Silk Road Forums

To the many of you affected by the attacks: we are committed to repaying every satoshi stolen by narco93 and others.

Continue sending any evidence you discover on narco93/ketama, your input has been very useful in the investigation.

Protecting Those in Danger

From the relaunch date until now, all commission fees have been directly diverted towards people whose lives are in danger due to the sudden financial loss.

We are very tight on funds, but based on current transaction volume all of the users in dangerous situations should be repaid by Sunday/Monday range.

Repayment Process Moving Forward

Once all users in danger are repaid, we will activate direct repayment to users.

Any time a purchase is shipped on Silk Road, the sales commission fee will immediately be deposited into a random attack victim's balance. This fee will be subtracted from Pending Balance, and added to the withdrawable Balance. Vendors with high pending balances will be slightly prioritized, but the repayment algorithm is a randomized approach.

We will publish a weekly update each Sunday on progress towards repaying all users, as well as a projected date for everyone to be completely repaid at the current week's transaction volume.

What Repayment Looks Like

Each time your account receives a commission fee, Pending Balance in your account will be converted into a withdrawable Balance of the same amount received by the fee.

If you do not have a Pending Balance, your Pending Escrow will be converted into regular Escrow.

Current purchases no longer use Escrow, our entire market is finalize-early until a reliable distributed escrow solution is implemented.

Escrow only exists for old orders, and will continue behave in the same way it always has. Staff is committed to resolving all outstanding disputes until no Escrow wallets exist throughout the entire system. Then we will disable Escrow functionality completely.

You are an amazing community

Way more sales are occurring than we expected. Thank you for fighting past this with us.

Your purchases are making a huge impact. The more we work together, the quicker we can redeem this difficult situation.

Keep the Road strong.

CNN's interview is interesting, but it is clear that they did not read the "Full Disclosure" post. This was a problem in our accounting code which transaction malleability made exploitable. Please read "Full Disclosure" again and compare to CNN's assumptions.

I hate to be that guy but it's been 55 min since my first log in and my coins still havent shown up. I'll try to be more patient but it's hard. Nomsayin?

PM me an encrypted message with your txid within the next 15 minutes and I will try to look into it. I don't have time to do this for everyone, but I want to make sure this is fine.

Defcon, one transaction is missing from my account. It's not finalized, just gone.

It was in escrow since Jan. 10 and I have extensive proof of placing it. WHAT HAPPENED HERE?

Is this a glitch?
The one order I got scammed on.....ugh like wtf.

We tightened our security restrictions in many places. Old open orders (>30 days) are now in offline storage for dispute resolution purposes, only visible to senior support staff with very limited access. Your information is safe, and not on the live system.

We went through a lot of humble "what if this attack had been worse" thought processes this week as a team, and this is one of the improvements made as a result.

UPDATE 3: The site is live, thank you to the dev team for a very late night of debugging.

UPDATE 2: We are waiting on a backup to restore. Site will be launched as soon as the servers are ready for it. I estimate one hour out, 23:59 UTC roughly.

UPDATE: We are delaying the launch for three hours while we investigate the forum PGP issue, official launch time is now 23:00 UTC.

Silk Road will rise again at 20:00 UTC on Feb 18, 2014.

We will relaunch the marketplace earlier in the day with transactions disabled, and enable full functionality at 20:00 UTC.

We are paying very close attention to detail, not rushing anything. Your patience is appreciated during these dark times.

To many among you facilitating unity: your words are pivotal in this movement's historic success. We are deeply grateful for you.

Important Reminders:

1. No staff were involved with the attack. I know this to be a fact. You will undoubtedly question how I know this. I wish I could tell you without damaging a crucial layer of our operational security. I would rather you call me the thief than accuse my innocent staff of wrongdoing. I will defend them with my life.

Conspiracy theories only distract from narco93's investigation. If you want to throw fuel into a lynch mob throw it into narco's lynch mob. Don't start a new riot on zero evidence, and don't post evidence publicly without consulting staff. There are many angry people here, and everyone has the potential to cause real harm to innocents. Do the community a favor and consult the people who see the big picture: staff.

Posting publicly will either cause an innocent to get hurt, or give a guilty suspect advance warning of what information we have. Give us a chance to consider the evidence's security implications for the entire community, rather than recklessly releasing potentially damning information into LE's hands.

Do not forget that we are all suspects in LE's eyes. If we find this attacker by unintentionally releasing valuable information to LE, we have all failed.

2. It is never appropriate to break someone's anonymity. There is a worrying pro-doxxing culture developing here. We have a zero tolerance policy for this. Posts will be edited, users will be banned. This community will NOT be known for violence. Doxxing only causes harm. If you are in the rare position of holding personal details about anyone involved with SR1 or SR2, releasing it will only cause loss of innocent life and unspeakable collateral damage to the community.

3. I will not be blackmailed. I will not hire hitmen. I cannot and will not pay vendors to stay here. If you hired a hitman against me, you're brilliant. Hire more, it's in the community's best interest. It is better for me to be murdered by you than to be captured by our oppressive governments. Keep me sharp. Give me incentives to maintain my OPSEC.

4. Hiniguel's posts are very disappointing. He has not responded to any personal messages for days, so I am in the uncomfortable position of publicly condemning someone I respect. I will reiterate that no current or former staff, including DPR2, were in any way involved with this attack. All evidence points otherwise. Any allegations as to who uses the DPR account are off-point and do not serve to unite or protect this community.

