Supposedly, Chris Wright did his ridiculous laptop dance with Gavin Andresen because he didn't want Gavin to leak the signature early.
What a load of crap. These are supposedly real cryptographers we're talking about here. If you ask a cryptographer (including, presumably, Satoshi) how they would prove their identity to someone else such that the other person couldn't leak the proof, the answer doesn't involve airplanes and fishy laptops running dubiously authentic Windows programs. The answer is deniable authentication.
In the bitcoin case, it's trivial. Satoshi's public key is g^p for some p that only Satoshi knows (using multiplicative notation) on a well-known and hopefully secure elliptic curve. You can use this key for ECDSA, but you can also use it for, drumroll please, Diffie-Hellman. Gavin picks a random scalar b and tells Craig Wright g^b. Chris replies with (g^b)^p . Gavin checks that the result is the same as (g^p)^b.
This is deniable: Gavin can trivially make up the transcript of the protocol, so Gavin can't use it to prematurely convince anyone of anything. No airplanes needed.
There are plenty of other ways to do this. Pretty much any zero-knowledge proof of knowledge would work.
 In practice, this should be blinded to avoid cross-protocol attacks and relay attacks. Craig could send something like H("Hi Gavin, I am Craig Wright, aka Satoshi Nakamoto" || (g^b)^p). A real cryptographer could double-check me here.
"About six months ago, before he was publicly outed in the technology press, he approached Andrew O’Hagan, a Scottish novelist who wrote an “unauthorised autobiography” of Julian Assange, the founder of the whistle-blower site WikiLeaks. Since then the author, whose most recent novel, “The Illuminations”, was longlisted for the 2015 Man Booker Prize, has had complete access to Mr Wright and his family, as well as to his research and business colleagues. Mr O’Hagan is writing a long article for the London Review of Books(2) on Mr Wright and “his journey towards revealing his work.” (Mr O’Hagan, too, has come to be convinced that Mr Wright is Mr Nakamoto.)" (1)
2) http://www.lrb.co.uk/2016/05/01/andrew-ohagan/the-search-for... "Online exclusive · 1 May 2016: The full, long-form account will be published here later this month." "In a world exclusive for the London Review of Books, Andrew O’Hagan spent many months with Craig Wright, the man responsible for what Bill Gates has called ‘the technical tour de force of this generation’."
I can't wait reading O’Hagan's story. He should publish it even if he understands that he'll thus show how credulous he was.
Like the belief that there "must be something more" than a clever trickster doing what's reasonable for him to do. For thousands years, always a good start of the new religions.
I have no idea what Wright's end game is, as you are obviously correct: his assertions make no sense. However, if somehow he believed there was value in convincing non-technical members of the public he was Satoshi, I think that is quite possible. I find this truth to be self-evident:
A quick witted conman or charismatic person can certainly convince an untrained group that he is X, much easier than even a charismatic person could convince a group how to understand and employ a non-trivial group of mathematical equations.
We see this every day. It is totally possible, likely even, that if I can't understand your math- even if it is correct, and even if it is corroborated by others who understand it, I am weighing(or the general idea of "I" as the population) which person is correct based on a standard that is subjective. Possibly:
* He said he was Satoshi
* He had a crypto key I read about in wired.
* Gavin Andreessen appeared to corroborate and I googled him and he is important.
So, you are totally correct. I agree with you as even if I don't understand your math, I am sure there is a mathematical way to prove he was Satoshi by using a different set of keys, a signature or other mathematical proof. Unfortunately, he will likely be able to exploit Satoshi's name.
Which, given my limited understanding of bitcoin, is what makes the blockchain exponentially incorruptable. An attacker must convince all, not just X that she is Satoshi. Even if she manages this once, on the second iteration it becomes nearly impossible unless she has some capabilities outside the set of known possibilities.
So, he convinced people the first time around, just like Leah McGrath Goodman (about two years ago?) but the remainder of the compute nodes raised an inchoate response which invalidates those in agreement.
Eventually the consensus that he is an impostor propagates through the system. Eventually after the "buzz of the story" has died down the insight of experts (such as here) will be sought.
His attack "could" work if the experts were not consulted in this way, which I think is only possible in a pervasive 1984 scenario, but even still would bitcoin even be relevant in such a world?
It's hard to believe a cryptographer could think such an attack could work so I can only imagine, given he is an academic he has some sort of surreptitious goal in mind, such as to demonstrate to students the difficulties in attacking this system?
I don't see how you make any connection between how blockchain operations work and "convincing somebody who is Satoshi."
"Convincing" even "everybody" wouldn't get Wright the chance to use the bitcoins of real Satoshi, Wright'd still need a real key. Which wasn't used since the original times, certainly not by Wright.
If Gavin had leaked the signature, that would probably have spawned more speculation that Gavin is Satoshi rather than that CW is.
And presumably the reason to control the signature release is to make a big public bang. Kept secret it is useless. The only reason for that would be to make a public fool out of Gavin. Not very nice any way you look at it.
