Hoaxtoshi aka Craig Wright busted - collection of quality research posts

[TPTB_need_war]

Now please stop making incorrect statements.

Please name me one single SHA256 collision - idiot!

And now work out for me the odds of CW having found such a collision (and it happening to come from whatever Sartre document).

The entire point of the thread I created is that the double hashing that Satoshi put in Bitcoin (and nobody knows why) can make the collision resistance twice as bad. SHA256 is already broken for 46 - 52 of the 64 rounds. So thus doubling the hash may have been enough to break it given also that Craig apparently had access to a supercomputer.

Dude I am more expert about cryptographic hashes than you are. I designed my own already. I have done a lot of research in that area in 2013.

[1714701573]

1714701573

[CIYAM]

Dude I am more expert about cryptographic hashes than you are. I designed my own already. I have done a lot of research in that area in 2013.

Priceless - please show us your own cryptographic hash algorithm - we are all dying to see it!



My guess is that you are going to offer your amazing cryptographic hash algo (which I am guessing has been peer reviewed by many experts all over the world) to Bitcoin?

No wonder @gmaxwell isn't very interested in what you have to post!

(and unlike you I am not claiming to have designed a cryptographic hash algorithm)

[TPTB_need_war]

Dude I am more expert about cryptographic hashes than you are. I designed my own already. I have done a lot of research in that area in 2013.

Priceless - please show us your own cryptographic hash algorithm - we are all dying to see it!



My guess is that you are going to offer your amazing cryptographic hash algo (which I am guessing has been peer reviewed by many experts all over the world) to Bitcoin?

Refute the facts in the prior post.

2011 attack breaks preimage resistance for 57 out of 80 rounds of SHA-512, and 52 out of 64 rounds for SHA-256.[1]
Pseudo-collision attack against up to 46 rounds of SHA-256.[2]

Now explain to the readers Mr. Know-It-All what happens when the hash is doubled.

[CIYAM]

Refute the facts in the prior post.

I don't take orders from the likes of you (i.e. a dick) - and we are still waiting to see your amazing cryptographic hash algorithm.



Please do show us your algorithm so that we can make sure that @gmaxwell can review it!

[CIYAM]

Cry to moma. You just got REKTED.

Priceless quote from the guy with the supposed huge IQ (sounding like a 4yo).

Now getting back to the topic - if CW has broken SHA256 it seems rather incredible that the collision he found just so happens to match some Sartre document (because he personally likes Sartre) and one of (or the) first Bitcoin transaction(s).

He also somehow generated an identical signature to one already in the blockchain (which would not happen even you are signing the same double hash value).

So we have either that scenario - or the scenario where he just copied and pasted the first (or one of the first) Bitcoin txs signature and then pretended the rest (i.e. a hoax as this topic is about).

Statistics would be very strongly on my side here.

[TPTB_need_war]

Now getting back to the topic - if CW has broken SHA256 it seems rather incredible that the collision he found just so happens to match some Sartre document (because he personally likes Sartre) and one of (or the) first Bitcoin transaction(s).

Oh my. You still haven't comprehended what I explained several times in the prior posts. How sad. Just get off my lawn. Ask a real programmer to explain it to you.

He also somehow generated an identical signature to one already in the blockchain (which would not happen even you are signing the same double hash value).

You really don't understand the math. I am not going to discuss it with you further. You can continue drooling.

[CIYAM]

You really don't understand the math. I am not going to discuss it with you further. You can continue drooling.

And yes - if you can't keep to the topic (which you keep on showing that you can't) then please stop posting your vitriolic nonsense as I don't think anyone else here is really that interested in your insatiable need to try and insult people (be it myself, @gmaxwell or whoever).

We all know that according to you "no-one understands anything as well as you".

So guess what - no-one is going to bother and try.

(you should consider just starting your own forum where you do all of the posting yourself)

[target]

i can imagine how fools bbc to believe his shitty statement and publishing it widely through their website,i hope only bbc who can be this easily getting lied by craig,the good thing, no one will believe this person and his mouth

really BBC published this fool? lol that's embarrassing.
probably because he explained all the technical details blowing the writers mind and instead of asking for proof they immediately dive into the news to publish it the first.

[spartacusrex]

Can someone explain how he signed the 'Satre' quote WITHOUT having to break SHA256 (finding a collision) ?

It's pretty important, as if he did do that, Bitcoin is broken.

