Bitcoin Forum

The 1 million "Satoshi owned" bitcoins have been priced in by the market to stay put forever. Craig "Satoshi" Wright said he was going to move them, what are your opinions what would happen to altcoins prices if he stands by his word?

If it tanks BTC, I will actually buy a bunch of BTC and immediately buy my favorite ALTS with it, since it will decrease their price verses FIAT.   :D
But I have more faith in my favorite Alt than BTC , no matter what happens with Wright.

 8)

hahah this guy is so funny lol. He doesn't need to move any coin to prove it, just sign the fcking message if he has the prive keys  :D. The excuse he gave for not moving the coins was because they were held by a "trust" is just hilarious. He must think everyone here is such a noob on crypto lmao

So it's a hoax then? 

You know, I don't think the market has priced in Satoshi's block as infinitely unspendable.  I think it's quite the reverse, but my level of certainty isn't high on this one and it will definitely be interesting to see what happens.

I believe the claimed amount of coins Satoshi holds is somewhere around 600-700k of BTC. While this is a lot of coins, with the upcoming halving of the mining subsidy, from 25 coins/block to 12.5 coins/block, the supply hitting the market will be reduced by roughly 1,800 BTC/day, which works out to 657,000 BTC/year.

This would pretty much would erase the effects of any mass dumping within a year. While this may be catastrophic for some people, it would by no means be the end of Bitcoin and within a year or two it would be stronger then ever as the sword of Damascus would have finally be lifted away.

i've read from other member that he have only 200-300k not anything near that crazy amount, but still enough to cause a panic selling fest, 200k is a lot of coins, but my question is, why he would dump now when he did not dump before at $1200, so i'm not worried about him dunping now

He could sell at the peak of the price hike once halving hits. Or maybe he lost/forgot the key :)

To understand what is really going on, you need to read carefully what Craig Wright has always said and continues to reiterate:



You need to remember that Craig Wright has never claimed he is Satoshi Nakamoto. Instead, he has claimed that his former colleague (who died) was Satoshi. He claims he was backing his colleague's the development of Bitcoin.



Remember that Craig Wright had obtained funding for and was running a the largest Supercomputer in Australia. So what Craig has ostensibly done is he is used supercomputer resources to find the inverse of a hash function and then used one of Satoshi old transactions to pretend he has the private key:


Realize that he has probably promised to endorse Andresen's block chain scaling preferences and thus probably why Gavin wants him to be Satoshi:


Remember that after his death, David Kleiman's family recovered his USB flash drive and gave it to Craig Wright. Thus likely Craig Wright may have an unpublished transaction but not the actual private key. So he may be about to fool the world into thinking he is Satoshi, or making some proof that he was the man behind the man who was the real Satoshi.

You present this as a fact, it is not but let's pretend this is true, sure the markets can't ignore the possession of a large stash of Bitcoins by one man, the coins that are thought to be lost, and there will be a dump if only temporary. How can this affect the alts market, can the alts market finally disconnect from the price of Bitcoin, loosen the correlation?

Re-read my post, you didn't seem to understand it. Craig has not said he is Satoshi. Find a quote where he said that. You won't. He has always said it was his colleague.

And with his access to a supercomputer, it is plausible he was able to reverse the hash in order to find a text that matched the signature that was already on the blockchain. Without that explanation, then he must have the private key! You seem to not understand the technology.  ::)

I am replying to every topic where my post is relevant. I am not the one who created so many duplicate topics.


You are just butthurt.

It is very relevant.

Craig has played Gavin. He knows Gavin needs support for his preferences for the block scaling debate.

Want to see something Funny:

Satoshi Nakamoto

(Urban Translation)    (Japanese Translation)   (Japanese Translation)  (Urban Translation)
Sato                           SHI                               Naka                         moto
To Fake Out                Death                             Inside                       Motivator


http://www.urbandictionary.com/define.php?term=sato

http://www.kanjijapanese.com/en/dictionary-japanese-english/shi
Also included under Shi
6.    shi-aie-    CIA
7.    shi-aie-    Central Intelligence Agency

http://www.kanjijapanese.com/en/dictionary-japanese-english/Naka

http://www.urbandictionary.com/define.php?term=moto

Never let it be said the Clowns In Action (CIA), don't have a sense of humor.  ;)

 8)

FYI:
Oh Crap, who is that at the door?

Makes more sense for Satoshi Nakamoto to be an anagram of four people.  There's no telling what the Craight Wright thing is.  Might just be western intelligence trying to hijack bitcoin since Wright seems to have some govt ties.  Wasn't Craight Wright writing a book the same timie he was supposedly making Bitcoin?  Who the hell can create Bitcoin and a book at the same time?

the timing of Wright's move right before the halving is the most interesting part of this story. he and his associates are up to something.

I agree, the whole timing of this is quite interesting. I am also inclined to think that Wright knew who Satoshi was and that the real Satoshi is probably dead. Otherwise why bother with the whole thing if the real Satoshi can just go "I am not Craig Wright".

If Wright is Satoshi and we know from his interview he is a large blocker, the timing is right to take control of Bitcoin from Blockstream and give it back to the community.

He'll move them extremely slowly - remember he has capital gains tax to pay if and when he sells them, so it will be in tiny amounts. So I don't think the Bitcoin market will tank as a result.

The biggest threat to bitcoin is not this chap moving his coins. It's the increasingly toxic civil war they were having before he surfaced, and which is still going on.

your information is just mis-information.
first of all he is not satoshi until he proves it, so stop calling him that name. he is just someone who claims to be satoshi and we have yet to see if her is telling the truth or not.

second he never said i am going to move 1 million coins, he said coins from early blocks. early blocks can be #10 or #500

for all i know this will be like him signing a message!

Price for most of the altcoins are related to market price of bitcoin so whatever we may see rise of altcoin price in terms of bitcoin, if we calculate price of those coins in USD it will be in same range as before. So the only coin that may get benifited from this move will be ethereum or other coins which have coin-USD pairs in trading platform.

1. I never said he is Satoshi. "Satoshi" is not Satoshi. Idk if he is Satoshi. In my imagination he is a good fit, not perfect but decent to pass for Satoshi. I don't know why some are not happy with his personality, he's a human and looks like a guy with the right knowledge and a mysterious twist to do what he claims he did. You're right that his claims are meaningless without proof.

