150 comments

[ 2.9 ms ] story [ 71.9 ms ] thread
Per the link, the signature corresponding to the address and message is valid. The address belongs to Hal Finney, and the message implies Satoshi (who sent him the initial btc) is Paul Le Roux. Any insights?
(comment deleted)
Does this make all his historic bitcoins property of the state for crimes committed? That's a lot of public debt to retire.
Assuming no shenanigans, there is a layer of deniability since the message was made from Hal Finney's address and private key, i.e. Finney is lying.
(comment deleted)
Hal Finney is dead, his keys were used in 2017 after he died in 2014.

Somebody knows his keys == nothing said to have been done by his key can be demonstrably proved to be him, even back to the beginning: how do we know when his private key was compromised?

Craig Wright is pulling his hair out rn
For those who don't know:

> Craig Steven Wright (born October 1970)[1] is an Australian computer scientist and businessman. He has publicly claimed to be the main part of the team that created bitcoin, and the identity behind the pseudonym Satoshi Nakamoto. These claims are regarded as false by much of the media and the cryptocurrency community.

source: https://en.wikipedia.org/wiki/Craig_Steven_Wright

Please don't call him Australian, we don't want him.
Can someone independently verify the decryption claim here?

Should I interpret this to mean that either bitcoin signatures can be attacked via hash collisions, or that they're not actually cryptographically secure, given enough time and computing resources? Either seems bad.

You can verify yourself here: https://reinproject.org/bitcoin-signature-tool/

Use the Bitcoin-QT tab, and don't include the "---- BEGIN" and "---- END" comment lines. It checks out.

OK (and thanks)...so how should I interpret this?

As in, how is it possible to decrypt an encrypted signature, and what does that mean for the security of cryptocurrency?

Unless I'm grossly mistaken, it seems Shkreli doesn't understand the basics of cryptography because he's using incorrect terminology here.

The signature isn't encrypted at all, it's just a piece of data (a hash, if you will) that was generated using the private key associated with the wallet in question.

In order to generate the signature, you need to have a message to sign, and a private key. All Shkreli has shown is that the signature he posted is valid for the given message and the wallet (which is in fact an old wallet of Hal Finney’s). I’ve posted elsewhere in this thread about this, but so far I can’t find any evidence that the signature he posted actually appears in the blockchain associated with that January 2009 transaction. Until we have proof of that, the most likely alternative explanation is that the wallet’s key is compromised and someone is signing random messages with it that say whatever they want.

A public key signature works by encrypting the hash with the private key, to verify you decrypt the hash with the pubic key and check it against your own hash of the payload.

Edit: No argument with your second point, just pointing out the mechanism does involve the signature being an encrypted form of a plaintext hash/message digest.

Thanks for the clarification! I didn’t explain myself well at all, but what I was getting at was that Shkreli claims the sig “decrypts to” the message given, when it does nothing of the sort.
This is indeed how RSA works, and is seen as a weakness of RSA, among other things it can lead to accidental oracles if you use the same key to both sign and decrypt things.

To my knowledge, this is not how ECDSA works. ECDSA is "just" a signature algorithm, e.g. provides integrity and cannot encrypt or decrypt anything - in EC-land you would use a technique like ECDH to arrive at a symmetric key that you then use to do encryption.

Oops, yeah I was thinking of RSA, thanks for the correction.
right. it has nothing to do with being published to the blockchain.

for example:

HB2dakxE7SgbuSQX6qQYByHkx3pTG0Tx2ymb8mVd2Bg6E+4Qk7O2/E/BiE9sjcLKp0rF+m3U0YHwI1Yv8Gjvjw0=

public:

1HZwkjkeaoZfTSaJxDw6aKkxp45agDiEzN

message: hackernews

Thanks, I did what you said and it worked.

I used the Bitcoin-QT tab and filled out the three fields and got a green message at the top of the page that said "Message verified to be from 1Q2TWHE3GMdB6BZKafqwxXtWAWgFt5Jvm3"

I think it would be highly unlikely to create a hash collision that is so specific like this.
Would also explain why Satoshi went silent since the guy is sitting in federal prison.

When is he getting out? I would sell my BTC before he can move all those coins.

It would be in the interest of the Bitcoin community to agree on a fork to start burning those large wallets that are know to belong to Satoshi ensuring future stability.