He never used the hash of any Sartre quote (that was just misdirection) - the double hash that he used was simply that used in Satoshi's tx along with the signature that was used in the tx.

(basically he just copied and pasted from the blockchain then put together an elaborate pretense that he had somehow managed to sign something else using a private key known to belong to Satoshi)

Even the silly BBC report has been corrected once they finally worked out that they had been tricked.

Oh.. I see.. thanks.

How can 'big boys' like Gavin and Matonis have fallen for this.. !? That shows very poor skills..  ( ..too poor if you ask me.. )

Maybe he did show Gavin and Matonis something 'cool', Gavin said he saw something signed with the Genesis key, but for some reason couldn't share.. hmmm..

There is more to this story yet.. me thinks..

Has Gavin re-responded ?

[CIYAM]

Has Gavin re-responded ?

Gavin did respond and was apparently "surprised" at what had appeared in the guys blog (which supposedly was not the same as the demonstration he was given).

The fact that Gavin "wasn't allowed to keep the signature" from the personal demonstration is rather suspicious though in itself (and Gavin has admitted that it is possible that he was bamboozled).

Perhaps the key question was whether Gavin verified the double hash of the phrase that he had provided to CW (he has not commented about that AFAIA) because if he didn't then he could have been tricked in exactly the same manner (i.e. the hash not actually being correct).

[spartacusrex]

Has Gavin re-responded ?

Gavin did respond and was apparently "surprised" at what had appeared in the guys blog (which supposedly was not the same as the demonstration he was given).

The fact that Gavin "wasn't allowed to keep the signature" in itself is rather suspicious though in itself (and Gavin has admitted that it is possible that he was bamboozled).

Oh Gav.. out of the frying pan into the fire.. Not sure if you'll survive this..

You mean well I'm sure, and come across as sincere.. BUT..

If you want to show you can lead the Bitcoin community, you're going to need to be able to not be 'bamboozled' when it comes to a simple thing like a cryptographic signature.

Especially in the Bitcoin community..

[Fatman3001]

Maybe this is what you're talking about:

https://www.reddit.com/r/btc/comments/4hfyyo/gavin_can_you_please_detail_all_parts_of_the/d2plygg

[CIYAM]

Maybe this is what you're talking about:

https://www.reddit.com/r/btc/comments/4hfyyo/gavin_can_you_please_detail_all_parts_of_the/d2plygg

Yup - and what is important to point out is that Gavin doesn't say exactly how he verified the signature (i.e. did he type in the same message?).

And even if he did - surely we are not just supposed to "take his word for it" (as that is not how Bitcoin works is it).

[spartacusrex]

Maybe this is what you're talking about:

https://www.reddit.com/r/btc/comments/4hfyyo/gavin_can_you_please_detail_all_parts_of_the/d2plygg

Andresen says an administrative assistant working with Wright left to buy a computer from a nearby store, and returned with what Andresen describes as a Windows laptop in a “factory-sealed” box.

!? .. This is getting embarrassing.

..

The Art of the Con

Step 1 : Trick them into thinking it's a new laptop..

.. the rest..

[TPTB_need_war]

Can someone explain how he signed the 'Satre' quote WITHOUT having to break SHA256 (finding a collision) ?

It's pretty important, as if he did do that, Bitcoin is broken.

He never used the hash of any Sartre quote (that was just misdirection) - the double hash that he used was simply that used in Satoshi's tx along with the signature that was used in the tx.

(basically he just copied and pasted from the blockchain then put together an elaborate pretense that he had somehow managed to sign something else using a private key known to belong to Satoshi)

Even the silly BBC report has been corrected once they finally worked out that they had been tricked.

Oh.. I see.. thanks.

How can 'big boys' like Gavin and Matonis have fallen for this.. !? That shows very poor skills..   ( ..too poor if you ask me.. )

No one has presented a script which hashes all portions of the Sartre text to verify whether it does or does not hash to the correct value.

Until someone does that, they can't be sure that Craig won't reveal the Sartre text which does hash to the correct value, thus proving that he broke the cryptography. Since the SHA-256 was already broken to 46 - 52 rounds of the 64 rounds (for a single hash), then doubling the hash as Bitcoin does could potentially break it for all 64 rounds, because ostensibly collision resistance gets worse when doubling a hash (as I had explained in detail upthread). No one knows why Satoshi designed Bitcoin with a double hash. I am positing it might be a back door.