2. I never said he needs to move 1 million coins, moving one satoshi from an early block will send a powerful message to the market. It's believed by many that Satoshi owns 1 million coins mined in 2009. Proof of access to coins of the early blocks that have never moved and priced in by the market to never move in the future will affect the price.

Thus far this has been true. Past performance is not an indication of future performance, specially with so much news coming.

we are not happy with his actions because he has a bad history littered with scams.*(see edit) but the one that concerns us is his "claim" to be satoshi and yet not releasing any proof (signed message) about his identity to public.


i agree that moving even 1 satoshi from the early blocks that were mined by satoshi can cause some kind of panic but it has to be the early blocks not coins that were sent from satoshi's wallet to others as test and/or giveaway.

i have read a good theory here, that said "he might have access to a signed transaction that was signed back in 2009 by satoshi but was never send to the network, so he wants to broadcast that now and claim that "I" have moved the coins.
this sound to me like the most possible thing in case he moves, and that would explain why he wants to move coins instead of signing a message.

EDIT:
sorry for using the wrong word here. in order not to be sheepish i change it to the correct term. :D
not a scammer but a criminal running from the law (https://www.reddit.com/r/Bitcoin/comments/4htw3t/how_to_steal_54_millions_of_dollar_from_the/)

There is no fundamental reason for this correlation to break. Only when you have a really new idea like Ethereum is there some change.

Releasing a signed message dated May 2016 to the public would not be a 100% proof he is Satoshi either and wouldn't erase the history of what you call "scams". You must be talking about the key cypher that wasn't added to PGP and such, as I am not aware of actual facts that he scammed someone out of money, you have links?

These inconsistencies in the past can be attributed to the fact he was trying to hide his involvement as real Satoshi by giving falsified evidence on purpose to make believe he is not Satoshi after his emails had been hacked (yeah, it could be this complicated), up to the point where it's not possible. I wouldn't read too much into these inconsistencies as impossibility for him to be real Satoshi. You don't dislike a person for his love for privacy even he falsified evidence with the purpose to remain unidentified, this is his right, it's not a scam. You actually aware of real scams he did? The real scam as in stealing someone's money, this would be the only thing that would go completely opposite to what Satoshi's invention stands for.

i don't know what you are talking about but when i say past scams i am talking about the $54 million and the tax fraud and the Australian Tax office raiding his home.

this guy did a nice job compiling the story on reddit (https://www.reddit.com/r/Bitcoin/comments/4htw3t/how_to_steal_54_millions_of_dollar_from_the/)

It's tax rebate money. You sheepishly don't make a difference between stealing someone's property and receiving back your belongings from violent thugs? The former is a scam. The latter that you linked to is restoring justice and perfectly in line with the spirit of Bitcoin.

If that happens, Bitcoin sinks, that's for sure.

Craig wright is not satoshi.

Nick Szabo is satoshi.

Craig wright is a tosser

He is not satoshi.

https://twitter.com/ICOcountdown/status/727648910647431170

https://github.com/patio11/wrightverification/blob/master/README.md

That is a jumbled analysis which doesn't explain well the situation.

I already explained it more clearly:



Let me unpack that more for n00bs. The point is that every Bitcoin signature signs the hash (of a hash) of the transaction. And so if someone can create two transactions that have the same hash, then one can use the same signature for both, i.e. no need to have the private key to generate a new signature.

What Craig did was reuse an existing signature from the block chain which is attributed to Satoshi, and supplied it as the signature for a new transactions. Specifically the new transaction is some text written by Sartre but the key point is that normally it should impossible to find a new set of data which can generate the same hash, because of the preimage resistance security property (https://en.wikipedia.org/wiki/Cryptographic_hash_function#Properties) of the SHA256 cryptographic hash function.


That Craig didn't create a new signature is indicative that he does not hold Satoshi's private keys, if we can find some other explanation for how he broke the preimage security of SHA256. That is why I offered the supercomputer information, because I remember that Craig had used his claim he was close to Satoshi in order to garnish government funding which enabled him to assemble the most powerful supercomputer in Australia.

It is very unlikely that Craig is Satoshi, and instead it appears he was on the scene very early when Bitcoin was launched:



However, what Craig is doing now is very peculiar. He appears to have the confidence to manipulate the entire Bitcoin community, including Gavin Andresen as I had explained my prior posts. Thus it appears to me he may have the support of some very powerful players in the Bitcoin ecosystem, even perhaps the government or the national security agencies.

---

---

---

---

Click this quote to read what Gmaxwell and others will respond:

You trolls can eat your words (https://bitcointalk.org/index.php?topic=1461597.msg14756900#msg14756900) now.

there is no way he is satoshi, he is just playing with us, proving identity is so simple, there is no need for extended arguments about this and there is definitely no need for extremely long comments that nobody reads!
show us signed message then he is satoshi, plain and simple.

also even if he moves the coins, nothing bad is going to happen to bitcoin, people will panic and sell and that will only create an opportunity for the whales to buy more cheap coins.

and also if anything, it will strengthen bitcoin more because in case of a dump the big question of what will satoshi do with his coins will be solved and there will be a balance in market.

Are you fucking blind?

If you click any of these links in the link I provided to you several times, you will end up finding the links to the analysis done by others which has all the information you asked for:


The only contention remaining is whether the Sartre text hashes to the hash Craig signed. Apparently no one has bothered to check that (https://bitcointalk.org/index.php?topic=1461597.msg14757372#msg14757372), even they are so damn quick to declare him a fraud without checking it.

Simpleton logic is for simpleton losers. You are not considering the game theory.

i have a theory, i think he said that he is satoshi because gavin asked him to say so, so he can restore the faith on the upcoming changes about bitcoin, i think ti's an attempt to instigate a pump in some way, what do you think?

altcoins market has always been about the hype and hype alone so i guess even if he doesn't ever prove his identity or even move the coins from the known satoshi blocks (addresses) the altcoin market will use this news to spread FUD and hype up themselves so i am keeping my eyes open to make the most out of this situation ;)

Does anyone know what black hole Bitcoin core (Blockstream) developer Gmaxwell moved the quoted thread to?

I can't find it any more and I have no deleted messages from that thread in my PM box.

---

Craig also has training in law. Remember how Bill Clinton explained in court what the meaning of "is" is.