Which is a big part of what stinks. Gavin of all people should have relied on real crypto, not ridiculous demos. Color me very unimpressed.
A much bigger issue in my mind is that, if Wright doesn't hash the final derived key properly, then Gavin can steal money from Wright/Satoshi -- Gavin would never have proved that he generated the challenge the way he said he did, and Gavin could use Wright as an exponentiation oracle.
Also, I suspect that my protocol can be abused by Gavin to defeat the deniability property if he properly manipulates his challenge. I'm not sure and haven't looked carefully, though.
Much better ZK protocols exist.
To clarify how this works: Bob generates a random b, then calculates (g^p)^b, and claims it was sent to Bob by Alice.
If Craig Wright came to me and said he was Satoshi Nakamoto, I'd say, "Sign it with the genesis block's private key or GTFO." This is crypto, bitcoin is built on incontrovertible, mathematical proof. Why the hell would Satoshi do anything else?
If it ever comes to light that Craig Wright is trying to use this lie for some monetary advantage, he should be arrested for fraud, which is what this is.
Edit: alain makes a good point. It's not the 'motives' I want to know. I want the whole story.
What's surprising though is the lack of judgment from BBC and other major news media. That same person made the same bogus claim 6 months ago. How does that not trigger major red flags? The only story worth writing about here is how he pulled off such a trick.
This is like God's existence. There is a simple way for God to tell us He exists, and which religion is right. But He never does. Instead, we must rely on testimony from various people, contradicting each other, and none of it is reproducible. Sure, you can believe... </controversial statement>
Probably got more clicks / views that any other story today, so good business move to print the story, even if it's totally false.
I can't understand Gavin's angle though. It's amazing that he agrees that Wright is Satoshi. I would like to know his motivations in this whole thing.
> There is a simple way for God to tell us He exists, and which religion is right. But He never does.
Many religions would argue that this is a false statement :-)
From the Christian view, the existence of God is self-evident in Creation. And when it comes down to it, I think it takes more faith to believe that life exists because of random chance than because of a creator.
But God does not fit into a scientific proof framework whereby you can prove or disprove the existence of God, which is why it boils down to having faith.
On the other hand, there is a way for Satoshi to prove his/her/their existence.
If you have two alternatives you're considering, and both require faith for you, then you don't know which is right. So instead of arbitrarily choosing to have faith in one based on ignorance, it would be much more respectable to admit you don't know and either investigate, or just be satisfied with not knowing. Pretending you know something when you don't is just arrogance, and "faith" is not an excuse.
> But God does not fit into a scientific proof framework whereby you can prove or disprove the existence of God, which is why it boils down to having faith.
The "God is too hipster for the rules that apply to everything else" argument.
Let's pretend that god exists and the bible is true. Under that assumption god wants humans to have faith and _choose_ to follow him/her/it, colloquially "if you love someone set them free". If god presents irrefutible evidence to his/her/its existence there would be no room left for choice/faith.
Regardless of your view on the rationality of that, it is part of the true/false teachings of that particular denomination, and within those set parameters I think the logic checks out.
Irrefutable evidence would remove faith (which is not the same as choice). But faith is just pretending you know something instead of admitting you don't know. So again, a god that wants you to pretend to know things you don't is not a being I care to follow.
At best, you've provided a picture of why an insane being might hide its existence, but that doesn't prove whether that being exists or doesn't exist.
But if one takes more faith than the other, which do you choose?
Think of packing your own parachute for a sky dive vs accepting one that was packed for you. Still requires faith in the equipment to function when you go to open the chute, but it's not an arbitrary choice of which to trust.
> The "God is too hipster for the rules that apply to everything else" argument.
If God created the universe, then he exists outside of it. So the "rules that apply to everything else" probably do not apply to God.
I don't believe things based on faith, I believe things based on evidence. If there isn't evidence, I admit I don't know. Faith does not enter the equation.
> If God created the universe, then he exists outside of it. So the "rules that apply to everything else" probably do not apply to God.
And if god didn't create the universe then the rules of logic still apply to god. You've not proven that god created the universe, so you can't base arguments off that.
By that standard, literally anything is self-evident in creation. How can you trust the judgement of anyone who buys that?
It seems like you're being earnest here, so I'll respond earnestly and follow you totally off topic.
Correct me if I'm wrong, but I think you're implying the following argument: if you uniformly randomly sample configurations of molecules, the probability of getting a living organism is so low as to be effectively zero. The problem with argument: life didn't emerge whole cloth from uniform random sampling. Rather, there was a bootstrapping process.
The first step, which has been demonstrated in the lab, involves molecules randomly bumping into each other that happen to promote each other's production, e.g., auto-catalytic sets. These are simple proto-replicators: certainly not quite life, and certainly nothing like the complexity of a living cell. But they have the basic feature that they promote the creation of more copies of themselves. And once you have that feature—which we have seen can emerge from random collisions—you can get random, incremental improvements. For example, an auto-catalytic set of three molecules might run into a fourth that is mutually catalytic with the original three.
And this incrementalism is the key to building up what we know as a living cell. Life can emerge slowly, bit by bit, starting from a proto-replicator, using occasional low-probability, but not impossibly low-probability, steps.
