There are lots of ways to make money: You can earn it, find it, counterfeit it, steal it. Or, if you’re Satoshi Nakamoto, a preternaturally talented computer coder, you can invent it. That’s what he did on the evening of January 3, 2009, when he pressed a button on his keyboard and created a new currency called bitcoin. It was all bit and no coin. There was no paper, copper, or silver—just thirty-one thousand lines of code and an announcement on the Internet.

It’s not clear if bitcoin is legal, but there is no company in control and no one to arrest. Illustration by Grafilu

Nakamoto, who claimed to be a thirty-six-year-old Japanese man, said he had spent more than a year writing the software, driven in part by anger over the recent financial crisis. He wanted to create a currency that was impervious to unpredictable monetary policies as well as to the predations of bankers and politicians. Nakamoto’s invention was controlled entirely by software, which would release a total of twenty-one million bitcoins, almost all of them over the next twenty years. Every ten minutes or so, coins would be distributed through a process that resembled a lottery. Miners—people seeking the coins—would play the lottery again and again; the fastest computer would win the most money.

Interest in Nakamoto’s invention built steadily. More and more people dedicated their computers to the lottery, and forty-four exchanges popped up, allowing anyone with bitcoins to trade them for official currencies like dollars or euros. Creative computer engineers could mine for bitcoins; anyone could buy them. At first, a single bitcoin was valued at less than a penny. But merchants gradually began to accept bitcoins, and at the end of 2010 their value began to appreciate rapidly. By June of 2011, a bitcoin was worth more than twenty-nine dollars. Market gyrations followed, and by September the exchange rate had fallen to five dollars. Still, with more than seven million bitcoins in circulation, Nakamoto had created thirty-five million dollars of value.

And yet Nakamoto himself was a cipher. Before the début of bitcoin, there was no record of any coder with that name. He used an e-mail address and a Web site that were untraceable. In 2009 and 2010, he wrote hundreds of posts in flawless English, and though he invited other software developers to help him improve the code, and corresponded with them, he never revealed a personal detail. Then, in April, 2011, he sent a note to a developer saying that he had “moved on to other things.” He has not been heard from since.

When Nakamoto disappeared, hundreds of people posted theories about his identity and whereabouts. Some wanted to know if he could be trusted. Might he have created the currency in order to hoard coins and cash out? “We can effectively think of ‘Satoshi Nakamoto’ as being on top of a Ponzi scheme,” George Ou, a blogger and technology commentator, wrote.

It appeared, though, that Nakamoto was motivated by politics, not crime. He had introduced the currency just a few months after the collapse of the global banking sector, and published a five-hundred-word essay about traditional fiat, or government-backed, currencies. “The root problem with conventional currency is all the trust that’s required to make it work,” he wrote. “The central bank must be trusted not to debase the currency, but the history of fiat currencies is full of breaches of that trust. Banks must be trusted to hold our money and transfer it electronically, but they lend it out in waves of credit bubbles with barely a fraction in reserve.”

Banks, however, do much more than lend money to overzealous homebuyers. They also, for example, monitor payments so that no one can spend the same dollar twice. Cash is immune to this problem: you can’t give two people the same bill. But with digital currency there is the danger that someone can spend the same money any number of times.

Nakamoto solved this problem using innovative cryptography. The bitcoin software encrypts each transaction—the sender and the receiver are identified only by a string of numbers—but a public record of every coin’s movement is published across the entire network. Buyers and sellers remain anonymous, but everyone can see that a coin has moved from A to B, and Nakamoto’s code can prevent A from spending the coin a second time.

Nakamoto’s software would allow people to send money directly to each other, without an intermediary, and no outside party could create more bitcoins. Central banks and governments played no role. If Nakamoto ran the world, he would have just fired Ben Bernanke, closed the European Central Bank, and shut down Western Union. “Everything is based on crypto proof instead of trust,” Nakamoto wrote in his 2009 essay.