Note he did not write "Satoshi Nakamoto". He wrote #SatoshiNakamoto" meaning he is the real hashtag, not the person or persona.

Meanwhile, we have a bigger problem of Bitcoin core (Blockstream) developer Gmaxwell deleted my thread into a black hole (https://bitcointalk.org/index.php?topic=1459687.msg14758960#msg14758960) (normally threads get moved some where) about the potential technical back door in Bitcoin illuminated by Craig's recent actions.

Note last time he did this, he moved my thread to Off-topic, but I checked there and nothing there.

---

---

---

---

I'm sorry for my lack of technical understanding, but if there were a back door in btc.

1. Could this be fixed easily before it could be used in a way to hurt btc? i.e do you need a super computer to utilize this back door?
2. would this same issue be there in all alts that were essentially cloned from btc code or does using a different algo or POS help to nullify this backdoor?

I am not sure if you thread was deleted since you didn't receive a PM about it. Does one receive a personal message when a thread is moved?

No when a thread is moved they don't receive a PM, but there is no "Moved: ....." thread message remaining the Bitcoin Technical Discussion subforum. And I also checked Off-topic and it hasn't been moved there afaics. Also normally the link doesn't stop functioning even when it is moved. Clearly Gmaxwell is trying to hide it.

Gmaxwell might try to claim he banned me from that sub-forum, yet he had mentioned in our last communications that I am not banned from that forum. And also smooth and I recently posted in the thread in that sub-forum on one of the SegWit threads and afaik my post hadn't been deleted the last time I looked. He didn't just delete my posts in the thread but also posts from several other forum members who posted in that thread. The entire thread has been vaporized afaics. I presume Gmaxwell is formulating his plan now how to try to make me look like a fool. We know what happened the last time he tried to do that, I embarrassed him technically (https://bitcointalk.org/index.php?topic=1378533.msg14035614#msg14035614).

What I stated in that thread is that this is all presuming that Craig will be able to tell us which portion of the Sartre text hashes the hash output that was signed as proof on his blog. If Craig doesn't ever do that, then he is a fraud. But if he does it, then it means there is some cryptographic breakage in Bitcoin. And I am identifying the double hash as the greatest potential weakness.

1. The more I think about it, the more I realize that if it is true, then it means who ever can do this, could potentially spend other people's coins. So maybe this is how Craig will spend coins from an early block of Bitcoin (although he might have mined then also depending how early the block is he moves coins from). And the only fix I think would be to have everyone respend their coins with a fixed block chain and fixed wallets. And for lost or inactive coins, they would remain vulnerable. You may or may not need a super computer depending on the cryptographic breakage. I am not sure if an ASIC miner would help or if having access to a miner in China with 30% of Bitcoin's hashrate (https://bitcointalk.org/index.php?topic=1319681.msg14757952#msg14757952) would help or be necessary. I can't really speculate on the exact metrics of any cryptographic breakage since this would have I assume required a lot of research on his part.

2. Yes it would apply to clones which copies the double hashing.

I repeat this is conjecture that hinges on two speculations:

a) That Craig can present the portion of the Sartre text which hashes correctly.

b) That the cryptographic breakage that allowed #a, is a break in the SHA256 presumably due to the double hashing.

No one has presented a script which hashes all portions of the Sartre text to verify whether it does or does not hash to the correct value.

Until someone does that, they can't be sure that Craig won't reveal the Sartre text which does hash to the correct value, thus proving that he broke the cryptography. Since the SHA-256 was already broken to 46 - 52 rounds of the 64 rounds (for a single hash), then doubling the hash as Bitcoin does could potentially break it for all 64 rounds, because ostensibly collision resistance gets worse when doubling a hash (as I had explained in detail upthread). No one knows why Satoshi designed Bitcoin with a double hash. I am positing it might be a back door.

CIYAM is misleading you. Follow an idiot if you want to be one.

Okay now we are starting to get some evidence that there might be a coordinated attack to hide the facts I have presented (note the following thread move to Meta is not the thread that Gmaxwell deleted):


The Bitcoin maximalists are having a heart attack because they don't like the facts.

---

---

I did not write that text with bolded phrase and without the context of the caveats that I provided at the deleted thread which was quoted out-of-context and missing the link to the context, as explained already dufus:


Is that the best you retards can do?

P.S. the context at the deleted thread which LauraM didn't even link to, contained bolded and red caveats similar to my reexplanation as follows (which I was forced to repeat after your leader gmaxwell vaporized an entire thread):


You continue following gmaxwell. He will lead you to failure.

---

---

From where did you get this information?  ::) I read that he wants to make a transaction from an early account. But there are many accounts which probably belong Satoshi. There is now evidence that he will touch this 1 million Bitcoins stake.

I understand it is only speculation at this point, and perhaps the other explanation you mentioned is more likely.

Is there any other reason there is double hashing? I mean are there known benefits and thus reasons it was employed? It was simply a mystery addition that nobody could justify its existance?

If there are no high level tech people here that can explain exactly why it is there then it does seem strange? why was it not questioned before and perhaps removed?

So specifically LTC/Doge would be effected too? the algo does not matter ie scrypt is just as vulnerable as sha256 because this same double hashing is present?

Are there any other high level programmers here who have looked at the double hashing and have any ideas about it? negative or positive?

Hopefully this is not the case and even if it were it is fixable before someone and their super computer or large hash farm can cause any issues.

What about ETH is that vulnerable.

I mean hopefully even worst case there would be a rush to other non vulnerable cryptos and not everyone bailing on the entire cryto scene.

This is why it is always good to have a few different currencies. Some which share practically no similaries so if a whole is found it one then capital can flow to another.

You've nailed down the holy grail of cryptocurrency investing. Thank you.

I would call you again a paranoid sociopath, but then you would again complain to the mods to delete my post...

Yes it is much more likely he is a fraud. But one has to wonder why he has gone this far, if he can't follow through.

My theory was only to discuss a theory, but the Bitcoin maximalists can't tolerate freedom-of-speech. So this might tell you where Blockstream will lead Bitcoin. Their SegWit is arguably a scam where they will not have soft fork versioning control over Bitcoin after adding SegWit, as has been explained by Professor Stolfi for example.