Which is not to say that it's not still a big mystery as to where the universe with these convenient laws of physics came from (1). :) But once you have physics, life doesn't require as much faith as you're asserting.
(1) but check out "More is Different" for one extra step in the chain of explanation (Anderson 1972): http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.372...
It could well be that the answer to #1 is that HN is one of the best places to argue religion on the internet -- but also that arguing religion is one of the worst things you could do on HN. [EDITED: or, more specifically, in this HN discussion that nominally has nothing to do with religion.] In fact, I think it's likely that both of those are true, and the first may actually be because of the second.
... Because if HN starts being a common venue for religious arguments, it will tend to collect the sort of people who want to get into religious arguments, and regrettably those are often not actually good people for having religious arguments with. The same goes for politics, race, gender, and the like.
HN is mostly civilized and intelligent because as a community it makes some effort to avoid temptingly polarizing discussion topics, and the least civilized and intelligent discussions on HN tend to be on those temptingly polarizing topics.
-- Sashoti Namakoto
Ever watched an episode of the show COPS where someone is wanted on a bunch of warrants and is going to jail for sure and goes on a high speed chase because hey why not right?
Maybe this guy is destined for the same thanks to his tax frauds, and is on a PR joyride.
I mean what's the downside?
> However, on this occasion there is the added caveat that two well-known Bitcoin developers, Jon Matonis and Gavin Andresen, purport that Wright is indeed right
> The little-blockians want the block sizes of Bitcoin to remain small, and thus for it to be a pure decentralised currency that can be used by anyone with a computer. This would maintain it as a peer-to-peer currency, but would limit its growth.
> By comparison, the big-blockians believe Bitcoin should grow into a universal currency, expanding the block size to accommodate absolutely every transaction. The downside is that this is beyond the computational limits of domestic machines, thereby meaning that Bitcoin could only be regulated by banks, governments, and other large organisations: thereby moving it away from a libertarian idyll into something more akin to a regular currency.
> Matonis, Andresen and Wright are all big-blockians. Having the esteemed creator Satoshi on their side would help their argument, and it is entirely plausible that there are several large organisations who would benefit from having more control over the regulation of Bitcoin.
Condition A: Wright is Satoshi and Satoshi wants to be found. In this condition, Wright's actions make no sense. Why publish an obviously fake proof? I suppose if Wright/Satoshi lost the original private keys this would make some sense, but is really unlikely.
Condition B: Wright is Satoshi and Satoshi does not want to be found. Here things actually make perfect sense. Wright/Satoshi is trying to discredit himself by publishing fake proofs. This is a sort of hiding in the open thing that might work.
Condition C: Wright is not Satoshi but knows who the real Satoshi is, and Satoshi wants to be found. In this condition, Wright is trying to prevent Satoshi from being found for some reason, and he is doing this by trying to muddle the waters and throw doubt. If the real Satoshi shows up and provides a proof, non-technical people can now say "well Wright provided proof, but that turned out to be fake. Do we trust that this is real?".
Condition D: Wright is not Satoshi but knows who the real Satoshi is, and Satoshi does not want to be found. In this case Wright is trying to somehow capitalize on being considered the real Satoshi, or is trying to protect Satoshi from being found.
Condition E: Wright is not Satoshi and does not know who the real Satoshi is, and Satoshi wants to be found. In this case Wright is trying to somehow capitalize on being considered the real Satoshi, or is trying to muddle the waters for the real Satoshi.
Condition F: Wright is not Satoshi and does not know who the real Satoshi is, and Satoshi does not want to be found. In this case Wright is trying to somehow capitalize on being considered the real Satoshi.
"What?" both Barris and Luckman said together.
"Shit, I'm spaced," Arctor said, grinning. "'Pose as a nark' - wow." He shook his head, grimacing now.
Staring at him, Luckman said, "POSE AS A NARK? POSE AS A NARK?"
Which was also "good enough" to appear "technical" and "valid" initially to some.
So it's really time for the quote of one famous thinker:
"I know it's in Texas, probably in Tennessee that says, 'Fool me once, shame on ... shame on you. Fool me... You can't get fooled again!'"
The shortest summary of the current Wright's hoax is by Kaminsky:
"Yes, this is a scam. Not maybe. Not possibly.
Wright is pretending he has Satoshi’s signature on Sartre’s writing. That would mean he has the private key, and is likely to be Satoshi. What he actually has is Satoshi’s signature on parts of the public Blockchain, which of course means he doesn’t need the private key and he doesn’t need to be Satoshi. He just needs to make you think Satoshi signed something else besides the Blockchain — like Sartre. He doesn’t publish Sartre. He publishes 14% of one document. He then shows you a hash that’s supposed to summarize the entire document. This is a lie. It’s a hash extracted from the Blockchain itself. Ryan Castellucci (my engineer at White Ops and master of Bitcoin Fu) put an extractor here. Of course the Blockchain is totally public and of course has signatures from Satoshi, so Wright being able to lift a signature from here isn’t surprising at all.
