Saudi Arabia says the drones and missiles used to attack its energy industry were made in Iran. But just because the Kingdom says it, doesn’t make it so. So who’s right? There are a few hints in the wreckage shown off in a Wednesday press briefing—similar components and a mirror image drone at an Iranian exposition—that points towards Tehran-made weapons but is it enough to say the attack was pulled off by Iran? Read along as we dive through the bits of missile and drone to see what points to Iran and what doesn’t.

Welcome to Rabbit Hole.

The Saudi guess: We got a hint of what the Saudis think made the drones used to attack their oil facility in Abqaiq from a brief slide shown off during the press briefing. Col. Turki al-Maliki showed the wreckage of what he said were the delta-wing drones used to hit liquefied natural gas containers at the Abqaiq facility. In the right hand corner of the slide, left unexplained, is a picture of a similar looking drone on a stand in an exposition somewhere.

For those familiar with Iranian weapons exhibitions, the picture was easy to identify. It was taken at an Islamic Revolutionary Guard Corps Aerospace Force (IRGC-AF) exhibition in Tehran in May of 2014. But the rest of the exhibition was reserved for showing off drones, missiles, and helicopters, many of them rarely seen in public. Many of them were also products of a little-known company, Shahed Aviation Industries Research.

Why do we care? Shahed Aviation and its drones are used in sensitive operations outside of Iran, like when Iran flew (and crashed) a Shahed-123 drone in Afghanistan on an apparent mission to surveil U.S. bases there. ‘

In other words, the picture doesn’t prove they’re the same aircraft but it does at least suggest that there’s a similar-looking Iranian drone that has the right pedigree.

Loitering munitions: So what exactly is this kind of drone? Iran and its proxy groups have launched a lot of suicide drones—unmanned aircraft stuffed with explosives and uses like missiles—to attack targets in Israel, Saudi Arabia, and Yemen but we’ve never seen the kind of drone like the Saudis showed off in the wild before in Iranian hands. The other suicide drones they’ve used are mostly normal spy drones or drones used for target practice, just stuffed with explosives and sent on one way missions. The wreckage shown off by the Saudis more closely resembles the kinds of drones designed specifically for this kind of mission—loitering munitions. 

The difference between a drone, as most people understand it, and a cruise missile has always been a little blurry. Loitering munitions are basically drones with an explosive warhead that loiter in the air, wait for their target to appear, and slam into it. 

Hints in the parts: So far the Saudis have only made some footage and photos of the drone wreckage available. From what we can see, there is one similarity between the wreckage from the drones the Saudis showed off and equipment used by Iran. In one of the wreckage piles, a vertical gyroscope is visible on the left hand side of the drone. Iran has its own series of vertical gyroscopes unique to the country’s drones, one of which is the V10. 

Those components usually have a sticker on them identifying their model number and serial, but the wreckage in the Saudi display doesn’t have the sticker. While the vertical gyroscopes in Wednesday’s display look similar to Iranian models, absent markings or further evidence all we have is an intriguing suggestion rather than hard attribution. 

More shoes to drop: We have an attack. We have some wreckage. We have some evidence that’s suggestive the weapons themselves may have been made by Iran but not definitive. What do we need to prove or disprove the U.S. claim that the drones and missiles were launched from Iranian territory?

Navigation data. During the briefing, Col. Maliki revealed that a handful of cruise missiles used in the attack failed to reach their targets and landed fairly well intact. Some were on display and at least one had to be held back because it still had a live warhead that needed to be disarmed. That means it’s at least theoretically possible that Saudi and American forensic experts could access some of the data used to allow the cruise missiles to navigate to their target, effectively pulling the thread back from the explosion to the launch point.  

It’s worked before. In addition to suicide drones, Iran has also supplied Houthi forces in Yemen with robotic suicide boats programmed to smash into boats used by the Saudi-led coalition and explode. They work, too. In January 2017, one of the robotic suicide boats destroyed a Saudi frigate off the coast of Yemen. 

When the Saudi-led coalition captured a few of the boats before the exploded, experts at the Pentagon were able to crack open the equipment on board and find all kinds of data showing their Iranian origin. Forensic experts found 90 GPS data points showing the computer system’s journey from an Iranian military research office in Tehran, down the Gulf and to Yemen. In addition, experts also found pictures taken by its onboard camera at the factory showing an Iranian assembly-line worker and an IRGC hat over his shoulder. 

As for the attack last week in Saudi Arabia, we might not have a smoking gun now but the answer as to whether or not these weapons were Iranian and came from Iran are probably lying beneath the surface of the wreckage the Saudis showed off today.