Over the weekend Craig Wright claimed to be the man behind the pseudonym Satoshi Nakamota, the creator of the digital currency Bitcoin. Craig Wright convinced journalists at (amongst others) the BBC and the Economist that he could prove that he was the man behind the most common digital currency.
Over the last few days a number of people have disputed this claim, with respected security expert Dan Kaminsky declaring it a scam and others being less polite, calling it ‘flim-flam and hokum’.
What is Bitcoin and how does it work?
Bitcoin is an entirely digital currency. There are no coins or paper and it is not backed by gold or a nation’s reputation. The currency is entirely underwritten by mathematics.
In order to ‘own’ bitcoins a user must have the right to spend bitcoins associated with an address. This right is through the ownership of something called a ‘private key’. So for anyone to spend bitcoins they need an address (for example my address is 14rsY3Ho2YeV5vfwvoBrRFFvfdvhVHmiv9) and the private key that goes with that address (which is a long number that I’m not publishing!) If I lose my private key I can’t prove that address belongs to me and I have effectively lost all my money.
In order to spend money I perform a set of mathematical operations using my private key and my address – and this creates another long number called the transaction. I then transfer this to the new owner. This new owner performs another set of mathematical operations on the transaction that checks the signature is correct – this proves that person who created the transaction did indeed have the private key for that address and hence had the right to spend money from that address. These transactions are then gathered into blocks and about every 6 hours these blocks are published to massive public ledger called the ‘block chain’.
Incidentally we can also look back in time to see every payment ever made by anyone using Bitcoin, whether paying for legitimate products, paying off blackmailers (for example, following the Ashley Maddison data breach) or paying off malicious ransomware cyber attacks.
If you want to prove you are Satoshi then you simply need to prove you have the private key associated with one of the early blocks that are on public record as being created by Satoshi. These represent the so-called ‘Bitcoin billions’ and incidentally these are worth close to $450 million at today’s prices.
So what’s Craig Wright’s ‘proof’ and what’s wrong with it?
Craig Wright appears to take a piece of writing by Sartre, encrypt it using a private key then verify the signature using the data from some of these early addresses. If this were the case then it’d be good proof that he was Satoshi.
However there’s some early misdirection. Rather than choosing to encrypt the writing by Sartre, Wright actually encrypts a hash of the writing. A hash is simply reducing a large set of text to a long number – this is not an unexpected thing to do since a large piece of writing will have line breaks, spaces and all sorts of odd characters in it so it makes sense to tidy it up. However, a hash is one-way operation – we cannot reverse the operation and prove the hash comes from this text (and there is not a copy of the text to allow us to perform the hashing operation ourselves in order to check).
Now the illusionist steps forward. Wright actually grabs data from one of the initial Satoshi transactions (the long number at this link beginning 30450…) and claims this is the hash associated with the writing; and due to the way the maths works this then appears to validate correctly and he claims to be Satoshi. What he has, in essence, done is picked a number from something he knows to be from Satoshi, claimed it has come from somewhere else, then added 5 and then taken away 5 and predictably ended up with something that proves his case.
I’m not saying that Craig Wright is not Satoshi, but rather that his proof doesn’t stand up to the lightest of scrutiny, and the overly theatrical proof – whilst potentially well-meaning – does little to convince. There are plenty of simpler ways Wright could prove his claim and I look forward to him doing so.