He probably would have gotten away with it if the signature itself wasn’t googlable by Redditors.
I think Gavin et al are victims of another scam, and Wright’s done classic misdirection by generating different scams for different audiences."
One intuitive moment I had in first story I read was how one person asked his wife about it. If she knew he was Satoshi, she'd likely have a neutral, cautious, or irritated dismissal of the claim. Instead, I think it said something along the lines of her smirking and walking off. More like a wife reacting, as usual, to a husband's bullshit she's seen 100 times that isn't worth further consideration and the fact the person asking hasn't figured that out yet. Maybe my mental bias but her reaction stuck out a bit to me on top of more solid evidence.
But I am betting that it's an Australian ;)
The nice thing about the blockchain is that it's necessarily public, and therefore everything on it is Googleable (various block explorers are crawled and indexed).
You're suggesting that geniuses are always upstanding, straight-forward, super honest people, and that anyone who isn't super honest can't be a genius.
So what if he's sly, padded his resume, and has tax trouble. So what. He might still be a genius and might be Satoshi. We need more direct proof, but I'm not drawing conclusions from personal defects.
Or severely punished. :)
At the end I knew a lot about a narrow slice of security. I did not feel like an expert although I do feel like I got the job done (which in this field is very hard to say with a straight face).
I haven't touched that kind of code in 5 years and I'm not confident how much of it I could regurgitate under duress. But I'd like to think I'd know how to produce a signed document that's verifiable. If the key were stored someplace exotic (I don't recall how Bitcoin stores it's keys) that might be harder.
I would not be surprised if the real Slim Shady had trouble with it too, but it would cause me to wonder about exploits in the code.
I would argue it represents a key development in the history of computing & networks, and possibly a new subdomain of Computer Science, with its main influences and precursors dating back no earlier than the mid-90s (very new in the CS research sense). Open to other people's thoughts.
> I would argue it represents a key development in the history of computing & networks, and possibly a new subdomain of Computer Science
Those two statements are in conflict. Anyone who's changed the history of computing and created a new subdomain of computer science by doing something no other modern cryptographer thought to do is a fucking genius.
From my understanding (though no deeper than what's in the Bitcoin whitepaper), the central new idea (and it is indeed a significant contribution to CS in general) is laying out of how to build a distributed timestamp server, and then distributed ledger from only untrusted peers by using existing technologies circa 2009 such as p2p, hashing data blocks, priv/public key for verify/sign, etc.
For instance, people in auditing and anti-subversion fields promoted schemes that allowed multiple, untrusted parties to accept a result by one party doing something whose logs were checked by others, partly (esp randomly) or totally. The scheme required nothing but a database or filesystem on inexpensive hardware for most of it. Only crypto was hash of some set of transactions or big file with a signature on it. Soooo efficient. Also builds on stuff we have decades of work on securing with full, battle-tested stacks for internal components.
And then there was Bitcoin with its long transaction times and insane work in mining. And use of begging to avoid a key risk at one point. That's innovative as it's the first time I've seen it in decentralized security.
That's pretty much how genius works much of the time, seeing possibilities that exist with existing stuff that haven't been done yet.
Doesn't make me feel dumber when I realize how few programmers or systems people are re-using or recombining the best stuff from CompSci or past commercial activities. Versus how many ignore it to repeat same crap and failures. :)
The guy who invented Bitcoin clearly wants to be anonymous, but there is a paparazzi that wants to deanonymize him. If he were identified by them, admitting to be the guy they wanted to find in an obviously fradulent way would make them think he is not the guy. That is exactly what we saw here.
If he is the guy, he is willing to sacrifice his reputation to maintain his anonymity. Perhaps the idea that the guy who created Bitcoin remain anonymous is so important to him that maintaining that perception is worth more to him than his reputation. He would not be the first guy who did something good in security that wanted to remain anonymous. See TrueCrypt.
That said, I think this obsession with who invented Bitcoin needs to end. The guy clearly does not want to be found. People should respect that.
Another is that Satoshi, or the group of people behind Satoshi, are finding all these Satoshi stories very funny. So they are encouraging them (and that might be why one of the bitcoin dev got fooled/is lying)
Another theory is that Wright is Satoshi, Wright truly demoed a signature to BBC/bitcoin devs, but Wright wants to cast a doubt and make people forget that he is Satoshi so he published a fake signature.
Holy Jesus this makes my head hurt just thinking about this possibility.
Having lost the keys, he now has zero incentive to reveal himself. Consider how many people would never believe him if he came forward and said his keys were lost. It would suck to have everyone think you're a billionaire when you're not. The only rational option for Satoshi may be to cry himself to sleep every night and take his secret to his grave.
Condition G: Wright is not Satoshi, does/does not know who the real Satoshi is, but is trying to motivate/encourage/force Satoshi (for reasons unknown) to come forward by Wright making the strongest claim (not at all bulletproof!) thus far to being Satoshi, and taking credit for Bitcoin.