5. Mix your coins. We arein a difficult position. One of our hardest decisions last week was to release the BTC addresses involved with the attack. This was a compromise for anonymity, but we were backed into a corner. I do not believe the community would even remotely trust us today had we not offered this transparency. I regret the compromise of our collective blockchain anonymity, and encourage you to proactively mix all coins received from Silk Road.

Investigation Progress

It would be much easier for me if I could release all evidence I receive. It would allow my true dedication to be obvious, and for everyone to collaborate on capturing this attacker. I wish I could release why I know for a fact that it is physically impossible for any current or former staff member to have held insider information and enabled this attack. Transparency would make my life way easier, but make all of our lives much more dangerous.

I keep tight lips for a reason, and wish my lips could stay even tighter.

Summary

Do not doxx. Do not guess identities.

This is not like trolling on the clearnet. Reckless theories can cause innocent deaths. Your game may seem fun, but you harm innocents and distract from our real investigation.

To those of you who have been tirelessly helping the investigation, thank you. Your input is still valued. If you have any information about narco93, continue to send it directly to me.

Smoother seas are ahead.

Silk Road rises again today.

Defcon you are too smart to make such a dumb mistake. You either stole the coins or you will find a way to turn future comissions into repayment for those that lost btc because of the mistake YOU made.

I encourage you to research whether smart people have made dumb mistakes throughout history.

First, to dispel rumors. We are deep into the investigation of data surrounding the attacks, and it there is absolutely zero evidence of any staff member being involved. We will publish more information as we determine its accuracy, thank you to all who have contributed tips on the attackers' identities.

After much self-reflection and deliberation with community members we value highly, it is clear that there is only one way forward.

This leadership and this community will not stop until you are completely repaid.

We know you feel defenseless right now. You are naked. Many of you are convinced there is no logical reason any darknet admin would ever fight to get your coins back.

I can stand here and reiterate that all I want to do is defend you, to steer this community towards incrementally safer operation. But my words are no comfort, and I understand that. You will never meet me. We are all anonymous.

I gave a similar speech in December when we met our first impossible situation. You have no reason to trust my words. My actions will prove you wrong.

Here is the current plan. Thank you to the dedicated vendors and buyers who helped draft this approach. This is not necessarily a final plan, we are open to suggestions on how to improve this and want your feedback.

The Plan for Moving Forward as of Feb 15

1. This administration will not earn any commissions until everyone is completely paid back, and will be very transparent about the progress towards this goal.

2. The marketplace will relaunch as no-escrow. We will not re-implement escrow unless it is multi-signature and decentralized to multiple escrow providers (trusted mediators with feedback just like vendors). Never buy from a market which uses centralized escrow again. You will only get hurt no matter how honest the team is.

3. All items will be priced at a flat 5% commission which will go directly into victims' balances upon purchase.

4. Vendors who lost funds: Commissions from your items will go directly into your wallet until you are completely repaid, then will be distributed to other vendors until they are repaid. Vendor bonds are considered lost funds, and we also commit to paying these back.

5. All vendors can opt-in to give a higher percentage back on their listings, and all buyers will be presented with a "Donate" box on the shopping cart. Vendors' donation percentage will be publicly visible.

6. We will launch the support system immediately. Resubmit any open support requests you had which are still applicable. All previous messages will be ignored due to our inbound message volume. I have received over 1000 private messages over the past 24 hours, for example. This fresh start will allow us to stay on top of the support queue, rather than paying down a large debt incurred by previous administrators.

7. We will still handle dispute resolution for existing escrow orders until all balances site-wide are in "Pending Balance" category. Your stolen balances and escrows will display as "Pending balance" and "Pending escrow". Yes, like Christmas. I hoped to never have to take this approach again. All unshipped orders have been cancelled. To the vendors who have shipped orders despite no access to the portal: you are beautiful people. Try to resolve with your buyer directly, and file a support ticket if you do not receive a refund to your pending escrow balance within a month.

The plans above are subject to change as we consider your input.

The statistics are humbling:

26% of our monthly active users have lost their entire SR funds. That represents 47% of users who have purchased or sold items since launch.

Our inbound traffic has been growing at a rapid pace. The first ten days of February saw as many purchases as the entire month of January. By Feb 13, we surpassed January's total user registrations.

We strongly believe that we can work together and make this right.

Silk Road is not a name easily forgotten, and how we pull through this struggle will only solidify our name as the strongest community in the darknet.

Buyers and Vendors: We are committed to getting everyone repaid even if it takes a year. Do not forget to check your SR accounts frequently for balances repaid, and withdraw them when you see them.

Vendors:  You are welcomed and encouraged to vend on multiple markets. I only trust myself, and will not endorse any of them. But I have failed you. Wherever you vend, may you prosper.

Buyers: do not purchase using centralized escrow. Use markets which have implemented multi-signature, or only purchase with No-Escrow (FE) from VERY trusted vendors. This is not an ideal climate, but it is the reality of the darknet today. I cannot emphasize strongly enough that every market which uses centralized escrow will fail. Centralization makes a market a huge target for attackers, and a huge target for dishonest administrators.

Again, we welcome your feedback on this approach to moving forward, and will continue to refine it throughout the year based on sales data.

I don't care how long it takes or how expensive it is, we will fight to get this community repaid.

I am catching up on a lot of communication. Can you specifically ask a full question? I have not read Hin's post yet.