The signature in Wright's post is just pulled straight from a transaction on the blockchain. Convert the base64 signature from his post (MEUCIQDBKn1Uly8m0UyzETObUSL4wYdBfd4ejvtoQfVcNCIK4AIgZmMsXNQWHvo6KDd2Tu6euEl13VTC3ihl6XUlhcU+fM4=) to hex (3045022100c12a7d54972f26d14cb311339b5122f8c187417dde1e8efb6841f55c34220ae0022066632c5cd4161efa3a2837764eee9eb84975dd54c2de2865e9752585c53e7cce), and you get the signature found in this transaction input: https://blockchain.info/tx/828ef3b079f9c23829c56fe86e85b4a69...
Note that the base64 string at the top of his post isn't a signature, just a cleartext message: " Wright, it is not the same as if I sign Craig Wright, Satoshi.\n\n".
Now the only question is how he fooled Gavin. I would imagine this story will still get spread around some naive channels for a while, just like the last time Wright tried something like this.
Credit goes to jouke in #bitcoin for figuring it out.
EDIT: Current opinion: still skeptical. Here is the public cryptographic "proof": http://www.drcraigwright.net/jean-paul-sartre-signing-signif...
Something still seems off to me, why does he go into such specific detail in verifying the signature? I would have assumed he would just let people figure out the verification themselves. But maybe I'm just skeptical because Satoshi having a public identity takes some of the magic away.
As pointed out by maaku, he never revealed what message the signature is supposed to be signing.
My Original Post:
Everyone in this thread is already taking this as the truth. But remember that Wright has not publicly released any cryptographic proof, there is only a claim from BBC that he showed the signature to them and a few magazines.
This strikes me as a little strange since originally Satoshi pretty much only interacted with the community via the bitcoin mailing list. Why did he "reveal" the proof by sending it to some magazines rather than emailing the mailing list?
It really seems like the person who created Bitcoin, a trustless system based on cryptographic proof, wouldn't make everyone take his word on his identity when it could be trivially solved with one email.
Still looking at the page you posted in the edit, but not yet convinced.
edit: Sarah Jeong of Motherboard summed up the objections last time: https://motherboard.vice.com/read/satoshis-pgp-keys-are-prob...
Wright goes into a long post explaining public key crypto - to me it looks intended to bedazzle more than inform - but as far as I can see he does not produce a signature from any of the genuine keys associated with Satoshi.
He needs to sign a message provided to him right now - or otherwise show ownership of coins in early blocks by moving them around.
Edit: He apparently haven't even provided a valid message/sig, so the whole thing stinks.
Um, what? Signing a new message is a minuscule jump through a very large hoop, not something difficult or cumbersome or time consuming.
This fact alone is indefensible, smells of fake and should be enough to dismiss the claim.
Just sign a message attesting that YOUR NAME is satoshi. No more work. Done once.
EDIT: Or maybe the latest bitcoin block.
Really? That just looks like a much too long (targeted to journalists) description of ECDSA signing. Where's the _actual_ signature?
It's just a base64 encoded string.
" Wright, it is not the same as if I sign Craig Wright, Satoshi.\n\n"
Edit: No it's not.
but since getting a single piece of whitespace wrong would throw the hash off completely, that isn't terribly useful. Though it seems that it should be possible to brute force every reasonable permutation of formatting for the article and find one whose hash matches the one he provided, if it's the real source. The search space of "documents within a string edit distance of N" is probably not too large.
A little off-topic, but suppressing right-clicks (and trying to suppress Ctrl/Alt/Shift?) is a really obnoxious thing for a website to do.
status="Sorry, not sharing images!";
var evtobj=window.event? event : e
if (evtobj.altKey || evtobj.ctrlKey || evtobj.shiftKey)
alert("The key is not available.");
As for your aside, not to mention it is completely and utterly futile. Hurts the normal user experience and accomplishes nothing for anyone who wants to steal the images.
Imagine your Satoshi and you need cash for some reason. Reveal your identity and immediately get a bunch of offers for book deals and speaking engagements. You run into career problems, reveal who you are and you can probably snag a position as a Google fellow.
More concerned about your legacy or some crypto-anarachist vision? Revealing yourself could help you influence both the public policy debate on encryption and bitcoin's future (speaking engagements offer more influence than some signed messages on a mailing list).
Finally, what about credit for your contribution. Being known to your friends and family.
Sure, he may still want to remain anonymous but to suggest there isn't the temptation to go public is silly
The question is: why creating this hoax in the first place? If anything, the price of bitcoin has been negatively impacted by this.
What would it be one's motivation behind this?
Perhaps the oldest con ever. Hence the detailed previous story from him of placing all of Satoshi's stash in a trust.
Who says something like this?
It's a non-topic really, compensation for winning an award, it's bizarre he plays it up like this.
The sentence doesn't make sense and he sounds like David Brent from "The Office".
If there is an official narrative establishing a fake satoshi, the real satoshi would be over-joyed because this would basically ensure any further inquiry into his identity would be in the realm of conspiracy theory... leaving media unwilling to touch it.
Deliberately impacting the price of a good negatively is a great way to get it cheap and then sell it for more later.
Unless he is extremely stupid, he would never risk claiming to be the most wanted man in the world, if he was not sure that no one could discredit him.
We don't need more signature here guys. We just need to decide who will play him in the upcoming Hollywood movie, cause he defies the stereotype of nerdy looking geek :-)
...On the other hand, the screenshots are from Windows. Windows! Are we really to believe Satoshi uses Windows?
Yes. This is the one part of the whole story that doesn't smell. The first version of Bitcoin was windows-only.
I imagine the signature must also be somehow related to his private/public key pair otherwise his blog is just junk cryptography and would have been easily debunked anyway?
Granted, the likelihood that he inadvertently collided with a public transaction is astronomically small.