KaiKai Technology or Kevin Peng have of a total of more than 300 ratings and reviews on specialised websites. Last but not least, the labs are all located quite close from each other and seem to be settled around a specific areas in China, which greatly help package identification by law enforcement.

We started with that daily mail article and the self-proclaimed King of RC industry, Eric Zhang, we might as well close that chapter with him. If you wondered if Eric Zhang made it to Eric-99, you will be interested to know that he was apparently arrested, back in December 2012, in China and is still wanted in the US after having been indicted in June 2012. A winner.

Now, how everything we discussed so far is related to Silk Road? To be honest we don't really know but we thought it would be interesting to look at other cases involving the importation of Methylone from China since the known Silk Road vendors investigated by the Marco Polo Task Force and indicted in Maryland, namely Jacob Theodore George, David Lawrence Handel, and Sheldon Kennedy, share the common characteristic of having imported large scale of Methylone from China and sold it on the Road.

The Silk Road Travellers 07/05/2014 This chapter is a follow-up of "The 中文 Connection". Jacob Theodore George IV a/k/a "Digitalink" is allegedly the first Silk Road vendor to have been arrested by the Marco Polo Task Force, sometimes in January 2012 (or maybe November 2011, depending on how much you trust what is being thrown around). One sure thing is Digitalink already had past history with law enforcement. After his latest offence in 2009 he was sentenced to 3 years of jail, in May 2010, which was suspended for some reason. The court only ordering him to "abstain from Heroin and illegal drugs". Digitalink registered on Silk Road forum in June 2011, a month later, in July 2011, he received a "love letter" for a package containing Methylone seized by USPS. Despite the advices from other forum members to not claim the package and forget about it, Digitalink claimed ownership and got it re-delivered (original thread available here). Eventually, the 19th January 2012, after repeated recent arguments with customers he decided to close down his shop. You can read about Digitalink's Silk road "history" on Reddit or here if interested in more details. Kennedy's indictment mentions a Confidential Source (CS) in Maryland which started cooperating with Homeland Security Investigation in November 2011. "Starting in November 2011, agents with Homeland Security Investigation conducted several interviews with a source in Maryland (CS-1). CS-1 had been selling illegal drugs on Silk Road. CS-1 explained how Silk Road worked to the agents, and voluntary provided access to CS-1's Silk Road accounts, email accounts, and Bitcoin account that documented CS-1's own involvement in Silk Road. CS-1's computer was also found to contain CS-1's "customer records", including names and addresses of hundreds of individuals (in the United States and other countries) that receive drug shipments from CS-1. Agents assumed the online identity of CS-1, including CS-1's Silk Road user account". The timeline, the fact Jacob Theodore George IV is from the Baltimore area and was described by ICE HSI Special Agent in Charge William Winter as "the first vendor on Silk Road selling illegal drugs to be arrested" would point toward Digitalink as being the CS. As much as we genuinely think the CS mentioned in the document is Digitalink, there are some things just not right the way it is presented in the court document. Indeed going through Digitalink's forum posts, in November 2011, December 2011 and part of January 2012, it seems to be business as usual; giving away samples, putting up new listings, getting good feedbacks from customers, and no obvious complains. It doesn't really fit the profile of a law enforcement managed account. Surely if he was taking orders and not shipping the product, buyers would have complained as it actually happened at the end of January 2012 around the time Digitalink was arrested (18th January 2012, according to the indictment, thus a day prior to announce he was closing his shop on Silk Road). Also, as shown in other indictments and affidavits, law enforcement doesn't hesitate to backlog as far as possible in time to get the maximum charges when they have the opportunity to do so (Buerman and Taylor cases being perfect examples). Digitalink was an early vendor on Silk Road, and started vending around July 2011 why would he be charged only from November 2011 as it is the case in the indictment? We first thought it was because Methylone was still legal in Maryland before November 2011, but that wouldn't work out well since the "Federal Analog Act" passed in 1986 and Digitalink would definitely not go away with "I was selling/buying methylone for plants, trust me mister officer it is not for human consumption". LE might just have ignored the July - November period as Digitalink cooperated during the investigation. A footnote in Kennedy's affidavit says that "CS-1 was initially not truthful about being a drug dealer on Silk Road. CS-1 was also arrested because he continued to use illegal drugs after his first interview with agents. However, the information provided by CS-1 relied upon in this affidavit has been corroborated by agents' review of the CS-1's Silk Road and email accounts, and files contained on CS-1's computer", which we understand as the CS must have had interviews with HSI agents sometimes in November 2011 for an offence not immediately correlated with Silk Road (maybe related to the July seized package or another package intercepted) or simply unrelated with Silk Road (probation violation), walked free pending further investigation but continued vending on Silk Road until his arrest in January 2012. Jacob George's plea agreement seems to support this hypothesis as "In January 2012, the defendant voluntarily admitted to federal agents with Homeland Securities Investigations that he acquired and sold drugs as described above" and "The records corroborated his statement that he had received three shipments of methylone from China since November 2011, with a combined quantity totalling more than 570 grams". Digitalink received three shipment of Methylone from China between November 2011 and January 2012. He refers to the "re-stock" openly in his vendor thread on the 19th November 2011, the 20th December 2011 and around the 30th of December. The fourth shipment didn't seem to have make it to its final destination and Digitalink suspected his package had been seized after it stayed few days in customs. Five days later he will be arrested by HSI Baltimore or what became the Marco Polo Task Force. If you've made it so far and peaked at some of the affidavits and complaints from other cases you should have an idea of what might have happened (the search warrants and analysis are provided below as examples and are NOT related with Digitalink case): CBP officers (or United States Postal Inspector) intercepted a suspicious package from China.