I don’t think administratively destroying wallets on the blockchain is going to add any trust into the system .. quite the opposite.
Martin has been out for a few months now.
GP is talking about Le Roux, who is in prison.
Not Martin, Le Roux. I think he's still being held by the U.S. Feds.
(comment deleted)
Trying to crowdsource Treasury-style monetary enforcement, are we?
>Would also explain why Satoshi went silent since the guy is sitting in federal prison.

A cursory Google suggests that Satoshi's last communication was on April 26, 2011. Paul Le Roux was arrested on September 25th, 2012.

> Paul Le Roux operated under numerous pseudonyms:

> Paul Solotshi Calder Le Roux, backed with a Congolese diplomatic passport[4]

Interesting... Solotshi

This is a good read: https://www.wired.com/story/was-bitcoin-created-by-this-inte...

Hal Finney lived a few blocks from a man named "Dorian Prentice Satoshi Nakamoto."

From https://www.forbes.com/sites/andygreenberg/2014/03/25/satosh...

"I received an email from an old cryptography community acquaintance of Finney's who has asked to remain anonymous. The email was titled "What are the odds?" It pointed out that Hal Finney had lived for almost a decade in Temple City, the same 36,000 person town where Newsweek found Dorian Nakamoto. Finney's address was only a few blocks away from the Nakamoto's family home."

Satoshi is a German or Swiss. Nobody in the world has GMX email addresses except the Germans and the Swiss.
I do this sort of thing to mask my identity.

GMX, yandex, I’ve used them all without living in the countries they call home.

In the early 2000s I was probably the primary user of britneyspearsemail.com despite not caring about this celebrity at all.

I'm pretty sure created a gmx.de account around the turn of the Millennium and I'm not from a German speaking country. They had an email service and I needed an email.

The problem with absolute statements is that they always get it wrong.

The interesting thing is that satoshi was using a gmx.com address, emphasis on the .com. Those were only available to paying customers of GMX.de.
So GMX might know who Satoshi is but... GDPR?
Most likely they know who paid for the address. I need to check if payment via credit card was an option in 2009 or SEPA only.

IIRC, the gmx.com address was registered again later by someone else.

>Nobody in the world has GMX email addresses except the Germans and the Swiss.

You can just make one, right?

(comment deleted)
Almost nobody knew about them outside of the German areas
I have a GMX account and I'm neither. A few decades back they were one of the few free email providers offering POP3 access.
Hal Finney passed away in 2014. But the address has been active since: https://www.blockchain.com/btc/address/1Q2TWHE3GMdB6BZKafqwx...

I see four possibilities:

* An absurdly elaborate conspiracy. (This is always a possibility.)

* Ghosts can do cryptography.

* ECDSA is cracked.

* Someone else has a copy Finney's key.

Occam's razor: spectral signatures!

I am not sure I understand, how could this be a conspiracy?
Sorry, I was being somewhat sarcastic and it misfired. The only real option is the last one. The key is most likely compromised.
its plausibly debatable

someone who isnt paul le roux left their signature saying it was paul le roux, in case it ends up being read one day

This message was signed with Hal’s key.. we know someone has control over his key after his death and has used it.

(1) who has Hal’s key

(2) where did Martin “find” this message to be able to decrypt it

There’s obviously some sort of agenda here involving multiple people, it’s just not clear at the moment what this particular agenda is.

Oof. Apparently my irreverent tone was not well-received.

I'll be more sober about it. A cryptographic hash is not proof that data was signed by a particular individual, unless you know for certain that individual is the only person who has the key. That is a hard standard to meet with a dead man when the key has demonstrably been used after his death. That transaction in 2017 means that someone besides Finney simply must know Finney's key. Anything signed by this key cannot be trusted to have come from Finney.

Keys are just keys and are not tied to a person’s identity. When can they ever be trusted to come from a single person?
I'm honestly not sure there could be a more unreliable source for this
(comment deleted)
The cryptography checks out. The source is irrelevant, might as well be from Trump.
(comment deleted)
Shkreli is live streaming this right now and somebody on his voice chat just said to him "No offense Martin, but you're probably the last person I would go to if I had incontrovertible evidence of Satoshi's identity"

For all the horrendous shit that this Shkreli guy is known for, I always think of his Microsoft Excel skills first.

