Doubt Over Craig Wright's Claim To Be Bitcoin Inventor - Updated
Written by Mike James   
Thursday, 05 May 2016

In a blog post Craig Wright claims to be Satoshi Nakamoto and apparently the evidence is so overwhelming that news agencies are running headlines like "Inventor of Bitcoin identified". Not so fast.

Update: Offers of proof of being Satoshi have now been withdrawn.

After promising strong proof, including actually spending some of Satoshi's bitcoin Craig Wright has stated that on his website:

sorry

The rest of his web site seems to have been taken off line. Earlier Gavin Andresen stated that he regretted providing support for Wright's claims. He states that he thought that evidence had been provided to other people that Wright had access to Satoshi's private keys. 

It seems that the sorry saga is now more or less over. 

What it illustrates most clearly is that in these days of public key crypto it is very difficult to fake an identity. Signing something with a private key that hasn't been stolen or compromised is very difficult and the evidence needed isn't negotiable - you can't half sign a document.

If some one ever does offer a contemporary document signed with Satoshi's private key then the only argument against the proof is that the key had indeed been compromised but without such a signature there is no grounds to even speculate that someone is who they claim to be.  

 

 


 

Original news

While there's a lot of smoke surrounding this particular revelation, with even a little knowledge of cryptography you can see through it.

If you wanted to convince me that you were Satoshi with minimum doubt you would find a text message, use your private key to sign it and allow anyone to confirm that it was signed by Satoshi by verifying it using one of Satoshi's public keys.

This would be simple, direct and difficult to fabricate without possession of at least one of Satoshi's private keys. Notice that there is nothing stopping you doing this as you do not have to reveal the private key to anyone - only sign some text that there is no chance that Satoshi signed in the past. 

 

wrightWright's Wikipedia entry makes for interesting reading and is currently changing quite rapidly!

 

This is not what Craig Wright does in his recent blog post. Instead he constructs something that is a cross between a claim to be Satoshi and a tutorial on signing a document. By doing this he manages to avoid making any explicit claims of what is a signature, what is signed and specifically by what key. 

At the start we have paraphrase of Sartre

 If I sign Craig Wright, it is not the same as if I sign Craig Wright, Satoshi.

Then immediately afterwards there is what looks like a digital signature:

IFdyaWdodCwgaXQgaXMgbm90IHRoZS BzYW1lIGFzIGlmIEkgc2lnbiBDcmFpZyB XcmlnaHQsIFNhdG9zaGkuCgo=

If this was the digital signature derived from the paraphrasing and verifiable using Satoshi's public key then it would be proof that Wright was Satoshi - but it isn't. What is is a base-64 coding of the paraphrase which you can confirm by decoding it. Of course, Wright doesn't say that it is a signature and so we haven't proved that the whole post is a smoke screen. The rest of the post continues in this vague way. 

After this we have the start of a tutorial on signature verification. It is difficult not to see this as something that has been included to just look good and confuse non-technical journalists. The first step on the way to suggesting that we have signed a file using Satoshi's key is the computation of the hash of a file containing the paraphrase.

Unfortunately the file is shown as a screen dump ending in:

--More--(14%)

indicating that there is more of the file to show. What this means is that we cannot reproduce the hash because one character change would produce a different hash. Without the complete file this is not reproduceable and hence not verifiable. 

We are then told that the signature is 

MEUCIQDBKn1Uly8m0UyzETOb USL4wYdBfd4ejvtoQfVcNCIK 4AIgZmMsXNQWHvo6KDd2Tu6euEl1 3VTC3ihl6XUlhcU+fM4=

but we cannot verify that this is the signature of the file as we do not have the exact contents of the file. What is more the blog says that the file to be used is called Sartre, but in the screen dumps the file used is message.txt.  Whatever the file is called, or whatever is in it the signature, checks out ok. 

What this proves is that Wright has a file that has been signed using Satoshi's private key. This seems to be strong evidence that he does indeed have the private key. 

However....

The hash value given has been identified by a number of people as being the hash of an early Bitcoin transaction conducted by Satoshi. So either we have an example of a hash collision, which for SHA-256 is extremely unlikely by chance and next to impossible to arrange on purpose, or the file in question is in fact the Bitcoin transaction. 

As this is overwhelming likely to be the case, the entire blog post is at best grossly misleading as the file used was signed by Satoshi in 2009. The only defence is that the blog post is a tutorial and doesn't claim to be proof that Wright is Satoshi - in which case no news. 

Even if you don't follow the details of what is wrong with the evidence offered, keep in mind that providing clear evidence that Wright is Satoshi would be simple - just sign a message that Satoshi hasn't sign in the passed - such as headlines fromtoday's newspapers like they do in kidnappings - and let the world check it. 

To do anything else is a clear sign that we are being duped. 

There is the small matter that Wright has demonstrated the signing of a new message to a number of well known "experts":

"At the meeting with the BBC, Mr Wright digitally signed messages using cryptographic keys created during the early days of Bitcoin's development. The keys are inextricably linked to blocks of bitcoins known to have been created or "mined" by Satoshi Nakamoto."

I suppose it doesn't really matter who Satoshi actually is, and it could all be an elaborate mind game, but it does reveal how easy it is to use technology as a magic trick.

cryptocurrency

More Information

Jean-Paul Sartre, Signing and Significance

Craig Wright reveals himself as Satoshi Nakamoto

Craig Wright revealed as Bitcoin creator Satoshi Nakamoto

Related Articles

Bitcoin Almost Crashed - But Lived To Crash Another Day 

 Inside Bitcoin - The Block Chain 

Bitcoin - A Failed Experiment. 

Stanford Bitcoin Engineering MOOC Proposed 

Bitcoin Difficulty Jumps - A 50% Miner Is Possible 

Linux Foundation Backs Blockchain Project 

Replace By Fee - Bitcoin Modifications 

bitcoin MOOC On Coursera 

bitcoin Course Offered Free Online

bitcoin Fork Due To Algorithmic Differences 

bitcoin Isn't As Anonymous As You Might Hope

The True Cost Of Bugs - bitcoin Errors      

 

 

To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on, Twitter, FacebookGoogle+ or Linkedin

 

Banner


PHP 8.4 Adds Property Hooks
26/11/2024

PHP 8.4 is available with improvements including property hooks, asymmetric visibility, and an updated DOM API.



Ai-Da's Portrait of Alan Turing At Auction
01/11/2024

Sotheby's Digital Art Day Action, now underway, features a large-scale portrait of  Alan Turing created by Ai-Da, the humanoid robot artist whose work, including this canvas, was exhibited at the [ ... ]


More News

 

espbook

 

Comments




or email your comment to: comments@i-programmer.info

 

Last Updated ( Thursday, 05 May 2016 )