ShapeShift was none too pleased when the WSJ put out a report in September 2018 claiming that the crypto exchange was being used to facilitate money laundering.

In an article titled “How Dirty Money Disappears Into the Black Hole of Cryptocurrency,” WSJ said it did an independent investigation and learned that ShapeShift facilitated at least $9 million worth of money laundering over several years.

Founded in 2013, with headquarters in Colorado, ShapeShift made a name for itself early on by allowing anyone to instantly switch out one crypto for another—while requiring no personal information. That changed in September 2018 when the firm announced it would soon require a log-in. ShapeShift didn’t specify why it added know-your-customer identity checks, but likely regulatory pressure was behind the move.

Nonetheless, the WSJ story was bad press for ShapeShift, one of the oldest of the crypto exchanges. The last thing you want when regulators have their eyes on you is to be associated with criminals. Of course, this was not the first time ShapeShift had been linked to criminal activity. In August 2017, WannaCry ransomers also tried to funnel their bitcoin through the exchange. ShapeShift responded by freezing their accounts.

Erik Voorhees, the exchange’s founder and CEO, fought back against WSJ’s claims on Twitter. “We are aware of the poorly-researched piece written against us by someone at WSJ. The implications are disingenuous and misleading,” he said when the story came out. He also posted a lengthy rebuttal online.

In February, WSJ struck again, this time stating that ShapeShift allegedly received hundreds of thousands of ether from Canadian crypto exchange QuadrigaCX in the months before its CEO, Gerald Cotten, died under mysterious circumstances, taking with him the secret to the whereabouts of 100s of millions of dollars in customer funds.

The second WSJ report does not address what happened to Quadriga’s missing funds, only that, according to two independent researchers, some ether left the online accounts of the platform and moved through ShapeShift before Quadriga became insolvent. But the implication was the same—money laundering.

To defend its reputation, ShapeShift “requested” CipherBlade, a hitherto unknown blockchain analytics company, to do a separate investigation. On Thursday, the analytics firm unveiled the results of what it said was a months-long project in a Medium post under the headline “How Truth Disappears Into the Black Hole of Shoddy Journalism.”

It what it claims was a recreation of the 2018 WSJ report, CipherBlade announced that “the WSJ’s $9 million ‘laundering’ claim was overstated by a factor of 4x.”

It is important to clarify what the new report actually says. It does not vindicate ShapeShift. It only says the laundering was less than what WSJ said. But money laundering is money laundering, and no matter how you slice or dice it, or who else is allowing it, it’s still money laundering.

it turns out that "what about THAT OTHER GUY we're not talking about" is a bad excuse in general, even if it's literally bitcoiners' favourite frickin' argument https://t.co/2MCl6Cwp1j — David Gerard (@davidgerard) March 21, 2019

CipherBlade said its analysis was based upon publicly available data and that it made extensive use of the “txstat” function of ShapeShift’s public API. The company also denies that ShapeShift or anyone else paid for the investigation. “We did this as pro bono work because CipherBlade has an interest in preserving the reputation of highly compliant and helpful organizations like ShapeShift,” the firm said.

Crypto trade publications jumped on the redemptive news. “WSJ’s ShapeShift Exposé Overstated Money Laundering by $6 Million, Analysis Says,” wrote CoinDesk. (The pub also included a glowing comment from Voorhees, who said that “Crypto is bringing light, truth, and openness to finance.”) The Block published a story with the headline, “WSJ’s ShapeShift money-laundering claims greatly overstated, says CipherBlade.”

Meanwhile, Voorhees took the opportunity to once again condemn WSJ on social media. “A respectable publication would issue a retraction or correction. WSJ made up false claims against [ShapeShift] both quantitative and qualitative, in order to push an anti-crypto, pro-bank surveillance agenda. WSJ may lie, but blockchains don’t,” he tweeted.

One question nobody seemed to be asking was, “Who is CipherBlade?”

In short, CipherBlade is a firm with links to hundreds of shell companies and a director who has associations to Panama law firm Mossack Fonseca, one of the world’s largest providers of offshore financial services—but I’m sure, none of that means anything.

