in Uncategorized

Craig Wright is not Satoshi Nakamoto

Craig Wright is not Satoshi Nakamoto. He wasn’t Satoshi Nakamoto before or after Wired and Gizmodo suspected him to be last year, and he still isn’t Satoshi Nakamoto after trying to reveal himself to be on his own blog and to The BBC, The Economist, GQ, Jon Matonis and Gavin Andresen.

There is a long and fraught history in Bitcoin of claims and counterclaims about who Satoshi is, and one would think that lessons had been learned and a high standard would be set for subsequent claims regarding Satoshi Nakamoto. The proof posted today by Wright and others does not meet any standard for identifying him as Nakamoto.

Bitcoin is a currency based on cryptography. The ownership of coins can be proven cryptographically and verified by any network participant in a process that is at the very core of Bitcoin. The latest proof offered by Wright can not be independently verified nor cryptographically verified. On the contrary, the efforts made today by Wright are the latest in an expanding list of falsehoods and fabrications.

Below i’ll outline all of the evidence to date pointing towards Wright as Nakamoto, and then run through a list rebutting each point and offering further evidence that Wright is not Nakamoto.

If there is anything here i’ve missed – please leave a comment or email me.

Contents

1. The Evidence for Craig Wright being Satoshi Nakamoto

1. There is the evidence in the original Wired and Gizmodo reports from last year. Namely:

  1. Wright told a number of people that he was Satoshi, and he made reference to it in private emails.
  2. During a conversation with the Australian Tax Office (who are currently investigating him – more on that later) Wright said “I did my best to try and hide the fact that I’ve been running bitcoin since 2009,”
  3. Wright made a number of blog posts from his personal blog mentioning the upcoming release of Bitcoin. These posts turned out to be backdated.
  4. Wright had access to a Satoshi Nakamoto PGP key. The key turned out to be a fake and had been generated by Wright using a different email address and backdated on the PGP key server.
  5. There are emails in the Wright leak that are dated prior to Bitcoin’s release where he makes reference to an upcoming “p2p distributed ledger” paper he is working on.
  6. Wright claimed to be a holder of a large number of Bitcoin. He seeded an investment into a firm he founded, Hotwire, with $30 million worth of Bitcoin.
  7. In an email reply to Wired, Wright suggested he was Nakamoto when saying “I have moved on to other things”
  8. Based on his academic credentials and work history Wright has the ability to conceive of and build Bitcoin
  9. Through a company, Wright built and ran two supercomputers that ranked in the official TOP500 list – including the most powerful privately owned supercomputer.
  10. The documents hacked from Wright include a legal agreement between he and Dave Kleiman, now deceased, where Wright transferred to Kleiman 1.1 million Bitcoin for the purpose of establishing an offshore trust
  11. The 1.1 million Bitcoin figure is close to most estimates on the total Bitcoin holding of Satoshi Nakamoto

2. The proof offered by Craig Wright in a blog post he made today coming out as Satoshi Nakamoto. In the post he described how he has used 10 private keys associated with Bitcoin addresses known to be held by Satoshi Nakamoto to sign messages offered up by a number of individuals. Wright provides shell scripts (bizarrely in the format of a screen shot of the scripts) that can be used to verify the messages he has signed.

3. Jon Matonis, founder of the Bitcoin Foundation, wrote a blog post where he details how he met Craig Wright and verified that he is Satoshi. Matonis details how he met Wright at a conference in Sydney months before the Wired article and told his wife that he had a feeling he had just met Satoshi. Matonis was invited to take part in a session in London organized with a number of media organizations together with Wright where he claims to have verified Wright as Satoshi using a number of methods. First, Wright signed and verified a message using keys from block #1 and block #9. Matonis, further – from the post:

During the London proof sessions, I had the opportunity to review the relevant data along three distinct lines: cryptographic, social, and technical. Based on what I witnessed, it is my firm belief that Craig Steven Wright satisfies all three categories. For cryptographic proof in my presence, Craig signed and verified a message using the private key from block #1 newly-generated coins and from block #9 newly-generated coins (the first transaction to Hal Finney). The social evidence, including his unique personality, early emails that I received, and early drafts of the Bitcoin white paper, points to Craig as the creator. I also received satisfactory explanations to my questions about registering the bitcoin.org domain and the various time-of-day postings to the BitcoinTalk forum. Additionally, Craig’s technical working knowledge of public key cryptography, Bitcoin’s addressing system, and proof-of-work consensus in a distributed peer-to-peer environment is very strong.

4. Gavin Andresen, a Bitcoin core developer who took over the project from Nakamoto, posted that he also participated in the London sessions and was satisfied that Wright is Nakamoto:

I was flown to London to meet Dr. Wright a couple of weeks ago, after an initial email conversation convinced me that there was a very good chance he was the same person I’d communicated with in 2010 and early 2011. After spending time with him I am convinced beyond a reasonable doubt: Craig Wright is Satoshi.