That Craig is proceeding with this big hoax regardless means either that A) he knows who Satoshi is, and knows that Satoshi is cooperating/dead/apathetic/etc, or B) he's looking for sufficiently short-term gain that there's low enough risk that Satoshi would intervene in time.
Alternativly, he could be altruistic and deleted the Statoshi key to protect against manipulation, including from his future self.
And shit happens, even to geniuses sometimes.
Why would you want to publicly tell everyone you're worth $200MM in Bitcoin when you aren't? Aside from the bad actors that will try to wring the key out of you (politely or violently), you also have the Tax Office to deal with.
Maybe? But I think you ask a very good question. Also, maybe the guy just likes attention.
Also, if he really is dodging taxes, the Tax Office would look like the bad guy going after what most people consider a brilliant scientist.
Plenty of famously smart and able people have gone to jail for dodging taxes before. In the US, Wesley Snipes spent 3 years in prison for failure to pay taxes between 1999 and 2004. In Australia, Paul Hogan (aka Crocodile Dundee) was named as a defendant in a large tax evasion scheme, which was eventually dropped, but he's since been named in another tax avoidance by the US in cooperation with Switzerland. I can't see, nor understand, how being a famous tax dodger would make someone less likely to be investigated than someone making minimum wage just failing to file taxes.
Besides which, on assets, taxes is normally only collected when an item is sold. Since the bitcoin in possession by Satoshi were not touched, there should be no taxes owed.
Also, when you're rich, or perceived to be rich, people are afraid of harming you, and often treat you nicely in hopes you will return the favor, and this includes the government. If you don't see how this is true, then you have some awfully rose tinted glasses on my friend.
Plenty of countries have an asset tax that you need to pay annually: Argentina, Spain, India, Norway, Switzerland, and Italy. Spain's wealth tax goes high as 3.75%!
Granted, it doesn't appear that Craig Wright's home country of Australia has an asset tax on cash or currency holdings.
Furthermore, if you think about it, pretty much every country in the world has a type of asset tax that you need to pay annually -- it's called property tax. You need to pay your annual property tax even if you never sell your house.
-- Sotashi Nomokata
Instead we get this mess.
The mess makes me believe Satoshi is still out there.
The entire Bitcoin community practically shit itself when this news dropped and everybody tripped over themselves to deny it's the truth. People are, at length, ascribing more difficult computer science problems such as subverting cryptography itself to this guy in an aim to conclusively say that he could not possibly have invented Bitcoin. (So he didn't do something really cryptographically cool, and your theory is that he can compromise cryptography to prove that he did something cryptographically cool. Huh.) Some of the theories involve like three MITM attacks on services and extensive planning with million-to-one odds. Some of the theories describe things that are impossible. It is absolutely hilarious to watch people rail against this for something that, let's be honest, they can't possibly know. (Including OP, who is oddly authoritative without hedging in a quite-libelous world.)
Imagine if it's true. God, that'll be awesome. If I were coming out as Satoshi Nakamoto, that's how I'd do it. Let the frothers froth to lose credibility, then checkmate them a couple days later.
Again, no stock in this, don't care, just an amusing thought. I will say, watching the community tear itself apart over the block size and now this reinforces for me that I never want to run software with a community. Ever. Bitcoin's community is terrifying in a number of ways (no disrespect, just an outside observation). Another angle on that is that if this guy actually is Satoshi Nakamoto, the Bitcoin community has done a pretty good job of kicking their beloved founder in the teeth. I really want it to be true to see the pieces of that picked up.
This'll be a good third act of the Bitcoin movie, by the way, and I look forward to the stinging Sorkin dialogue.
I don't know, Nic doesn't know despite many words to convince you otherwise, you don't know, we all don't know. I choose the fun explanations and wait to see if I'm right, with the completely reasonable position that I, nor anybody else, cannot possibly know if the theory is correct with the data available.
The alternative is getting upset about it and smashing keyboards, which most folks seem to be doing. Who cares? Seriously, why does it matter? He is or he isn't. Wait and see.
To me, Gavin Andresen's position on this is the fly in the grand conspiracy ointment, and it's funny how all of the theories involve Andresen being incompetent or compromised to work around that problem. I saw people start referring to the possibility that one of the highest folks in Bitcoin is autistic and easily fooled by a con man, and I was just laying in bed last night reading it and shaking my head. This thread is doing it, too, discussing a person they've never met and how he's lost his senses or accepted payment to lie.
Giant mess. John upthread is right.
Nic doesn't know despite many words to convince you otherwise
While you claim that you have no stake or position in this, your other post borders on the bizarre, with you seemingly completely misunderstanding the arguments made and then, having carefully constructed an absurd strawman, you confidently knock it down.
Anyone can be tricked by a con man with no shame. This includes very smart people. Anyone who controls the hardware and the network can render virtually any proof useless without moving outside of their control (which is extremely easy to do), and it can be a fun parlour trick. In this case we have someone with a long history of casual trickery (if not fraud) who, while under an impending cloud of peril, and with months to contrive a magic trick, convinced a single person.
