It's Easy To "Prove" You're Satoshi

Shadders demonstrates how a modified version of the Electrum client can be used to provide a false positive.

Will Wright produce any valid evidence?

Perhaps the most compelling pieces of evidence that Craig Wright was Satoshi arose not long after his extraordinary claim first surfaced. In a private session with Bitcoin developer Gavin Andresen, Wright apparently signed a transaction with a key to one of Bitcoin's earliest blocks.

This "proof" was enough to convince Andresen that Wright was Satoshi, and indeed he publicly endorsed him as such in May 2016.

Private Signing

Because the signing happened privately, we do not know exactly what happened, and more than enough evidence has arisen since then to suggest strongly (to say the least) that Wright was lying. When Wright published a similar proof on his website, not long afterwards, it was dismantled by experts within minutes.

Andresen's credibility was damaged by the episode. He has since left a short comment on the same blog post in which he stated his belief that Craig was Satoshi—not exactly retracting his statement, but heavily qualifying it.

Feb 2023: I don’t believe in rewriting history, so I’m going to leave this post up. But in the seven years since I wrote it, a lot has happened, and I now know it was a mistake to trust Craig Wright as much as I did. I regret getting sucked into the “who is (or isn’t) Satoshi” game, and I refuse to play that game any more.

Faking Satoshi

With the "Satoshi trial" currently going through the UK courts, this episode has surfaced again. Wright has referred to it as a key piece of evidence to support his claim. Andresen was convinced, goes the logic, and he is an expert on Bitcoin and cryptography. Therefore Wright must be Satoshi, even though he has been unable to repeat the signature, for various reasons (chiefly involving lost and destroyed keys).

But it turns out, it's really not so hard to "prove" you're Bitcoin's creator after all.

Steve Shadders, a former nChain employee who worked with Wright, was easily able to modify the Electrum wallet to provide a false positive. For someone who knew what to do, this would have taken no more than a few minutes.

While verifying the integrity of the software used would have ensured the Bitcoin client had not been tampered with, this precaution was not taken by Andresen, as Shadders notes.

AFAIK I know all of the signing sessions except Gavin's were done on Craig's laptop, with no checks to ensure it wasn't a modified version.

Gavin at least recognized this and insisted it be done on a new laptop. What I didn't know until I read Gavin's deposition in the Kleiman case a while back (all 440 pages of it), was that according to Gavin, Craig had unobserved control of the laptop for long periods while it was being setup prior to the signing. In which case it would be trivial to install a modified version from anywhere on the internet. Gavin didn't verify the software himself so this would have gone undetected.

Shadders' analysis comes at a time when every single piece of evidence put forward by Wright is systematically being taken apart in court. As things stand, the trial can only end one way. Wright is going to need to pull something spectacular out of the bag to avoid a devastating defeat that has serious legal implications for him.


Subscribe to our newsletter and follow us on X/Twitter.

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to REX Wire.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.