Part of that time was spent on a careful cryptographic verification of messages signed with keys that only Satoshi should possess. But even before I witnessed the keys signed and then verified on a clean computer that could not have been tampered with, I was reasonably certain I was sitting next to the Father of Bitcoin.

5. There were 3 media outlets involved in the exclusive unveiling of Wright as Satoshi. The Economist concluded: “Our conclusion is that he could well be Mr Nakamoto, but that nagging questions remain.” The BBC interviewed Wright and asked him about the tax investigation in Australia amongst other things. The London Review of Books has preview of a feature about Wright up on their website. They state:

News of Craig Wright’s ownership and use of Satoshi Nakamoto’s private keys, verified by central figures in the bitcoin community, will be reported today by the BBC and the Economist. The full, long-form account will be published here later this month.

So far the reporting from these organizations offers little direct evidence itself of Wright being Nakamoto – they have relied on the testimony of Andresen and Matonis to satisfy themselves. Wright also performed the same block #1 and block #9 message signing for The Economist.

6. Evidence published since the original news reports and blog posts today. So far this involves a comment from Gavin Andresen on a reddit thread where he adds to his prior blog post about how Wright’s claims were verified by stating:

Craig signed a message that I chose (“Gavin’s favorite number is eleven. CSW” if I recall correctly) using the private key from block number 1.
That signature was copied on to a clean usb stick I brought with me to London, and then validated on a brand-new laptop with a freshly downloaded copy of electrum.
I was not allowed to keep the message or laptop (fear it would leak before Official Announcement).
I don’t have an explanation for the funky OpenSSL procedure in his blog post.

and a followup interview he conducted with Wired where he offers more detail of the process used to verify Wright’s claim:

Andresen says he demanded that the signature be checked on a completely new, clean computer. “I didn’t trust them not to monkey with the hardware,” says Andresen.

Andresen says an administrative assistant working with Wright left to buy a computer from a nearby store, and returned with what Andresen describes as a Windows laptop in a “factory-sealed” box. They installed the Bitcoin software Electrum on that machine. For their test, Andresen chose the message “Gavin’s favorite number is eleven.” Wright added his initials, “CSW,” and signed the message on his own computer. Then he put the signed message on a USB stick belonging to Andresen and they transferred it to the new laptop, where Andresen checked the signature.

At first, the Electrum software’s verification of the signature mysteriously failed. But then Andresen noticed that they’d accidentally left off Wright’s initials from the message they were testing, and checked again: The signature was valid.

2. Evidence against Craig Wright being Satoshi Nakamoto

1. Manipulated evidence

Wired and Gizmodo, along with a number of other news outlets, went on to debunk large parts of the evidence supporting Wright as Nakamoto, and further discovered evidence that Wright may have been manipulating and falsifying evidence in support of the claim:

  1. Wired found that Wright had manipulated and planted the old blog posts:

  2. Bitcoin developer Greg Maxwell found that the PGP key controlled by Wright and believed to be Satoshi’s was generated using PGP cipher-suites not available at the time:

    Incidentally; there is now more evidence that it’s faked. The PGP key being used was clearly backdated: its metadata contains cipher-suites which were not widely used until later software.

    and the Wright-Nakamoto key wasn’t on the keyserver at that date:

    This key was also not on the keyservers in 2011 according to my logs; which doesn’t prove it was backdated, but there is basically no evidence that it wasn’t and significant evidence that it was. And it’s not turning up in any of the older key server dumps.

  3. In a press release for his company CloudCroft, which owned the two super computers, Wright claimed to be in a strategic partnership with SGI, even quoting an SGI executive:

    In the coming years, we will be looking to expand our involvement in the region with the creation of a combined CuDA/Xeon Phi hybrid system that we are looking to develop in conjunction with SGI. Success in this endeavor would make Australia a global leader in HPC technology as well as in the emerging crypto-currency financial fields.

    Mr McKeon of SGI has stated that they “look forward to a long, sustained relationship” and that together our companies will reach the highest ranks of the Top500 list.

    SGI told Forbes that Cloudcroft has never been an SGI customer, and they have no relationship with the company or with Craig Wright.

  4. On his LinkedIn profile, Wright claimed to hold two Phd’s from Charles Sturt University. The University told Forbes that it never granted Wright those Phd’s.
  5. It is known that Wright told a small number of people that he was Nakamoto. This group seemed limited to a small number of executives in his company, some investors and then the Australian authorities – who were questioning him at the time about his large tax rebates. Being Nakamoto suited Wright in some circumstances, and his claims today that he didn’t seek to be known as Nakamoto doesn’t match with him mentioning it to the Australian Tax Office.

