Coin Fire has released Coin Fire Plus, a new premium service of Coin Fire where long-form, hard-hitting journalism will be brought exclusively to Plus members first. This piece is a sneak peek of the type of long-form investigations, articles, and features we will be producing in the Coin Fire Plus service. If you want to support Coin Fire’s efforts and read an exclusive long-form feature each month, be sure to check out the full details at http://CoinFire.io/plus.

The story of Homero Joshua Garza, GAW Miners, and PayBase is one of the most convoluted, complicated, and lengthy stories in the cryptocurrency world.

This is a story with potential legal ramifications across the industry, a long list of customers who feel they’ve been wronged, a long list of companies denying partnerships, thousands of pages of government documents across several agencies, and corruption with news outlets that, at times, almost seems unbelievable.

Homero Joshua Garza is better known in the cryptocurrency community simply by his middle name, Josh. Mr. Garza interacted with his supporters and staff as “Josh Garza” and sent harassing emails to his detractors for using his full and legal name.

In December of 2013, Mr. Garza began to lay the framework and foundation of GAW Miners, a company he claimed was formed because he was tired of “being ripped off” by various people in the cryptocurrency world. In March of 2014, the company publicly launched with Mr. Garza claiming they had cleared 50,000 USD of sales on the first day.

GAW Miners seemed to be on track for massive levels of success from the outside. The company was a large reseller of Gridseed miners and seemed to be one of the few companies providing consistent customer support. Mr. Garza also immediately promised to help “the little guy” within the industry. He allegedly helped fund smaller companies to scale in order to compete with some of the more established cryptocurrency players. The cryptocurrency industry had recently been rocked with “outright trolling” by members of the Butterfly Labs team and many were desperate to simply see a friendly face in the mining industry. For many, it appeared that Mr. Garza was that friendly face.

Mr. Garza’s public declaration to fight for the little guy came as a shock to some in the Litecoin community. A previous public debacle on the Litecoin subreddit revealed that Mr. Garza had been allegedly involved in a fraud involving an eBay transaction; however, those allegations remained unexplored for a long period of time.

GAW Miners initially started selling Scrypt ASIC miners. As it grew, GAW Miners began selling SHA-256 bitcoin mining equipment and announced it was preparing to launch a cloud mining service using a new “virtual miner” called the “Hashlet.”

On June 8th of 2014, GAW Miners and Mr. Garza announced the launch of the HashTrader website. This website included a new online forum dedicated to cryptocurrency and served as a new outlet for the company to communicate directly with customers. Through the HashTrader website, Mr. Garza could personally field questions, make announcements, and share new information with the general public regarding GAW Miners.

On August 5th of 2014, Mr. Garza publicly announced that he had purchased BTC.com for 1.1 million USD on the CryptoCoinsNews website. The story was initially published by Mr. Scott Fargo who claimed to have received an email from Mr. Garza at 2:30am stating that the domain purchase had happened. On August 8th of 2014, TechCrunch published a similar feature about Mr. Garza and his reported purchase of BTC.com for 1.1 million USD.

That same month, GAW Miners released the GAW Miners Hashlet. Upon its release, the company issued a press release claiming that the release of the Hashlet and its subsequent sales crashed the Shopify network, website, and entire system. The contributors at Coin Fire started to become skeptical.

Original GAW Marketing Materials for Hashlet

According to GAW Miners’ marketing materials, the GAW Miners Hashlet was “always profitable” and would “never be obsolete.” These statements were advertised on the GAW Miners website and in several marketing pushes via advertisements on CryptoCoinsNews, Coin Brief, and Bitcoinist. They also appeared via Google AdSense advertisements across a wide-range of cryptocurrency sites including the Coin Fire website for a brief time.

The GAW Miners’ press release for the Shopify crash contained statements from Mr. Garza stating that customer demand for the Hashlets had crashed the Shopify platform. The press release did not contain a statement from a Shopify representative, and Shopify did not return requests for comments when the Coin Fire editorial team contacted them.

Coin Fire opted not to run the press release or publish a story with this information since the editorial team was unable to verify the claims made regarding a third party. At an event in San Francisco at a later date, Shopify employees later shared that the system “crash” was not directly related to Hashlet sales and that the GAW Miners announcement came at a time when other issues were already interfering with the platform. The sudden influx of traffic did not help the overall situation and merely compounded existing issues.

The Coin Fire team then decided to further investigate the company and the products it was selling publicly. On October 14th of 2014, one of the Coin Fire contributors, Leo, published a review regarding the GAW Miners Hashlet service after purchasing a unit one month prior.