I always wonder why people are so impressed about his excel skills.

I have seen many people in BI being much better. He just knows his shortcuts and pivot tables, this is standard stuff.

And the mayor discipline, if anything, are customized macros which run cross device for a whole department, like opening one reports, filtering the data, creating a new file with a date stamp etc and sending reports and stats.

It doesn't impress me now but it was the first exposure I had to see Excel being used fluently. I later learned that it was very common in the world of finance and nothing exactly impressive. It's like how I impress somebody with my mediocre sql skills until they see a real dba in action.
Do you rate SBF as a source more or less credible than Shkreli?
Five years from now SBF will be a Kevin Mitnick-type providing talking head advice about the future scammer du jour, teleconferencing in alongside Elizabeth Holmes from their respective prisons, while elder scamsman Shkreli moderates.
After some digging I found this:

1) The address that was used to send this message is not the first address that the genesis(the first "mined") block sent money to.

2) The "genesis"/Satoshi address has been used through the years a lot

3) The "Paul le Roux" address is far less active

4) this transaction was made 9 days after the first block was mined

My conclusion here is: Paul le Roux _MIGHT_ be Satoshi, but unlikely, more like very early adopter who either knew Finney, Satoshi or both. But neither can be said with 100% certainty.

5) the transaction in question does not contain the message in the post. The message was just signed by the receiver's key, whose current owner is unknown.
1. The signature was created using a private key that corresponds to the address "1Q2TWHE3GMdB6BZKafqwxXtWAWgFt5Jvm3".

2. 1Q2TWHE3GMdB6BZKafqwxXtWAWgFt5Jvm3 is Hal Finney's (Not Satoshi's) address.

3. Hal Finney passed away in 2014.

4. Some coins that belonged to that address were spent in 2017. [1]

It appears that someone else (definitely not Hal) has the private key to that address.

[1] https://www.blockchain.com/btc/tx/70ec308460a38f6de25f89c6ed...

(comment deleted)
Wouldn’t it be likely that his wife or a close friend has the private key?
I see. Are you implying whoever has access to Hal's wallet could have produced this signature after his death?
exactly. this has nothing to do with proving it is Santoshi, nor is it a hash collision.

All it means is multiple people have Hal's private key and somehow either Martin is one of them, or he was told to post this message.

> It appears that someone else (definitely not Hal) has the private key to that address.

So Paul le Roux, by the message?

> 1Q2TWHE3GMdB6BZKafqwxXtWAWgFt5Jvm3 is Hal Finney's (Not Satoshi's) address.

Where do you get this?

EDIT: I am proposing not that Paul LeRoux is Satoshi, but that he is in possession of Hal's key, and produced that signature as a troll.

I would believe it if the signature came from one of Satoshi's addresses, but this is not it.
(comment deleted)
No, that particular message could be created by anyone (including people who are not Paul le Roux), who has the key to the 1Q2 address, at any time, past or present.

All we have to go on right now is that someone knows the private key that corresponds to the 1Q2 address and used it sometime before the last hour to generate a hash of a message that says that Paul le Roux sent bitcoin to Hal Finney.

How do we know the message was signed during the last hour and not in 2017 or 2014 or whatever? Does it include the hash of a Bitcoin block created in the last hour?
Your parent didn't write "during the last hour", they wrote "before the last hour"
Maybe the key was inherited by someone? I don't intend to take my cryptos with me to the grave, or redistribute my wealth between holders, however you prefer to see it.
why would it take so long to discover this?
Because cryptography.

It's impossible to brute-force "decrypt" this message, you need to know it before hand.

More technically: you need to generate a pre-image of the sha-256 hash.

No one broke any cryptography in this situation.
Which is exactly the point why we didn't find out about this until someone leaked it.
Anyone know where he got this info? Is there a previous source?
I don't know but Martin's claim just showed up on the Wikipedia page > https://en.wikipedia.org/wiki/Paul_Le_Roux

> On December 13, 2022, Martin Shkreli alleged that a message connected to a January 12, 2009 transaction sent to the Bitcoin wallet belonging to Hal Finney, who received the first ever Bitcoin transfer, revealed Le Roux as being the sender.[44] This claim was debunked in short order by Bitcoin developers such as Peter Wuille[45], and Greg Maxwell[46]. These individuals, along with other less known pointed out the poster of the signed message was not even competent enough to spell Le Roux's name correctly. In addition, the signature does not appear in the public blockchain.

