How Craig Wright Privately ‘Proved’ He Created Bitcoin

WHEN RUMORS SURFACED early last month that Australian cryptographer Craig Wright would attempt to prove that he created Bitcoin, Gavin Andresen remained skeptical. As the chief scientist of the Bitcoin Foundation, his opinion counts: Andresen is among the earliest programmers for the cryptocurrency, and likely the one who has corresponded more than anyone with Satoshi Nakamoto, Bitcoin’s pseudonymous, long-lost inventor.

Today, Andresen fully believes that Wright is Nakamoto. Now he’ll have to convince the rest of the world, because he’s among the only people to have seen what he claims is the best evidence in Wright’s favor.

In an interview with WIRED on Monday following flurry ofmedia reports stating that Wright now publicly claims he created Bitcoin, Andresen described in detail a private meeting he had with Wright in London. And he explains why he left that meeting convinced that Wright is the same Nakamoto who unveiled Bitcoin in 2009 and emailed extensively with him in 2010 and 2011. Andresen says his belief is unwavering, despite a bizarre and highly unconvincing blog post Wright published Monday offering the flimsiest evidence that he invented the cryptocurrency—evidence of a very different sort from what Andresen says Wright revealed to him.

“I’m still convinced he’s Satoshi despite the really weird proof he’s put in his blog post,” says Andresen. He stands by a statement he published on his website this morning: “I believe Craig Steven Wright is the person who invented Bitcoin.”

The Private ‘Proof’

As Andresen tells it, a firm representing Wright contacted him in March and invited him to London for a private, in-person demonstration designed to prove Wright created Bitcoin. Andresen understandably expressed reluctance.WIRED and Gizmodo had named Wright in December as a Satoshi Nakamoto candidate based on leaked emails, accounting documents and transcripts. But then gaps in Wright’s story appeared following those reports—including signs he had backdated evidence and misrepresented academic credentials—it seemed Wright was likely pulling an elaborate hoax or con.

But Wright followed up with a series of emails that piqued Andresen’s interest. “This is a person who knows an awful lot about Bitcoin and an awful lot about early Bitcoin stuff,” Andresen says. “The email conversations I had [with him] sounded like Satoshi to me. It sounded like I was talking to the same person I’d worked with way back when. That convinced me to get on an airplane.”

On the morning of April 7, Andresen took a red-eye to London and proceeded directly to a hotel in the Covent Garden district. He met Wright and two associates in a conference room there that afternoon and, Andresen says, Wright performed the cryptographic feat that erased his remaining doubts.

Cryptographers have suggested at least two ways the creator of Bitcoin could prove himself: Nakamoto could move some of the earliest Bitcoins, which are known to belong to him and have never been spent in their seven-year existence; or he could use the same cryptographic “private keys” that would allow those coins’ owner to spend them to instead “sign” a message—transforming the message’s data in a way that proves he or she possesses keys that only Nakamoto would have.

Wright, Andresen says, offered to perform the second test, signing a message of Andresen’s choosing with a key from the first “block” of 50 coins ever claimed by a Bitcoin miner, in this case Nakamoto himself. (He also performed a similar test for Jon Matonis, a former board member of the Bitcoin Foundation, and a reporter for the Economist, the magazine says, using both the first and ninth Bitcoin blocks.) Andresen says he demanded that the signature be checked on a completely new, clean computer. “I didn’t trust them not to monkey with the hardware,” says Andresen.

Andresen says an administrative assistant working with Wright left to buy a computer from a nearby store, and returned with what Andresen describes as a Windows laptop in a “factory-sealed” box. They installed the Bitcoin software Electrum on that machine. For their test, Andresen chose the message “Gavin’s favorite number is eleven.” Wright added his initials, “CSW,” and signed the message on his own computer. Then he put the signed message on a USB stick belonging to Andresen and they transferred it to the new laptop, where Andresen checked the signature.

At first, the Electrum software’s verification of the signature mysteriously failed. But then Andresen noticed that they’d accidentally left off Wright’s initials from the message they were testing, and checked again: The signature was valid.

“It’s certainly possible I was bamboozled,” Andresen says. “I could spin stories of how they hacked the hotel Wi-fi so that the insecure connection gave us a bad version of the software. But that just seems incredibly unlikely. It seems the simpler explanation is that this person is Satoshi.”

The Problem With the Public Proof

Under other circumstances, the Bitcoin community could almost be convinced by Andresen’s account, too. But in contrast to Andresen’s private demonstration, the evidence that Wright publicly offered to support his claim almost immediately collapsed. “The procedure that’s supposed to prove Dr. Wright is Satoshi is aggressively, almost-but-not-quite maliciously resistant to actual validation,” wrotesecurity researcher Dan Kaminsky early Monday. After more analysis, Kaminsky updated that assessment: “OK, yes, this is intentional scammery.”

On a newly-created website, Wright published a blog post featuring what appeared to be a cryptographically signed statement from the writer Jean-Paul Sartre. It seemed intended to show, as in Andresen’s demonstration, that Wright possessed one of Nakamoto’s private keys. But in fact, Kaminsky and other coders discovered within hours that the signed message wasn’t even the Sartre text, but instead transaction data signed by Nakamoto in 2009 and easily accessed on the public Bitcoin blockchain. “Wright’s post is flimflam and hokum which stands up to a few minutes of cursory scrutiny,” wrote programmer Patrick McKenzie, who published an analysis of Wright’s message on Github. “[It] demonstrates a competent sysadmin’s level of familiarity with cryptographic tools, but ultimately demonstrates no non-public information about Satoshi.”

Even Kaminsky and McKenzie say they can’t explain the discrepancy between their analysis and Andresen’s story. “But for the endorsement of core developer Gavin Andresen, I would assume that Wright used amateur magician tactics to distract non-technical or non-expert staff of the BBC and the Economist during a stage-managed demonstration,” McKenzie writes. “I’m mystified as to how this got past Andresen.”

The Disconnect

Andresen, for his part, remains equally mystified by Wright’s highly dubious public evidence. The contradiction between the two accounts is so stark that at first some in the Bitcoin community believed that Andresen’s blog, where he’s vouched for Wright, must have been hacked. He says Wright and his staff wouldn’t let him leave the hotel meeting room with his own much stronger evidence, for fear that Andresen would leak it before Wright was ready to come forward. But Andresen says he can’t understand why Wright didn’t release that information publicly now. He hopes Wright still might.

Andresen’s only attempt at an explanation for Wright’s bizarre behavior, he says, is an ambivalence about definitively revealing himself after so many years in hiding. “I think the most likely explanation is that … he really doesn’t want to take on the mantle of being the inventor of Bitcoin,” says Andresen, who notes that his own credibility is at stake, too. “Maybe he wants things to be really weird and unclear, which would be bad for me.”

That uncertainty, Andresen says, seemed to be evident in Wright’s manner at the time of their demonstration. Andresen describes Wright as seeming “sad” and “overwhelmed” by the decision to come forward. “His voice was breaking. He was visibly emotional,” Andresen says. “He’s either a fantastic actor who knows an awful lot about cryptography, or it actually was emotionally hard for him to go through with this.”

source: by 

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.