A federal search warrant was applied for and received to search the content of the package.

The seized parcel was opened and examined by CBP officers (or United States Postal Inspector).

An "unknown" white powder was found and a CBP Laboratory Analyst conducted a preliminary on-site screening analysis, which indicated the unknown white powder contains Methylone (4methylenedioxymethcathinone), a Schedule I Controlled Substance (An emergency ban was put into place by the DEA on 21 October 2011).

The suspected drugs were seized and replaced with another substance.

An order authorizing the installation and monitoring of an electronic alerting device and global positioning system (GPS) tracker was obtained from a magistrate.

Law enforcement officers executed a controlled delivery of the suspect parcel (from the post office, or directly at the address indicated on the package).

Upon opening of the package, law enforcement arrested the suspect(s). Another possibility that could explain the bizarre timing and how Digitalink potentially became a CS is his background in the "P2P scene". One of the first message of Digitalink on the Silk Road forum was about him being the "leader" of EP1C/T0XiC-iNK movie release group. In July 2011, to add insult to injury, Digitalink posted a message with a PGP key associated with the email address digital.ink@live.com, which can easily be linked to his P2P activities under the name iNK. In a nutshell, Digitalink was part of different release groups under the multiple nicks KoOlWaReZ, EP1C, T0XiC-iNK, iNK or DiGiTALiNK. Back in 2011 he got accused of having snitched on several other members of the scene. The highlight being the arrest of former partners, the iMAGiNE release group, in September 2011 when an "ICE joint operation got them" according to Digitalink. You can read about Digitalink background in the P2P scene here (screenshot) and will notice he was already kind of infamous back then. Not sure which way around it worked out, it is kind of irrelevant, but the iMAGiNE bust would have been a good enough reason to pay a visit to Digitalink due to his past relations with iMAGiNE regardless if he cooperated with law enforcement before September 2011 or not. To be honest it is quite difficult to find out the part of truth in this story, but we found the information worth mentioning regardless.

Digitalink forum account was active until the 26th of January 2012, almost 10 days after his arrest which would confirm what is being said in Kennedy's affidavit that "Agents assumed the online identity of CS-1, including CS-1's Silk Road user account".

Another individual reported arrested by the Marco Polo Task Force is David Handel. Kennedy's affidavit explains that "other individuals charged in the District of Maryland in connection with the Marco Polo task force include Jacob Theodore George IV (CCB-13-0593), Curtis Clark Green (CCB-13-0592), and David Lawrence Handel (CCB-13-0313)". A particularity of Handel court document, contrary to George or Kennedy for example, is that there is neither a reference made as Handel being a Silk Road vendor nor a nickname associated with its identity. The only element linking him to Silk Road is the Marco Polo Task Force, which as far as we understand its role, was/is dedicating resources to investigate drugs trade surrounding the hidden service. Handel seems to have been arrested around the 22nd of August 2012 and was charged for distribution and possession of research chemicals, namely Methylone, 2C-E and 2C-B. Another charge include "use and carry a firearm, that is a Glock 26, Serial Number SRP018, during and in relation to a drug trafficking crime" (the terms "use and carry a firearm" are different than "brandishing and discharging a firearm", see Bailey v. United States for more information, as the terms "use a firearm" seem open to lengthy discussions and interpretations). This second count in the indictment would suggest Handel was actively retrieving (or selling) the drug carrying a firearm, on him or in his car, rather than chilling home waiting for a disguised postman carrying a controlled delivery.

Going through the old Silk Road forum, we found an interesting vendor profile who shares similarities with what is known of Handel from his indictment and could be his Silk Road alter ego a/k/a davidd:

davidd was a big and reputable vendor selling research chemicals. By February 2012 he was " ranked #31 out of 298 sellers with 99.6% positive feedback from more than 500 transactions ".

". his last post on the forum is around the 6th of August 2012, three weeks before Handel arrest.

On the 30th of September 2012, limetless, at the time still forum moderator, posted a message he received from an acquaintance of davidd saying that davidd had been arrested "Aug 21-22 when he went to pick up at LEAST a kilo of 2c-e. I believe his suppliers were busted as many Chinese labs have been busted recently as a product of Operation Log Jam".

Law enforcement obviously tried to make the most of the accounts they took over after an arrest, by listing bulk, which increases the chances to catch a reseller, and privately contacting other Silk Road user to secure deals privately, the goal in both cases being to get a delivery address to work with. Almost a month after davidd's arrest, limetless was contacted by what he thought was davidd for some MDMA business (full thread). The operator of davidd's account was slightly pushing to get limetless to send him a delivery address so he could send a sample of the product. Limetless almost fall for it, but luckily for him, a post on the "rumour mill" forum saved his ass (full thread).