How did Martin Shkreli figure that out?
(comment deleted)
It's not an original idea. It was popularized a few years ago by Evan Ratliff, author of a book about Paul Le Roux, 'The Mastermind'

Convenient for the author to discover the link to Le Roux. Then talk about it on podcasts while promoting his book, and have articles written about him.

All Shkreli does is promote himself to get eyes on whatever he's doing next. You can't ignore the incentives. It's difficult to prove who Satoshi is or is not. Craig Wright made a succesful career out of it.

Also, Shkreli has been critical of Bitcoin. Picking Le Roux, a criminal, as Satoshi helps to paint Bitcoin in a bad light.

Thanks for sharing that important context and perspective.
Also, my question means: How did he figure out how to decrypt that hash into the plain text message?
Someone gave him the signature to verify the hash.

He explains it during this stream here:

https://www.youtube.com/watch?v=gjE4dEX2z9E

You can just watch the first 10-ish minutes to get the gist.

He gets the same push back he's getting here. Still confidently says "Paul Le Roux is Satoshi."

I'm watching the video and from where I started Martin is talking to the person who gave him this info and he is reading these very comments and the comments on his blog post and being very skeptical and also thinks it is fake now too. Very good watch, and I like the non-attachment to the specific outcome Martin has towards all of this. He is looking at this objectively.
The question is where did he get the signature from?
Ratliff in the book said a lot of people suggested this to him, and he never found any evidence of it.
someone told him . likely someone who knows hal
Could someone please clarify the connection between the wallet:

1Q2TWHE3GMdB6BZKafqwxXtWAWgFt5Jvm3

And the signature:

HM7vpPSUbNsfDHRX6gv8xxWcVNHEc/3pOk0YrVehaGoUdbWizznfzOdELkLd1EjSXsW1oE5vHAkNAPzrAVzhuoI=

how do we know that the two are connected? (I'm guessing one of them hashes to the other.)

When you run signature verification on that text with that signature and that address, it checks out. It wouldn't otherwise. The text links the two.
I know next to nothing about the internals of bitcoin, but based on a high-level understanding of public key cryptography:

- 1Q2TWHE3GMdB6BZKafqwxXtWAWgFt5Jvm3 is the wallet address but can also be thought of as a public key. The owner of the wallet also has a private key corresponding to that public key.

- HM7vpPSUbNsfDHRX6gv8xx...[etc] is a cryptographic signature generated by signing an arbitrary message using a private key. To generate the signature, you need the plain text of the message, and a private key. To "verify" the signature (i.e., confirm that it was generated by the private key you expect), you only need the message and the public key (or the wallet address, in this case).

- Shkreli claims (and it has indeed been confirmed) that the signature he posted is valid for the message and the wallet address. In other words, someone in possession of the private key for the wallet in question, has signed the message given using that private key.

What I don't understand is where the signature came from -- I do see a Jan 2009 transaction involving that address on various blockchain explorers, but that particular signature is nowhere to be found. This could absolutely just be me not understanding how all of this works, but in order for this to be "really big news" I think you'd have to show proof that the signature given was posted with the transaction back in 2009. Otherwise, it just means that Hal Finney's wallet is compromised and someone has been signing random messages with it.

You can sign a message without broadcasting it . This message could have been created an hour ago for all we know.
> What I don't understand is where the signature came from -- I do see a Jan 2009 transaction involving that address on various blockchain explorers, but that particular signature is nowhere to be found. This could absolutely just be me not understanding how all of this works, but in order for this to be "really big news" I think you'd have to show proof that the signature given was posted with the transaction back in 2009. Otherwise, it just means that Hal Finney's wallet is compromised and someone has been signing random messages with it.

This.

Furthermore we know that the wallet spent coins in 2017, three years after Hal's death. Someone other than Hal had (has?) access to the private key for that address.
However, I couldn't find this signature:

HM7vpPSUbNsfDHRX6gv8xxWcVNHEc/3pOk0YrVehaGoUdbWizznfzOdELkLd1EjSXsW1oE5vHAkNAPzrAVzhuoI=

... anywhere on the blockchain:

https://www.blockchain.com/explorer/search?search=HM7vpPSUbN...

