I see two dimensions to this situation: is Wright actually Satoshi or does Wright know who the real Satoshi is, and does Satoshi want to be found.
Condition A: Wright is Satoshi and Satoshi wants to be found. In this condition, Wright's actions make no sense. Why publish an obviously fake proof? I suppose if Wright/Satoshi lost the original private keys this would make some sense, but is really unlikely.
Condition B: Wright is Satoshi and Satoshi does not want to be found. Here things actually make perfect sense. Wright/Satoshi is trying to discredit himself by publishing fake proofs. This is a sort of hiding in the open thing that might work.
Condition C: Wright is not Satoshi but knows who the real Satoshi is, and Satoshi wants to be found. In this condition, Wright is trying to prevent Satoshi from being found for some reason, and he is doing this by trying to muddle the waters and throw doubt. If the real Satoshi shows up and provides a proof, non-technical people can now say "well Wright provided proof, but that turned out to be fake. Do we trust that this is real?".
Condition D: Wright is not Satoshi but knows who the real Satoshi is, and Satoshi does not want to be found. In this case Wright is trying to somehow capitalize on being considered the real Satoshi, or is trying to protect Satoshi from being found.
Condition E: Wright is not Satoshi and does not know who the real Satoshi is, and Satoshi wants to be found. In this case Wright is trying to somehow capitalize on being considered the real Satoshi, or is trying to muddle the waters for the real Satoshi.
Condition F: Wright is not Satoshi and does not know who the real Satoshi is, and Satoshi does not want to be found. In this case Wright is trying to somehow capitalize on being considered the real Satoshi.
Makes as weird a sense as any in this whole thing. Suppose you support the theory that Satoshi is actually a collective rather than individual. In that case, the Satoshi keys could have been formed in such a way that none of the individual members of the cabal have direct access to the actual keys (as they were formed by parts split amongst the cabal and require collective effort to make use of) and with compartmentalization of efforts none of the members of the cabal necessarily know the full extent of the cabal's membership, either...
Which was also "good enough" to appear "technical" and "valid" initially to some.
So it's really time for the quote of one famous thinker:
"I know it's in Texas, probably in Tennessee that says, 'Fool me once, shame on ... shame on you. Fool me... You can't get fooled again!'"
The shortest summary of the current Wright's hoax is by Kaminsky:
"Yes, this is a scam. Not maybe. Not possibly.
Wright is pretending he has Satoshi’s signature on Sartre’s writing. That would mean he has the private key, and is likely to be Satoshi. What he actually has is Satoshi’s signature on parts of the public Blockchain, which of course means he doesn’t need the private key and he doesn’t need to be Satoshi. He just needs to make you think Satoshi signed something else besides the Blockchain — like Sartre. He doesn’t publish Sartre. He publishes 14% of one document. He then shows you a hash that’s supposed to summarize the entire document. This is a lie. It’s a hash extracted from the Blockchain itself. Ryan Castellucci (my engineer at White Ops and master of Bitcoin Fu) put an extractor here. Of course the Blockchain is totally public and of course has signatures from Satoshi, so Wright being able to lift a signature from here isn’t surprising at all.
He probably would have gotten away with it if the signature itself wasn’t googlable by Redditors.
I think Gavin et al are victims of another scam, and Wright’s done classic misdirection by generating different scams for different audiences."
Good write-up. The Australian tax thing in the Reddit is another good example. And yes, those of us from Tennessee do not take kindly to folks trying to play us for a fool. ;)
So why would be want people to think that he's Satoshi? He will probably end up owing money to the Australian government. Wouldn't they try to force him to sell Bitcoin? If he could, I mean.
Have you seen him in interviews or descriptions of his companies? He wants notoriety with benefits it can bring or he's screwing around with people. Those two are reasons for epic levels of bullshit all over the globe going back thousands of years. Should always consider those. Also, realize sometimes you won't understand the Why of what people would do and focus on the What/How/Evidence. That helps with the stranger ones. ;)
One intuitive moment I had in first story I read was how one person asked his wife about it. If she knew he was Satoshi, she'd likely have a neutral, cautious, or irritated dismissal of the claim. Instead, I think it said something along the lines of her smirking and walking off. More like a wife reacting, as usual, to a husband's bullshit she's seen 100 times that isn't worth further consideration and the fact the person asking hasn't figured that out yet. Maybe my mental bias but her reaction stuck out a bit to me on top of more solid evidence.
I gotcha. Can't go on that myself. Yet, I understand the intuition pulling you in that direction based on patterns you saw. Just as I had mine about Wright's character via his actions and his wife's responses.
Why would anyone want people to think they're extremely rich and clever? Well, ego for one thing, another is that a conman could make use of that to smooth some paths wherever he goes.