2. Australian Tax Office Investigation

Craig Wright is being investigated by the Australian Tax Office and appears to be accused of tax fraud. Wright operated under a number of different companies: Hotwire, DeMorgan, CloudCroft, Panopticrypt, Coin-Ex, Denariuz and at least a couple of others. We know that on the day the Wired and Gizmodo stories were written that Wright’s home and office in Sydney were raided by agents investigating for the Australian Tax Office. It was speculated that this was because of Wright’s Bitcoin holdings, and Wright told The BBC he was “being audited”, but documents from the administrators of Wright’s companies tell a different story.

The administrators note from May 2014 details what Hotwire did:

The Company’s main activity was the acquisition of various e-learning and e-payment software and undertaking research and development work in respect of this software and for software owned by related entities

how it was funded:

The Directors have advised that $30 million was subscribed to by the shareholders in paid up capital and this was injected via Bitcoins

and how that funding was spent:

The Company applied its equity as follows:
– $29 million to acquire software from the Wright Family Trust (“the Trust”); and
– $1 million to fund day to day trading activities.

What Wright did was establish a company for the purpose of carrying out research and development on e-learning software it had acquired from Wrights own trust. Wright would inject $30 million in Bitcoin to fund the company, $29 million of which would be paid to Wright’s trust to acquire the software and $1 million of which would fund operational costs – including an office in Sydney and 40 employees.

The purpose for the structure and why someone could commit fraud in this way becomes clear in the next action the company takes:

Further to incurring a range of expenses, the Company lodged its GST return for the September 2013 quarter, claiming a GST refund of $3.1 million (“the GST refund”). After various discussions and correspondence, the ATO issued a notice to the Company on 20 January 2014 notifying that it intended to withhold the refund pending further verification of transactions and the treatment of Bitcoin.

The sales tax (GST) component of the $29 million invested by Wright into the company was eligible for a refund. Thus by shuffling around some Bitcoin between entities you control yourself, it is possible to trigger a sales tax refund (in real cash).

Another Wright entity, DeMorgan, made the largest ever R&D tax concession claim in Australia – as per their own press release. The R&D tax concession is a program in Australia where companies investing in R&D are eligible for a 45% tax refund on each dollar spent. We know now that the supercomputers that were claimed to be part of this spending didn’t exist, so it is possible that the refund was an attempt to make a false claim.

While it is still early in the investigations against Wright’s companies, one can come away from reading about his firms with the conclusion that their primary business was to seek tax refunds from the government, and that most of the businesses were setup precisely for this. The administrators in the Hotwire company said as much when they describe almost the entirety of the firms assets as two outstanding refunds from the tax office (one of which, a sales tax refund, was later declined and a penalty of $1.7 million was applied to the company).

How this relates to the Nakamoto claim from Wright is potentially also the motive behind his actions. It suited Wright to be Nakamoto when he needed to raise money from investors, or to talk his way out of a problem. Nakamoto, as most know, is sitting on hundreds of millions of dollars worth of Bitcoin – investors and regulators could view this as a security – and it was in this context that Wright mentioned his ‘running’ Bitcoin to the authorities.

On the other hand it doesn’t suit Wright for a large number of people know he is Nakamoto – as, unlike investors, lawyers and regulators – he would eventually bump into somebody who would challenge him on the claim and require some form of hard proof.

In terms of why the story of Wright being Nakamoto was made public I can offer a few theories. The first is that one too many people found out and one of them, potentially a disgruntled employee or investor, decided to leak as an act of revenge. The second theory is that Wright, knowing it was over for his companies and that authorities were closing in, concocted the leak himself as the first step towards a new life in London as Satoshi Nakamoto (Wright fled Australia and has not returned).

Wright’s investments in his ventures and the other related-party transactions involved the transfer of Bitcoin worth millions of dollars. I have been unable to locate a transaction on the blockchain – but there was a lot of price volatility at the time which requires a more exhaustive search of the blocks from the September quarter in 2013. But Wright should be able to point to this transaction, or any other transaction involving large sums of Bitcoin that he was involved in (we know that this $30 million transfer did not come from the known Satoshi coins).

The story of Wright as Nakamoto is intricately linked with the story of Wright as the founder of a number of startup ventures that failed and the resulting tax issues. We will never completely understand the motives here until the full scope of what happen at these companies is understood and the Australians have completed their investigation.