You've plied this valiant contrarian noise in virtually all of your comments on this. I'm personally a critic of Bitcoin. I most certainly am not in the "community". Yet the evidence that we have leans overwhelmingly towards "con man". I honestly believe someone would have to have a serious bias to ignore the overwhelming evidence that they are being had.
Your claim that anyone thinks he's "subverting cryptography" immediately cast your comment as hysterical. No one has seriously argued this.
You mean convinced at least five people and three editors
He convinced one or two people. Editors and journalists will run with the weakest of evidence because it's salacious and draws viewers. Do you really think they provide evidence of anything?
I'm sitting here with a complete lack of ability to care
Your rhetoric betrays that you actually do care. Very much. And each time you claim that it's some heroic stand that is only be squelched by the bitcoin insiders, it makes you look a little more foolish.
To your substantial edits: you're trying entirely too much to tell everyone how little you care. To quote Shakespeare, the lady (or man) doth protest too much.
I am just now beginning to try to research it to really understand it, because despite being a developer and having a decent understanding of public-key cryptography, I am at a total loss to understand how this system works or achieves its apparent purposes.
My impression is that it's actually quite complex, and that the press (and developer community at large) is failing to really explain it in any meaningful way to people who don't already get it. Not that this is out of the norm with tech topics, but this is very flagrant.
I haven't seen the recent crop of materials, but I grocked it watching a 60 minute or so video presentation which I think was from someone at Mozilla. Oh, here it is:
I'll check out the video when I have time tonight.
Where I disagree is that I don't believe that all ideas/concepts can be made "easy to understand" to a general audience. Many concepts - especially those technical in nature - simply require a large amount of background knowledge to understand.
You can be the best mathematics teacher in the world, but you won't be able to (and no one expects you to) make the Riemann hypothesis widely understood to the general public. It's just not feasible. And I posit that Bitcoin (whilst maybe not as technical as the Riemann hypothesis) similarly requires a large amount of background knowledge and is not an "easy" concept to understand in 30 minutes.
The good news is that there are millions of things that people use every day that they don't understand - cars, computers, TVs - in fact, due to the specialization of knowledge, most things people encounter they do not fully understand. I don't think this is a big deal.
How long have you spent looking into it?
I wrote an academic paper on Bitcoin; now, I don't understand e.g. the detailed cryptanalysis of SHA256, which it uses. But I've a pretty solid understanding of how, given the availability of such hashing functions, and assuming they live up to their promises, you build a distributed ledger from them, and what some of the properties of that ledger might be. Not every implementation detail, but the high level principles.
I reckon most folk with degree or grad level CS education (or equivalent) would get to around that point in a few weeks (full-time?) study, probably less. (Given we can read the Bitcoin paper, nice explanations of it etc - not if we had to invent it ourselves.) I even think I've explained the main principles successfully to technical friends over the course of a few hours.
Yes, you don't just read a blog and understand how the whole system works, but thats true of many systems. Compare understanding Paxos (I'd say this is harder?), or DynamoDB, etc.
IMO there's nothing especially mysterious about Bitcoin here. Its clever, and its too complicated to explain in a paragraph in a media article, but its not an order of magnitude more complex than comparable distributed systems.
On the other hand, understanding _why_ it works is difficult, as it requires understanding the hard math underlying the system. In fact, nobody knows _why_ it works, because, AFAIK, we do not know whether the hash functions used have the necessary properties (in fact, it is worse: we do not even know whether one-way functions exist, let alone that we can point to one)
Moreover, there's not much point in saying things like that to people who are trying to learn, as it adds nothing except to suggest that if someone doesn't understand this easily just by reading that paper, they might be a bit less capable than some of the rest of us.
When I finally came to the realisation about what mining is actually doing and why it's necessary to reward miners (it actually keeps the entire network secure): mind = blown.
I think that lack of simple explanation is what has slowed down innovation around blockchain. A lot of developers simply don't understand fully what they are dealing with. The presentations were mediocre at best and the recurrent question was "How is this better than what people currently use?" Unfortunately, the answer was mostly, "It uses blockchain." I doubt that suffices.
Or maybe I'm just the daft one, I doubt so.
You understand the bitcoin software and how the system is built and functions, end to end? Cool, I'm jealous.
You think most other developers share that understanding? Given that in my experience most developers have only a so-so understanding of basic cryptography to begin with, I find that very, very dubious.
I just read the original whitepaper and it isn't exactly trivial. Statements of the form "Because we do X in the implementation, bitcoin has property Y" are where it takes a fairly strong knowledge to truly follow along with the logic. The implications of the methodologies are not obvious, or else this whitepaper (and by extension the identity of Nakamoto) wouldn't be quite so important.
I think it's difficult to create an all encompassing post for that reason. It's a bit like trying to describe how any application protocol works - can you assume knowledge of TCP/IP? Do you just black-box it? etc.
My contact details are in my profile and I'm happy to lend a hand if you think that might be useful.
You'll also need to know what Proof of work is, explained in https://en.wikipedia.org/wiki/Proof-of-work_system
See also https://en.bitcoin.it/wiki/Introduction, or the rest of the wiki, or the StackExchange site.