> He probably would have gotten away with it if the signature itself wasn’t googlable by Redditors.
The nice thing about the blockchain is that it's necessarily public, and therefore everything on it is Googleable (various block explorers are crawled and indexed).
> That he presented hearsay evidence... End of story.
You're suggesting that geniuses are always upstanding, straight-forward, super honest people, and that anyone who isn't super honest can't be a genius.
So what if he's sly, padded his resume, and has tax trouble. So what. He might still be a genius and might be Satoshi. We need more direct proof, but I'm not drawing conclusions from personal defects.
I'm suggesting that the source of all the claims connecting Satoshi to Wright inevitably trace back to unverified claims by Wright. That he defrauded the tax office and forged the PGP show stromg dishonesty with one of those being directly related to Bitcoin claims. A con artist making grand claims with fraudulent evidence should always be ignored by default.
Eh. I've spent almost a cumulative six years of my career writing code signing code. Both times I had only a couple of coworkers who understood everything, so most growth was self started. The larger project involved counter signing (signatures over signatures) and HSMs and was mostly my code, and I ran into a lot of people who knew words but didn't know what the hell they were talking about. I had to get very good at telling people "No, but..." because they always wanted to make decisions based on unverified data.
At the end I knew a lot about a narrow slice of security. I did not feel like an expert although I do feel like I got the job done (which in this field is very hard to say with a straight face).
I haven't touched that kind of code in 5 years and I'm not confident how much of it I could regurgitate under duress. But I'd like to think I'd know how to produce a signed document that's verifiable. If the key were stored someplace exotic (I don't recall how Bitcoin stores it's keys) that might be harder.
I would not be surprised if the real Slim Shady had trouble with it too, but it would cause me to wonder about exploits in the code.
I'm not so sure the bitcoin required a cryptography genius. I would say it has more to do with the elegant way of dealing with the Byzantine Generals problem, applied to evolving a distributed ledger from purely untrusted parties.
I would argue it represents a key development in the history of computing & networks, and possibly a new subdomain of Computer Science, with its main influences and precursors dating back no earlier than the mid-90s (very new in the CS research sense). Open to other people's thoughts.
> I'm not so sure the bitcoin required a cryptography genius.
> I would argue it represents a key development in the history of computing & networks, and possibly a new subdomain of Computer Science
Those two statements are in conflict. Anyone who's changed the history of computing and created a new subdomain of computer science by doing something no other modern cryptographer thought to do is a fucking genius.
But is it a development in the crypto field, requiring someone super talented in crypto?
From my understanding (though no deeper than what's in the Bitcoin whitepaper), the central new idea (and it is indeed a significant contribution to CS in general) is laying out of how to build a distributed timestamp server, and then distributed ledger from only untrusted peers by using existing technologies circa 2009 such as p2p, hashing data blocks, priv/public key for verify/sign, etc.
Like the other commenter said, we've been doing stuff like this for a long time. Satoshi combined some existing ideas with an uncommon area of application, currency instead of mere transactions, to create Bitcoin. It's clever and a lot of activity happened but its components aren't original and similar things were promoted before.
For instance, people in auditing and anti-subversion fields promoted schemes that allowed multiple, untrusted parties to accept a result by one party doing something whose logs were checked by others, partly (esp randomly) or totally. The scheme required nothing but a database or filesystem on inexpensive hardware for most of it. Only crypto was hash of some set of transactions or big file with a signature on it. Soooo efficient. Also builds on stuff we have decades of work on securing with full, battle-tested stacks for internal components.
And then there was Bitcoin with its long transaction times and insane work in mining. And use of begging to avoid a key risk at one point. That's innovative as it's the first time I've seen it in decentralized security.
> Satoshi combined some existing ideas with an uncommon area of application, currency instead of mere transactions, to create Bitcoin. It's clever and a lot of activity happened but its components aren't original and similar things were promoted before.
That's pretty much how genius works much of the time, seeing possibilities that exist with existing stuff that haven't been done yet.
I agree. It's what I did in high-assurance security. Almost everything I built was composed of premade parts and ideas. Usually in a way that was straight-forward with some really clever. Really just recycling ideas, though, into hopefully better ones.
Doesn't make me feel dumber when I realize how few programmers or systems people are re-using or recombining the best stuff from CompSci or past commercial activities. Versus how many ignore it to repeat same crap and failures. :)
You are drawing conclusions from insufficient information. How do you know that he is incompetent and not feigning incompetence? In the former case, you would be right. In the latter case, not only would you be wrong, but you would have been manipulated by Craig Wright into being wrong.