In the review, Leo noted that the hashing power was not being pointed at the pools stated on the GAW Miners website and described several issues with the Terms of Service on the GAW Miners website. At the time, Mr. Garza explained that the pools were “unreliable” and that he did not want customers to be plagued by unreliable pools.

At this time, many in the cryptocurrency industry had begun questioning GAW Miners’ hashing power and why the hash rate of various cryptocurrencies was not increasing as expected with the reported level of hash power the company claimed to have controlled.

Mr. Garza repeatedly denied access to transactions that would prove the mining was taking place. He also told customers leery of the fact that the company could provide zero proof regarding mining that perhaps they weren’t the type of “investors” he wanted in his company; however, these statements contradicted previous statements Mr. Garza had made publicly about wanting to be a company that was transparent.

GAW Miners refused to provide a comment to Coin Fire despite repeated attempts from contributors seeking a comment and clarification regarding Mr. Garza’s statements. On October 14th of 2014, Coin Fire blocked all GAW Miners advertisements from the Coin Fire website due to the company’s repeated failure to address the concerns being raised by both the publication and customers.

Screenshot of Mining Proof Google Hangout

Mr. Garza and the GAW Miners’ PR department continued to make claims to the public about the Hashlet profitability despite growing concerns from customers. After repeated requests for proof of mining, the company hosted a Google Hangout showing the mining equipment. Prior to the Hangout, Mr. Garza promised customers a full tour of the facilities used to mine cryptocurrencies that would leave no doubt to the general public that the mining was taking place.

The Hangout video raised more questions than it answered for many in the cryptocurrency community. The video was under 3 minutes and took place in a poorly lit warehouse. Although Mr. Garza had promised a full tour of the facility, the video contained no audio and barely showed a single aisle of online miners. Many in the cryptocurrency community were left to wonder if the full level of miners actually existed or if Mr. Garza was simply operating a fractional reserve.

Item from FTC Internal Documents

The Hangout video also became a matter of investigation for the Federal Trade Commission. The FTC had been actively investigating GAW Miners and associated companies in a joint-task force with several other organizations. The Google Hangout video has since appeared in multiple story boards inside internal investigation documents alleging false advertisements and fraudulent operations.

In November of 2014, Coin Fire began investigating the validity of Mr. Garza’s statements regarding “several partnerships.” Mr. Garza claimed publicly that the company had solidified partnerships and deals with Target, Amazon, and Walmart about the company and its currency, PayCoin. These statements would turn out to be false as Coin Fire learned in an investigative report.

This report caught the attention of Mr. Garza personally. Shortly after the Coin Fire article was published, Mr. Garza sent threatening emails to the Coin Fire editorial staff. In an email from Mr. Garza to Mr. Mike Johnson, Executive Editor at Coin Fire:

I wanted to personally send you this notice. Our legal team will be serving your company tomorrow. You have released libelous and false information about our company and have allowed people to believe we had something to do with the hacking of your site (which, you know we did not do). No matter what information you believe you have, I can assure you that my claims can be validated. I am not dealing with the companies at the level you are. Through my partners, I have been able to speak directly to the executive team. My specific wording from the past can be validated. I will use this information in our legal proceedings with your company. I want to put you on notice: No matter what you put together, I can prove that the information is incorrect and was done as an attempt to slander us. My attorneys’ are confident that we have enough information to file suit against you. While I know you think you do not have a liability, no matter what it will be a lengthy and expensive process, regardless of who wins. While it is not my desire to enter into a lengthy and costly legal battle with your company, we are prepared to use all of our resources to defend our company against your attacks. I am emailing you in an attempt to come to a resolution before we bring legal action. Please let me know if you would like to speak further. You may ask any question you want, and if I can answer it, I will. If I do no hear back from you within the next 12 hours, I will assume you are not interested in a resolution. Josh Garza

CEO- GAW Corp

The email was delivered prior to a cease and desist order which was delivered immediately regarding statements made in the Coin Fire investigative report. The Cease and Desist was sent to Coin Fire from Mr. Brian Kline, an attorney from the Bitcoin Foundation.

In December of 2014, Paybase was rolled out to customers with much fanfare from Mr. Garza and Paycoin supporters. A few short hours after this launch, a member of Bitcoin Talk discovered a massive security breach on the PayBase platform. This breach allowed users not logged in to show as a valid and registered user of the site upon visiting a specific URL on the site. Users accessing the site via this URL were able to obtain account information about users of Paybase including that user’s current balance, email address, and other profile information. While the security breach did not seem to allow those visiting the URL the ability to withdraw funds, it did allow the attackers the ability to secure large troves of data about Paybase users.