The soft fork versioning is a Trojan Horse. Smooth and I challenged Gmaxwell on that point some weeks ago in the Bitcoin Technical Dicussion thread, and last time I checked he had never replied.

It is all politics.


Afaik, nobody can justify it. Apparently only Satoshi knows why.

I am now offering a theory as to why. And speculation could be perhaps some people already knew this and were covering it up perhaps, but that isn't necessary to make my theory worth discussing.


Afair it has been questioned and brushed aside as, "only satoshi knows".


Transaction signing is not related to mining hash algorithm.


As far as I know, I am the first to present the potential for decreased collision resistance. I googled and didn't find anything.


I don't know if ETH uses a double hash on signing.

Also there is another detail which I am not sure about, which I was hoping to ask in that other thread that got deleted. I want to know if Bitcoin is signing a double hash of the transaction, or if the double-hash is only on the public key? That makes a big difference. If only the latter, then perhaps my theory is incorrect. As I wrote in the OP of the thread that got deleted, I didn't spend a lot of time checking all the details and hoped to receive peer review from other experts. but the thread was deleted.


The most likely outcomes are:

1. Craig is a fraud and this issue dies.
2. I misunderstood some detail about where the double-hashing is in Bitcoin's transaction system, thus my theory is invalid.

However, there is also a chance my theory is correct. In that case, I don't know if altcoins without the vulnerability would benefit or suffer.

I just wanted to have a discussion. The Bitcoin maximalists turned it into a war. Bastards.

Since when is the desire to have freedom-of-speech and open discussion equated with paranoia?  Can you look yourself in the mirror and say that allegation with a straight face  ???

You got your answer, satoshi my ass... lol

http://www.drcraigwright.net/

Craig is such a fag.

It appears that the entire fiasco was crafted to destroy Matonis and Andresen.

He has apparently taken the fall in order to hand more power to those who are not Matonis and Andresen.

But the saga may not be fully played out yet...

LOL, back to work :D

We don't know yet for sure who Craig is working for.

This obviously was not done without a purpose.

You don't take these huge risk (e.g. of being sued, etc) without a sufficient reason.

Is Matonis a large blocker like Gavin?

It almost looks like he is deliberately making a clown of himself.

Not?

https://www.reddit.com/r/Bitcoin/comments/3yupa6/philosophy_jon_matonis_extending_transaction_fee/

But they both are key members (control?) the Bitcoin Foundation?

What were their positions on Blockstream's SegWit?

Matonis is against block chain soft forks that are in SegWit:

https://www.cryptocoinsnews.com/jon-matonis-believes-block-size-debate-precursor-block-reward-debate/

http://bitcoinist.net/bitcoin-industry-leaders-block-size/

I guess there goes your Bitcoin is broken fud theory.

It might still be technically valid even if Craig isn't availing of such a vulnerability. And I am not yet sure if Craig has quit. He would place himself in greater legal burden by not following through.

Asking to have a technical discussion with a question mark and asking readers to please wait for the replies from other experts, hardly constitutes FUD. Please re-read the quote where I specifically stated those caveats from the very start (of course Gmaxwell deleted the thread but we still have my quote of the OP).

Remember Monero (not smooth) ignored for a year or more my points about combinatorial unmasking and IP address correlation. Finally now they admit it.

If what was presented to GA is all BS then there is no basis for even making such an assumption.  The thread likely got deleted because of your repeated insults leveled against other posters there, why you never got a notification could be because it was a whole thread that was deleted rather then a single post.  I'm not sure if a notification is sent out if a whole thread is deleted, never had one deleted myself.

This certainly makes GA (chief bitcoin scientist?) look pretty gullible.  Not sure who that Jon guy is and how he backed CWs claim.

I presented a technical argument. Regardless of the actions of Craig, that technical argument remains.

A technical argument by definition is not a fact. It is a technical position that stands to be debated. So if you are unwilling to respond technically to my technical points, then obviously you have nothing technical to say.

Here are some positions I made which you and no one else has refuted:

1. Craig said he signed a hash of some Sartre document but did not disclose which portion of the text. No one has written a script to prove that no portion or combination of portions of that Sartre text will not hash to the value that was signed. Thus I stated until someone has proven that it is impossible for Craig to later show that some portion of the Sartre text will hash to the sign hash value, then you can't claim with certainty that he can't do that. At the bare minimum, those who were checking Craig's proof, should have at least run a simple script to try every contiguous portion (no permutations) of the Sartre text (which is a tractable computation).

2. I have stated that no one seems to know why Bitcoin employs double hashing, and I have stated a theory that double hashing may weaken the collision resistance of the SHA256. I gave my logic for why that may be the case. I also note that SHA256 is documented to be reasonably close to being broken with 46 - 52 of the 64 rounds already broken. Thus I presented the theory that perhaps the double-hashing might push the vulnerability over the edge of breakage of 64 rounds. I didn't present that as a likely theory. I presented it as a point of discussion. If you have no way to refute this technical possibility because you don't know a damn thing about cryptographic hash function construction then that means you are not expert enough to comment about the quality of my theory. Do you for example even understand why two SHA256 hash function applications in series is not equivalent to 2 x 64 rounds? I ask you a specific question and I expect a specific answer.

I understand you don't like me, but that is your personal problem (http://esr.ibiblio.org/?p=1404). Only a technical reply from you is relevant. Of course you can't make one.

Also how do you know that Craig didn't withdraw his plan because I just explained how he may of accomplished the feat he claimed he can do? I mean if someone could even explain the rational justification for the double-hashing, then we wouldn't be wondering as much.

Are you sure you are not Craig Wright? you sound similarly delusional.

Are you sure you can understand the technical post to which you are replying?

Prove it.  ::)

The plot thickens.  :P

Makes everyone who says he was a fraud look like a total imbecile for not checking whether the website is really the official word of Craig Wright.

In the thread of mine that Gregory Maxwell deleted, I made the point that those accusing Craig of fraud, hadn't done their homework. Lol.  ::)

If we are basing it on the drcraigwright.com website "proof", then the Sartre document is the one claimed to have been hashed, but he didn't disclose what portion of that document.

Nice try. Fail.

My point is the you Bitcoin zealots didn't do your homework. Haha. You also didn't even validate if that was his official website. You guys are derelict, as well as censoring free speech and technical discussion. No wonder you will end up in failure mindlessly following Blockstream's SegWit soft forking Trojan Horse.


