Ssshhh, explaining the joke ruins it! 

He did a bit of misdirection that anybody could do on any laptop. 

If you find a collision in SHA256 - ANY collision - EVER - publish it. Seriously.  Doesn't even matter how you find it.  Even if you don't explain how you got it, everybody will quit using SHA256. 

Hahahaha nope.

The nicest thing anybody could do for Satoshi would be to convince the world that the Satoshi pseudonym was his.

Wright will fail in this, but it's nice of him to try.

Wright apparently has large amounts of Bitcoin of unexplained origin.  It seems likely to have reached his hands via a ransomware scam - he started telling people that he was an early miner to account for the coins, and now it's looking like he's escalated to the point of claiming to be Satoshi.  

If only enough suckers would believe him, the original Satoshi could rest easier at night.

Nope.

To come out of hiding after it's gotten this far, he'd have to be dumb enough to get hit TWICE by the same bolt of lightning.  And he isn't.

An "I am not Craig Wright" message seems very unlikely.

Dorian was in trouble via no fault of his own, and because of the name coincidence to the pseudonym, the original Satoshi might have considered himself to blame for that.  "I am not Dorian" was rescuing the poor guy from what might have otherwise been a life-ruining (or even life-ending) situation.

Craig Wright on the other hand climbed a tall tree in a lightning storm with a copper cable tied to his scrotum and thrust a lightning rod into the sky with his own stupid hand.  He deserves whatever he gets, and I'm rooting for it to be the Jolt to End All Dolts.

Hogwash. 

A.  Gavin has no idea who the original Satoshi is and couldn't have flipped him.

B.  Satoshi knows Gavin has no idea who Satoshi is and has no fear of being flipped.

C.  Gavin has no leverage over Satoshi and couldn't get him to do shit if he didn't want to.

E.  Satoshi's Opsec was flawless, but one flaw is all it takes.  It is very difficult to maintain flawless opsec, and very dangerous to risk further action or communication which might break it, especially now when the situation is under much more intense scrutiny than ever before.  Satoshi has no compelling reason to take that risk.  No message Gavin could possibly send would result in Satoshi's risking his opsec to become vulnerable.

D.  Getting to Gavin is therefore completely useless to Los Federales if their goal is getting to Satoshi.

No, it could not lure out the real Satoshi.

This clown opened his own mouth.  There is absolutely no reason why the original Satoshi should rescue him from the consequences. 

Australia was recently (within the last 2 years) investigating a ransomware case involving the movement of a lot of Bitcoins.

During the investigation, Mr. Wright was questioned as to where his ability to spend large amounts of Bitcoin originated. 

Wright claimed to have been one of the earliest miners. 

This would be unexpected.  Not impossible, because it was always possible for someone to join in mining at any time.  But unexpected.  There was no communication from him to anyone involved as far as I know, and I don't think he's on any of the mail lists where Satoshi discussed it.

And now it's a bit later and the claims are larger... Maybe he's doubling down on a challenge to the authenticity of his story?

Time to cook some popcorn, I guess. 

No such wallet address exists. Satoshi mostly didn't touch the coins he mined.  Sergio Lerner has done a good job identifying a bunch single-block mining subsidies that have a 99.999+% chance of belonging to Satoshi. 

If someone meets a journalist for pizza and then pays using one of THOSE txOuts, that would be an interesting story. 

Of course by the time the reporter got the second paragraph written, long before she actually filed the story, the markets would all be going crazy because OMG ONE OF SATOSHI'S ADDRESSES MOVED!!!

The situation with the press talking about Satoshi is very much like UFOlogists talking about the Men In Black:

They are all asking "who" and "what".

But the only relevant questions are "why" and "how".

People claiming to be Satoshi, or claiming to know who Satoshi is, are irrelevant.  If you want to understand this, what you need to understand is WHY Satoshi had to be invented and HOW the interaction was conducted.  Who Satoshi was, is irrelevant, and claims to know who Satoshi was are missing the point.

"What is too terrible to be spoken, must be wept.
 What is too terrible to weep, can only be laughed."