CIYAM is misleading you. Follow an idiot if you want to be one.

I'm sorry for my lack of technical understanding, but if there were a back door in btc.

1. Could this be fixed easily before it could be used in a way to hurt btc? i.e do you need a super computer to utilize this back door?
2. would this same issue be there in all alts that were essentially cloned from btc code or does using a different algo or POS help to nullify this backdoor?

I am not sure if you thread was deleted since you didn't receive a PM about it. Does one receive a personal message when a thread is moved?

No when a thread is moved they don't receive a PM, but there is no "Moved: ....." thread message remaining the Bitcoin Technical Discussion subforum. And I also checked Off-topic and it hasn't been moved there afaics. Also normally the link doesn't stop functioning even when it is moved. Clearly Gmaxwell is trying to hide it.

Gmaxwell might try to claim he banned me from that sub-forum, yet he had mentioned in our last communications that I am not banned from that forum. And also smooth and I recently posted in the thread in that sub-forum on one of the SegWit threads and afaik my post hadn't been deleted the last time I looked. He didn't just delete my posts in the thread but also posts from several other forum members who posted in that thread. The entire thread has been vaporized afaics. I presume Gmaxwell is formulating his plan now how to try to make me look like a fool. We know what happened the last time he tried to do that, I embarrassed him technically.

What I stated in that thread is that this is all presuming that Craig will be able to tell us which portion of the Sartre text hashes the hash output that was signed as proof on his blog. If Craig doesn't ever do that, then he is a fraud. But if he does it, then it means there is some cryptographic breakage in Bitcoin. And I am identifying the double hash as the greatest potential weakness.

1. The more I think about it, the more I realize that if it is true, then it means who ever can do this, could potentially spend other people's coins. So maybe this is how Craig will spend coins from an early block of Bitcoin (although he might have mined then also depending how early the block is he moves coins from). And the only fix I think would be to have everyone respend their coins with a fixed block chain and fixed wallets. And for lost or inactive coins, they would remain vulnerable. You may or may not need a super computer depending on the cryptographic breakage. I am not sure if an ASIC miner would help or if having access to a miner in China with 30% of Bitcoin's hashrate would help or be necessary. I can't really speculate on the exact metrics of any cryptographic breakage since this would have I assume required a lot of research on his part.

2. Yes it would apply to clones which copies the double hashing.

I repeat this is conjecture that hinges on two speculations:

a) That Craig can present the portion of the Sartre text which hashes correctly.

b) That the cryptographic breakage that allowed #a, is a break in the SHA256 presumably due to the double hashing.

Okay now we are starting to get some evidence that there might be a coordinated attack to hide the facts I have presented (note the following thread move to Meta is not the thread that Gmaxwell deleted):

Your thread was deleted because it was utterly moronic, even more so than your usual bullshit. Everyone who had the misfortune to read it is now dumber for having done so. Go ahead and sell your coins, and don't let the door hit you on your way out.

The Bitcoin maximalists are having a heart attack because they don't like the facts.

[Fatman3001]

A WO-thread buddy of mine shared an interesting point:

This is how Satoshi Nakamoto would have to reveal himself in order to not risk breaking Bitcoin or causing market disruptions.

* First you contact people you know you can prove it to, make them sign an NDA and keep 100% control of the process.

* Release the claim along with confirmations from these trusted parties.

* Provide confusing proof to the public to soften the blow.

* Let time pass.

* Gradually provide more convincing proof to the public.


With that in mind it would probably be wise to keep from going apeshit on forums before we know more.

[Come-from-Beyond]

Okay now we are starting to get some evidence that there might be a coordinated attack to hide the facts I have presented (note the following thread move to Meta is not the thread that Gmaxwell deleted)

It's likely not a coordinated attack but a manifestation of collective conscience of bitcoin holders who don't want a sell panic to start.

[TPTB_need_war]

Okay now we are starting to get some evidence that there might be a coordinated attack to hide the facts I have presented (note the following thread move to Meta is not the thread that Gmaxwell deleted)

It's likely not a coordinated attack but a manifestation of collective conscience of bitcoin holders who don't want a sell panic to start.

Well let them be the last one out the door. Much better they can trample each other on the way out.  

[hhanh00]

Okay now we are starting to get some evidence that there might be a coordinated attack to hide the facts I have presented (note the following thread move to Meta is not the thread that Gmaxwell deleted)

People have refuted your theory but you just don't want to listen.

