Will the real Satoshi Nakamoto please stand up?
I am sure by now that even if you have only a passing interest in Bitcoin you couldn’t help but be exposed to this mornings latest hoopla that Satoshi Nakamoto has finally, once and for all, really this time it is true, been revealed. It is none other than the same Craig Wright previously outed and then dismissed back in December, as being the creator and founder of Bitcoin. Let’s just say for myself, I am for one a bit skeptical.
The morning kicked off with simultaneous news releases by major media publications proclaiming the long running mystery of who was Bitcoin’s creator has finally been solved (again). BBC ran the headline “Australian Craig Wright claims to be Bitcoin creator“. The Economist similarly lead with a article titled “Craig Wright reveals himself as Satoshi Nakamoto“. Finally we have GQ who went with “Dr Craig Wright outs himself as bitcoin creator Satoshi Nakamoto“. You can read any one of the articles to get the general idea as they are all pretty much the same.
All three articles were obviously prearranged to be released at the same time as Craig Wright’s own blog post in which he leads off with a quote from Jean-Paul Sartre:
“If I sign myself Jean-Paul Sartre it is not the same thing as if I sign myself Jean-Paul Sartre, Nobel Prizewinner”
– Jean-Paul Sartre, 1964
Dr. Wright then goes on to insinuate that it is he, Craig Wright who is behind the mysterious Satoshi Nakamoto.
I remember reading that quote many years ago, and I have carried it with me uncomfortably ever since. However, after many years, and having experienced the ebb and flow of life those years have brought, I think I am finally at peace with what he meant. If I sign Craig Wright, it is not the same as if I sign Craig Wright, Satoshi.
I think this is true, but in my heart I wish it wasn’t.IFdyaWdodCwgaXQgaXMgbm90IHRoZSBzYW1lIGFzIGlmIEkgc2lnbiBDcmFpZyBXcmlnaHQsIFNhdG9zaGkuCgo=
The rest of the blog post goes on to provide information on key verification and how a person could go about verifying a set of cryptographic keys, presumably to verify the key given by Craig Wright to verify his identity as Satoshi. All of this is well and good, but right away I noticed a few oddities.
One, why the complex method of verifying the signature with all of the associated technobabble, which only a small percentage of readers will understand and be able to follow, when he could have just as easily referred the user to utilize the Bitcoin Core wallet to easily verify the signature. Also why not use a simple signature such as Charles Lee (creator of Litecoin) provided on his twitter page.
The other curious thing I noticed was in the screenshots on the blog post, we can see the prompt “craig@wintermute-tuliptrading-net”. You cannot help but to sense the subtle attempt at an association with the 1637 Tulip Mania that is often cited in financial circles as the textbook example of an irrational bubble, and which not so coincidentally is often also used to compare with the Bitcoin phenomena. Is Dr. Wright trying to imply Bitcoin is like trading tulips or is he simply being humorous. In any event, it would be quite a shock to most Bitcoin faithful that the supposed creator took such a flippant attitude towards his own invention.
As that is not enough, as a simple signature verification, or movement of even 1 BTC from those thought to be controlled by Satoshi, would indeed provide the needed proof required by many, we instead have independent Bitcoin experts step in to vouch for Dr. Wright. Gavin Andresen and John Matonis were called into private meetings in which they were to witness Craig Wright signing messages using early keys that Satoshi is known to have possessed.
The mysterious presentations left both men convinced of Wrights authenticity, however later attempts to prove the validity to the the wider public are so far elusive. Indeed, the key posted on Wright’s blog does not appear to sign the Sartre text, but instead it is for a transaction signed by Satoshi in 2009 and which is readily available on the Bitcoin blockchain.
Wired magazine now has an article up detailing How Craig Wright Privately ‘Proved’ He Created Bitcoin that goes into the details of the private demonstrations and even though Gavin Andresen left the presentation convinced, it wasn’t necessarily irrefutable proof, especially with recent revelations brought forth by scrutiny from the wider public view.
It has now later been revealed that Andreas Antonopoulos was also invited to a private demonstration to verify Dr. Wrights claims, but he declined. Antonopoulos has now left a post on Reddit Why I declined to “verify” SN’s identity two weeks ago outlining the details surrounding the invitation and his reasons for declining to participate.
So while so far none of this has proved proved one way or another Dr. Wright’s claims that he is indeed Satoshi Nakamoto, now that the story is public and more skeptical and technologically savvy individuals have had a chance to review the claims, more interesting contradictions are starting to come out.
First we have the questionable signature provided on Dr. Wrights blog post:
Theymos, the BitcoinTalk forum administrator, posted on Reddit why Craig Wright’s signature is worthless.
By taking the signature above, which was provided by Dr. Wright as “proof” of him being Satoshi, and converting it into a hexadecimal format we get the following string:
We can see that it exactly matches that of a 2009 transaction (look at the input script in the image below) that is known to be made by Satoshi. You can check the blockchain for yourself here: https://blockchain.info/tx/828ef3b079f9c23829c56fe86e85b4a69d9e06e5b54ea597eef5fb3ffef509fe
For those still skeptical, you can perform this simple experiment yourself. Lookup the above transaction on the blockchain: https://blockchain.info/tx/828ef3b079f9c23829c56fe86e85b4a69d9e06e5b54ea597eef5fb3ffef509fe?show_adv=true and from there copy the string from the Input Script (shown above) into a Hex to Base 64 converter (search google for an online version) and you will see the result of this conversion matches that which Craig Wright provided as his “proof”. Note that you will need to remove the “01” that is appended to the end of the script string before conversion to get the proper result. The 01 or 0x01 appended at the end is the hashtype byte.