I asked you a specific question, "Do you for example even understand why two SHA256 hash function applications in series is not equivalent to 2 x 64 rounds?". I see you are unable to answer it?

After we confirm that you can't answer it, then I will REKT the rest of your technically incorrect response above.


Try reading the linked article to learn more about your character.

Btw, why are you so defensive of a coin that is 70% controlled by China's miners and allegedly soon to be 98.5% controlled (https://bitcointalk.org/index.php?topic=1319681.msg14757952#msg14757952). Can you even look in the mirror and not laugh at yourself.

Have you conquered the world already without your project mate? :)

Is that a valid technical rebuttal to my prior post mate? :)

Moving the goal posts and creating strawmen is a tactic of deception.

off topic: if the guy really had the private keys why he wouldnt trade some coins? i dont get this!

You have a lot in common with Craig Wright.. he backs off too when it really matters:)

I do not remember making any such insult. Please quote them and don't allege something you can't demonstrate, for that is a very slimy tactic.


Even when threads are moved to the Trashcan, we get a link showing they have been. Gmaxwell has some sort of super powers as a mod. I have no idea what kind of incestuous relationship is going on between theymos and Gmaxwell, but it doesn't really matter since Bitcoin is basically destroyed now with 70% of the mining controlled by China, soon to be 98+%, and with Blockstream implementing their SegWit soft fork Trojan Horse so as Matonis admits can end up increasing the 21 million coins limit.

The entire ecosystem is headed for a clusterfuck.


Not at all. If the drcraigwright.com is a farce, then nothing has been shown to be untrue about what Wright allegedly proved in private.

This is a masterful chess game being played.

And it is making everyone look like a fool, including those who said Craig was confirmed to be a fraud.

And including yourself for alleging that I speak FUD.

Those who have disingenuous intentions and attitudes eventually get what they deserve and that will include yourself.

I haven't back off of anything.

I will win. Watch.

I am watching you "win" everyday in here, don't worry :)

You could at a minimum disprove that any contiguous portion of the document can't match the hash. You all haven't done that, thus you are derelict. You all shouldn't go spouting off "Craig a fraud" without even attempting to verify some basic things such as whether drcraigwright.com is his website and whether any portion of the text could match the hash that was signed.


'backsplaining.


See above. REKTED.


Which is technically incorrect, but I will come back to that point to REKT you after we finish this.


So tell me the reason? Obviously I didn't ask the question to only receive a "yes". Anyone can say "yes". I want you to prove you understand how cryptographic hash functions are constructed and prove you have knowledge about how collision attacks are often constructed. Because these are things I had researched in the past. You've had enough delay to google it by now, so surely you can cheat and tell me?


That is the sort of reply which the linked article explains you would make. So you've confirmed it. Thanks.

Specifically I am not alleging something is maliciously hiding in the source code.

I am asking if the double hashing could possibly be itself a cryptographic hole that enables someone to preimage via collisions an existing signature so as to prove they signed a message from that key.

Apparently the double hash is also on the public key as well as on the hash that is signed? If true, this means that someone might be able to preimage a collision on the hash(hash(public key)) and thus spend other people's coins as well.

If you believe that, you are dumber than I thought.

Perhaps you aren't even a programmer?

Of course one can write a script to hash all continuous portions of the Sartre document and check against the hash and then show that he could not possibly be correct with any contiguous portion of the Sartre document that was claim to have been signed for.

Please don't waste my time with your inane inability to understand rudimentary concepts.  Even Yarkol already explained it.


I will proceed to explain once you confirm that do not understand why Merkle–Damgård construction is relevant? Either explain or admit you don't know. So I can proceed to teach you something. You are wasting my scarce time with your stalling/deception tactics and trolling.

Next time you will realize not to fuck with me, because I know a lot more than you assume.

He already shot his mouth off.. then again more recently.
Then he had to have known this would ripple around the Crypto world making news.

He had to have seen the reaction he got previously and now again pretty much.
which is we don't believe him..

So it REALLY makes me wonder why he made a 2nd attempt ?

Why would he keep sooooooo quiet for so long
then come out a while back ?
Then get rejected and now come out for a I'm connected to Satoshi stunt again.

I think Wright's financial / business history is interesting.
There is a LOT to dig up on him and it was the 1st time he pulled all this.
I thought last i heard he had fled the county with tax problems
and was trying to borrow money for a business scheme (one of many)
Which if your borrowing money it makes sense to claim your a billionaire with Bitcoin ?
he was trying to say he had a legal agreement where he could not access Satoshi's coins
until many years down the road but he needed money to borrow for yet more business schemes.

There is a lot to this guys..
go check out the 1 older story on this and look at the sketchy house Police raid pictures etc.

This guys financial trail reeks.
His stories and various things like lying about credentials before make him a lair.
I think he is a liar and untrustworthy greedy schemer.
And maybe he did have some connection to starting Bitcoin.. but i hope not.

Too bad the dead guy can't talk..

Check this out: http://www.drcraigwright.net/

Reason for second appearance was to scam £15 apparently. :)

http://www.bbc.com/news/technology-36213588

You know damn well that thread got deleted, you are one slimy tactic.

dumbass

I was sleeping. Now the REKTing will ensue.


I believe you are a liar. Prove it by revealing your identity. My identity is known to everyone. I have revealed my full name, where I live, my history, my LinkedIn account, my public non-anonymous writings published over the internet, etc..


Yes of course there is a combinatorial explosion of possibilities which was my point that you all can't conclude with 100% certainty that Craig can't produce a preimage of the hash, unless you can be sure he can't second preimage SHA-256 or otherwise find a collision. And I had stated that double hashing with SHA-256 might possibility have a cryptoanalysis hole that isn't known to exist in the cryptoanalysis of a single hashing. Again this was just a theory I wanted to discuss. Perhaps you don't like theories. Perhaps you would have preferred that Einstein didn't ponder riding in elevators. Well small, closed minds aren't very creative and thus don't achieve greatness. More on that with follow in a subsequent post.