This breach was just another stumble in a growing list of issues with GAW Miners after Amazon spokespeople told Coin Fire they were not working with the company to implement Paycoin shopping.

A few days after the security breach, ShapeShift reported that ShapeShift.io would be dropping support of PayCoin. In a post on reddit, the company officially stated it would be dropping XPY because of “a high threshold of evidence as fraud.”

In early January of 2015, Coin Fire published a report regarding a Securities and Exchange Commission Investigation of Mr. Garza, GAW Miners, and PayBase. Having obtained over 1,000 pages of internal SEC documents, the Coin Fire editorial team spent significant levels of time reviewing the case being presented against GAW Miners prior to publishing a report.

The documents contained a draft subpoena that would later be issued in early February to Mr. Garza and the companies directly involved. The document remains under a seal and is still unavailable for public consumption at this time, although it has been allegedly leaked by others in the community.

Final SEC Subpoena Delivered to GAW

The 1,000+ pages of internal documents also detailed administrative subpoenas issued to Google for the GAW Miners Google Apps for Business accounts related to Mr. Garza and his businesses and contain emails that Google turned over to the SEC under a seal to the SEC. The documents contained emails for the year 2014 and contained a second draft administrative subpoena also demanding emails from January, 2015 onward (the second subpoena to Google had not been delivered at the time of Coin Fire’s obtaining this first document cache).

The emails were included unredacted in the SEC internal documents and displayed what could only be described as chaos inside the company. Due to the personal nature and the private nature of the correspondence included from the warrant and any potential of damaging the source, Coin Fire opted not discuss the contents or to use these emails as source material.

The SEC cited the ECPA in documents regarding the need for emails from Mr. Garza’s Google hosted email accounts without disclosing to Mr. Garza that a subpoena for emails had been delivered. When a governmental entity seeks information under 18 U.S.C. § 2703(c), the ECPA specifically provides that the government is not required to provide notice to the customer whose records are being sought under 18 U.S.C. § 2703(c)(3).

In early February of 2015, Coin Fire received reports from multiple sources that the SEC subpoena had been delivered to GAW Miners, but that it had been modified and edited from the original form given to the editorial team in early January. The subpoena, which was ultimately delivered, was the first subpoena that GAW Miners had received directly from the SEC. Prior to that, subpoenas had been delivered to Google for emails on the GAW Miners domain names and TD Bank for banking records. Several draft subpoenas had been created for Bitcoin Talk accounts and even Facebook user IDS used to administrate several pages by accounts believed to be controlled by Mr. Garza himself.

While many in the community speculated that the SEC’s investigation was spurned on by Coin Fire, these documents show that many of the subpoenas, details, emails, and investigative documents had taken place prior to Coin Fire’s initial reporting.

Although an active SEC investigation was underway, Mr. Garza smeared Coin Fire in a very public manner once again via the PayBase blog and a misleading press release. Mr. Garza denied the investigation allegations within the company and published a public blog post stating that the Coin Fire “allegations” were false. The blog post, written by company representatives and reviewed by their attorneys, stated,

Coin Fire Allegations About PayBase Are False PayBase has investigated these spurious allegations and confirmed that they are false. “We were stunned by the allegations which served to negatively impact our business in this exciting and evolving financial category,” said Josh Garza, CEO of GAW. “However, we appreciate the outpouring of support by a community that is behind what we are doing as pioneers in the cryptocurrency market; in short, they simply didn’t believe it.” PayBase is in the process of reviewing its options at this time including what, if any, legal action may be appropriate in response to the Coin Fire article.

The company has since been working with Manatt, Phelps & Phillips to discuss pursuing additional legal action against Coin Fire for publishing the documents they felt were damaging to their reputation. According to the blog post published by the company, GAW Miners stated that the Coin Fire SEC investigation documents were false and that the company was not under an active investigation.

Emails obtained by order of a second administrative subpoena to Google later revealed that Coin Fire’s report was accurate and that Mr. Garza was aware of the active investigation that he had publicly denied existed. These emails also included an email from Mr. Garza confirming to Gizmodo reporters that the SEC investigation was underway, yet Mr. Garza refused to remove the false information about Coin Fire from the PayBase website.

Prior to the February 6th subpoena issued to GAW Miners from the SEC, GAW Miners staff and Mr. Garza realized that the SEC investigation was both underway and closing in. Inquiries made under FOIA requests to the SEC had proven an investigation was underway and that the SEC would not provide documents as the active investigation was taking place.

