Message to the individual responsible for the Bitfinex security incident of August 2, 2016
We would like to have the opportunity to securely communicate with you. It might be possible to reach a mutually agreeable arrangement in exchange for an enormous bug bounty (payable through a more privacy-centric and anonymous way).
We have set up a dedicated email address firstname.lastname@example.org and a PGP key (id: 3DDF4814 | fingerprint: E7ED 6B5B 0172 2ECD 7F9D FCBC 6F19 A931 3DDF 4814), which can also be found on this public key server, to hopefully establish a secure line of communication with you.
We understand that you will be reluctant to contact us through traditional channels. To protect your anonymity, we would like to suggest three potential communication methods:
- We believe that a combination of Tor and an anonymous email service should suffice to protect your identity and location. Encrypting your message with our PGP key further guarantees privacy from prying eyes, but to prove your authenticity to us, we ask that you provide the public key associated with 1QDBWKgfftwuraEasMGSUvj9PPrswZv19q and sign your message with the corresponding private key.
- Instead of using e-mail, you can can send the authenticating information via Bitmessage and Tor. Our Bitmessage address is BM-2cW79647sMFe3fJKKGKAwXWwTSS293meq8.
- Alternatively, you can send us a message on the Blockchain using OP_RETURN. You can encrypt a message (containing your pub key) with our PGP key, split up the message into 80 byte chunks, and send transactions to 19eT7KGKo1gFjgBhEF4957wVNugkc2cakK from any one of the 2072 addresses currently holding the bitcoins in question.
Perhaps there is yet a different way that you’d like to communicate? If so, please initiate contact and provide instructions for your preferred method of communication. We are anxious to hear from you. Our interest here is not to accuse, blame or make demands, but rather to discuss an arrangement that we think you will find interesting.
We hope to hear from you soon.