Bitcoin, however, was doomed if the code was unreliable. Earlier this year, Dan Kaminsky, a leading Internet-security researcher, investigated the currency and was sure he would find major weaknesses. Kaminsky is famous among hackers for discovering, in 2008, a fundamental flaw in the Internet which would have allowed a skilled coder to take over any Web site or even to shut down the Internet. Kaminsky alerted the Department of Homeland Security and executives at Microsoft and Cisco to the problem and worked with them to patch it. He is one of the most adept practitioners of “penetration testing,” the art of compromising the security of computer systems at the behest of owners who want to know their vulnerabilities. Bitcoin, he felt, was an easy target.

“When I first looked at the code, I was sure I was going to be able to break it,” Kaminsky said, noting that the programming style was dense and inscrutable. “The way the whole thing was formatted was insane. Only the most paranoid, painstaking coder in the world could avoid making mistakes.”

Kaminsky lives in Seattle, but, while visiting family in San Francisco in July, he retreated to the basement of his mother’s house to work on his bitcoin attacks. In a windowless room jammed with computers, Kaminsky paced around talking to himself, trying to build a mental picture of the bitcoin network. He quickly identified nine ways to compromise the system and scoured Nakamoto’s code for an insertion point for his first attack. But when he found the right spot, there was a message waiting for him. “Attack Removed,” it said. The same thing happened over and over, infuriating Kaminsky. “I came up with beautiful bugs,” he said. “But every time I went after the code there was a line that addressed the problem.”

He was like a burglar who was certain that he could break into a bank by digging a tunnel, drilling through a wall, or climbing down a vent, and on each attempt he discovered a freshly poured cement barrier with a sign telling him to go home. “I’ve never seen anything like it,” Kaminsky said, still in awe.

Kaminsky ticked off the skills Nakamoto would need to pull it off. “He’s a world-class programmer, with a deep understanding of the C++ programming language,” he said. “He understands economics, cryptography, and peer-to-peer networking.”

“Either there’s a team of people who worked on this,” Kaminsky said, “or this guy is a genius.”

Kaminsky wasn’t alone in this assessment. Soon after creating the currency, Nakamoto posted a nine-page technical paper describing how bitcoin would function. That document included three references to the work of Stuart Haber, a researcher at H.P. Labs, in Princeton. Haber is a director of the International Association for Cryptologic Research and knew all about bitcoin. “Whoever did this had a deep understanding of cryptography,” Haber said when I called. “They’ve read the academic papers, they have a keen intelligence, and they’re combining the concepts in a genuinely new way.”

Haber noted that the community of cryptographers is very small: about three hundred people a year attend the most important conference, the annual gathering in Santa Barbara. In all likelihood, Nakamoto belonged to this insular world. If I wanted to find him, the Crypto 2011 conference would be the place to start.

“Here we go, team!” a cheerleader shouted before two burly guys heaved her into the air.

It was a foggy Monday morning in mid-August, and dozens of college cheerleaders had gathered on the athletic fields of the University of California at Santa Barbara for a three-day training camp. Their hollering could be heard on the steps of a nearby lecture hall, where a group of bleary-eyed cryptographers, dressed in shorts and rumpled T-shirts, muttered about symmetric-key ciphers over steaming cups of coffee.

This was Crypto 2011, and the list of attendees included representatives from the National Security Agency, the U.S. military, and an assortment of foreign governments. Cryptographers are little known outside this hermetic community, but our digital safety depends on them. They write the algorithms that conceal bank files, military plans, and your e-mail.

I approached Phillip Rogaway, the conference’s program chair. He is a friendly, diminutive man who is a professor of cryptography at the University of California at Davis and who has also taught at Chiang Mai University, in Thailand. He bowed when he shook my hand, and I explained that I was trying to learn more about what it would take to create bitcoin. “The people who know how to do that are here,” Rogaway said. “It’s likely I either know the person or know their work.” He offered to introduce me to some of the attendees.

