You get a lot of stick on this thread but you are a smart guy. Thanks u/nullc and also for that disclosure about dsv.
Just because we disagree on some things doesn’t mean we can’t be civil on all others :)
I feel there's an important lesson here, but is there a way to understand it for someone not technical enough? I understand what a hash function does (data "fingerprint"), but not the advanced stuff...
Could someone dumb it down a little, or point me to resources I need to read first before understanding the linked thread better?
Edit: from a discussion elsewhere I picked up that you can "forge" a signature, which would be worthless without a published text message though (because you need this message to verify the signature?). But somehow this all still doesn't up in my head yet :)
Yes. The important message here is when verifying signed messages, choose a unique message yourself to be signed. Allowing the person signing to choose and never release the preimage means they could have simply worked backwards to come to a valid signature.
The way I understand it you need the message to verify that the fingerprint is indeed for that message. Then you need the sig to verify that he's signed that particular hash (fingerprint). All these things are required. Just the hash and sig are insufficient. Also to be really sure you need to supply the message yourself i.e. challenge the other guy to sign a random message you give him.
I, for example, would not rely on any bitcoin-related software to verify such claims, but try to verify the signing on off-the-shelf tools like openssl (as well). Just to rule out long-con where I ended up with a tampered bitcoind for example.
OpenSSL is notorious for having fuckton of command line options, obscure format support and so on. If there's a high-profile claim, I'd verify it using ECDSA library of my choice. And between bitcoind and openssl I'd probably lean towards bitcoind, but it's better to try both.
While you obviously need to use a competent ECDSA toolset, if you know the preimage message and have chosen it yourself you can have a very high confidence of authenticity. That's the entire point of this discussion. It's not a proof if they never reveal the preimage or it cannot be arbitrarily chooses by those verifying.
He’s manipulating an 100 billion dollar market! Is jail the only way to stop him? He’s even using his fake twitter handle now against Segwit.
jstolfiJorge Stolfi - Professor of Computer Science8 months ago
Those posts on Stackexchange apply to the "public" proofs that @ProfFraudstus offered later; not to Gavin's "validation".
My best guess is that Craig used a tampered version of the software to validate the signature. Recall that the signature check was done on a computer provided by Craig. It was ostensibly bought just before the session, but by Craig's assistant, hence the box seals could have been trivially faked. The software used to validate the signature was then downloaded into that computer, but again it could easily have been replaced by a doctored version, by several possible means. And recall that Gavin was not allowed to take the signed message home.
Gavin tells that the first attempt at verifying the signature failed, but because the three final letters "CSW" of the message had been omitted when re-typing the message for signature validation. That would seem evidence that the software was indeed doing validation, and did not just say "it checks" for any signature.
But that apparently accidental omission is quite the sort of confidence-building clue that a professional con artist like Craig would intentionally drop on his mark. In fact, the doctored software could have been as trivial as "if the last three letters are 'CSW', say 'checks', otherwise say 'doesnt check'". (That code might be even within the programming abilities of @ProfFraudstus himself.)
> But that apparently accidental omission is quite the sort of confidence-building clue that a professional con artist like Craig would intentionally drop on his mark.
Yep. Completely agree. It probably made Gavin almost feel bad for him for a moment and hope that the signature would indeed validate rather than embarrass him in that situation. Plus, the idea that he could have traveled there just for a fraudulent demo must have been unsettling as well. All part of the deception.
Vitalik Buterin once said that if a person has 2 ways of proving something, an easy way vs a noisy way, a fraud will take the noisy way.
Craig could have done 1 of 2 simple things. Sign a simple message with Satoshi private keys which anyone can verify... or just move a little bit of BTC from Satoshi's original wallet. Since he has the private keys, that should be easy to do, and any non-tech user can verify that as proof.
Instead, Craig keeps putting up confusing stuff. If you can't make them believe you, confuse the shit out of them seems to be Craig's tactic of "proofs".