Standard integer-to-permutation algorithm, applied to large integers.

uint256 Shuffle = rand256();
int deck[52];

for (count = 0; count < 52; count++) deck[count] = count;
for (count = 52; count > 0; count--){
  swap(deck[count-1], deck[Shuffle % count]);
  Shuffle /= count;
}

Me.  I wouldn't.  

The "Real" Satoshi has no reason to claim that identity.  None.  He absolutely knows why he was using a pseudonym in the first place, and he knows it's too valuable to destroy.  Steve Wright is in no way prepared for the shit storm that would happen to him if his claim were true and he were so inutterably stupid as to provide actual proof of it.

I don't know Craig Wright; I don't know what kind of person he is, what motivates him.

That said, if he expects to be believed FOR A COUPLE OF DAYS AT MOST, he could be looking to make a bit of money on a dip in price/buying opportunity while people believe the lie, followed by a recovery/selling opportunity when people figure out he was lying. 

It won't work.

Satoshi responded to Dorian Nakamoto's trouble when Dorian, through no fault of his own, was mistaken for Satoshi.

There is no way in hell he'll respond to Wright.  Wright opened his own mouth and deserves whatever he gets.  Satoshi has no moral obligation whatsoever to come to his rescue.

The best case for Wright is if nobody believes him.  Luckily for him that's also most likely.

There's a chance the Australian government will believe him, and then gently remind him that he owes AUD$hundreds of millions in taxes.  Whereupon he'll put a lot of effort into trying to prove he's NOT Satoshi.

And if he and his family and everyone he cares about are really unlucky, the mobsters will believe him, and carry out their usual demands via kidnapping, torture, extortion, etc.  Less efficient than government, but essentially the same, really.

Those extra bits are not wasted.

By not requiring them, bitcoin's significant figures fit into the significand of IEEE 754 floating point numbers.

So, people who use 'float' types to keep track of bitcoin amounts can do so without making roundoff errors in addition and subtraction.

If you were to start using more significant bits (divide up into units smaller than satoshis) you'd get all kinds of stuff like java and javascript implementations that make invalid transactions because of roundoff errors.

Craig Wright is not Satoshi Nakamoto. 

Nothing to see here.  Move along.

The issue is that his server seed plus your client seed are combined using XOR into a 32-bit shuffle seed.

It doesn't matter who picks what, or whether you know his server seed or whether he knows your client seed.  The issue is that there are only 4 billion possible shuffles.

If you can see five to seven cards, and you know the sequence in which those cards came off the deck, then you know which of those 4 billion shuffles it was.  And therefore what all the other cards (the ones you "can't see") are too. 

This is the fallout from 'Oh crap they can't do math.' 

That is, either they *Really* can't do math, and you can rob them blind because you know what all the face-down cards are - or they're *pretending* they can't do math while they rob all the players blind because they know what all the face-down cards are.

In this case, they came up with a protocol that allows people to 'verify' that the shuffle was "fair" in terms of having both sides pick a seed and having both seeds used in the shuffle.  But 'oh crap they can't do math' because the combined seed was only 32 bits long (4 billion possible shuffles) instead of ~250 bits (same number of possible shuffles as with a real card deck.  The result is that the protocol isn't badly incorrect but because of the implementation it doesn't matter because the game is still unfair.

Craig Wright is not Satoshi.

There are two ways for a transaction to be rejected. 

The first is "effective" rejection as opposed to "official" rejection, and that's what happens when a conflicting transaction gets into the block chain.  Basically, if one of the inputs of your transaction gets spent by a different transaction, and that different transaction is more than one or two blocks deep in the block chain?  Forget it.  Your transaction, although some places may keep it in the mempool indefinitely, is never going to happen.  (well, unless a chain reorganization reaches all the way back to the block with the conflicting transaction and kicks it out.  But what are the odds of that?)

The second way for a transaction to be rejected is relatively new; with the most recent build, transactions marked as being more than 72 hours old get kicked out of the mempool if they haven't confirmed. 

But there's a point about this 72-hour rule; no miner is under any obligation to follow it.  It becomes non-standard and won't be relayed by default after that point, but  If the miner hasn't kicked it out of their mempool, and no conflicting transaction has gone through, and the miner gets around to including it in a block a week later, it will go through.