PayBase directly named in order from SEC

While Mr. Garza denied that PayBase was involved in the investigation, the draft and final documents both directly reference PayBase as an entity under Mr. Garza’s control and name it directly as part of the investigation.

The SEC investigation centers around the marketing of potential unregistered securities. Internal SEC documents describe the cloud mining system Hashlets as a potential security. The second revision–and the one ultimately submitted to GAW Miners–also considers another aspect not initially mentioned in the draft with regards directly to PayCoin.

PayCoin ICO named in order

While references were made to the PayCoin fiasco in the initial SEC internal documents, PayCoin was not directly named in the subpoena until the finalized version was delivered and the SEC had received enough potentially incriminating information in addition to the emails supplied from previous sealed administrative orders.

One of the cornerstones for the investigation and draft enforcement action initially was related to three statements Mr. Garza made online that the Commission felt qualified Mr. Garza’s sales as an illegal securities offering. Enforcement attorneys spent several weeks gathering data for their investigative report that Mr. Garza made several efforts to “scrub” from the Internet.

The first major statement that the Coin Fire editorial team saw highlighted in these documents was a statement from Mr. Garza in August of 2014. Mr. Garza stated that a percentage of the profits for ZenPool came from “day trading.” According to various securities laws, the fact that Mr. Garza stated these profits came from day trading created a situation which makes the Hashlet a security. This is the first major cornerstone that the SEC intends on using in a potential enforcement action.

The other two statements were initially protected as to not damage the investigation of GAW Miners and Mr. Garza. As details have become more public and the subpoena was finalized and delivered to GAW Miners and Mr. Garza, Coin Fire can now report that other investigation document sections were focusing on PayCoin and PayBase.

The commission also detailed the events leading up to even more recent events in a time-line style accounting, such as the failed “floor” from statements made by Mr. Garza, but were later edited on the Hashtalk site and other cryptocurrency news sites. These internal documents will serve as a time-line for enforcement attorneys to compare against the documents that GAW Miners provided under the subpoena to determine if Mr. Garza, his attorneys, or GAW Miner employees have intentionally left out sections regarding the history of GAW Miners.

Enforcement attorneys for the SEC were concerned that Mr. Garza and his agents would fail to provide accurate and honest documents as part of the subpoena process given the past systematic removals of information from the Internet with an SEC internal document noting,

[..] it is our belief that Mr. Garza has been systematically with the assistance of his employees and “moderation team” been removing large portions of potential evidence from his websites and employing the services of attorneys used to intimidate other sites to remove potential evidence from the public record.

A draft subpoena to Mr. Stuart Fraser of Cantor Fitzgerald is also being prepared to investigate the potential wrongdoing Mr. Fraser was aware of and intimately involved with while he was associated with GAW Miners. Emails between Mr. Fitzgerald and Mr. Garza from the Google subpoena detail Mr. Fraser’s involvement with the PayCoin fiasco. Other emails between Mr. Garza and several investors obtained from Google also show an implied involvement from Cantor Fitzgerald with whom another draft subpoena exists.

The SEC isn’t the only government organization involved in investigating GAW Miners in what Coin Fire has now learned is a multi-agency operation. The SEC has been sharing documents with the FTC, IRS, FinCen, and even the Department of Homeland Security regarding potential money-laundering and the movement of money to those believed to be actively working with terrorists abroad.

The FTC has left virtually no stone unturned in the ongoing investigation of potential fraud as well. Working with top analysts at a financial forensics firm, the agency has uncovered evidence of blockchain transactions showing payments from GAW-controlled bitcoin addresses to addresses owned by Jonas Borchgrevink, better known in the cryptocurrency community as “David Parker” of CryptoCoinsNews. With the help of data provided by several exchanges under government order, several government organizations have been able to track transactions from Mr. Garza to others including several exchanges.

The FTC documents show payments between Mr. Garza and Mr. Borchgrevink on several occasions. Emails from the earlier subpoena to Google and shared to other government organizations also show exchanges between Mr. Garza and Mr. Borchgrevink requiring articles written about GAW Miners to be vetted by Mr. Garza before being published on the CCN website. The FTC claims documents interference and a willingness to help promote and propagate the potential scam on the part of Mr. Borchgrevink and a failure to declare funds received to pay for stories without declaring such in violation of current laws in the investigation.