> And what would be the point of claiming to be Satoshi and then turning around and feigning incompetence? Why make the claim in the first place?
The guy who invented Bitcoin clearly wants to be anonymous, but there is a paparazzi that wants to deanonymize him. If he were identified by them, admitting to be the guy they wanted to find in an obviously fradulent way would make them think he is not the guy. That is exactly what we saw here.
If he is the guy, he is willing to sacrifice his reputation to maintain his anonymity. Perhaps the idea that the guy who created Bitcoin remain anonymous is so important to him that maintaining that perception is worth more to him than his reputation. He would not be the first guy who did something good in security that wanted to remain anonymous. See TrueCrypt.
That said, I think this obsession with who invented Bitcoin needs to end. The guy clearly does not want to be found. People should respect that.
That's really stretching it given your analysis only focuses on what a Bitcoin founder might do while ignoring what Wright did do in terms of fraud. It changes the matchup between the two's M.O.'s quite a bit.
Unless, of course, he predicted that we would conclude that someone with such poor evidence must be attempting to hide in plain sight, and is in fact a fraud. Never go in against a Sicilian when death is on the line.
Sounds to me like you're already familiar with ACH [0]. I was sure that there was a free online platform, but I'm not seeing one. But if there was, it would be easy to plug in what you've posted and enable a structured collaboration.
Interesting, what about prior probability and Occam's razor? The 'process' section mentions "less consistency implies a lower likelihood" but makes no mention of preferring simpler hypotheses which I find surprising. Edit: 'Bayesian analysis' is briefly mentioned further down the page.
ACH is just a very high level framework for shaking bias, the methods are implementation details. This is for humans, so you have to keep that in mind when you are choosing the analytic method - the most difficult that I'd press for is first order logic. Having a machine come along behind the human analysts and perform the more difficult forms of analysis is basically what Deep Green [0] was about. A more manual version of that would be the Lockwood Analytical Method for Prediction [1]. The funny thing about Deep Green was that developers had to address the fact that military commanders didn't like having a machine perform the planning process, so they had the algorithm include sub optimal options in the selection menu - allowing the human operator to feel good about choosing the obviously correct solution.
It would be fun to implement it to take advantage of the benefits that a restricted natural language would bring, like Attempto [0]. That would allow you to really automate the evaluation of hypotheses against new data points. You might be able to wedge a SAT solver in there as well. I've got it on the ever growing todo list.
Another is that Satoshi, or the group of people behind Satoshi, are finding all these Satoshi stories very funny. So they are encouraging them (and that might be why one of the bitcoin dev got fooled/is lying)
Another theory is that Wright is Satoshi, Wright truly demoed a signature to BBC/bitcoin devs, but Wright wants to cast a doubt and make people forget that he is Satoshi so he published a fake signature.
My guess is that he just lost the keys in the usual hard-drive crash or forgot-the-password sense. This was a research project, remember. Did Satoshi have any reason to think the early coins he mined would become this valuable in real currency terms?
Having lost the keys, he now has zero incentive to reveal himself. Consider how many people would never believe him if he came forward and said his keys were lost. It would suck to have everyone think you're a billionaire when you're not. The only rational option for Satoshi may be to cry himself to sleep every night and take his secret to his grave.
He (or they, didn't some folks think it might be a multi-person persona?) might have intentionally destroyed the keys, to avoid this temptation for whatever reason.
Condition G: Wright is not Satoshi, does/does not know who the real Satoshi is, but is trying to motivate/encourage/force Satoshi (for reasons unknown) to come forward by Wright making the strongest claim (not at all bulletproof!) thus far to being Satoshi, and taking credit for Bitcoin.
If Satoshi were watching and cared, all he'd (she'd) have to do is send an appropriately-signed text via Tor or whatever saying Craig is a liar. Coming forward in any substantial sense would be unnecessary.
That Craig is proceeding with this big hoax regardless means either that A) he knows who Satoshi is, and knows that Satoshi is cooperating/dead/apathetic/etc, or B) he's looking for sufficiently short-term gain that there's low enough risk that Satoshi would intervene in time.
I'd trust the brilliant mind behind Bitcoin to hold onto some backups of keys worth half a billion dollars. Since you never know, such a a thing could come in handy someday.
Condition E/F seem most likely, but the most confounding.
Why would you want to publicly tell everyone you're worth $200MM in Bitcoin when you aren't? Aside from the bad actors that will try to wring the key out of you (politely or violently), you also have the Tax Office to deal with.
"I'm known to have $200MM in BitCoin. If you can front me $10,000,000 cash to get the financial infrastructure in place to liquidate, I'll cut you in for 50%. I promise not to take your cash and disappear to an island."
Maybe? But I think you ask a very good question. Also, maybe the guy just likes attention.