However, in spite of the fact that you can't disprove any possible means of representation or permutation of the Sartre text, I wrote several times upthread that at the bare minimum, those protagonists who were claiming 100% certainty that Craig could not do something (btw a very strong claim), it would behove them to at least show that using typical representations of the Sartre text (e.g. ASCII text and perhaps UTF8/UTF16), that no contiguous portion of the text could hash to the signed hash. Moreover and more saliently, I pointed out that the protagonists were disingenuous or derelict by not pointing out the possibility that Craig might still be able to match the hash with some revealed content, Iff (if and only if) Craig had found a way to second preimage or otherwise find the necessary collision on the SHA256 hash. That the protagonists were too lazy to do this and were also too lazy to even verify if the website drcraigwright.com is Craig Wright's official communication vehicle (which apparently it is not and is now for sale here on bitcointalk.org according to a screen capture I quoted upthread), points to the lack of diligence and/or disingenuity in this tribe of Bitcoin maximalists including apparently yourself, who think they are holier than thou.

Do not disingenously quote my above two paragraphs out-of-context again. Don't cherry pick my context to make inane non-rebuttals which side-step my holistic set of points.

Note when I am done REKTing you on the technical points (again more is to follow below after this post), I never again want to waste my precious time with a useless and disingenuous turd. So this will be your last interaction with me.


You are apparently mathematically illiterate. If Craig can't find the second preimage or necessary collision, then he can't find a text that matches. Period. If he can find the second preimage or necessary collision, then he can find a text that matches. Period. When we analyze the probability, we don't start only with the Sartre text document. He could have chosen from any document on earth.

Thus his ability to use only contiguous portions of the Sartre document is mathematical plausible (again assuming he has the necessary cryptographic breakage), and thus it behoves the protagonists to explain this and even to write a quick script to prove that the contiguous portions possibilities in the common encoding formats does not hash to the signature he provided. The derelicts didn't do this. My necessary mathematical assumption in this paragraph (not impacting the prior paragraph) is that the hash function would be subject to a multi-collision attack. Thus if the breakage is not multi-collision, then Craig could not have reasonably limited himself to contiguous portions because the search for document matches in itself would probably be an intractable computational problem. My point remains that we see none of this sophisticated explanation from the protagonists. Instead they do a little bit of half-ass analysis and then everyone proclaims Craig is a fraud. This is Craig's point! I simply wanted to have a theoretical discussion in the Bitcoin Technical Discussion subforum and instead had my legitimate inquiry vaporized by the Bitcoin maximalist "forum-Hitler" moderator who uses the moniker Gmaxwell or in real life Gregory Maxwell. And we have all his underlings here who promulgate his shitty attitude and actions.

I'll interpret your reply as an ostensibly intentional veiled admission that you could not answer the question. So I will proceed to explain the sort of theoretical analysis that I was interested in discussing in the thread that the "forum-Hitler" Gmaxwell nuked.

---

Tangentially note the disclaimer that I wrote in the OP of the thread which was nuked:


I had written in that nuked and vaporized thread a post (my last or nearly last post in that nuked thread) which explained that at the moment I wrote that quoted OP, I had been mislead by sloppy writing on the news sites (and also the linked sites of the protagonists) into thinking that the hash of the Sartre text was already confirmed. For example, I provided this quote:


Being at is was by that time late in the evening for my timezone and I had been awake roughly 18 hours already, and I was skimming in an attempt to make some quick feedback on this potentially important event, so I could return to my work asap. In the nuked thread, I quickly realized that the Sartre text hadn't been verified to match the hash, so I actually stopped posting in the nuked thread for a few hours. Then when I came back to thread, it didn't exist so I could no longer follow up or read what had been elucidated. Thus note my original focus was on how the hell could Craig have achieved that match, so he must have broken the hash. I had recalled that I had theoretically doubts about the double hashing which I had never bothered to discuss with anyone. It had been 2+ years since I did that research on cryptographic hash functions, so I had to decide if I was going to go dig back into that research or not. I figured I'd sleep on it and then be able to think with a clearer, rested mind about the implications of the revelation (to me) that the hash had not been verified to match the text because the portion of the text had not been sufficiently specified (again the "undisclosed" term didn't make sense to me in quick skimming because I had read on the blog that the Sartre text was referred to).

But instead of being able to sleep on it and then decide whether to let it go or dig back into my past research, my thread was nuked and I was under attack. Remember I don't back down from anyone when I think I am justified. When I think I am wrong, I mea culpa.

---

So now back to the subject matter of whether double hashing could theoretically lead to any weakening of the second preimage and/or collision security of the SHA-256 cryptographic hash function.

Afaik, there is no research on this question. If anyone is aware of any, please kindly inform me.

First I will note the Merkle–Damgård construction (which SHA-256 employs) is subject to numerous generic attacks (https://ehash.iaik.tugraz.at/wiki/GenericAttacksMerkleDamgaard) and even though afaik none of these are currently known to be a practical threat against a single hash of SHA-256, we can perhaps look to those generic attacks for potential clues as to what a double-hashing might enable which a single-hash application perhaps might not.

Note in the pseudo-code for SHA-256 (https://en.wikipedia.org/wiki/SHA-2#Pseudocode) that what distinguishes a double-hashing from doubling rounds (i.e. "Compression function main loop:") or repeating the input text in double the block chunks (i.e. "Process the message in successive 512-bit chunks:"), is that the h0 - h8 compression function state which is normally orthogonal to the input block chunks instead gets transmitted as input to a block chunk in the second hash application (i.e. "Produce the final hash value (big-endian):") after being added to the output of the compression function (i.e. "Add the compressed chunk to the current hash value:"). And the h0 - h8 compression function state is reset to a constant (i.e. "Initialize hash values:").

The reason I think this might be theoretically significant is because we should note that the way cryptographic hash functions are typically broken is by applying differential cryptanalysis (https://en.wikipedia.org/wiki/Differential_cryptanalysis). Differential cryptanalysis is attempting to find some occurrence of (even higher order (https://en.wikipedia.org/wiki/Higher-order_differential_cryptanalysis)) differences between inputs that occurs with more frequent probability than a perfectly uniform distribution. In essence, differential cryptanalysis is leveraging some recurrent structure of the confusion and diffusion (https://en.wikipedia.org/wiki/Confusion_and_diffusion#Definition) and avalanche effect (https://en.wikipedia.org/wiki/Avalanche_effect) of the algorithm.