The emails exchanged between Mr. Garza and Mr. Borchgrevink even indicate that Mr. Borchgrevink kept information regarding his true identity from his own staff, editors, and team. He additionally kept relevant information away from reporters, such as Mr. Scott Fargo, regarding the payments CCN and Mr. Borchgrevink were receiving to continue pumping GAW Miners.

Advertisement deals were cut between CryptoCoinsNews in addition to sponsored stories. Mr. Garza was also allowed the ability to read draft stories in order to ensure any negative news regarding GAW Miners or himself would not be published.

This particular exchange of emails was of note to the SEC as well. The commission is charged with protecting consumers from investments it considers potentially fraudulent, especially in cases where other parties have received financial compensation and failed to disclose it when pumping an investment.

Page from Draft SEC Investigation Documents Detailing CCN Deal

The fact that two distinct agencies are working from the same data set and drawing similar conclusions of various laws allegedly violated does not bode well for GAW Miners in this particular situation.

In 2013, the FTC issued new guidelines under the Dot Com Disclosures document which detail the responsibility of bloggers and news sites to accurately and fairly disclose compensation for pieces. The FTC investigation centers around two major pieces–one of which is that CryptoCoinsNews and GAW Miners failed to appropriately and properly display these disclosures regarding the content of pieces about GAW Miners.

In an example from the Dot Com Disclosures document, disclosures are not considered to be valid if they appear at the end after several hyperlinks have appeared.

FTC Internal Document Regarding Hashlet

The FTC is also looking specifically at claims of false advertisements regarding the GAW Miners Hashlet service. Detailed internal reports show several instances of alleged false advertisements.

The FTC is currently investigating promises made in marketing materials, on websites operated by GAW Miners, and on other websites that received compensation from GAW Miners including news sites that were members of an affiliate program operated by GAW Miners regarding the legalities of false statements made.

When it comes to potential issues with taxes, the IRS is extremely thorough when involved with investigations. The IRS through CID has specialized talent specifically to parse through business and personal records since tax evasion often accompanies securities fraud cases. The IRS employs over 2,800 special agents for these type of investigations and frequently bring in forensic accountants to begin combing through information.

The IRS has been extensively looking at potential taxation issues for both Mr. Garza and his affiliated companies, in addition to several of the alleged “large investors” in GAW Miners. While specific details are sparse at this time, the documents that Coin Fire has been provided detail potential taxation issues regarding undeclared potential capital gains regarding alleged mining operations with specific regards to transactions shown to Wall Street Journal reporters.

Forensic accountants from CID are also working with another department of the United States Government that is investigating one of the largest potential issues for the company. The Department of Homeland Security, through a sealed court order, issued a subpoena to TD Bank for all financial transactions from Mr. Garza’s accounts. TD Bank complied with this request and responded with the eventual closure of Mr. Garza’s bank accounts.

Demand for Banking Info Regarding Mr. Garza

DHS documents detail an alleged money-laundering operation with Mr. Garza at the center accepting funds “off the books” for XPY from individuals on current banking watch-lists related to anti-terrorism banking issues. DHS also has prepared several draft subpoenas to potentially be issued to those affiliated with the banking relationships of Mr. Garza, including a subpoena for emails from a TD Bank manager named Brian Bedore. DHS officials believe Mr. Bedore may have been intimately aware of potential wrong-doing by Mr. Garza based on emails exchanged between Mr. Bedore and Mr. Garza regarding potential “banking issues” in advance of the subpoena delivered to the banking institution.

Calls to TD Bank by Coin Fire confirmed that Mr. Bedore is an employee of the banking company and is employed as a Store Manager in Massachusetts.

Several documents also reference an XPY investor and GAW Miners investor by name as having been cited in several DHS watch lists for potential money laundering on the behalf of terrorists.

DHS Investigation Documents Regarding Money Transfers

The DHS investigation also names a second individual based in Saudi Arabia as a potential second suspect in money laundering operations. This individual gave Mr. Garza large sums of cash off the books via wire transfers and was complacent and intimately involved with Mr. Garza.

While the DHS reports are extremely detailed and further detail alleged fraud and alleged money-laundering for terrorist organizations and supporters, Coin Fire is opting not to publish these documents until a later date as to not jeopardize the current on-going investigation and to as protect our sources.

As the ongoing investigations into Mr. Garza, PayBase, PayCoin, and GAW Miners continue, one can be certain that the company will spend valuable resources and investor money to protect itself.

Coin Fire will continue to monitor the situation and bring further reports in the near future.

This piece contains contributions from Christina, Leo, Teddy, Mike, and Brendon.