A Trip Down the Crypto Rabbit Hole in Search of the DAO Hacker

Illustration: Rose Wong for Bloomberg Businessweek

In 2016 a spectacular series of hacks siphoned millions of dollars worth of the cryptocurrency ether from a virtual venture capital fund called the DAO. In a new book, Bloomberg News reporter Matthew Leising tells the story of the DAO hack and the growth of Ethereum—the Bitcoin-like blockchain technology that works with the ether token. The search for the name of anyone potentially associated with the hacks was twisty and mind-bending—so we’ve adapted this excerpt with footnotes to guide your way.
 
It was a beautiful day in Zurich, and I couldn’t tell if my hand shook from the coffee I’d had or if I was scared. The man across the table from me wore glasses and a plaid scarf. He was maybe in his late 50s and had lost some hair. I thought I was talking to a thief.

relates to My Trip Down the Crypto Rabbit Hole in Search of the DAO Hacker

Out of the Ether, from Wiley.

Not many people know there wasn’t only one attack on the DAO.

 The Friday attack that stole $55 million is famous, but a second attack four days later on Tuesday, June 21, nabbed more than 269,000 ether, worth about $3.5 million at the time, making it the second-largest DAO theft.

I believe that the two attacks were carried out by separate people, with the Tuesday attack being a copycat.

In response to the DAO hack, the Ethereum community debated how to deal with the aftermath.

One approach, known as a soft fork, was to blacklist the addresses known to be involved with the attack

 so the ether could never move, nullifying its value. As public support for a soft fork grew, the second attacker grew angry.

The hacker sent an encrypted message by way of a blockchain transaction on June 27, 2016. The soft fork “is a waste of time for everyone,” it said. Usually I would never know what this message said, because it’s encrypted and I don’t hold the private key needed to decrypt it. Someone who did have the private key shared a copy of the unencrypted message with me.

Following a trail created by the second attack initially led me to Zurich to question the Swiss man. But as sometimes happens in journalism, I would soon learn that a source had gotten it wrong. I’d reached the first dead end: The Swiss man had nothing to do with the DAO.

What I still had, however, was the address that launched the attack and sent the encrypted message. Ethereum addresses represent wallets where users hold their ether tokens. The address was 0x15DEF77337168d707E47E68aB9f7F6c17126b56. We’ll call it 0x15def for short.

I realized I should see how 0x15def began—how it had received the initial funds.

 You could see that on the blockchain.

 The 0x15def address had received its initial funding from address 0x35f5, which had sent it two ether on June 20, 2016. In looking at 0x35f5, I could see that it had been funded about half an hour before by 0x4fae.

It’s possible different people had sent ether to 0x35f5 or 0x15def—it didn’t have to be the same person. I thought my theory that the accounts were linked was solid because the initiating transactions provided a through line. Then there was the date and times of their creations. I thought it unlikely that there were other people sending ether to 0x15def or 0x35f5, as they were funded only 33 minutes and 3 seconds apart.

I had to link address 0x4fae to a person to get anywhere, and the source I had got it wrong about the Swiss man. But three years later, this source had access to more detailed blockchain transactions. This time a new name came back: Tomoaki Sato.

When I met Sato in Tokyo in January 2020, he wore a black overcoat buttoned to the top. Over the course of the more than an hour that we spent together, he never once loosened his coat; the button stayed fastened. Quiet to begin with, he got quieter when I started to ask him about the DAO attack.

Born in Tokyo in 1993, Sato had attended one of the city’s best high schools but dropped out of university. He created Smart Contract Japan in 2015, a startup to help Japanese coders working on Ethereum. He wrote code and hired engineers to help with blockchain projects as demand rose. In 2016 he started a venture called Starbase. He wanted to help startups that were funding themselves by selling a cryptocurrency. So far, Starbase had helped about five or six companies do an initial coin offering

, Sato said. But I wasn’t meeting with him to talk about Starbase.

After some small talk, I told Sato I wanted to ask him some questions about the DAO attack. I explained I had a trail of transactions that started at a cryptocurrency exchange called Poloniex and then moved to another called ShapeShift, which allows users to change one cryptocurrency into another with no way to track user identity. ShapeShift records showed two incoming Bitcoin transactions: The first had changed Bitcoin into ether, and the second had changed Bitcoin into tokens used specifically for the DAO. I showed him how the ShapeShift outputs had landed in the same Ethereum address: 0x4fae.

I said I’d been told by someone familiar with the matter that the account at Poloniex—the starting point—belonged to Sato.

He said he didn’t remember any of the Ethereum addresses I showed him. That seemed fair. It had been years, and who can remember alphanumeric gobbledygook like blockchain addresses? I showed him the encrypted message and asked if he wrote it.

“No,” he said and laughed. “I don’t think I sent this kind of message.”