3. Personal Testimony of those who know Wright

The experience of those who have worked for or know Craig Wright. Sydney is a global city but in many ways it is a small town – I found out after the Wired report that I knew two people who had worked for Wright. Since the stories published today I have come to hear – either directly or second-hand – from a number of other people who either worked for or knew Wright. The conclusion is near-unanimous: Wright is not Satoshi Nakamoto, and is not capable of being Satoshi Nakamoto. One friend described how Wright is so convincing that even tho he knew he wasn’t capable of creating Bitcoin, he would at times even doubt himself. Another said that Wright has everybody convinced for at least a short period – but then it begins to unravel as his actions do not match his word. He came away from his experience convinced that Wright is a fraud. Yet another person who worked for Wright characterized him (via a third-party) as “the best conman i’ve ever met”

4. Simple technical errors in Wright’s blog post providing signing signature

4. The problems with Wright’s blog post offering proof today. The most important was found by JoukeH on reddit: is that the signature Wright offers as proof is from a much later Bitcoin transaction and is not a signature of the Satre text. The details are explained in this reddit post:

JoukeH discovered that the signature on Craig Wright’s blog post is not a signature of any “Sartre” message, but just the signature inside of Satoshi’s 2009 Bitcoin transaction. It absolutely doesn’t show that Wright is Satoshi, and it does very strongly imply that the purpose of the blog post was to deceive people.
So Craig Wright is once again shown to be a likely scammer. When will the media learn?

Take the signature being “verified” as proof in the blog post:
MEUCIQDBKn1Uly8m0UyzETObUSL4wYdBfd4ejvtoQfVcNCIK4AIgZmMsXNQWHvo6KDd2Tu6euEl13VTC3ihl6XUlhcU+fM4=

Convert to hex:
3045022100c12a7d54972f26d14cb311339b5122f8c187417dde1e8efb6841f55c34220ae0022066632c5cd4161efa3a2837764eee9eb84975dd54c2de2865e9752585c53e7cce

Find it in Satoshi's 2009 transaction:
https://blockchain.info/tx/828ef3b079f9c23829c56fe86e85b4a69d9e06e5b54ea597eef5fb3ffef509fe?format=hex

Further:

  • In the shell script provided by Wright in his blog post there was a simple error that would cause the script to not run. (via a throwaway account on reddit)
  • In his blog post, Wright quotes a single-line command that can be used to validate the signature:

    >> base64 –decode signature > sig.asn1 & openssl dgst -verify sn-pub.pem -signature sig.asn1 sn7-message.txt

    but it uses a single & rather than && to join the commands (via syadasti on reddit)

  • Wright “provides” his two shell scripts as screenshots of the files open in Notepad – which is an inconceivably bad way to provide it. He spends a lot of time in his blog post explaining the most mundane details but completely fails to provide the core of what was required of him: reproducible proof that he is in control of a private key that only the real Satoshi Nakaomoto would have. He seems to go out of his way to obfuscate the process, redirect attention and make it as complicated as possible.
  • In a blog post titled “Is Craig Wright?”, Adam Goucher highlites some of the technical errors Wright made in his blog post:

    his blog post is rather suspicious, as it contains various misconceptions that one would not expect from an expert in the field, let alone the originator of Bitcoin.

    [..]

    Several paragraphs into the post, he begins discussing technical details and making various errors

    It is worth reading – it covers a number of points.

5. Delay in coming out and contradictions in motive

The time gap between Wright being named and him coming out today. Why did it take Wright almost 6 months? Proving the ownership of addresses does not require so much time – it is a standard feature in many clients and certainly isn’t beyond what the creator of Bitcoin could do in a matter of minutes. Why did it have to be co-ordinated on an exclusive basis with three media organizations and two witnesses? Wright also claims to want to “keep his head down” and not seek the attention of the media. He told the BBC that he doesn’t want money and he doesn’t want fame – yet he said this during an elaborate and stage-managed exclusive media event organized by an agency on Wright’s behalf and involving months of negotiation.

6. Evidence cannot be independently verified not is there corroborating independent evidence

There is very little, if nothing, in open source intelligence that connects Wright with Nakamoto. Researching based on nothing but what is publicly known about Nakamoto and Wright would not lead any reasonable researcher to conclude that the two are linked, or even suspected of being linked. Many others have written about this extensively – from differences in style and writing through to Wright’s casual disregard for the correct spelling of words (this also rules me out as being Nakamoto).

In the blog posts from Jon and Gavin, they don’t provide any hard proof that can be verified by outside parties or reproduced. In a case where the claimant has been shown to have previously fabricated evidence, it is inconceivable that a session would be held for the purpose of finally verifying his identity and validating his claims and without one of the outcomes of that meeting being evidence that can be verified independently by outside parties.