Nakamoto had good reason to hide: people who experiment with currency tend to end up in trouble. In 1998, a Hawaiian resident named Bernard von NotHaus began fabricating silver and gold coins that he dubbed Liberty Dollars. Nine years later, the U.S. government charged NotHaus with “conspiracy against the United States.” He was found guilty and is awaiting sentencing. “It is a violation of federal law for individuals . . . to create private coin or currency systems to compete with the official coinage and currency of the United States,” the F.B.I. announced at the end of the trial.

Online currencies aren’t exempt. In 2007, the federal government filed charges against e-Gold, a company that sold a digital currency redeemable for gold. The government argued that the project enabled money laundering and child pornography, since users did not have to provide thorough identification. The company’s owners were found guilty of operating an unlicensed money-transmitting business and the C.E.O. was sentenced to months of house arrest. The company was effectively shut down.

Nakamoto seemed to be doing the same things as these other currency developers who ran afoul of authorities. He was competing with the dollar and he insured the anonymity of users, which made bitcoin attractive for criminals. This winter, a Web site was launched called Silk Road, which allowed users to buy and sell heroin, LSD, and marijuana as long as they paid in bitcoin.

Still, Lewis Solomon, a professor emeritus at George Washington University Law School, who has written about alternative currencies, argues that creating bitcoin might be legal. “Bitcoin is in a gray area, in part because we don’t know whether it should be treated as a currency, a commodity like gold, or possibly even a security,” he says.

Gray areas, however, are dangerous, which may be why Nakamoto constructed bitcoin in secret. It may also explain why he built the code with the same peer-to-peer technology that facilitates the exchange of pirated movies and music: users connect with each other instead of with a central server. There is no company in control, no office to raid, and nobody to arrest.

Today, bitcoins can be used online to purchase beef jerky and socks made from alpaca wool. Some computer retailers accept them, and you can use them to buy falafel from a restaurant in Hell’s Kitchen. In late August, I learned that bitcoins could also get me a room at a Howard Johnson hotel in Fullerton, California, ten minutes from Disneyland. I booked a reservation for my four-year-old daughter and me and received an e-mail from the hotel requesting a payment of 10.305 bitcoins.

By this time, it would have been pointless for me to play the bitcoin lottery, which is set up so that the difficulty of winning increases the more people play it. When bitcoin launched, my laptop would have had a reasonable chance of winning from time to time. Now, however, the computing power dedicated to playing the bitcoin lottery exceeds that of the world’s most powerful supercomputer. So I set up an account with Mt. Gox, the leading bitcoin exchange, and transferred a hundred and twenty dollars. A few days later, I bought 10.305 bitcoins with the press of a button and just as easily sent them to the Howard Johnson.

It was a simple transaction that masked a complex calculus. In 1971, Richard Nixon announced that U.S. dollars could no longer be redeemed for gold. Ever since, the value of the dollar has been based on our faith in it. We trust that dollars will be valuable tomorrow, so we accept payment in dollars today. Bitcoin is similar: you have to trust that the system won’t get hacked, and that Nakamoto won’t suddenly emerge to somehow plunder it all. Once you believe in it, the actual cost of a bitcoin—five dollars or thirty?—depends on factors such as how many merchants are using it, how many might use it in the future, and whether or not governments ban it.

My daughter and I arrived at the Howard Johnson on a hot Friday afternoon and were met in the lobby by Jefferson Kim, the hotel’s cherubic twenty-eight-year-old general manager. “You’re the first person who’s ever paid in bitcoin,” he said, shaking my hand enthusiastically.

Kim explained that he had started mining bitcoins two months earlier. He liked that the currency was governed by a set of logical rules, rather than the mysterious machinations of the Federal Reserve. A dollar today, he pointed out, buys you what a nickel bought a century ago, largely because so much money has been printed. And, he asked, why trust a currency backed by a government that is fourteen trillion dollars in debt?