Last but not least, Sheldon Kennedy a/k/a edgarnumbers was also investigated by the Marco Polo Task Force and indicted in the District of Maryland. As digitalink indictment, we would also defined this one as "bizarre" from a timeline point of view. LE apparently got edgarnumbers' shipping address and name using information provided by a confidential source (CS-1 likely being Digitalink, as already discussed), implying that CS-1 sold drugs to Kennedy and thus had his dox, which was probably found on CS-1's computer. From there LE agents went through a background and records checks on Kennedy, revealing for example that a package originating from China to Kennedy had been intercepted in January 6th 2012 and other information about Kennedy's online footprint found through online searches (social media and gmails accounts). The indictment also reveals buys made by LE from edgarnumbers, including drugs and weapons, part of the "100 individual undercover purchases of controlled substances from Silk Road vendors" between November 2011 and September 2013 made by law enforcement agents.

Problem with the affidavit version is we know that the packages intercepted January 6th 2012 mentioned in the affidavit was originating from China and shipped by one of the friendly Chinese lab discussed in The 中文 Connection and under close monitoring from LE starting (it could possibly be earlier) March 2012. It is not stated in the court document what happened to the seized package but Kennedy received a love letter a month after the interception, on the 3rd of February 2012. The way the affidavit is put together would make one think the interception resulted from the information provided by CS-1, where it is probably not the case as Digitalink (if being the CS-1) was likely not cooperating yet at the time. Agents in Maryland learnt about that interception during a background checks on Kennedy's name and address from CBP at a later point in time, sometimes in March 2012 would be an educated guess, which tells us that by February 2012 the Marco Polo Task Force probably neither knew Kennedy was vending on Silk Road nor that he was using the alias edgarnumbers, which would have otherwise probably resulted in a controlled delivery upon interception of the package and made him by the same occasion the first Silk Road vendor arrested in early January 2012, an occasion not to be missed.

Another element which raises questions about the accuracy of the affidavit is the execution of the search warrant at Kennedy's residence, which supposedly happened on the 28th of June 2013, more than a year and half after the intercepted package by CBP in San Francisco and a year after edgarnumber was allegedly seen "taking packages to the Post Office" which were again intercepted by HSI and USPS inspector on the 7th of May 2012. It doesn't make sense to spend time on surveillance, background and record checks through the first half of 2012 and execute a search warrant almost a year after, which would have been plenty of time for the suspect to clean up evidences. In our opinion, the search warrant was executed much earlier in time. It is possible it is an error/typo from the agent who wrote the affidavit and the search warrant was in fact executed the 28th of June 2012. Moreover, you would expect LE to want an informant and/or a vendor account to work with as early as possible in the investigation rather than later.

We've also searched for the Bitcoin transactions mentioned in the affidavit as it is said that "on or about April 5, 2012, and undercover HSI agent purchased a gram of cocaine from Kennedy, for 21.28 Bitcoin" and "on or around May 24, 2012" another "agent paid 151.08 Bitcoins" for a Glock 26. However, none of the transactions could be located on the blockchain. We've also looked at other close enough dates around the time frame without success (if you have more luck, feel free to contact us).

Few final, random, thoughts to wrap up:

In real life investigation (as opposed as online related), the DEA mostly build cases through informants. It seems that the recipe for online investigation is very similar and didn't require much change of habits. Orders (buy/walk), informant, accounts take over (undercover), sample address (packages interception) and controlled deliveries are the main tools available and used.

In most of the cases we reviewed the suspect targeted by the investigation waived his Miranda rights and cooperated with LE in one way or another after the first interview. Gentle reminder that it is in your own interest that you Don't talk to the police whatever happen. At least be prepared not to, even when caught red-handed. If a collaboration is an option or could help, let your lawyer play the game.

whatever happen. At least be prepared not to, even when caught red-handed. If a collaboration is an option or could help, let your lawyer play the game. Affidavits and other criminal complaints only contain information sufficient to establish probable cause of a crime so a judge will provide a search/arrest warrant.

Affidavits are written in such a way that one can believe an action A is the result of B where in reality both are unrelated. Don't trust them, read between lines when possible and remember the DEA operates parallel construction.

Looking for other Silk Road vendors profiles selling Methylone in Bulk from US, with that ziploc bag on a white-ish table, would probably show other Silk Road vendors who have been arrested/compromised by the Maro Polo Task Force → Search for this if you have vendors pages backup.

Search for this if you have vendors pages backup. Offering samples is an easy way for LE to source delivery addresses.

Using the same alias as vendor and buyer must obviously not be done but it is our opinion that using the same shipping address is risky. Assuming a buyer address is found by LE after a vendor is arrested, LE will likely run a background check (CBP for example) on the name and address, with the possibility it shows up as well in other intercepted communication (Chinese lab for example) or increase the risk of package seizure in general. To be avoided.

Encryption of all communication is mandatory and shouldn't be seen as an option, never, as LE wiretaps communications and backlog to add charges through email searches etc.

There isn't such 