Thus the signature that Craig Wright purports to offer us as irrefutable proof, is simply the signature from an early Bitcoin transaction Satoshi is thought to have sent to Hal Finney. So with the public proof that was offered being now found to be a hoax, we are only left with the verification’s given by Gavin Andresen and John Matonis.
Gavin has come forward with his own blog post titled Satoshi where he states he is convinced that Craig Wright is indeed Satoshi Nakamoto.
I believe Craig Steven Wright is the person who invented Bitcoin.
I was flown to London to meet Dr. Wright a couple of weeks ago, after an initial email conversation convinced me that there was a very good chance he was the same person I’d communicated with in 2010 and early 2011. After spending time with him I am convinced beyond a reasonable doubt: Craig Wright is Satoshi.
Part of that time was spent on a careful cryptographic verification of messages signed with keys that only Satoshi should possess. But even before I witnessed the keys signed and then verified on a clean computer that could not have been tampered with, I was reasonably certain I was sitting next to the Father of Bitcoin.
While this does sound plausible at face value, what we still do not have is publicly verifiable proof. Did Gavin witness a different signature event than the one provide on Craig Wright’s blog? If so, was there any trickery involved? Gavin’s post does call out it was verified on a clean computer which was bought and unsealed in front of him. Why all the dramatic details, it almost seems as if it is a magician’s magic show setup to misdirect with irrelevant props to suggest legitimacy while the important details are overlooked.Why does Dr. Wright not just sign a publicly verifiable message, or even as some suggest, move one single Bitcoin from the 600k thought to be in possession by Satoshi.
Perhaps the answers to these questions does not even matter if we take a look at the whole. If we go back to Andreas Antonopoulos’s statement in which he questions the motives:
From my perspective, the request for me to verify his/her/their identity is in itself an appeal to authority. It is replacing public cryptographic proof with endorsement by a third party. If SN (Satoshi Nakamoto) wants to “prove” their identity, they don’t need an “authority” to do so. They can do it in a public, open manner.
Exactly! Satoshi was known if anything for his desire to remain anonymous and as a private individual. Those people who interacted with him/her/them in Bitcoin’s early days, did so exclusively through electronic means. He used cryptographic proofs to prove his identity. Why now does he do a complete 180 and shun cryptograpic means and instead relies on third parties and public attention to verify he is who he says he is?
Other information is also now starting to trickle in to add even more to the controversy.
JP Richardson, co-founder of Exodus bitcoin/ethereum wallet, suggests that Wright even went so far as to lift other peoples work off the internet in his latest blog entry: Did Satoshi Steal My Blog Post? There is more than just a casual similarity to Richardson’s original post, dated 8/27/2013 to Dr. Wright’s blog entry posted today.
Noted researcher Dan Kaminsky posted on his blog that he doesn’t believe the story either.
- Yes, this is a scam. Not maybe. Not possibly.
- Wright is pretending he has Satoshi’s signature on Sartre’s writing. That would mean he has the private key, and is likely to be Satoshi. What he actually has is Satoshi’s signature on parts of the public Blockchain, which of course means he doesn’t need the private key and he doesn’t need to be Satoshi.
Also a flaw in one of the scripts presented on Craig Wright’s blog post is now being pointed out on a Reddit posting.
Notice the different spellings of “signature” and “signiture” in the above example script from Craig Wright’s blog post. As Reddit user ex-ample (nice name btw) explains below, it is actually verifying whatever was previously put in the misspelled signature file instead of the variable signature shown just above it. For those not familiar with programing, a variable is an exact name match so signature and signiture are two comply different programming entities. The implication is that the misspelled variable could have been a file elsewhere preloaded with information that would produce the desired output.
With all the evidence coming in that Craig Wright is NOT Satoshi, and with Gavin Andresen sticking by his original story the bitcoin core team has now revoked Gavin’s commit privileges: https://twitter.com/petertoddbtc/status/727078284345917441
Well now there is a bombshell being dropped on Gavin Andresen’s story with a recent tweet from Electrum. Recall that Gavin claims he downloaded and installed the Electrum wallet on a new computer during the demonstration in order to verify the signature. This he admitted to in his interview with Wired magazine:
Andresen says an administrative assistant working with Wright left to buy a computer from a nearby store, and returned with what Andresen describes as a Windows laptop in a “factory-sealed” box. They installed the Bitcoin software Electrum on that machine. For their test, Andresen chose the message “Gavin’s favorite number is eleven.” Wright added his initials, “CSW,” and signed the message on his own computer. Then he put the signed message on a USB stick belonging to Andresen and they transferred it to the new laptop, where Andresen checked the signature.
Gavin also gave this detailed account of the signature verification on Reddit.