Further, the evidence offered so far does not meet Gavin’s own previous statements on the evidence he would require from someone claiming to be Satoshi. He recently was recently quoted in Wired:

Gavin Andresen, one of the few people in the world who’s corresponded by email with Satoshi Nakamoto before the bitcoin founder ghosted from the internet in 2011, has his own list of criteria for Wright to prove himself, which he first shared with the Financial Times, and it’s long. He wants messages signed with both Nakamoto’s PGP key and keys from early bitcoin blocks, private messages he sent to Andresen alone, and an emailed correspondence with Wright to get a feel for whether he’s the same person Andresen communicated with in Bitcoin’s early days. “It’d take multiple lines of evidence to convince me,” Andresen wrote in an email to WIRED.

What Wright did offer, in a process that was stage managed, was very specific. The most revealing aspect is that nobody who took part on the signature verification was allowed to take the signature with them. The reasoning offered for this was the risk that the news would leak early – but surely the risk in that was already present by inviting these parties to the session and allowing them to witness the signing process?

This should have been a huge red flag to anybody participating in this validation session. There is no reasonable conclusion to draw from the fact that Wright kept the resultant signatures to himself other than he was hiding something. Far too much of the process was in Wright’s control.

7. Using Electrum

note this section is very speculative (edit: turns out possibly not so speculative)

It is also notable that the Electrum Bitcoin client was used to validate the messages signed by Wright. Electrum is a thin client that doesn’t retain it’s own complete copy of the blockchain, but rather sends queries to a server or set of servers and then processes the response. The advantage for bitcoiners, and the reason why Electrum has become popular, is that you don’t need to download an entire copy of the blockchain to use the application (currently at 55GB). The downside is that you’re shifting trust from your own local client to a server that you may not know much about.

A cursory glance at the source shows that SSL isn’t enforced in the communication between the client and the server, and if the client cannot connect to a server and protocol pair it’s failure mode is to keep trying the next set until it can connect.

This is worth investigating further – but it seems that, in theory, it would be possible to setup a fork of an Electrum server that responds to transaction public key, or signature validation queries with a fake key which would in turn produce an expected result. It would require a DNS hijack to point to the local fake Electrum server instance on a network controlled by Wright, and possibly blocking outbound connections to the SSL ports so that it fails and then falls back onto a cleartext connection.

Edit: A couple of people have pointed out that Electrum carries out signature verification on the client. Another pointed out that the way the story is told, the USB stick went to and from the new fresh computer that Electrum was installed on twice – which may suggest that the first time the signature was copied and the second the key. If both the source address, the text and the signature were provided then Electrum is doing nothing more than running as an alternative to OpenSSL or similar – it isn’t verifying the address/key against the blockchain, and it would depend on the participant to verify it. I don’t think we’ll have any answers here until what happen is clarified completely by those who were in the room. With the validation being done on the client, it could mean that despite being a capable of much more, Electrum was used for nothing more than carrying out the signature validation process on a fresh computer.

Edit II: Andresen told Wired that Electrum was downloaded and installed on a fresh laptop. A developer for Electrum checked their logs and came back to say he couldn’t find a single download from the UK IP range for the .asc files used to verify package downloads. There are many potential explanations as to why he didn’t see or find the download, but it is definitely an interesting data point to take into consideration.

This gap in the testing procedure could have been avoided if someone had bought along a copy of the blockchain, or if the signatures were validated on a machine or network not controlled by Wright. It demonstrates why the testing and validation procedure should have been designed by an outside party, and the conditions negotiated by the participants prior to their acceptance.

For now i’m leaning towards assuming that Wright spent the months between December and today figuring out how to pull off this trick. I believe the trick was designed around a very narrow case where he creates the signatures on his laptop and then verifies them either on his laptop or using an Electrum client communicating with a server he controls. Any requests outside of these bounds would likely have been met with a response similar to the previous “you can’t do that because we’re worried about it leaking”.

Entirely plausible – and again, not proof of Wright as Satoshi.

8. Craig Wright’s MtGox Account

MtGox suffered a number of breaches where user and trading data was leaked. On reddit users winlifeat and apoefjmqdsfls published Wright’s trading history on MtGox and it does not reflect the the trades of the founder of Bitcoin who holds 1.1M coins:

Craig was user ‘e62d5e53-0dbc-44be-9591-725cd55ca9dd’ at the Mtgox exchange. With this identifier, it’s possible to look up his trades in the 2014 leak. I posted the raw data in this pastebin, you can import it into spreadsheet software like Excel to play with it yourself.
He started trading at 22/04/2013, this is just after the crash of the April 2013 bubble (or the ‘Cyprus bubble’). He lost interest pretty quickly, because activity stopped 27/04, only to come back 25/11 around the peak of the last bitcoin bubble. His average price is actually $120 and he bought around 50 bitcoins, but his last buy was 17 bitcoins at around $1200. He ends up with a balance of just under 15 bitcoins when mtgox shuts down, so he probably lost another few bitcoins with trading. (The trade data in the leak stops at November 2013)

His user details were posted in “Craig Wright lost 14 Bitcoin at MtGox” and the full trading history has been posted here.