Not only does the double-hashing introduce a constant  h0 - h8 midstream thus introducing a known recurrent structure into the middle of the unified algorithm of a double-hashing, but it shifts the normally orthogonal compression function state to the input that it is designed supposed to be orthogonal to. On top of that, the additions of the h0 - h8 state at the midpoint, can possibly mean the starting state of the midpoint is known to have a higher probability of zeros in the least significant bits (LSBs). This last sentence observation comes from some research I did when I created a much higher bandwidth design variant of Berstein's ChaCha by fully exploiting AVX2 SIMD, that was for a specific purpose of creating a faster memory hard proof-of-work function. In that research, I had noted the following quote of an excerpt in my unfinished, rough draft, unpublished white paper written in late 2013 or early 2014 (and kindly note that the following might have errors because it was not reviewed for publishing and was merely notes for myself on my research understanding at that time 2+ years ago):


So now put those aforementioned insights about potential recurrent structure at the midpoint of the double-hashing, together with the reality that a Boomerang attack (https://en.wikipedia.org/wiki/Boomerang_attack) is a differential cryptoanalysis that employs a midpoint in a cipher to form new attacks that weren't plausible on the full cipher. Bingo!

I'll refrain from providing my further insights on specifics beyond this initial sharing. Why? Because I've been treated like shit by Gmaxwell and you all here grant him too much Hitler-esque control over the Bitcoin Technical Discussion subforum where these sort of discussions are supposed to occur, so I will take my toys else where. Enjoy your echo chamber.

Do I have an attack against Bitcoin's double-hashing? I leave that for you to ponder.

I asked you to not do what you just did above:

---

The point is that with a supercomputer together with a new cryptoanalysis break, the two together might be required to accomplish the attack. I want you to know that if China's pools see nearly all the mining shares, then they are viewing about 2⁶⁸ of SHA-256 hashing power per annum which may or may not be fulcrum. Don't presume you know all the theoretical attacks that are possible.


You've made at least two mathematically illiterate errors in that quoted text:

1. Testing that double-hashing fulfills some criteria you have prechosen, says nothing about security against cryptoanalysis which your criteria has not considered.
2. Securing a password by iterated hashing (because it requires the dictionary attacker to perform the iteration cost on each dictionary trial) says nothing about the increased vulnerability of collision cryptanalysis. You are conflating two separate issues of security.  ::)

I am done speaking to these amateurs. Waste of my time.

The plot thickens https://mobile.twitter.com/Dr_Craig_Wright

FYI truce, I will cease & desist:

Everybody knows that SHA-256 hasn't been broken. It is quite nonsensical to discuss ways it might be broken, when everyone knows that is impossible. No wonder why everyone ignores you.

@eca.sh, I'm not sure why you sent me a PM stating that TPTB_need_war is banned for ten days, but if it's true, I'm really unsure why you are attempting to argue with him a few hours after you broke the news to me--hard to reply when you're banned.

"Your buddy was banned for 10 days, lol
« Sent to: generalizethis  on: Today at 03:24:19 AM »"

TBT really got banned??? How's that work with all the other trolling that goes on in this shitshow

At least he puts effort behind his posts

I read eca.sh's post carefully and he appears to be arguing against himself. Literally.

Whoever reported him and got him banned is very childish.  He does get on peoples nerves with his pompous writings but he does put effort into it and from time to time comes up with some good and novel ideas although its hard to see because he has trouble being succinct and people get tired of reading the walls of text he puts effort in to post.

Grow up, you probably have a macro for the report to mod function, don't be a rat.  No one likes a rat.

Why did the mods ban TPTB?

How does censorship help the crypto movement?

Where did these posts go?

So thus you've admitted that double hashing adds no protection against a computationally bounded adversary (i.e. the only kind of adversary that exists in the real world). So why did Satoshi add double hashing to Bitcoin  ???


So thus you've admitted that double hashing protects against length attacks, but length attacks can't occur in the Bitcoin. So why did Satoshi add double hashing to Bitcoin  ???


As I interpret TPTB_need_war's explanation of the potential vulnerability (and I'm the canonical source of such interpretations, lol) due to a Boomerang differential attack, that Satoshi adopted the incorrect way of doing double hashing is precisely what makes Bitcoin open to the hypothesized vulnerability.
 
So why did Satoshi add the incorrect form of double hashing to Bitcoin  ???


I tried to be nice to theymouse and Gmaximus and discuss in an open forum about how it might be possible to break Bitcoin so that it could not make one person very wealthy. But they want to play hardball, so...

Please kindly quote my post in case it is deleted by the mods.

P.S. My personal opinion is I speculate Craig Wright was hired by core to discredit Matonis and Gavin. And I was hired by myself to do the same to "core"; and I speculate "core" appears to be affiliated with the aforementioned individuals. Velvet gloves are off. No more nice guy. Bitcoin is a failed clusterfuck with 70% of the hashrate attributed to China, and one former cattle farmer in China planning to increase that to 98%. The miners and Blockstream are ostensibly colluding to put soft fork versioning into SegWit. There is $1 million per day flowing from n00bs into this raping system that ends up in miner's pockets and other connected parties. Electricity likely charged to the collective via State funded hydroelectric infrastructure. And the ecosystem has no real utility outside of gambling, scams, and other nefarious use cases.

I am aware of your past BCT posts about the inadequacies of asymptotic complexity arguments. :)

I don't share your romantic guess of who created BitCON.

Btw, Craig says the name Satoshi comes from "the book" about the House of Morgan:

https://forum.bitcoin.com/bitcoin-discussion/the-name-satoshi-comes-from-satoshi-david-character-from-the-house-of-morgan-t7619.html

And Nakamoto means "in the book" in Japanese.

And Julian Assange knew Craig in 1996:

https://www.reddit.com/r/Bitcoin/comments/4hozs5/wikileaks_on_twitter_wed_like_to_thank_satoshi/d2rdg7u

Don't forget that (I was told) a House of Rothschild person was sheltering Assange when he was still free in the UK. And note now how the UN is attempting to supercede the UK's authority on the case. There is always a globalist plan for these pawns, including Edward Snowden.

I think someone paid off Craig to discredit Matonis and Gavin. Gavin has now lost commit access.

The danger is not that BitCON fails, but that it becomes the new totalitarian digital currency (https://bitcointalk.org/index.php?topic=160612.0).