Given how swiftly people are attacking Wright, chances are this would fail before the political situation can be resolved.
As others have pointed out in previous threads, citing James Randi, you don't have to be stupid to fall for a con. It's quite easy to be tricked even when you think you're being skeptical.
My goodness. At which point does it become possible to press charges? Can one just go around faking that they have degrees?
Cached Linkedin profile: https://archive.is/Q66Gl
I wonder if there is any connection to the Panama Papers leak. Time will tell, I guess.
Psychology > cryptography.
This in itself does not prove that there was no download of an Electrum signature file to the laptop that Gavin was given. He could have connected using Tor or other services through which the real IP address is hidden, but this could be another reason to suspect there was some kind of MITM hack that Wright used. Also worth mentioning that the laptop was supposedly a factory sealed unit .
Why would you stamp "Made in China" on a treasure like that? Maybe you were trying to make it less tempting for thieves, maybe you were trying to hide its value from the tax authorities, maybe you forget to take your meds and were acting irrationally that day.
It is a defaced Stradivarius, but still a Stradivarius. It doesn't matter because no one believes you.
Craig Wright does some silly things. Now, no matter what he says, ...
Craig brings a set of high-resolution pictures of a Stradivarius violin to an appraiser. The appraiser(Gavin) goes over them - they all look exactly how a Stradivarius violin would look. However, his colleague(public commentators, in this case) says the only way to really appraise a Strad is to see it in person, and that going through all the trouble of getting high-res pictures when you could just bring it over was pointless. Further, the colleague notes one of the pictures shows a "Made in China" stamp on the Strad, and as such guesses that Craig is trying to con them.
If a "Made in China" stamp in itself made an appraiser instantly discard the violin, then they haven't done their job. Similarly, if Craig had provided a strong crypto proof that he was Satoshi(the physical violin, in this scenario), but people disregarded it just because it's him, then we would match your analogy.
The analogy still doesn't really match reality - the reason why Gavin was convinced is because he used tools that gave him a high confidence that he wasn't being conned. Still, the way Craig decided to demonstrate that he was Satoshi was long-winded and complicated, for no discernible reason.
It is true that Electrum verifies locally, and in this case it was simply used as a replacement for running openssl or an alternative.
You still need to verify the address and key, tho - and it isn't stated what the process was in this case.
People who are smart, even experts in their field, can be fooled by conmen. Remember that while the experts are experts in their field, the conman is also an expert in their field. Their field just happens to be exploiting human nature to fool people. Without more information, it's hard to know if that's what happened, but it's a reasonable answer to the question.
Both scenarios require the ability to modify Electrum in a deceptive way (presuming Andresen is familiar with Electrum and uses it frequently). The complexity of either scenario would require considerable literacy both with networking and code, and perhaps months of practice to make sure everything went off without a hitch. Thus, they seem pretty implausible. But if anything out of this scenario is true, I give props to the guy for really committing, you know?
I then expect Wright to come up with some bs, and then we'll all move on.
Gavin is only human, I can say I'm surprised to the extent he stated so adamantly 'without a reasonable doubt', but again, he's human.
He said "I am convinced beyond a reasonable doubt." That's still a very high standard, but he left room for some doubt.
In short, I don't this this is likely.
But I'm wondering: what if he is a scam artist and he actually is Satoshi?
Why would CW's obviously faked evidence provide any support for his claims?
"Craig signed a message that I chose ("Gavin's favorite number is eleven. CSW" if I recall correctly) using the private key from block number 1.
That signature was copied on to a clean usb stick I brought with me to London, and then validated on a brand-new laptop with a freshly downloaded copy of electrum.
I was not allowed to keep the message or laptop (fear it would leak before Official Announcement).
I don't have an explanation for the funky OpenSSL procedure in his blog post."
Or maybe the 'real' Satoshi Nakamoto offered Craig Wright a big chunk of bitcoins if he would claim to be Satoshi, so that his true identity would never be revealed.
Given the frequency of these fraudulent or mistaken Satoshi identifications, it's probably time that someone puts together a simple, publicly visible procedure for verifying Satoshi's identity. Make a web-site, call it something like satoshi-test.com, and include a step-by-step procedure for journalists to follow. If they can't get their Satoshi claimant to complete the test, then they shouldn't write the story. If they ignore the test, then we should ignore their story.
Many journalists will jump on the opportunity even if they know that it is 100% fake.
Bitcoin is a digital currency that is based on cryptography, specifically public-key cryptography. The way you spend money through Bitcoin is by using a private key that only you have access to to sign a transaction that sends Bitcoin to someone else. The rest of the network validates that transaction using the corresponding public key and rejects it.
Satoshi Nakamoto wrote Bitcoin. He mined the first block and authored the first transaction. As a consequence of this, several public keys are known that are recorded right into the very beginning of the blockchain. So anyone claiming to be Satoshi Nakamoto should be able to digitally sign a message to that effect with the private keys corresponding to the known public keys, either a transaction on the blockchain or a simple text message.
