....Or How Craig will prove he is Satoshi. submitted by
I will just advise that I am not a coder or anything technical, I'm just positing a hypothesis and would like some feedback/help from anybody that actually is a coder. I've read quite extensively into Bitcoin and have been around the scene around 5 years or so though - and I'm not easily fooled. I just need to know if my hypothesis is feasible technically, so I'll just roughly sketch it out for now.
Here is a quote from Craig regarding his key signing “proofs” that have been widely criticized: .” In recent sessions, I have used a total of 10 private keys are associated with bitcoin addresses. These were loaded into Electrum, an SPV wallet. In one of the exercises, I signed messages that I will not detail on this post for a number of individuals. “
These private signings were for people such as Gavin Anderson, John Matonis etc,( who said they were convinced) culminating in a well documented (and disputed) signing for the BBC and Economist.Apparently, the BBC proof seemed to point to the very first transaction Satoshi made to Hal Finney of 10 BTC but no message transaction appeared to be there: https://www.blockchain.com/btc/tx/828ef3b079f9c23829c56fe86e85b4a69d9e06e5b54ea597eef5fb3ffef509fe?show_adv=true
Here is a Medium article by Craig from 2018: https://medium.com/@craig_10243/nsequence-and-p2p-exchange-9e4cbf32124c
I read this and the links at the bottom to research all about “NlockTime” etc. This was removed from BTC code on 16th April 2016 by the looks of it - from what I understand of Github. This would be exactly the time (within days either way) of the Gavin Andersen and other signings: http://gavinandresen.ninja/satoshi
Now this is just too much to believe is a coincidence to my mind. Clearly one thing was likely a direct response to the other thing.
I think Craig saw what was being planned and thought “Bloody mongrel drongo baaarstards!”.....or similar and got straight on the phone to Gavin Andersen. There was an urgency about this – which I think is a clue. The signings were not particularly about proving anything
– they were about updating the terms of existing Nlocktime contracts with those that he already had them with. As the original code being removed was going to bugger them up, they had to co-sign to update them. Otherwise all the previous contracts/transactions that were planned to be executed/accepted on to the Blockchain at a later date would no longer be.
This would also indicate that Craig has been contracting those involved to do particular things for quite a while. This would also explain the apparent mystery of Craig stating he was forced to come out and do this with the BBC. The BBC proof was different to the private proofs though and was done for a very different reason. I believe this was probably the 10th of the private keys, though it could possibly be the 9th.
Anyway, the intention now is to put the code back to how it was, so early Nlocktime contracts can execute properly......so where does that leave us?
I think a message/transaction will appear on the Hal Finney block at a future time and it will say “I'm Gavin Andersen and my favourite number is 11 CSW” - or whatever the exact wording was. Similar messages will appear on other known Satoshi addresses. My guess is that there will be a big reveal in the Court case when maybe the 10th private key is used. I'm guessing that certain people I have mentioned may be called as witnesses to attest to what their messages were. It will be demonstrated by experts that only Satoshi could have done these things and it may or may not involve one last signing. What do we think.........possible?
Relevant things for technical people to consider I think, may include how certain things work such as raw transactions and Nlocktime and associated things and the fact that early Bitcoin code used "sequencing". This is just my layman's opinion though.
Any feedback would be much appreciated either in support of my hypothesis or in order to rule it out - either way I'm going to be more knowledgeable - so it's a win win!
Peter Todd submitted by
on Aug 24 2016:
Bitcoin-based honeypots incentivise intruders into revealing the fact they have
broken into a server by allowing them to claim a reward based on secret
information obtained during the intrusion. Spending a bitcoin can only be done
by publishing data to a public place - the Bitcoin blockchain - allowing
detection of the intrusion.
The simplest way to achieve this is with one private key per server, with each
server associated with one transaction output spendable by that key. However
this isn't capital efficient if you have multiple servers to protect: if we
have N servers and P bitcoins that we can afford to lose in the compromise, one
key per server gives the intruder only N/P incentive.
Previously Piete Wuille proposed(1) tree signatures for honeypots, with a
single txout protected by a 1-N tree of keys, with each server assigned a
specific key. Unfortunately though, tree signatures aren't yet implemented in
the Bitcoin protocol.
However with a 2-of-2 multisig and the SIGHASH_SINGLE feature we can implement
this functionality with the existing Bitcoin protocol using the following
2 2 CHECKMULTISIG
The honeypot secret key is shared among all N servers, and left on them. The
distriminator secret key meanwhile is kept secret, however for each server a
unique signature is created with SIGHASH_SINGLE, paying a token amount to a
notification address. For each individual server a pre-signed signature created
with the distriminator secret key is then left on the associated server along
with the honeypot secret key.
Recall the SIGHASH_SINGLE flag means that the signature only signs a single
transaction input and transaction output; the transaction is allowed to have
additional inputs and outputs added. This allows the thief to use the honeypot
key to construct a claim transaction with an additional output added that pays
an address that they own with the rest of the funds.