The highlights are that Wright not only lost coins on MtGox, but was purchasing Bitcoin at the very peak of the MtGox bubble ($1200 USD).

9. Wright planning his own payments system 2011

From user avirunes on reddit, an archived copy of his blog from 2011 shows that Wright was planning his own online payments system backed by gold, making no reference to e-gold or Bitcoin:

A gold standard stops the havoc that governments have been setting on the global economy whilst also fixing inflation to natural means and not arbitrary measures created by politicians with rent seeking in mind.

A payment measure in the form of PayPal that offers a currency exchange mechanism and a gold based currency is a solution.

It isn’t plausible that somebody who had invented Bitocin 4 years earlier would propose a centralized payment application similar to PayPal but backed by gold.

3. Conclusion

Wright has a history of fabricating evidence in support of his claim that he is Satoshi Nakamoto. Despite his claims of not wanting the notoriety or the attention, he is going to a lot of trouble to construct a reality of himself as Satoshi Nakamoto. In the almost 6 months since the first Wired and Gizmodo stories were published he has had ample opportunity to prove conclusively that he is Satoshi, and the protocol and requirements for doing so are well understood and not onerous. They do not require a 10 page blog post with notepad screenshots of shell scripts explaining Linux commands, file formats or OpenSSL. They also do not involve tightly controlled demonstrations in an environment completely under his control. The real creator of Bitcoin would know this.

The burden of proof for anybody claiming to be Nakamoto should be high. In the case of Wright, because of his previous fabrications, that burden is greater. His claims have to be treated with a great amount of skepticism, and his actions treated not as those of a sincere person, but rather as those of a person with a history and reputation for deception. Wright has yet to meet this burden, and until he does, Craig Wright is not Satoshi Nakamoto.

Thanks to @securedmh and @octal for suggestions and running through parts of this with me, along with a number of people on Twitter both in public and in DM’s who helped out with suggestions, ideas and pure crazy speculation, and also the large community of Bitcoiners on reddit, bitcointalk and other places who tore this story apart and provided a lot of useful pointers.

Revision History

31 Comments

  1. This is good. I had to deal with a scammer who once stole my identity in order to make a video game company. It’s hard to deal with people who are persistent in erasing your existence.

  2. Another minor problem: in his revelatory blog post he completely fails to do basic math. He miscounts the number of strings up to a given number of bits (and completely misuses the mathematical jargon), while the real satoshi successfully executed standard statistics arguments in his white paper.

  3. How about the simple observation that if he were Satoshi he wouldn’t be writing a blog post about how he’s Satoshi?

    I have dealt with Craig numerous times over the years, and he seems to be an ok guy, and he’s clearly quite talented. But one thing he is not is quiet, or humble, or averse to the limelight.

    In fact he is, and seems to have always been, someone who repeatedly draws attention to himself. In this sense, he seems to be near opposite of what we know of Satoshi.

    Add the technical evidence to this and the claim seems clearly false.

  4. Let’s assume he orchestrated this. Where is the real Satoshi? Why not just send an email saying “not him guys”?
    Wright may be many things but stupid is not one of the qualities that is printed all over his face. Why risk being discredited in the most profound way?
    He is probably part of the team that created Bitocoin.
    Does he defy the stereotype? You bet.
    Most would expect a Bill Gates type of guy with dorky glasses, having “power to the people” printed all over his face. Instead he is James Bond looking guy, who has been secretly building super computers, obviously for profiting as much as he can.
    I understand the disappointment. It is a hard pill to swallow, but logic says he is who he says he is, OR Satoshi is DEAD and he knows he cannot be discredited.

    • Unless there are legal repercussions for fraudulently claiming to be Satoshi Nakamoto, he wins by forever adding his name to the growing “list of suspects” on Satoshi Nakamoto’s Wikipedia page. I suspect this is Craig Wright’s motive; he wants to have the notoriety that comes with being accused of being Satoshi Nakamoto. This is the only reputation he cares about. It looks like he has succeeded… congratulations “Dr.” Craig Steven Wright…

    • It may be important to think outside of what we expect other humans to do, or what we think is “normal” behavior when it comes to Satoshi. He obviously could care less if someone took credit, but is intelligent enough to know that without doing something as simple as making a transaction with the key, everyone knows Craig’s not Satoshi. So, no need to speak up.
      “Logic” is such a broad word. Thinking is bloody hard, isn’t it?

      • Real Satoshi was probably hoping this sap would be believed! It would have been the perfect security to insure his anonymity….If he spoke up for Dorian Nakamoto, he did so because he has a high sense of moral obligation to protect the innocent.