"If you sign the same message with the same key, you will get a different signature".

Your chances to get the same signature is ~1/2^256. Why? Because of the the 3rd step of the ECDSA algorithm. Quoting from https://en.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm

Calculate e = \textrm{HASH}(m), where HASH is a cryptographic hash function, such as SHA-2.
Let z be the L_n leftmost bits of e, where L_n is the bit length of the group order n.
Select a cryptographically secure random integer k from [1, n-1].
Calculate the curve point (x_1, y_1) = k \times G.
Calculate r = x_1\,\bmod\,n. If r = 0, go back to step 3.
Calculate s = k^{-1}(z + r d_A)\,\bmod\,n. If s = 0, go back to step 3.
The signature is the pair (r, s).

Their emphasis, not mine.

Now, tell me. How did CW come up with the same signature as something from the blockchain if he was casually signing a message? Bear in mind that k is chosen by the signing software (openssl) and not an input from the user.

[TPTB_need_war]

Who are you quoting? I never wrote that text.

Yes you did. Either that or you decided to take credit for someone else saying it. Maybe you should go to a doctor and ask for an Alzheimer's screening, considering you've already forgotten something you wrote today.

I did not write that text with bolded phrase and without the context of the caveats that I provided at the deleted thread which was quoted out-of-context and missing the link to the context, as explained already dufus:

It seems likely that Craig has identified the back door that was placed in Bitcoin as explained above, and used his supercomputer access to find a preimage of SHA256.

Who are you quoting? I never wrote that text.

Liars and spin masters rephrase the wording to present someone's argument out-of-context (and delete entire threads where the caveats where disclaimed by myself which you are failing to mention).

Is that the best you retards can do?

P.S. the context at the deleted thread which LauraM didn't even link to, contained bolded and red caveats similar to my reexplanation as follows (which I was forced to repeat after your leader gmaxwell vaporized an entire thread):

What I stated in that thread is that this is all presuming that Craig will be able to tell us which portion of the Sartre text hashes the hash output that was signed as proof on his blog. If Craig doesn't ever do that, then he is a fraud. But if he does it, then it means there is some cryptographic breakage in Bitcoin. And I am identifying the double hash as the greatest potential weakness.

1. The more I think about it, the more I realize that if it is true, then it means who ever can do this, could potentially spend other people's coins. So maybe this is how Craig will spend coins from an early block of Bitcoin (although he might have mined then also depending how early the block is he moves coins from). And the only fix I think would be to have everyone respend their coins with a fixed block chain and fixed wallets. And for lost or inactive coins, they would remain vulnerable. You may or may not need a super computer depending on the cryptographic breakage. I am not sure if an ASIC miner would help or if having access to a miner in China with 30% of Bitcoin's hashrate would help or be necessary. I can't really speculate on the exact metrics of any cryptographic breakage since this would have I assume required a lot of research on his part.

2. Yes it would apply to clones which copies the double hashing.

I repeat this is conjecture that hinges on two speculations:

a) That Craig can present the portion of the Sartre text which hashes correctly.

b) That the cryptographic breakage that allowed #a, is a break in the SHA256 presumably due to the double hashing.

You continue following gmaxwell. He will lead you to failure.

I did not write that text with bolded phrase and without the context of the caveats that I provided at the deleted thread which was quoted out-of-context and missing the link to the context

Regardless of whether the context is provided, trying to deny you wrote the text is a lie. Granted the meaning changes somewhat when context is provided, however it doesn't change the fact.

I denied writing the text without the context. Where is the lie? Are you pulling my words out of my context again! Disingenuous fuckers you all are.

I don't understand what this thread's point is. Are you complaining that the staff deleted your post, or just trying to spread your 'facts' around the forum further to cause unnecessary panic?

Yeah you don't understand. Probably because you don't want to understand. Enjoy.

Your thread was deleted because it was utterly moronic, even more so than your usual bullshit. Everyone who had the misfortune to read it is now dumber for having done so. Go ahead and sell your coins, and don't let the door hit you on your way out.

The Bitcoin maximalists are having a heart attack because they don't like the facts.

While there are facts I don't like, I can accept them and I've never suffered a heart attack as a result. Though it's irrelevant since you've never said anything that even remotely resembles a fact.

You are free to present a refutation of anything I've written. So far, I've seen no technical argument from you.

Please do try, so I can REKT you.