The company is based in Pittsburgh. Its registered office is located at Nwms Center, 31 Southampton Row, London. And the company is incorporated in the Marshall Islands.

On its website, the eight-month-old CipherBlade claims to have “recovered millions of dollars of stolen funds, prevented dozens of ICO scams, and professionally handled PR disasters and other emergency situations.” The company was founded in August 2018.

You can file “incident reports” on CipherBlade’s website. A basic report costs $100. Adding a police report brings the price to $350. The platform accepts payments in bitcoin, ether and go—the latter being an obscure coin that mainly trades on Binance. The company does accept cash, but only via bank wires.

So I decided to try to find the @cipher_blade wallets for their fees. On their website I got these 3:

Bitcoin:https://t.co/2duTGNQPvD

Ether:https://t.co/YBx3EInKgD

Go (lol):https://t.co/Gw4Nj24Ky1 — Bennett Tomlin (@BennettTomlin) March 21, 2019

The only employee listed on CipherBlade’s website is Richard Sanders, the company’s chief security officer and co-founder. His bio reads a bit like an Internet tough guy. He “served in US army Special Operations Forces” and “rose to site security lead at Google.” A spokesperson for the company going by “Matthew” (no last name given) told me in an email that the company does have other employees—they just aren’t on the website.

Matthew paints a picture of a company doing James Bond-level work. Sanders is the public face because his background, experience, training, and connections “hedge the risk he is exposed to,” Mathew said. He added that Sanders likes “to joke that we should state on our website that all death threats should kindly be addressed to him directly.”

The company’s only human director is Genevieve Magnan, a 36-year-old woman, who is a citizen of Seychelles, an archipelago island off of the Indian Ocean. Seychelles is “an offshore magnet for money launderers and tax dodgers,” according to a 2014 International Consortium of Investigative Journalists (ICIJ) report.

According to her LinkedIn profile, Magnan is the corporate administrator for Seychelles-based AAA International Services, a “corporate services provider” — essentially, a company that helps other companies set themselves up in off-shore jurisdictions.

CipherBlade describes Magnan as a nominee director, whose only role is to be publicly visible in paperwork, such as the company registry. Matthew explained to me that the purpose of this company setup is to keep most of the CipherBlade team “shielded,” based on the nature of its work. “We’ve worked cases that involve very dangerous individuals and groups, including nation-state actors,” he said.

A little more digging pulls up a maze of companies. Magnan, for instance, holds shares of Sera Company, a holding company for an issuing company based in Cyprus (with a placeholder name “The Bearer”) that holds shares in 20 other companies.

Shell companies are ghost companies that have no significant assets or operations of their own. They are not illegal. In fact, ICIJ, which houses the leaked Panama Papers database—where I got a lot of the information for this story—makes it clear that “there are legitimate uses for offshore companies and trusts.”

I don’t want to suggest or imply that CipherBlade or any of the companies that it is linked to have done anything improper—as Matthew said, CipherBlade’s setup has a purpose, obviously. However, shell companies lend themselves to illegal activity. Criminals know how to use them to move money and create a house of mirrors to fool the system.

As examples, one company Magnan is listed as being a director of — Big365.com—is the recipient of a disgruntled review on Forexpeacearmy. “Jeff_calgary” claims the firm disappeared with his money. Magnan also appears to be the director of StocksM, which another Forexpeacearmy user describes as a high-yield investment, aka ponzi, scheme.

Where am I going with all this? Nowhere, other than, when a company issues a report that downplays money laundering on a crypto exchange, you may be interested in finding out just how that company actually knows about the subject—of money laundering, that is. The answer may surprise.

you're joking right, I'm tracing Cipherblade's corporate shells within shells right now all leading back to AAA International in the Seychelles i mean, I can certainly believe Cipherblade have considerable expertise related to money laundering, and that you hired experts, https://t.co/mUmuEaFwXV — David Gerard (@davidgerard) March 21, 2019

Apparently the work was all pro gratis, totally out of the goodness of their hearts. If you believe that, I have a nice, big, beautiful bridge to sell you in New York. — Eloncarlo"USDT33kByJuly" (@CasPiancey) March 21, 2019

Thanks to and Cas Piancey and David Gerard, who inspired and contributed to this story.