I believe that's because his whole "brand" was a 'reluctantly outed Satoshi that doesn't want fame'
He wanted people to believe that he was being cryptic out of some legitimate necessity, say, him being in danger from sovereign actors if he definitely proved it, for example. That way, people can easily rationalize away the slipperiness and believe him
A really sophisticated long con, IMO
Craig perhaps wants to prove himself to certain people, not the entire world via the global media. In this case, he would do exactly what he's done. Vitalik is textbook (lol) "book smart" in this case. He's ignoring this fact. Craig probably isn't Satoshi though, imo.
> Craig probably isn't Satoshi though, imo.
So he's a person who publicly claimed to be Satoshi, even though he knew he was not, for his own profit, Hmmmmm ins't there a word for this? just can't put my finger on it....
Whether or not Craig is Satoshi is not a matter of opinion at all though, it's a matter of material fact, so if Craig is not Satoshi, that necessarily means that he straight up lied with malice aforethought.
You’re missing the context. The entire idea of CSW coming out as Satoshi was to give Ayre/nChain as much publicity as possible, so as to market the patents CSW claimed he had on Bitcoin/blockchain as effectively as possible.
Only when it all fell apart and CSW was fired in disgrace did he start to whine about privacy and being left alone.
I sure wish “The Satoshi Affair” wasn’t paywalled, it’s a great and revealing read.
> The entire idea of CSW coming out as Satoshi was to give Ayre/nChain as much publicity as possible
Hm, I missed all of that.
> I sure wish “The Satoshi Affair” wasn’t paywalled, it’s a great and revealing read.
I'll have a look, thanks.
This is an important point and people do bring it up a lot. To me, it's a minimal first step, it's like moving the bar up from "definitely not Satoshi" to "at least a tiny bit plausible." Signing a message with those keys does not prove that he is Satoshi, but until he does that much CW is *unquestionably* not Satoshi.
My theory is still: Craig Wright had a friend, Dave Kleiman, who died and who was Satoshi. Craig Wright knew Satoshi personally, and is trying to assume his identity now, but he did not get access to the private keys.
I like that theory. I also think about all the pet projects I've coded and how many keys I must have created for stuff now long forgotten and lost forever. It's possible the original Satoshi just didn't care to keep track of those early block reward wallets because he was still in trial & error phase, generating new wallets all the time. For that reason, even a "I didn't keep the keys" story would be more believable to me than the existing CW falsehood.
If he is Satoshi... then he should go to a mental institution immediately, because clearly he have some serious problems.
Also on a side note, it actually does not matter who is Satoshi, it only matters what he stands for. Everyone can be Satoshi if he wants to.
Papa_GandaRedditor for less than 6 months8 months ago
I contend that there could be an even better proof that CSW is Satoshi. But it would have taken some forethought.
If CSW produced a message now that, when hashed, arrived at the private key of one of the first blocks, and THAT message contained the words "Satoshi is Craig Steven Wright of whereversville Australia" ( or something definitive), then that would be Satoshi providing evidence.
He would have needed to set this up years ago... Most people assume that the private keys to early blocks are random, but they could easily be "brain wallets" of a phrase that confirms the identity of Satoshi. (I doubt that they are, but it's certainly possible. And we wouldn't be able to tell.)
Yes, to convince that he is satoshi he would need to recount the story as well, and display some acceptable technical knowledge.
it is possible that satoshi suffered mental degeneration after 2008/2010 and can't cope with all the complexities anymore. But that is very unlikely to be the case for craig.
Craig attempts to plagiarize, to write stupid things non-stop and flash degrees in whatever universities are **strongly** indicative of a fraudulent ethos.
With this latest forgery attempt, if Satoshi wanted to keep the message content secret he could double-hash it. Release both H(m) and H(H(m)), using the latter in calculating the signature. No one would know the message but it would prove the signature was not a forgery.
Twitter CEO is an investor in LN, how on earth can you guarantee that the last forgery wasn't actually blockstream having temp access to that profile to troll with that? Even greg himself advising how to forge that?
Let's be less innocent and be open to all possibilities. It is very strange that he came out of the cave to post a lot and loudly about that.