    • are you aware of his colleaguee, whom he claimes worked with him on bitcoin, and who is now dead? That was probably the real Satoshi.

    • Why not send that email? Because if you don’t want to be identified, then this is great. He has a patsy and a willing one at that.

      “Wright may be many things but stupid is not one ” REALLY? You miss all the basic errors he’s made? Seems like a basic bitch to me.

      “‘Instead he is James Bond looking guy” huh? He’s no… no and he hasn’t built anything! He’s just a tax cheat.

      Your ‘logic’ is fallacious.

      He didn’t spent 4,5 months figuring out how to do this. That’s less than a weeks work. He was monitoring the story. Was there a followup? Other journalist involved? The internet’s reaction and to see if the real guy popped up. Like a punk, which pretty much all fraudsters are, he came forth now thinking the coast was clear.

      This falls apart when he gets extradited and has to pay several millions in fines and doesn’t. That big chunk of coins… that’s the key. If I were the guy, I’d have donated a 1000 coins from the big stash to Greenpeace this week because of their TPP work. That would be the proof. Easy peasy. Everyone can see it and understand it. Greenpeace address right on their website. A 1000 to Wikileaks while am at it and another one. So 3 public long standing addresses all receiving the amount I say from the block that’s watched by everyone. Done.

  5. Thank you. I can tell you that changing electrum source code to validate only messages that end with “CSW” is trivially simple go to this line:

    https://github.com/spesmilo/electrum/blob/5ae2f30fa52ebcec3773958fee45b462dd12c04e/lib/bitcoin.py#L407

    Change the function to do this instead of try/except:

    return message[-3:] == “CSW”

    It’s really that simple. I imagine he chose electrum because the sig verification function is so easy to locate. Bitcoin core wallet or Armory require a lot more digging through the source code to figure out.

    Also, an electrum developer has indicated that there were no downloads of the .asc file in the UK IP range:

    https://www.reddit.com/r/Bitcoin/comments/4hhecv/gavin_explains_how_craig_wright_convinced_him/d2q16yv

  6. “Wright “provides” his two shell scripts as screenshots of the files open in Notepad – which is an inconceivably bad way to provide it. He spends a lot of time in his blog post explaining the most mundane details but completely fails to provide the core of what was required of him”

    I got the same impression from his course lectures.

  7. I think if he is Satoshi, people will always be in denial, since Craig Wright cannot meet the mythical figure created by the culture around it.
    It’s fun here on the sidelines watching the drama of basically two camps fighting over this. I hope Bitcoin succeeds in spite of all of this, but I already see the banks building financial vehicles to utilize and control the blockchain concept, which the public will choose over the more open, libertarian Bitcoin of today.
    It would be funny if Mr. Wright is is deemed a fraud, and immediately 1 million Bitcoin is withdrawn from Satoshi’s account. The Australian/UK government will not be able to collect taxes from him ;)

  8. Forget about “signing a message”. The real Nakamoto should be able to move a randomly selected amount of bitcoin from an address supposedly owned by Nakamoto to an address of someone’s choosing. It doesn’t even need to be a huge $sum of bitcoin. You have 8 fractional digits to work with! Seems like this whole “message signing” fiasco is nothing but smoke and mirrors. David Copperfield could probably do it while “walking through the Great Wall”. Pffft.

  9. The body language, phrasing, and conspicuous pauses during his interview suggested fabrication to me. And the content of his message, that of seeking privacy and anonymity, was wholly inconsistent with his staging and delivery of the news.

    I, for one, believe the real mastermind is still unknown. Perhaps, forever…

  10. the tax refund motive is _very_ plausible ( and I guess this will bite the guy even moreso in the future )
    however, one thing which stands out for me is his certainty he _can_ pose as impostor for Nakamoto – without any fear of disclosure from Nakamoto himself.
    WTF ?
    My hypothesis is Wright (and the group he is involved with) knows something more about Nakamoto’s whereabouts and he is entirely sure that any such disclosure by Nakamoto cannot be made. Why? Let’s leave that as an exercise for the reader.]

    • Ok, Wright found out about the real Nakamoto. He murdered him to steal the bitcoins but could not find them. Now he is the only one knowing that Nakamoto cannot set thigs right when he makes false claims.
      The Nakamoto thing is definitely the best real life detective story I have ever read.

      • You are partly wrong. I am the inventor of Bitcoin and Blockchain technology. I am not dead. He thought Dave was the inventor of Bitcoin. Dave is dead, Not Satoshi Nakamoto. Satoshi Nakamoto is my Robotic Psedunym. I will unmask my self when my real life Bitcoin Drama stage is ready with a Japanese Sumo Fight. Until then wait and enjoy the Bitcoin Drama.