Hope you are aware that ostensibly the Dr. Craig Wright can't be proven to have made the blog posts, which implicate him:

http://craigswright.com/

Meaning a failure of Bitcoin is not the big problem we face. I hope for the failure of Bitcoin instead of it scaling by becoming centralized. The danger is that many vested interests want Bitcoin to continue even if it is centralized. Centralization doesn't necessarily kill Bitcoin, unless the centralized controllers kill it. Too many tinfoil hats want Bitcoin to succeed and be "the better gold" even if it is centralized and controlled by the combination of China's miners, Larry Summers' 21 Inc., and Blockstream.

The annals of the crypto-currency arena is littered with ignonymous players. Similar to the birth history of President Obama, theymous and the Gman are nearly entirely ignonymous. I've seen only one photo of theyman. I can't find any LinkedIn for the Gman, his educational history, which high school he attended, and where he was born, even though most of his colleages at Blockstream (http://blockstream.com/team/) have a LinkedIn. Googling "Gregory F. Maxwell" only returns an address and phone in Parker, Colorado and the following Wikipedia Commons page:

https://upload.wikimedia.org/wikipedia/commons/d/d2/Gmaxwell-boat.jpg (https://commons.wikimedia.org/wiki/User:Gmaxwell)

I note the Gman's use of the "rascist" attack (https://bitcointalk.org/index.php?topic=1378533.msg14031154#msg14031154) against both TPTB_need_war and against Zooko @ Z.cash (https://bitcointalk.org/index.php?topic=1389890.msg14774892#msg14774892). And in the above linked Wikipedia Commons, his support for viral "copyleft" licenses that force companies to refuse to use open source because they aren't allowed to keep any portion of their derivative works as proprietary code. In other words, some of sort of totalitarian socialist/Marxist philosophy similar to FSF's Richard Stalman. Dangerous.

Readers again you may want to quote this message because we can't be sure if mods won't get "happy finger" and nuke this post.


Edit: these 1996 posts by Julian Assange says everything you need to know about whether he is a eugenics globalist:



And I suppose Julian should decide whose morals are best subjugated by robber barons as a matter of practicality, i.e. Julian is person who is thinking about how to best organize society from the top-down:

---

One man can't accomplish what "Satoshi" did with such precision. It was a large group of experts. No doubt about it.

You guys who have no experience in doing something like this, love to have your James Bond fantasies. But you are completely out-of-touch with the reality of actually doing what "Satoshi" accomplished.

What is so ironic from my perspective (and I suspect the elites are also having a good chuckle about the blindness of you "useless eaters/cattle") is that once you review all the facts (https://bitcointalk.org/index.php?topic=1459846.msg14781570#msg14781570) (<--- click to know what Satoshi Nakamoto really is), the fools are those who even entertain any thought that Satoshi could be a person.

The elites are playing us like a fiddle with BitCON (https://bitcointalk.org/index.php?topic=1459846.msg14776165#msg14776165). Seriously. I didn't reach this conclusion without extensive thought and rationality (https://bitcointalk.org/index.php?topic=1438301.msg14757751#msg14757751).


Zero chance. Nick is both not smart enough and doesn't code prolifically enough.

https://bitcointalk.org/index.php?topic=1416544.msg14456412#msg14456412
https://bitcointalk.org/index.php?topic=1284083.msg13239420#msg13239420 (Craig Wright was correct, Szabo was incorrect)
https://bitcointalk.org/index.php?topic=1393703.msg14196266#msg14196266 (did Nick ever create any s/w?)
https://bitcointalk.org/index.php?topic=1219023.msg14464292#msg14464292

Have you ever read Delueze's Societies of Control? Bitcoin fits great with this agenda, though I think Deleuze would say it's the natural progression of Capitalism and more the TPTB playing themselves than leading anyone--pay specially attention to the discipline society being ousted for control society when reading. While I think some in Bitcoin are trying to make it more private, I don't think it will ever achieve any degree of great privacy as it will never be at the protocol level and require you going through observable way stations that require you to borrow further and further underground--"Neo, what's in your wallet?"

http://www.mccoyspace.com/nyu/10_s/ideas/texts/week08-Deleuze.pdf (http://www.mccoyspace.com/nyu/10_s/ideas/texts/week08-Deleuze.pdf)

If we quit looking for a single person and speculate a combination of intelligence agencies as Satoshi Nakamoto,
We get the following :  ;)

SATO= MI6 (Secret Intelligence Service)
http://topdocumentaryfilms.com/satoyama/

SHI   = CIA (Central Intelligence Agency)
http://www.kanjijapanese.com/en/dictionary-japanese-english/shi
shi-aie-  translated is Central Intelligence Agency
(Extra sneaky dropped the -aie- )

NAKA = Home ( Homeland Security or MI5 (Domestic intelligence) or both)

Moto  = Mossad  (referred to inhouse as the Institute)
(Extra sneaky , removed a T , would have originally been Motto)

 8)

Well gleb gamow and SebastianJu both got temp banned too for similar reasons not too long ago.   At least the forum rules are being enforced somewhat fairly.

Which similar reasons?

---

Theymos defacto in effect admits TPTB_need_war might be correct with his technical allegation upthread that Bitcoin could possibly have a back door that could be cracked:


Vindicated!

Maybe theymos was actually using reverse psychology to make a hidden point. That could be he is ridiculing those who say there might be a potential but unproven back door in Bitcoin, by pointing out that such unproven FUD would justify stealing Satoshi's coins in advance to prevent the hacker from causing havoc.

Perhaps he is slyly trying to refute my hypothesizing about a back door in Bitcoin (https://bitcointalk.org/index.php?topic=1459846.msg14766475#msg14766475) (but my technical argument was not about a quantum computing attack).

I explained the economics centralization upthread, just search "sockpuppet1" to find all the posts.

Satoshi obviously intended for us to end up with a centralized token. What other possibility could there be?

Note Satoshi even wrote in the discussions with others, that he did envision Bitcoin's mining becoming controlled by corporations. All that ideological crap about "better gold" and "usurping financial institutions" was just putting lipstick on a pig.

http://www.bbc.com/news/technology-36213588 Whether Charlie Sheen is actually Satoshi or not, he is not so desperate for money that he would dump coins. If coins have so far not moved then simply knowing who the main bitcoin dev was will not cause him to sell.