Why not?

Update: I get it now. It doesn't have to have been on the blockchain. It's just a message that was signed with a private key, and...., using Hal Finney's public key (wallet address), the message, and the message signature, we can confirm that it was signed by Hal Finney's private key.

Can someone who knows more than me about the internals of bitcoin help me understand:

1) Is there a place on a blockchain explorer somewhere where I could find the signature that Shkreli has posted? I tried looking up the wallet address and found the transaction from Jan 2009, but I don't see that signature anywhere.

2) The reason I ask the first question is that I believe that if the private key is compromised, then whoever has it could have generated a new signature corresponding to that wallet address and any arbitrary message, correct? So if Shkreli is in possession of the private key, he could just be banking on people not actually verifying that the signature he posted appears on the blockchain?

1) Not all signatures are on chain. All that is needed is to post the signature somewhere and verify it with the message and public key. 2) Whoever has the private key can produce the signature, and the signature can only be produced by someone who has the private key (assuming the cryptography is secure)
I realize not all signatures are on the chain, that’s obvious if you know what a signature is. That’s why I’m asking whether it appears on the chain. :)

If it appears somewhere associated with that transaction, that’s pretty strong evidence that Shkreli is correct.

If it does not appear on chain at all, then Shkreli is wrong and his post proves nothing about the identity of Satoshi.

Your reaction was my reaction, for what it’s worth. It seems like everyone more or less is suspecting the same thing. (Private key leaked, no way to backdate the hash, therefore this proof isn’t as newsworthy as it seems.)

On the other hand, if it does appear somewhere in the blockchain, it’s a pretty big scoop.

At its core, a Bitcoin address is a public/private key pair used to sign data. One type of data you can sign is a Bitcoin transaction, which when signed and valid, gets processed by the Bitcoin network. "Send 0.01 BTC to xyz" -- signed retrac. But it's standard public key cryptography, and you can use that key to sign any kind of data.

The signature in question was not posted to the Bitcoin network. It's almost exactly like signing an email with a PGP signature. The message/signature pair alone are proof that the message was signed by the key in question.

2) Yes. Anyone with the private key could sign a message. And for clarity, such things are not date-stamped in a secure way, so there's no way to know when it was signed.

For me, one major incongruity is that, it is possible to post such data to the Bitcoin network. If you need a permanent record of when a key signed something, that's honestly about the only thing blockchains are good for! Hal Finney understood this very well. So when he allegedly signed that message 8+ years ago for future generations to finally know the truth, why didn't he take advantage of an architecture, that he helped create, that enables making such claims in a (more) verifiable manner?

This is great info, thank you! I agree that it’s strange that Finney wouldn’t have posted this message to the blockchain. Unfortunately I think most people superficially familiar with bitcoin don’t understand cryptography deeply enough to realize that the most likely explanation for all of this this is that Shkreli or an associate is in possession of Finney’s private key.
> 2) Yes. Anyone with the private key could sign a message. And for clarity, such things are not date-stamped in a secure way, so there's no way to know when it was signed.

Certainly if the message included a hash of the last Bitcoin block that'd be a very strong date-stamp.

Such a timestamp could only be interpreted as a "no-earlier-than" proof. You couldn't use it to prove that the message was created before a certain date, as all existing bitcoin blocks can easily be referenced in any future messages.
I would consider that a strong date-stamp too, but it doesn't do what we would need here. It can only set an earliest possible date for the message. It does not bound it on the other end.

It's like using today's newspaper to prove when a photo was taken. If the front page of Dec 13 2022's New York Times is in the photo (and the photo is authentic) then the photograph must have been taken on or after Dec 13 2022. But I could use that same newspaper in 2025 to prove the same thing. The photo was taken on, or after, Dec 13 2022.

Bounding the other end -- to prove that this key was not used after a certain point in time -- is really quite a puzzle with no particularly elegant solution, as far as I know. Trusted central authority that date-stamps and signs messages when it receives them. Or a blockchain, ironically.

Is there a way to provably destroy a piece of information? The closest thing I heard of was the Z-Cash "ceremony" [1]. If there was, we could create messages that are provably and absolutely timestamped.

