Craig Wright, a man who, as WIRED wrote about back in 2016, either created Bitcoin or very badly wants someone to believe he did.
Now rumours are swirling through the Bitcoin world that Wright himself is poised to publicly claim—and possibly offer some sort of proof—that he really is Satoshi Nakamoto, the mysterious inventor of Bitcoin. If he does, he’ll have to convince a highly skeptical cryptography community for whom “proof” is a serious word, and one that requires cryptographic levels of certainty.
The suggestion is that Wright, an Australian cryptographer and security professional, has arranged to perform a demonstration for media in London sometime in the next week that’s intended to convince the world he’s bitcoin’s creator.1 Luckily for any legitimate claimant to the Satoshi throne—and for bitcoiners tired of the long succession of unproven candidates and speculation—there are some clear, almost incontrovertible ways for Satoshi Nakamoto to prove himself. When WIRED asked bitcoiners and cryptographers what it would take to convince them that Craig Wright is that long-lost Bitcoin founding father, they suggested a variety of methods, each with its own level of certainty. But there’s one form of proof that would be considered airtight for all but the most skeptical skeptics: what Johns Hopkins cryptographer Matthew Green describes as “show me the money.”
If Wright created Bitcoin, he should have access to the keys that control the earliest bitcoins mined on his computer or computers. Those coins have never moved in bitcoin’s seven-year history, despite at times being worth as much as a billion dollars based on Bitcoin’s exchange rate. (They’re valued today at closer to $400 million.) And that hoard of cryptographic treasure, held in a series of bitcoin addresses that each contains 50 bitcoins, are controlled by a collection of private keys—secret strings of characters—that in theory only Nakamoto possesses. If Wright can prove possession of the keys by moving some portion of those oldest bitcoins to a different address, Green says he’d be convinced. “It would be unmistakable,” says Green. “You’d see big piles of old money moving around. That’s the cryptographic miracle I want to see.”
That still wouldn’t necessarily be enough proof, however, for Jerry Brito, director of the cryptocurrency research group Coin Center. Brito points out that Nakamoto ought to possess one key that’s associated with Bitcoin’s so-called Genesis Block, the beginning of the public ledger of bitcoin transactions called the Blockchain. As a quirk of Bitcoin’s design, those first Genesis Block bitcoins can’t be moved or spent, but the key associated with them could be used to sign a message. So, Wright’s strongest proof would be to not only sign a message with that key, Brito says, but to sign messages with the keys from dozens of the first bitcoin blocks until no doubt remains. If Wright proved possession of one or two early blocks of bitcoins but not the Genesis Block or a broad collection of unmoved early coins, Brito says he’d still have suspicions; perhaps Wright started mining in secret very early, for instance, which could also explain his control of an early key. “If you only have the key to, say, the sixth block, why is that the only key he has?” Brito says. “If you’re Satoshi you should be able to sign and also moves funds from a lot of the early blocks.”
And there’s yet another key that Wright might use to try to prove his bitcoin claim: a PGP key long believed to be controlled by Nakamoto and attributed to him on the PGP key server run by MIT. While one blog post written by Craig Wright included a PGP public key that, when checked against the MIT server, was associated with the email address [email protected], that’s not the same, older key, which is associated with the slightly different address [email protected]. But Brito points out that Nakamoto’s PGP has never actually been publicly used to sign anything, making it hard to definitively prove that it’s actually his. And he adds that, of course, any key could have been stolen from a hacked computer or somehow shared by the real Satoshi Nakamoto with associates.
Gavin Andresen, one of the few people in the world who’s corresponded by email with Satoshi Nakamoto before the bitcoin founder ghosted from the internet in 2011, has his own list of criteria for Wright to prove himself, which he first shared with the Financial Times, and it’s long. He wants messages signed with both Nakamoto’s PGP key and keys from early bitcoin blocks, private messages he sent to Andresen alone, and an emailed correspondence with Wright to get a feel for whether he’s the same person Andresen communicated with in Bitcoin’s early days. “It’d take multiple lines of evidence to convince me,” Andresen wrote in an email to WIRED.
Credit : Wired.com