Equally, we could also use SIGHASH_NONE, with the per-server discriminator
being the K value used in the pre-signed transaction.
Note that Jeff Coleman deserves credit as co-inventor of all the above.
A potential disadvantage of using non-standard SIGHASH flags is that the
transactions involved are somewhat unusual, and may be flagged by
risk analysis at exchanges and the like, a threat to the fungibility of the
We can improve on the above concept from Todd/Coleman by using a pre-signed
standard transaction instead. The pre-signed transaction spends the honeypot
txout to two addresses, a per-server canary address, and a change address. The
private key associated with the change addres is also left on the server, and
the intruder can then spend that change output to finally collect their reward.
To any external observer the result looks like two normal transactions created
in the process of someone with a standard wallet sending a small amount of
funds to an address, followed by sending a larger amount.
A subtlety in the the two transactions concept is that the intruder doesn't
have the necessary private keys to modify the first transaction, which means
that the honeypot owner can respond to the compromise by doublespending that
transaction, potentially recovering the honeypot while still learning about the
compromise. While this is possible with all honeypots, if the first transaction
is signed with the opt-in RBF flags, and CPFP-aware transaction replacement is
not implemented by miners, the mechanics are particularly disadvantageous to
the intruder, as the honeypot owner only needs to increase the first
transaction's fee slightly to have a high chance of recovering their funds.
With CPFP-aware transaction replacement the intruder could in-turn respond with
a high-fee CPFP second transaction, but currently no such implementation is
We can use the "scorched earth" concept to improve the credibility of the
honeypot reward by making it costly for the honeypot owner to doublespend. Here
a second version of the honeypot pre-signed transaction would also be provided
which sepnds the entirety of the honeypot output to fees, and additionally
spends a second output to fees. An economically rational intruder will publish
the first version, which maximizes the funds they get out of the honeypot. If
the owner tries to dishonestly doublespend, they can respond by publishing the
"scorched earth" transaction, encouraging the honeypot owner's honesty and
making CPFP-aware transaction replacement irrelevant.
Of course, miner centralization adds complexity to the above: in many instances
honeypot owners and/or intruders will be able to recover funds from altruistic
miners. Equally, the additional complexity may discourage intruders from making
use of the honeypot entirely.
Note that as an implementation consideration CHECKSEQUENCEVERIFY can be used to
ensure the honeypot output can only be spent with transaction replacement
enabled, as CSV requires nSequence to be set in specific ways in any transation
spending the output.
1) https://blockstream.com/2015/08/24/treesignatures/ https://petertodd.org
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 455 bytes
Desc: Digital signature
URL: http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20160824/b348f953/attachment.sig original: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2016-August/013058.html
So you could set one of these up with an exchange and withdraw and deposit without waiting for confirmations. Since replacement is not used currently, all transactions Bitcoin creates have LockTime = 0 and Sequence = UINT_MAX. This is the case with the genesis block's generation transaction. You want to start your own bitcoin exchange, but don’t know where to start? Well, you have come to the right place. This article intends to clarify which things you need to consider before you want to launch your own bitcoin/cryptocurrency exchange, how the internal architecture of an exchange software should be structured and most importantly, where to get your exchange software. I would like to know how payment channel mechanic works in practice. What do the involved parties need to do, which information they exchange and how is the security ensured. Bonus question: What different types of payment channels exist? Only answ... Le cours du Bitcoin continue de s’accrocher au support technique des 7220$ (61.8% retracement Fibonacci), mais n’est toujours pas en mesure de dépasser une résistance. Le débat ... Bitcoin Forum Bitcoin Stack Exchange Bitcoin Magazine. Download Bitcoin Core. Bitcoin Core is the backbone of the Bitcoin network. Almost all Bitcoin wallets rely on Bitcoin Core in one way or another. If you have a fairly powerful computer that is almost always online, you can help the network by running Bitcoin Core. You can also use Bitcoin Core as a very secure Bitcoin wallet. Latest ...
Bitcoin (BTC) Morning Update: Why a completion of the Wedge Pattern could be better.. ... Crypto News Bitcoin Breakout Imminent? Exchange Robbery Thwarted! - Duration: 35:00. Bull & Bear ... #banqueenligne #bitcoin #wirex #btc #cryptomonnaie Banque en ligne Bitcoin Banque en ligne BTC Wirex Avis Avis Wirex Carte prépayée Cryptomonnaie Cryptomonnaie Wirex Banque Carte Bancaire Wirex ... Click here to start https://bit.ly/2YCVbmg What is Bitcoin Mining ? There are three primary ways of obtaining Bitcoins: buying them on an exchange, accepting... Provided to YouTube by Sequence Sequence Limited Enlightening Exchange · Rainforest Sounds Peaceful Garden Rain and Nature Pieces ℗ 2020 Conner Records Released on: 2020-06-01 Producer: Chuck ... Chaine d'information Sans Limites TV éditée par le Groupe GSL Communication, Ouest Foire Dakar ( Sénégal ) Directeur de Publication : Yankhoba SANE SERVICE C...