He may be a sociopath who wants attention and to feel like he got over on so many people. Maybe it feels powerful or exciting to get away with scams for him. Why would someone become a serial killer? To you or I it makes no sense perhaps, but certain people have a lust for getting away with things.
he's bulletproof on the taxes for the coin - he'd never be taxed on it until he withdrew it, and if he actually owns that much, he could never withdraw that much without causing a massive selloff
My point was this: if you owned $220MM in anonymous cash, why would you attach your name to it? Now everyone will know when and where you liquidate, even if you don't liquidate the entire amount.
> the Tax Office would look like the bad guy going after what most people consider a brilliant scientist
Plenty of famously smart and able people have gone to jail for dodging taxes before. In the US, Wesley Snipes spent 3 years in prison for failure to pay taxes between 1999 and 2004. In Australia, Paul Hogan (aka Crocodile Dundee) was named as a defendant in a large tax evasion scheme, which was eventually dropped, but he's since been named in another tax avoidance by the US in cooperation with Switzerland. I can't see, nor understand, how being a famous tax dodger would make someone less likely to be investigated than someone making minimum wage just failing to file taxes.
I wouldn't consider Wesley Snipes and Paul Hogan especially smart...
Besides which, on assets, taxes is normally only collected when an item is sold. Since the bitcoin in possession by Satoshi were not touched, there should be no taxes owed.
Also, when you're rich, or perceived to be rich, people are afraid of harming you, and often treat you nicely in hopes you will return the favor, and this includes the government. If you don't see how this is true, then you have some awfully rose tinted glasses on my friend.
> Besides which, on assets, taxes is normally only collected when an item is sold.
Plenty of countries have an asset tax that you need to pay annually[1]: Argentina, Spain, India, Norway, Switzerland, and Italy. Spain's wealth tax goes high as 3.75%!
Granted, it doesn't appear that Craig Wright's home country of Australia has an asset tax on cash or currency holdings.
Furthermore, if you think about it, pretty much every country in the world has a type of asset tax that you need to pay annually -- it's called property tax. You need to pay your annual property tax even if you never sell your house.
Right, so we're talking about bitcoin, and you bring up houses. We're talking about Australia and you bring up other countries. Does the term strawman mean anything to you?
For condition D, Is it possible that the people involved (Wright, etc...) would purposely concoct this situation in order to "smoke out" the real Satoshi? Maybe they believe if they cause enough of a stir, the real Satoshi would come forward to settle the issue?
I believe B is semi-reasonable considering that Wright asserts he's revealing himself due to an extortion/blackmail threat. This could be a way of getting a non-technical extortionist off his back while not taking credit in a way that gives him authority or respect in Bitcoin's technical community. This situation is plausible, if, for example, a government knows he is Satoshi (and government surveillance programs would probably make it easy to find the real Satoshi) and is trying to make him impact Bitcoin in a way that benefits them.
No. If Weight is Satoshi, he knows who Satoshi is, so those are not orthogonal. Basically, the first dimension has four discrete states, while the second has two.
Thank you for posting this method of analysis (as well as the poster who pointed to ACH). I think the analytically-minded typically think along these lines, but it is very helpful to me to have a system to formalize around.
Condition A: Wright is Satoshi and Satoshi wants to be found. In this condition, Wright's actions make no sense. Why publish an obviously fake proof? I suppose if Wright/Satoshi lost the original private keys this would make some sense, but is really unlikely.
Condition B: Wright is Satoshi and Satoshi does not want to be found. Here things actually make perfect sense. Wright/Satoshi is trying to discredit himself by publishing fake proofs. This is a sort of hiding in the open thing that might work.
Condition C: Wright is not Satoshi but knows who the real Satoshi is, and Satoshi wants to be found. In this condition, Wright is trying to prevent Satoshi from being found for some reason, and he is doing this by trying to muddle the waters and throw doubt. If the real Satoshi shows up and provides a proof, non-technical people can now say "well Wright provided proof, but that turned out to be fake. Do we trust that this is real?".
Condition D: Wright is not Satoshi but knows who the real Satoshi is, and Satoshi does not want to be found. In this case Wright is trying to somehow capitalize on being considered the real Satoshi, or is trying to protect Satoshi from being found.
Condition E: Wright is not Satoshi and does not know who the real Satoshi is, and Satoshi wants to be found. In this case Wright is trying to somehow capitalize on being considered the real Satoshi, or is trying to muddle the waters for the real Satoshi.
Condition F: Wright is not Satoshi and does not know who the real Satoshi is, and Satoshi does not want to be found. In this case Wright is trying to somehow capitalize on being considered the real Satoshi.
Thoughts?