Anyone who claims to be Satoshi Nakamoto but cannot digitally sign proof to that effect is not Satoshi Nakamoto. The first thing the real Nakamoto would do should he ever come out publicly (which is highly unlikely) would be to provide this incontrovertible proof. As the creator of Bitcoin, he more than anyone knows that you can't take this kind of stuff on faith; it has to be proven mathematically.
The linked post shows the creator of Litecoin demonstrating that he is in possession of the private key corresponding to the genesis block of the Litecoin blockchain. It's really that simple. He has a private key, and he's signed a message that anyone can verify.
I'm pretty comfortable with the technical competence of a subset of tech journalists -- nikcub is one of them. Other fields often get fairly competent journalists; tech journalism deserves the same.
The key thing here isn't necessarily technical competence but skepticism, which is the thing journalists are supposed to be oversupplied with.
That's... not really true, especially when it comes to stuff like Bitcoin, which even a lot of experts don't understand (remember, people in our field are still struggling to write CRUD web apps). Medicine, for example, has equally complicated areas (cancer, epidemiology). I can't speak from personal experience (I'm not an expert in that field) but I have friends who are medical researchers and they are equally frustrated with medical journalism.
Ultimately, what we need are people who are actual experts in fields to be writing about those fields for a general audience, and get rid of journalists who aren't experts.
One thing that medicine does better is regulation. With odd exceptions like abortion, regulation of how doctors do their jobs is managed by other doctors. I would love if that was how things were done in computer fields.
I agree -- we need people who are actual experts in the field, but also good at communicating, when communicating about topics where expertise is valuable. There are some amazing war correspondent journalists who go into harm's way and have both shared experience and a reasonable background.
Sure. Donate to NPR or sub to the WSJ :)
Welcome to Satoshi-test.com!
It needs to be something like "Please sign `<challenge string> + your name`"
Because when you're not a technical person, you won't have good priors for what constitutes proof. You'll be falling back on the same intuition you use when reading a detective story. Who has motive, who has skill, and so on. None of which take you out of the zone of doubt (say between 10 and 90 percent certain) which is why detective stories are fun.
If you're a technical person, you can see how big a deal being able to sign is.
For me, it's pretty easy. If someone says they're Satoshi, we ask him to move some BTC from one of his addresses to another. They'll still be in trust (crappy excuse). If you can do that, you're either him or he essentially gave you his identity by giving you the key.
Sad fact: a single impostor clown wasted millions of hours of experts' and other smart people's time that could have been spent productively otherwise.
Real question: has Gavin got insane or what game is he playing?
Speculation: I lost my faith in Gavin in 2014 in Amsterdam where I could observe him joining The Bitcoin Foundation while it was already clear that TBF was full of shit, pedophiles and nonentities focused on self-promotion and earning a quick buck (with few exceptions). So my bet is on Gavin's gullibility. He's got tricked by the con artist to the level that he is going to defend his position against the evidence.
Put the whole lore of bitcoin on the backburner for a moment and think about what this would really mean if he was Satoshi. Pretend that the proof was more than adequate, and pretend that Satoshi-signed messages started popping up on the Bitcoin mailing list again.
What should that matter? He's got millions of dollars of Bitcoin. He dropped out of the bitcoin world 5 years ago. If Satoshi came out on the mailing list with a signed message talking about the block size, would it matter at this point?
But now Bitcoin has more or less gone mainstream and it's safe for him to reveal his identity, his human is kicking in and he's trying everything he can to claim the fame
What is the benefit of having people know you are Satoshi? probably none. Any money he can make from being recognized as the creator of Bitcoin is not comparable to the money he could have made from early bitcoins.
Is he a serial liar trying to take credit for someone else's work or is this an elaborate attempt to get the real SN to reveal himself?
suckers, every day
I wouldn't even trust going to the nearest computer shop myself and picking out a computer.
Presumably the assistant was believable because they weren't dressed in spandex and sequins.
However, posting in the form of a screenshot could be a smart move generally, because of the possibility of the text being changed, or people cutting and pasting code that does not present as malicious, but is embedded in the website to be so.
: Of course, this can still happen with an image!
After all, what better con is there to convince millions of people that you've invented a currency, and that they should hand over real money for bits and bytes on computers you don't even control. Wright had recurrent run-ins with Australian tax authorities, so he has a strong motive to shelter his wealth in a virtual currency. The article admits that all his business relationships say Wright is the best con-man they know. And the Bitcoin con has netted Satoshi over a billion dollars.
Double plot-twist: Bitcoin isn't the con. Money is the con. All the reasons why Bitcoin is a hoax apply to the U.S. dollar and other forms of currency as well.
PS: Yes I heard the sarcasm in your post. It's all good.
A huge amount of faith in bitcoin will be lost if Satoshi ever starts moving his btc. Its like the founder or CEO of a company - if you try to sell your stake confidence in the business evaporates.
Watching the community fight is kind of depressing, because that's a lot of energy that could be channeled into positive endeavors.
Just naming it as a con seems odd as it actually works and people buy things with it every day.