        Satoshi Nakamoto

  11. It is really very difficult to tell how he fooled Gavin Andresen. I would have hope that Gavin would have being prepared to prove Wright Craig wrong but what I see is Gavin when to the meeting to prove Wright right.

  12. All your dismissals of evidence are assertions and ad hominem. Can you explain why people like Andresen with great knowledge of the bitcoin protocol and cryptography disagree with you, given that they are known experts and you are an unknown blogger?

  13. Hello,

    Good wishes from me, Satoshi Nakamoto. My Bitcoin Drama plan is getting hotter and hotter. You are a good analytic. Your writing is very good. I think, I should commision you to write the true History of Bitcoin.

    Contact me.
    Best Regards,

    Satoshi Nakamoto

    Inventor of Bitcoin and Blockchain

  14. If Craig Wright is the real Satoshi, maybe, he never wanted to be revealed as Satoshi, eg. for personal reasons or for avoiding extortion. As a backup plan, if he for some unforseen reason got exposed, he could use this as a backup plan: Pretend to be a lousy con man. Then, maybe, people will leave him alone.

  15. Great post. Another thing I checked was his claim his lawyer made to the ATO concerning the value of IP from W&K(see https://assets.documentcloud.org/documents/2644013/20140226-Meeting-Minutes-Redacted.txt) Wright’s lawyer states in this meeting with the ATO, ‘The Supreme Court of NSW determined the value of the software obtained from W&K. You should already have copies of the two Supreme Court of NSW judgments.’ The ATO auditor asks ‘ When was the Supreme Court judgments made? On the invoices you provided us, they appear to be dated sometime in mid-to-late 2013?’ Response, ‘The W&K transactions were dated 1 September 2013. The judgments came through in November/ December 2013. There is a time difference of a few months here as Craig Wright had to demonstrate the value of the claims to the Court. He was dealing with this matter from 1September 2013.’
    I thought it was strange that an ATO auditor hadn’t independently verified the judgment. Then I thought maybe he had and found nothing. I checked
    https://www.caselaw.nsw.gov.au/ to see if I could find the judgment. I can’t under his name or any of his companies. He is in there for a different case. He is also found in contempt of a court order related to that case–that episode demonstrates the extremes he’ll go to deceive. At any rate, either he received some kind of private judgment, or there was never a NSW Supreme Court Judgment concerning the IP value. If the latter is the case, the value is fabricated and the Judgment documents are forged. Another part of the larger tax scam perhaps?

    • Great comment. I’ve read 6-7 of the judgements related to his cases but haven’t found this one – i’ll have another look around

      You can also search at http://www.austlii.edu.au/

      Google is usually better at finding the cases than their own search engines

  16. In Aussie parlance he’s a ‘wanker’. Something about him caused me to think that from the get-go. Even the raid on his house could have been some kind of credibility raising tactic.

Comments are closed.

Webmentions

  • Bitcoin, I am Your Father | TTT 242 | Jupiter Broadcasting May 7, 2016

    […] Craig Wright is not Satoshi Nakamoto […]

  • Start up: Facebook v journalists, give me your email!, iPhone dips ahead, whose fault is Theranos?, and more | The Overspill: when there's more that I want to say May 7, 2016

    […] Craig Wright is not Satoshi Nakamoto » New Web Order […]

  • Craig Wright Promises ‘Extraordinary Proof’ Of Bitcoin Credentials, But Big Questions Remain – Online used laptops guide May 7, 2016

    […] internet security blogger Nik Cubrilovic has looked into Wright’s various companies in […]

  • Doubts emerge that computer scientist Craig Wright is Bitcoin creator Satoshi Nakamoto | GamingSoFun May 7, 2016

    […] News have cast substantial doubt on Wright’s claim. And then Bitcoin developer Nic Cubrilovic published a detailed exploration of the evidence and […]

  • Evidence Against Craig Wright Being Bitcoin Creator | LandSurvival.com May 7, 2016

    […] consultant Nik Cubrilovic summarizes the evidence for and against Australian entrepreneur Craig Wright’s claim to be Sat…, the legendary creator of Bitcoin. Cubrilovic comes down hard on […]

  • Doubts emerge that computer scientist Craig Wright is Bitcoin creator Satoshi Nakamoto May 7, 2016

    […] News have cast substantial doubt on Wright’s claim. And then Bitcoin developer Nic Cubrilovic published a detailed exploration of the evidence and […]

  • Craig Wright is not Satoshi Nakamoto – New Web Order - John D's Tech Site May 7, 2016

    […] Source: Craig Wright is not Satoshi Nakamoto – New Web Order […]

  • How Craig Wright could prove he’s really Bitcoin’s creator | Fusion May 7, 2016

    […] the most compelling evidence that Wright is Nakamoto but skeptics are understandably annoyed that this demo was conducted privately. The whole driving principle of […]