Bitcoin 'Founder' Claim Goes BustCraig Wright Drops Promise to Prove He's 'Satoshi Nakamoto'
Australian entrepreneur Craig Wright claimed to be the secret father of bitcoin known only as "Satoshi Nakamoto" (see Police Raid Suspected Bitcoin Founder's House). But his claims have been dismantled in spectacular fashion by several security experts, who report that Wright's math didn't add up.
All of that prompted Dan Kaminsky, chief scientist at anti-malware firm WhiteOps, to dismiss Wright as being "the world's first cryptographically provable con artist."
Dan Kaminsky of WhiteOps dismisses Wright as being "the world's first cryptographically provable con artist."
Wright's shell game involved using a passage of text from French philosopher Jean-Paul Sartre, which he claimed to have signed using a private key tied to very early blocks of bitcoins that were known to have been generated - or mined - by Nakamoto. Signing that block of text would have generated a hash, which could theoretically be used to verify that Nakamoto's key had, indeed, been used, without revealing the private key itself.
"These are the blocks used to send 10 bitcoins to Hal Finney in January  as the first bitcoin transaction," Wright said during a meeting with the BBC. Wright also claimed that Finney had helped him translate his cryptocurrency ideas into bitcoin reality. "I was the main part of it, but other people helped me," he said.
Gavin Andresen, chief scientist at the Bitcoin Foundation, said that he "was flown to London" recently to meet Wright, where he watched him sign a message using what he believed to be a key "that only Satoshi should possess." As a result, he said that he was "convinced beyond a reasonable doubt" that Wright was Nakamoto, and that "even before I witnessed the keys signed and then verified on a clean computer that could not have been tampered with, I was reasonably certain I was sitting next to the father of bitcoin."
Multiple media outlets quickly proclaimed that Wright created bitcoins, and Wright issued a blog post, saying that since launching bitcoin, "I have been silent, but I have not been absent," and adding that "I have been engaged with an exceptional group and look forward to sharing our remarkable work when they are ready."
Who is Craig Wright?
But Wright's move to seize the Nakamoto mantle quickly fell apart as security experts attempted to verify his claims.
The complexity of Wright's attempt to prove he was Satoshi is part of what immediately triggered alarms, many security experts say. For example, the tongue-in-cheek Twitter user known only as "Swift on Security" asked why - rather than attempting to sign a file containing a passage from a French philosopher - Wright didn't just move some of the bitcoins known to have been held only by Nakamoto, at a pre-announced time and place?
To prove you are Satoshi, please transfer 100 Bitcoin from the original blocks into my MtGox account— SecuriTay (@SwiftOnSecurity) May 3, 2016
Shell Game Revealed
In short order, Kaminsky and other security experts found that they could duplicate what Wright had done by recovering part of a bitcoin transaction that Nakamoto signed, and which was still associated with the relevant transaction in the blockchain, which is the public ledger of all bitcoin transactions.
"Unknown to us, [Wright] grabbed a transaction from the real Satoshi and grabbed the initial hash. He then claimed that his 'Sartre' file had that same hash," Robert David Graham, who heads research firm Errata Security, says in a blog post.
Meanwhile, Kaminsky blogged: "Of course the blockchain is totally public and of course has signatures from Satoshi, so Wright being able to lift a signature from here isn't surprising at all."
Andresen subsequently told the BBC that he believes he made a "mistake" to believe Wright. He also told Kaminsky: "Of course [Wright] should just publish a signed message or (equivalently) move some btc [bitcoins] through the key associated with an early block," rather than claiming to have signed a Sartre extract.
In the face of that criticism, Wright issued a new blog post, saying "extraordinary claims require extraordinary proof," and promised to back up his claims. "You should be skeptical. You should question. I would," he said. "I will present what I believe to be 'extraordinary proof' and ask only that it be independently validated."
Rather than delivering on that promise, however, Wright then, instead, erased his website, leaving only a 148-word message that begins with, "I'm sorry," and claiming that he didn't have the courage to "put the years of anonymity and hiding behind me," but not denying his claims to be Nakamoto.
One Wright, All Wrong
Security experts have been scathing in their analysis of what many say was a scam. "The complexity of the trick proves it wasn't an idle mistake, but a deliberate attempt to defraud everyone," says Graham, whose blog post provides an in-depth explanation of exactly how Wright's deception worked.
It was a really good trick. It would've worked against me. It didn't work against the fact there are so many talented people out there.— Rob Graham (@ErrataRob) May 5, 2016
"He probably would have gotten away with it if the signature itself wasn't googlable by Redditors," Kaminsky said, referencing Reddit users who tested every aspect of Wright's claims before finding that they unraveled.
"It's not actually surprising that somebody would claim to be the creator of Bitcoin. Whoever 'Satoshi Nakamoto' is, is worth several hundred million dollars," Kaminsky says. At the very least, Wright might have commanded millions of dollars in book deals and speaking fees.
But for now, the true identity of the individual - or perhaps group - known as "Satoshi Nakamoto" remains a mystery.