Wallet software changed over time. Wallets used to not be deterministic in early versions, so if you took the same wallet to different computers, it would generate a different set of keys.
In Oct 2010, the keypool feature was introduced to overcome this issue, at least for the first 100 transactions. After the first 100 were used, even with the same initial wallet, you would run into the same issue on different computers. When a transaction occurs, it will use one of the unused key/address pairs in your wallet as a change address if you don't specify where the unspent coin should go.
https://bitcointalksearch.org/topic/key-pool-feature-for-safer-wallet-backup-1414 The software has since been changed since so this issue does not exist -- wallets now generate deterministic key/address pairs based on a higher dimensional seed so that this avoids that issue when using the same wallet on different computers.
Loose-Key wallets, also called “Just a Bunch Of Keys (JBOK)”, are a deprecated form of wallet that originated from the Bitcoin Core client wallet. The Bitcoin Core client wallet would create 100 private key/public key pairs automatically via a Pseudo-Random-Number Generator (PRNG) for later use.
https://developer.bitcoin.org/devguide/wallets.html__________________________________________________________
Although, there are clues that Stoneman was lying or fishing for problems, for whatever reason.
The first clue is that he never gave the right number -- always saying 8900 instead of 8999, so let's delve deeper.
After buying 9,000 BTC, he "4) Sent 1 BTC to myself". Why did he do this? "I was trying to watch when the network should have confirmed a
payment to a website that takes bitcoins", which he did when "paying myself 1 coin at about the same time".
https://bitcointalksearch.org/topic/m.8645Stone Man had been a regular purchaser/seller of bitcoin for the previous month
https://bitcointalksearch.org/topic/m.4477, posting on 20 July 2010 about that. Why is 20 July 2010 interesting? Because it was
3 days after this post:
https://bitcointalksearch.org/topic/m.3770 , which describes exactly that same situation. It seems very unlikely to me that Stone Man would not have seen that post when he was making regular purchases/sales of bitcoin, especially in such a small forum that he had just posted to!, where he was looking at bugs and trades regularly, when bitcoin was yet barely tested.
Stone Man never gave any correct details: he always said he transferred 1 bitcoin, which is odd (but forgivable) to not test a transaction with the larger amount to a known address if you were testing things. Stone never stated the correct amount of 8,999, always stating the incorrect amount "8,900". He also claimed that his "old wallet file is gone for good", despite having just backed up the
old wallet file! One person, Insti, in that thread made a minor call out against him, "Although the numbers in your story don't add up."
He says that he sent 1 bitcoin because he was testing a 'website'. I already showed that he bought/sold regularly, so that is the most likely website. There weren't other websites then really. What website wants 8900 bitcoin or 8999 bitcoin, rather than 9000, other than an exchange and an odd user request?
https://bitcointalksearch.org/topic/m.8645 Stoneman questions that the cause was a double spend or because he didn't wait for confirmations, and these seem to be his focus as the problems initially. He would know if it were a double spend, and seems to be suggesting that's what he did yet never outright claims that. He offered no proof that he that owned the original nor final wallet.
Perhaps he was testing flaws in bitcoin or the bitcoin community. This would be one of the first bitcoin transactions with non-negligible value ($200-$700 USD) so it makes sense to have been the target of a potential scam. A common scam tactic is to give the wrong value, but just wrong enough - it gives plausible deniability if someone proves him decisively wrong, after which he can say that his was a slightly different thing, but if no one can do that perfectly, it gives him the ability to be super disruptive.
An interesting sub-note to this story is this address: 1FJuzzQFVMbiMGw6JtcXefdD64amy7mSCF
There is no post related to that transaction, despite mirroring the 1 bitcoin transacted leaving a 999 pattern, about a month after the other X,999 transaction.
Whether Stoneman ever held any of these coins at any point can be called into question. All transactions are visible to everyone, and Stoneman could have used that ability to claim bitcoin that were not his after that transaction. I wouldn't be surprised if one of the first exchanges shut down from later actions by Stoneman by reversing paypal payments, which favored the buyer claiming fraud - but in itself enabled the possibility of fraud.
157PiPgqphedUvrco3mKU3Xoof7yzhj9pW
167ZWTT8n6s4ya8cGjqNNQjDwDGY31vmHg