Photo-Illustration: Getty Images, WIkileaks

There’s something odd going on at WikiLeaks, the website set up by Julian Assange in 2006 as a place for anyone to publish secret information. Speculation about the legitimacy of the site, which became a factor in the 2016 election thanks to massive dumps of key Democratic Party operators’ emails, has been rampant in online communities like Reddit and 8chan for the past 24 hours — and WikiLeaks itself has remained silent about the problem.

A simplified version of what’s going on: WikiLeaks keeps “insurance files” for many of its major data dumps. These files are key bits of (what the site claims is) damaging info that’s encrypted rather than published, made available for public download, and updated each month. You can download the insurance file (currently over 90 GB of data) from a torrent site like the Pirate Bay, but without the password it’s gibberish. The long-held belief has been that should something happen to WikiLeaks or Julian Assange, the password to WikiLeaks’ insurance files would be released into the wild, and all of the information within them shortly after. This effectively works as a “dead man’s switch” — if something bad happens to WikiLeaks, the threat goes, something much worse will happen to the organizations that are most likely to have compromised it.

The reason both Reddit and 8chan are freaking out: WikiLeaks does something to confirm to the public that the insurance files they’re uploading to torrent sites are authentic, releasing what’s known as “hashes” before the files are uploaded. This is a long string of numbers and letters anyone can get the encrypted files to spit out, even if they can’t read the files. Check the hash generated from the latest insurance file against what WikiLeaks has published, and you know you’ve got the exact same file as the one WikiLeaks intended to release. If any part of the data is different, a different hash will be produced when you analyze the file.

And now the hashes for several key WikiLeaks insurance files are different from those WikiLeaks published via its Twitter account. This, for example, is the hash WikiLeaks published on October 16 for an insurance file about Ecuador, the country that’s currently giving Assange asylum in its London embassy and also recently restricted his internet access:

pre-commitment 2: Ecuador

eae5c9b064ed649ba468f0800abf8b56ae5cfe355b93b1ce90a1b92a48a9ab72 — WikiLeaks (@wikileaks) October 16, 2016

But the same insurance file within the latest insurance-file release (“2016-11-07_WL-Insurance_EC.aes256” for anyone who wants to grab the torrent and check for themselves) produces a different hash: “b231ccef70338a857e48984f0fd73ea920eff70ab6b593548b0adcbd1423b995”

So what’s happening here? It could be that someone at WikiLeaks made a mistake. But for many following along on message boards, this all points toward WikiLeaks being compromised. From 8chan and Reddit threads, theories range from someone uploading fake-out insurance files in order to conduct “psyops” and discredit WikiLeaks to full-out proof that Julian Assange is dead (perhaps assassinated by the so-called “prosecutors” currently questioning him about rape charges in Sweden) and that the keys for the insurance files are actually floating around the web, just waiting for the right cybersleuths to put them together. Why would WikiLeaks have an Easter-egg hunt for something that seems to be designed to protect Assange and WikiLeaks? Who knows! Welcome to WikiLeaks land.

There’s no doubt that something odd is happening at WikiLeaks. Their Twitter presence has grown more erratic over the past year. As mentioned, Ecuador cut off Assange’s access to the internet; WikiLeaks claims it was at the behest of John Kerry and the U.S. government, while Ecuador says otherwise. The last person to write about seeing Assange was, uh, Pamela Anderson? There’s also the fact that while Julian Assange hasn’t been seen in the public eye as much, his cat has been, dressed up in a collar and tie.

I'm not even kidding. Assange's cat is now wearing a collar and tie. pic.twitter.com/ZdaMeRS3aW — NickdMiller (@NickdMiller) November 14, 2016

So what to make of the mismatched hashes? It’s impossible to tell. There’s been no word from WikiLeaks about them. And in the murky world of message boards and filter bubbles and conspiracy theories, this is enough to start up another cycle of speculation — which will likely spin on even if WikiLeaks or Assange himself later provides an explanation for what happened.

Update: WikiLeaks has tweeted this in response:

NOTE: When we release pre-commitment hashes they are for decrypted files (obviously). Mr. Assange appreciates the concern. — WikiLeaks (@wikileaks) November 16, 2016

In other words, WikiLeaks is saying the only hashes that WikiLeaks would put out in the public would be for non-insurance files, thus the non-matching hashes aren’t relevant. Reddit users, however, remain skeptical.