Another possible way would be crafting the message in a way that requires a low-entropy system, like a living human person, a sophisticated computer, or an immense power source. But, this would only be useful on extreme time scales, or within limited space.

[1]: https://z.cash/technology/paramgen/

If this is true, wow.

I've read about Paul Le Roux before as he is likely the person behind Trucrypt.

While he's a criminal, if he really created Truecrypt and Bitcoin and also ran an international drug/gun running operation...I'm impressed. I think this dude's story could make a awesome book/movie some day...

Here's at least one book on him: The Mastermind: Drugs. Empire. Murder. Betrayal. by Evan Ratliff.

Another is: Hunting LeRoux: The Inside Story of the DEA Takedown of a Criminal Genius and His Empire by Elaine Shannon.

Michael Mann has the rights to turn Hunting LeRoux into a film. He did Heat, Ali and Collateral (probably one of my favorite movies). Unfortunately, he also did Blackhat.

Ha, awesome. I should have googled for books/movies first.

Thanks for the info!

The book exists. It's named "The Mastermind". It's wild, really wild!
Awesome, thanks for the info!
Also, the author of that book brought up the link to Satoshi. It's in his interest for the idea to be out there. Nobody would be looking up this book today, otherwise.
Really? The book is absolutely superb.
suggest you read his wikipedia entry. It’s sickening.
Not a movie but a documentary on Netflix, The Big Boss: A 21st Century Criminal.
Was Paul Le Roux known before he was arrested? As in, is it possible that Satoshi tried to create a fake trail?
In case you wonder who Paul Le Roux is, here’s the Wikipedia page [0] and what I believe is the original investigation by Evan Ratliff [1].

[0]: https://en.wikipedia.org/wiki/Paul_Le_Roux

[1]: https://magazine.atavist.com/the-mastermind/

And from the above:

> Le Roux was arrested on 26 September 2012 for conspiracy to import narcotics into the United States, and agreed to cooperate with authorities in exchange for a lesser sentence and immunity to any crimes he might admit to later. He subsequently admitted to arranging or participating in seven murders, carried out as part of an extensive illegal business empire.

> Le Roux was sentenced to 25 years in prison in June 2020.

It’s worth sharing the entire paragraph:

On 12 June 2020, Le Roux was sentenced to 25 years in prison. According to the presiding judge, Ronnie Abrams, "the scope and severity of Mr. Le Roux's criminal conduct is nothing short of breathtaking. I have before me a man who has engaged in conduct in keeping with the villain in a James Bond movie." However, she also added that the sentence reflected Le Roux's cooperation and the danger he faced.

I worked with Paul before he went down the path of the criminal. He seemed really smart too bad he went bad. This would be in 1991 or 1992. I also worked with one of the programmers caught as part of the Madoff 5. I'm hoping that is all of my brushes with people who go bad.
From your experience with him, do you think he has the academic background to write the Bitcoin paper?
He is brilliant. Thinks very highly of himself so I suspect likely also a sociopath. Encryption is one of the things he is known for.
Ratliff says in his book that he could find no evidence that Le Roux had any connection to Bitcoin, though many people suspect him
This just feels like another entry in a long list of supposed proofs of who Satoshi is, which is missing detail (almost certainly by design) and which could have many other plausible explanations. The most obvious of which is that a private key leaked.
It could also be that Hal Finney lied about who it was, or was deceived about who it was. I find those to be plausible as well.
Came expecting a long convoluted argument, Craig Wright-style, but this is like one of those short papers that have the proof in the abstract.
It does not have a proof though.
Any headline that ends in a question mark can be answered by the word “no” - Betteridge’s law of headlines
1. 1Q2TWHE3GMdB6BZKafqwxXtWAWgFt5Jvm3 is Hal's address, so that means the message was written by someone with Hal's private key (not from Satoshi's).

2. Hal died 2014, that address last sent btc in 2017, so someone else (estate?) had access to the private key. I wouldn't be surprised if the private key got leaked (maybe even sold), so it's entirely possible that someone else signed that message (and recently at that).

3. Not sure if there's evidence that Hal even knew who satoshi was

But yeah, crazy... I verified the message too, I just don't think it's conclusive evidence of who satoshi is/was

Interesting and important note from playerTwo in the comments.